Responsible Use Policy

Purpose of this policy

This page explains the expectations placed on Index 10 customers when they design, generate or deploy projects with the platform.

It supplements our Terms of Service, Privacy Policy and Security page. Using the platform means you agree to comply with all of these documents.

Each project you launch must meet the following criteria:

Compliance with all laws and regulations that govern your activity
Documented human review before any production launch
Testing and quality controls aligned with the risk level of the workload
Clear disclosures to end-users whenever AI is used to automate decisions or generation
Operational fallbacks that allow you to regain manual control during incidents

Clearly identify who is responsible for your application and define a procedure to follow in the event of an incident
Monitor behaviour and metrics to detect drifts, incidents or data exposure
Thoroughly test and validate your application before going live; if you export the code to your own infrastructure, separate development, staging and production environments
Maintain your own backups using the project export feature provided by Index 10, and plan your recovery procedures
If your application collects personal data, ensure its compliance with applicable data protection laws (privacy policy, cookie consent, lawful basis for processing)
Provide accurate customer-facing information (terms, automated decision notices, support contacts)

Distributing unlawful, violent, hateful or discriminatory content
Operating mass surveillance or sensitive profiling systems without a lawful basis
Building offensive military capabilities or weapon-related solutions
Using the platform for spam, phishing, automated attacks or unauthorised data scraping
Bypassing technical, security or billing controls put in place by Index 10

You are responsible for ensuring that the data injected into your projects complies with all applicable regulations.

The following categories are particularly forbidden on the platform:

Health, biometric or genetic data
Regulated financial information (full payment card numbers, bank credentials, PCI-DSS data)
Government identifiers (social security numbers, tax IDs, national ID or passport numbers)
Personal data relating to minors without explicit authorisation
Classified information, trade secrets or data covered by professional privilege

Implement security reviews that match the sensitivity of your workload (code reviews, pentests, monitoring).

Report vulnerabilities or abusive behaviour without delay to security@index10.com or abuse@index10.com as appropriate.

MEGAMOUNT may suspend or restrict any workspace that breaches this policy, our Terms of Service or applicable law.

Severe or repeated violations can lead to account termination and, if required, cooperation with regulators or authorities.

Questions about this policy can be sent to info@index10.com. Use abuse@index10.com to flag suspected misuse.