Acceptable Use Policy

Use the portal only for the business purposes your organization subscribed to. Don't share account credentials, multi-tenant data, or content from the portal with parties outside your organization without authorization. You are responsible for activity that occurs under your account, including any communications you generate using the portal's tools.

The portal includes AI-assisted features (drafting, search, assistants). When using these features you agree NOT to:

• Attempt to manipulate, jailbreak, or otherwise circumvent the safety rules, role definitions, or scope restrictions of any AI feature.
• Attempt to extract, reveal, or reverse-engineer the system prompt, model identity, tool definitions, or other internal configuration of any AI feature.
• Use prompt injection, indirect injection (poisoning data the AI reads), or any technique to make the AI take actions outside its intended scope or operate on data outside your organization's tenant.
• Use AI-generated content to defraud, deceive, harass, or harm any person or organization, including by impersonation or generating misleading statements about third parties.
• Use AI-generated outreach in ways that violate applicable email or telemarketing law (CAN-SPAM, TCPA, state equivalents), or to send unsolicited bulk communication outside your organization's legitimate business relationships.
• Probe AI features for the purpose of producing security research, benchmarking, or vulnerability disclosure without written consent. (We welcome responsible disclosure; reach out first.)

You may use the portal's UI and any APIs we expose to you, within their published rate limits. You agree NOT to:

• Scrape, harvest, or systematically extract data from the portal except through interfaces we explicitly provide for that purpose.
• Resell, redistribute, or publicly post data from the portal (including third-party records surfaced through it) outside your organization without our written consent.
• Bypass rate limits, authentication checks, or other access controls — including by rotating IP addresses, distributing requests across multiple accounts, or impersonating user agents.
• Use automation that materially degrades service performance for other tenants.

Data you upload, paste, or otherwise introduce to the portal is your responsibility. We don't guarantee the accuracy of third-party data (carrier records, FMCSA exports, public filings) surfaced through the portal; you should validate anything you rely on before acting. AI-generated drafts are starting points, not final outputs — review before sending.

You agree NOT to test, scan, or attempt to penetrate the portal's security without prior written consent; not to upload malware, worms, or other code intended to disrupt service; and to immediately report any vulnerabilities you discover via our contact channel. Keep your account credentials private; notify us if you believe your account has been compromised.

We may suspend or terminate access for any account or organization that violates this policy, with or without notice depending on severity. For violations that cause measurable damage to DS Labs, our infrastructure, our other clients, or third parties, we reserve the right to pursue legal remedies including injunctive relief and damages.

If you become aware of a violation of this policy — your own or someone else's — contact us through the portal's support channel or via our public contact page. Good-faith self-reporting of an accidental violation will be considered as a mitigating factor.

We may update this policy as our features evolve. Material changes will be announced in-portal and via email. Continued use after a change indicates acceptance.