Acceptable Use Policy

1. Purpose

This Acceptable Use Policy ("AUP") describes activities that are prohibited when using the Oikyo Service. The examples below are not exhaustive. If you are unsure whether your use is permitted, please contact us before proceeding.

2. Prohibited Activities

You may not use the Service to:

• Violate any applicable law, regulation, or third‑party right.
• Engage in fraud, money laundering, or other unlawful financial activity.
• Generate or disseminate content that is illegal, harassing, hateful, or that incites violence.
• Attempt to gain unauthorized access to any system, network, or data.
• Probe, scan, or test the vulnerability of systems without explicit written authorization.
• Interfere with or disrupt the integrity or performance of the Service or third‑party systems.
• Misrepresent your identity or affiliation in connection with any use of the Service.

3. Regulated & Sensitive Data

Unless you have a separate written agreement with Oikyo that explicitly permits such use, you may not use the Service to process:

• Protected Health Information (PHI) subject to HIPAA.
• Payment card information subject to PCI‑DSS.
• Classified or national security information.
• Personal data of children under applicable child privacy laws.
• Any data that your internal policies or regulators prohibit from being processed on third‑party systems.

4. Security Obligations

You are responsible for maintaining appropriate security controls in your own environment, including access controls, network segmentation, and monitoring. You must promptly notify Oikyo of any actual or suspected unauthorized access to or misuse of the Service involving your accounts or environments.

5. Enforcement

Oikyo may investigate any suspected violation of this AUP. We may suspend or terminate access to the Service where we reasonably believe a violation has occurred, or where necessary to protect the Service, other users, or third parties. Enforcement may be coordinated with your organization's administrators.