Legal · Acceptable Use Policy v1.0

Acceptable Use Policy.

Last updated: 12 May 2026 · Policy version: kye-aup-v1.0-2026-05-12 · Version hash: 48cd9e120af34461

1. Scope

This Acceptable Use Policy (AUP) governs your use of the KYE Protocol™ Services. It is incorporated into the Terms of Service. We may update it; the policy version pin in the kye-policy-version meta tag and the version hash record the active version.

2. Prohibited uses

  • Using the Services to break any applicable law, regulation or court order.
  • Using the Services to infringe any third party's rights, including IP, privacy or data-protection rights.
  • Using the Services to attack any system, including denial of service, intrusion, port scanning, or unauthorised access to any infrastructure.
  • Using the Services to host, distribute or transmit malware, ransomware, spyware or any malicious code.
  • Using the Services to send unsolicited bulk communications or anything that breaches the Privacy and Electronic Communications Regulations (UK PECR) or the CAN-SPAM Act.
  • Using the Services in any way that infringes the rights of children or that breaches the UK Children's Code or the EU Digital Services Act.
  • Reselling, leasing or sub-licensing the Services without our prior written consent.
  • Reverse-engineering, decompiling or attempting to extract source code of any closed-source component.
  • Removing, obscuring or altering any KYE™ trademark, copyright or proprietary notice.

3. Prohibited content

  • Child sexual abuse material (CSAM).
  • Material that incites violence, terrorism or genocide.
  • Material that breaches export-control regulations (UK Strategic Export Control Lists, EU dual-use, US ITAR/EAR).
  • Material that you do not have the right to process under applicable data-protection law.

4. Prohibited automated behaviour

  • Bypassing or attempting to bypass any rate limit, quota or scope restriction in the Services.
  • Operating any AI agent through KYE™ that itself violates this AUP (the agent's actions are attributed to its operator).
  • Submitting Observed Actions that are synthetic or fabricated for the purpose of misleading the Authority Gap classifier.
  • Operating the KYE MCP Server™ or KYE MCP Gateway™ in a way that bypasses Authority or Purpose checks for a downstream caller.

5. Security obligations

  • Keep your API keys, signing keys, and KYE Cloud™ passwords secret. Rotate them on any suspicion of compromise.
  • Enable MFA on every KYE Cloud™ account.
  • Bind Stack Bindings with least-privilege scopes; default to read_only.
  • Report any compromise or suspected compromise to security@kyeprotocol.com within 24 hours.

6. Reporting abuse

If you become aware of any breach of this AUP — by you or by anyone else — report it to abuse@kyeprotocol.com. We acknowledge abuse reports within one business day.

7. Suspension and termination

We may suspend access to the Services immediately, with or without notice, if we reasonably believe you have breached this AUP and the breach is material or ongoing. We will restore access promptly once the breach is cured. Repeated or egregious breach is grounds for termination under the Terms of Service.

8. Contact

Questions: info@kyeprotocol.com. Abuse: abuse@kyeprotocol.com. Security: security@kyeprotocol.com.