Acceptable Use Policy

Last updated: May 2, 2026

This Acceptable Use Policy ("AUP") describes the prohibited and acceptable uses of the neokens platform and API services (the "Service"). This AUP is incorporated into and made part of our Terms of Service. By using the Service, you agree to comply with this AUP. We reserve the right to modify this AUP at any time; material changes will be effective upon posting with notice as described in the Terms of Service.

1. Prohibited Uses

You must not use the Service, nor permit others to use the Service through your account, for any of the following purposes:

1.1 Illegal Activity

Using the Service to facilitate, promote, or engage in any activity that violates applicable local, state, national, or international law, including but not limited to fraud, extortion, identity theft, money laundering, or the distribution of controlled substances.

1.2 Child Sexual Abuse Material (CSAM)

Using the Service to generate, distribute, store, or in any way interact with content that depicts or promotes the sexual exploitation of minors. This prohibition is absolute and applies regardless of whether the content is AI-generated. We report any detected CSAM to the National Center for Missing and Exploited Children (NCMEC) and relevant law enforcement authorities.

1.3 Spam and Unsolicited Communications

Using the Service to generate spam, unsolicited bulk email, unsolicited commercial messages, or automated communications to recipients who have not consented to receive them. This includes using the Service to create content for phishing campaigns, social engineering, or deceptive messaging intended to mislead recipients about the sender's identity or intent.

1.4 Malware and Cyberattacks

Using the Service to generate, create, or refine malware, ransomware, exploits, or other harmful software without documented authorization for legitimate security research. This includes generating code designed to gain unauthorized access to systems, exfiltrate data, disrupt services, or evade security controls. Legitimate security researchers may use the Service for defensive purposes provided they have obtained explicit written authorization from the target system owner.

1.5 Harassment and Threats

Using the Service to generate content that harasses, threatens, intimidates, or incites violence against any individual or group based on race, ethnicity, national origin, religion, sex, sexual orientation, gender identity, disability, or any other protected characteristic. This includes generating targeted personal attacks, doxxing content, or credible threats of physical harm.

1.6 Unauthorized Access and Circumvention

Using the Service to circumvent security measures, access controls, or content filters applied by neokens, upstream AI providers, or any third-party system. This includes attempts to reverse-engineer API behavior, scrape or extract model weights, bypass rate limits, or exploit vulnerabilities in the Service infrastructure.

1.7 Deceptive and Fraudulent Content

Using the Service to generate deepfakes, synthetic media, or other content designed to impersonate real individuals without their consent, create misleading political or news content, fabricate reviews or testimonials, or produce material intended to defraud individuals or institutions.

1.8 Intellectual Property Violations

Using the Service to generate content that infringes the copyrights, trademarks, patents, trade secrets, or other intellectual property rights of any third party, or to circumvent digital rights management (DRM) or content protection mechanisms.

2. Rate Limits and Usage Quotas

The Service enforces rate limits to ensure fair access and system stability. Rate limits are applied per account and may vary by model, endpoint, and subscription tier. Current rate limits are documented in our API documentation. Exceeding rate limits will result in throttled requests (HTTP 429 responses). Persistent or intentional circumvention of rate limits is a violation of this AUP and may result in account suspension.

You must not attempt to circumvent rate limits by creating multiple accounts, rotating API keys programmatically, or employing other techniques to exceed your allocated request quota.

3. API Key Security

You are solely responsible for the security of your API keys. You must:

  • Keep your API keys confidential and never share them with unauthorized individuals
  • Never embed API keys in client-side code, mobile applications, or public repositories
  • Store API keys in secure secret management systems (e.g., environment variables, vault services)
  • Rotate your API keys periodically and immediately if you suspect they have been compromised
  • Use separate API keys for development and production environments

If your API keys are compromised, you must revoke them immediately through the dashboard and contact our support team. You are responsible for all usage incurred with your API keys until they are revoked, except where you can demonstrate that the unauthorized use occurred after you notified us of the compromise and took reasonable steps to mitigate it.

4. Monitoring and Enforcement

We employ a combination of automated systems and manual review to detect violations of this AUP. Our monitoring may include:

  • Analysis of API request metadata (model, token counts, request frequency) to identify anomalous usage patterns
  • Automated content classification on a sample of prompts to detect prohibited content categories
  • Review of accounts flagged by upstream AI providers for policy violations
  • Investigation of reports from users, third parties, or law enforcement

As noted in our Privacy Policy, we do not routinely store the contents of your prompts or AI responses. However, we may access and retain specific content when investigating suspected AUP violations, as permitted by our Terms of Service and applicable law.

5. Enforcement Actions

When a violation is detected, we may take one or more of the following actions, depending on the severity and nature of the violation:

  • Warning: A written notice to the account holder identifying the violation and requiring corrective action
  • Temporary suspension: Restriction of API access for a defined period while the violation is investigated
  • Rate limit reduction: Lowering of the account's rate limits to mitigate abuse while allowing continued legitimate use
  • Permanent termination: Immediate closure of the account and revocation of all API keys, with forfeiture of remaining credits for severe or repeated violations
  • Legal action: Referral to law enforcement or initiation of civil proceedings where the violation involves illegal activity or causes harm to neokens or third parties

We will attempt to provide notice of enforcement actions where practicable, except where providing notice would compromise an ongoing investigation or where immediate action is required to prevent imminent harm.

6. Reporting Violations

If you become aware of any violation of this AUP, whether through your own account or another user's activity, we encourage you to report it promptly. Reports can be submitted through:

Please include as much detail as possible, including the account identifier, nature of the violation, and any supporting evidence. We investigate all credible reports and will take appropriate action. We maintain the confidentiality of reporters to the extent permitted by law.

7. Cooperation with Upstream Providers

Because neokens routes your API requests to third-party AI providers, violations of this AUP may also constitute violations of those providers' usage policies. We cooperate with upstream providers in their enforcement activities and may share account and usage information with them as necessary to address policy violations.

8. Contact

For questions about this Acceptable Use Policy, please contact: