1. Spirit of the policy
Nordimaxum is built for serious operators. We expect customers to deploy AI agents in ways that are lawful, honest with end users and respectful of platform integrity.
2. Prohibited content and use cases
- Illegal goods or services, weapons, narcotics, human trafficking and CSAM.
- Targeted harassment, hate speech, doxing or credible threats of violence.
- Disinformation campaigns, election interference and synthetic impersonation of real people without verifiable consent.
- Unsolicited bulk messaging that violates local anti‑spam laws (CAN‑SPAM, CASL, GDPR ePrivacy, etc.).
- Automated decisions in regulated domains (medical, legal, financial advice) without qualified human review.
3. Security rules
- No probing, scanning or load‑testing the platform without written authorisation.
- No attempts to bypass tenant isolation, rate limits or model safety systems.
- No uploading of malware, ransomware or credentials harvested unlawfully.
- Report vulnerabilities responsibly to [email protected].
4. Data hygiene
Only upload data you have the right to process. Mask or omit special‑category personal data (health, biometrics, religion) unless you have a documented lawful basis and have configured the appropriate retention controls.
5. End‑user disclosure
When AI agents communicate with end users at scale, you must clearly disclose that they are interacting with an AI system whenever local law requires it (notably the EU AI Act Article 50).
6. Enforcement
- Minor or first‑time issues: written warning and 7‑day remediation window.
- Severe or repeat violations: immediate suspension, no refund, possible account termination.
- Illegal activity: reported to the relevant authorities.
7. Reporting abuse
If you believe a Nordimaxum workspace is violating this policy, write to [email protected] with evidence. We acknowledge all reports within 2 business days.