APLEXICA

Acceptable Use Policy

Effective May 26, 2026 · Version 1.0

This Acceptable Use Policy (the “AUP”) describes how You may — and may not — use Aplexica’s services. It is incorporated by reference into the Terms of Service.

1. The principle

Aplexica gives You a portability layer for the state of Your AI agents. We expect that almost every legitimate use of agents is covered by ordinary professional and personal computing — coding, writing, research, analysis, automation. The use we want to prohibit is narrow, specific, and described below.

2. Prohibited use

You may not use Aplexica or Aplexica Cloud to:

  1. Break the law. Activity that is illegal in the jurisdiction where You operate, where You upload data, or where Aplexica’s infrastructure is located.
  2. Hurt people. Generation, processing, or distribution of content that incites or facilitates physical harm to a person, group, community, or population. This includes targeted harassment.
  3. Exploit children. Any content sexualizing minors, in any form, under any pretext. Zero tolerance and immediate referral to law enforcement under applicable mandatory-reporting laws.
  4. Enable mass surveillance. Operation of Aplexica as a component of a mass-surveillance system that monitors individuals without their knowledge or lawful basis.
  5. Conduct credential abuse. Use Aplexica to store, distribute, or operationalize credentials You do not have authorization to use.
  6. Bypass our cryptography. Attempt to subvert the cryptographic guarantees of Aplexica Cloud — e.g. by attempting to extract namespace keys from another tenant. The cryptography is designed to be uninvertible. Trying anyway is a violation of this AUP.
  7. Distribute malware. Use Aplexica to store, propagate, or execute malicious code targeting other Aplexica users or third parties.
  8. Spam or abuse our infrastructure. Excessive automated traffic that degrades service for other customers, attempts at network amplification, or denial-of-service against Aplexica or third parties.
  9. Reverse-engineer for competitive purposes. The Aplexica daemon is AGPL-3.0 — You are explicitly allowed to fork, modify, and self-host it. The commercial control plane is not part of that licence; You may not reverse-engineer it for the purpose of building a competing managed service.
  10. Use the service for AI-generated content meant to deceive. Creating or distributing AI-generated content represented as being from a real person without that person’s consent.

3. Enforcement

Suspected violations are reviewed by the Aplexica security and trust team. We try hard to assume good faith and to ask before we act, but the design of Aplexica Cloud — zero-knowledge content storage — means we generally cannot see what is being processed. Enforcement is therefore driven by:

  • third-party reports;
  • abuse of operational systems (e.g. traffic anomalies);
  • mandatory-reporting obligations.

When we determine that a violation has occurred, our remedies — in order of severity — are:

  1. Notice and request to remedy.
  2. Suspension of the offending namespace or account.
  3. Termination of the offending namespace or account.
  4. Referral to law enforcement, where required by law.

We will not pre-emptively terminate accounts based on assumptions about content we cannot see. The cryptographic posture is intentional.

4. Reporting abuse

Email abuse@aplexica.com (note: the canonical address is also published in /security#disclosure). Reports are reviewed within one business day.

5. Changes

We may update this AUP from time to time. Material changes are announced at least 30 days in advance via the email address on file for Your Aplexica Cloud account.

11075586 CANADA INC. (operating as Aplexica) — a federally incorporated Canadian corporation operating from Ontario, Canada.