This Acceptable Use Policy ("AUP") governs the access to and use of the services, API, SDKs, and platforms provided by Archonite Ltd. (Malta) ("we," "us," or "our"). This policy applies to all Customers, Developers, End-Users, and entities ("you") accessing Archonite’s infrastructure.

By accessing or using any part of the Archonite ecosystem, you agree to strictly abide by this AUP. Violation of this policy may result in the immediate suspension or termination of your access, legal action, and notification to relevant law enforcement or regulatory authorities.

1. Core Principles

The Archonite "Trust Infrastructure" is built upon three fundamental pillars. Your use of our services must always align with these values:

1. Integrity: Verification must be conducted in good faith, targeting legitimate identification needs without deceptive intent.
2. Security: You must prioritize the preservation of our technical infrastructure and the confidentiality of the data passing through it.
3. Privacy: Respect for the individual's right to data protection is paramount. Collection and processing must be minimal, transparent, and lawful.

2. Purpose and Scope

Archonite provides high-assurance tools designed to make global identity verification secure, programmable, and compliant. Because our platform handles sensitive Personally Identifiable Information (PII), Electronic Protected Health Information (ePHI), and Biometric Data, we enforce rigorous standards to maintain the health and safety of our digital ecosystem.

3. Prohibited Activities

You may not use Archonite’s services for any illegal, harmful, or fraudulent activity. The following categories represent a non-exhaustive list of prohibited behaviors.

3.1. Illegal Activity & Regulatory Violations

You strictly cannot use Archonite to:

• Facilitate Crime: Support illegal gambling, drug trafficking, human trafficking, arms dealing, or terrorist financing.
• Evade Sanctions: Conduct business with individuals or entities on global sanctions lists (e.g., OFAC, UN, EU sanctions lists) or located in embargoed jurisdictions.
• Violate Payment Rules: Engage in activities that violate the rules or regulations of payment processors or credit card networks (e.g., Visa, Mastercard, and Polar rules).
• Facilitate Age-Restricted Sales: Verify identities for the unauthorized sale of drugs, alcohol, tobacco, or vaping products in jurisdictions where prohibited.

3.2. Identity Fraud & Manipulation

As a security-first provider, we maintain zero tolerance for attacks against our verification engine:

• Synthetic Identities: Creating or testing records using artificially generated or combined "Frankenstein" records to deceive credit or identity systems.
• Deepfakes & Injection Attacks: Utilizing AI-generated imagery, high-resolution masks, pre-recorded media, or software-based camera injection tools to bypass our 3D Biometric Liveness Detection.
• Document Forgery: Uploading known counterfeit, altered, or stolen IDs.

3.3. Commercial Integrity & Consumer Protection

We reserve the right to suspend accounts we consider deceptive, high-risk, or of low quality. You may not use Archonite in connection with:

• High-Risk Disputes: Business models that cause or present a significant risk of excessive refunds, chargebacks, fines, or damages to Archonite or our partners.
• Reputational Threat: Activities that threaten the brand reputation of Archonite.
• Deceptive Marketing: "Get rich quick" schemes, multi-level marketing (MLM), pyramid schemes, or fake testimonials/social proof platforms.
• Low-Quality Offerings: Sites or services that are buggy, quickly/poorly executed, or deemed to have a "low trust score" (e.g., selling AI-generated e-books of minimal value at inflated prices).

3.4. System Abuse & Network Security

You must not compromise the technical excellence of the Archonite network:

• Interference: Attempting to overload, flood (DoS/DDoS), or crash our API endpoints.
• Unauthorized Access: Probing for vulnerabilities or attempting to access data segments outside of your authorized organization ID.
• API Cloaking: Using services to circumvent IP bans or API rate limits.
• Malicious Software: Distributing viruses, spyware, or malware.

4. API Usage & Operational Standards

To ensure high availability and fair access across all tiers, the following operational rules are enforced:

4.1. Rate Limiting & Resource Management

• Tier Compliance: You must respect the requests-per-second (RPS) limits associated with your subscribed plan.
• Shadowing Prohibited: Creating multiple accounts to aggregate free-tier quotas or bypass throttling is strictly prohibited.
• Efficient Polling: You are required to use our Webhook event system for asynchronous status updates. Polling the GET /verification/{id} endpoint more than once every 5 seconds for a single ID is considered abusive.

4.2. Credentials & Authentication Security

• Secret Hygiene: API keys must never be exposed in client-side code, mobile binaries, or public version control systems.
• Token Binding: Authentication tokens are bound to specific CIDR blocks or domains where configured; attempting to share tokens across unauthorized environments is a violation.

5. Data Privacy & Global Compliance

Archonite acts as a Data Processor. You, the client, act as the Data Controller. You bear the sole responsibility for ensuring your use of our services conforms to local and international law.

5.1. Global Frameworks

• GDPR (Europe): You must provide a clear "Privacy Notice" and establish a Lawful Basis before initiating a verification.
• HIPAA (USA): Verification of healthcare providers or patients involving ePHI requires a signed Business Associate Agreement (BAA).
• CCPA/CPRA (California): You must honor "Do Not Sell or Share" requests and maintain transparency regarding biometric processing.
• LGPD (Brazil) & APPI (Japan): You must comply with local residency and consent requirements for data processing across these jurisdictions.

5.2. Biometric Consent

Where legally required (e.g., Illinois BIPA, Texas CBO, or GDPR Article 9), you must obtain explicit, affirmative consent from the end-user specifically regarding the collection and analysis of their facial geometry.

5.3. Data Retention & Minimization

• Archonite is not a long-term storage vault. You must retrieve your verification results and store them in your own secure systems.
• You agree to propagate "Right to Erasure" (Deletion) requests to our platform via the API within 48 hours of receipt from an end-user.

6. Prohibited Industries

Archonite does not support the following industries. We reserve the right to review and terminate accounts associated with:

6.1. Financial & Investment Services

• Unregulated Financial Services: Facilitating transactions, investments, or holding balances without proper licensing.
• High-Risk Trading: Trading bots, binary options, signals, or "investment insights" platforms.
• Crypto & NFTs: Sale or exchange of NFT/Crypto assets without an Enterprise agreement and enhanced due diligence.
• Financial Advice: Unregulated tax guidance, wealth management, or investment strategies.

6.2. Adult & Content Services

• Adult Content: Pornography, cam-sites, or adult-oriented dating applications.
• AI Companions: AI "Girlfriend/Boyfriend" services or explicit/NSFW content generated via AI.
• OnlyFans Support: Services explicitly related to OnlyFans management or automation.

6.3. Digital Goods & Gaming

• Game Manipulation: Macros, cheat codes, hacks, or unauthorized modifications to gameplay.
• License Reselling: Selling software licenses at reduced prices without authorization (grey market keys).
• Circumvention Services: Tools designed to bypass rules, gameplay mechanics, or pricing structures of other vendors (e.g., IPTV services, Watermark removal).

6.4. Physical Goods & Human Services

• Physical Goods: SaaS services offering or requiring fulfillment via physical delivery (e.g., drop-shipping).
• General Consulting: Generic marketing, design, or web development agencies without a specific verified platform use-case.
• Travel Services: Timeshares, travel clubs, or reservation services.

6.5. Marketing & Lead Generation

• Unsolicited Marketing: Generating, scraping, or selling leads.
• Bulk Automation: Services that automate mass content generation, submission, or bulk SMS/WhatsApp messaging (spam risks).
• Review Inflation: Selling fake reviews or social proof.

6.6. High-Risk & Other Verticals

• Gambling: Casinos, sportsbooks, loot boxes, mystery boxes, or pack openings of a random nature.
• Pseudo-Science: Clairvoyance, horoscopes, fortune-telling, etc.
• Medical Advice: Unlicensed pharmaceutical sales, weight loss, or muscle-building products.
• Telecommunications: eSIM services or VoIP resale without proper carrier compliance.
• Donations: Platforms where price exceeds product value or there is no exchange (pure money transfer), excluding approved open-source sponsorships.

7. Restricted Businesses

The following business categories are not strictly prohibited but are classified as Restricted. They require a closer review, a higher bar of quality, and specific compliance standards to be accepted on the Archonite platform:

1. Directories & Job Boards: Listings verification.
2. Ticket Sales: Event access and secondary market verification.
3. Pre-orders & Paid Waitlists: High-risk for non-delivery.
4. eBooks & Information Products: Subject to quality review to prevent PLR (Private Label Rights) spam.

7. Security Research

We value the security community and encourage responsible disclosure.

• Permissible Research: Must be conducted against your own test accounts in the sandbox environment and reported via dpo@archonite.xyz.
• Disclosure: We subscribe to a standard 90-day disclosure window. Public release of details before Archonite has deployed a patch is a violation of this AUP.

8. Enforcement & Reporting

8.1. Continuous Monitoring

We utilize AI-driven anomalies detection to monitor traffic patterns and payload integrity. As outlined in our Immutable Logs documentation, we maintain immutable logs of API interactions for forensic and audit purposes.

8.2. Remediation Tiers

1. Notification: For minor limit exceeding or configuration errors, we will coordinate with your technical team.
2. Suspension: Immediate suspension of API keys occurs if we detect active fraud, liveness injection, or credential leakage.
3. Termination: Malicious intent or illegal activity results in permanent account closure and forfeiture of all service credits.

8.3. Legal Cooperation

We cooperate fully with global law enforcement agencies (e.g., Interpol, FBI) in the investigation of money laundering, human trafficking, or threats to national security.

9. Enforcement & Reporting

9.1. Monitoring & Remediation

We utilize AI-driven anomalies detection to monitor traffic patterns.

1. Notification: We will coordinate with you on minor errors.
2. Suspension: Immediate suspension occurs for active fraud or AUP violations.
3. Termination: Malicious intent results in permanent account closure.

9.2. Legal Cooperation

We cooperate fully with global law enforcement agencies in the investigation of money laundering, human trafficking, or threats to national security.

9.3. Contact & Inquiries

For clarifications regarding specific use cases or to report a violation:

• Legal & Compliance: legal@archonite.xyz
• Security Operations: dpo@archonite.xyz
• Technical Support: support@archonite.xyz

---

For Enterprise clients, this policy is subject to the Governing Law defined in your Master Services Agreement (MSA). For all other users, this policy shall be governed by and construed in accordance with the Laws of Malta. Any disputes arising under this AUP shall be resolved exclusively in the courts of Valletta, Malta.