brainCloud
Log In
Sign Up

Acceptable Use Policy

Version: 6.0  ·  Effective Date: June 15, 2026  ·  Last Updated: June 15, 2026

PURPOSE AND SCOPE

Purpose

brainCloud is a general-purpose Backend-as-a-Service platform designed to support a wide variety of applications, games, services, communities, and online experiences.

This AUP establishes rules governing the acceptable use of the Services and is intended to protect Customers, End Users, brainCloud, Subprocessors, infrastructure providers, and the broader internet community.

Applicability

This AUP applies to:

  • Customers;
  • Authorized Users;
  • End Users;
  • Applications utilizing the Services;
  • Customer Content;
  • User Generated Content;
  • AI Services; and
  • all activities conducted through or using the Services.

Customer Responsibility

Customer is responsible for ensuring that:

  • its Applications;
  • its Authorized Users;
  • its End Users;
  • Customer Content; and
  • activities conducted through the Services

comply with this AUP.

Violations

Violation of this AUP may result in:

  • content removal;
  • feature restrictions;
  • service suspension;
  • account suspension;
  • account termination;
  • reporting to authorities; or
  • other actions permitted under the Terms of Service.

COMPLIANCE WITH LAWS

General Compliance

Customer shall comply with all applicable laws, regulations, rules, and governmental requirements relating to its use of the Services.

Restricted Activities

Customer shall not use the Services to engage in activities that violate applicable law, including activities involving:

  • fraud;
  • money laundering;
  • sanctions violations;
  • export control violations;
  • consumer protection violations;
  • unlawful gambling;
  • unlawful surveillance;
  • identity theft; or
  • other illegal activities.

Privacy Compliance

Customer remains solely responsible for compliance with applicable privacy and data protection laws relating to:

  • collection of information;
  • use of information;
  • disclosure of information;
  • consent requirements;
  • age-related requirements; and
  • retention requirements.

Sanctions and Restricted Parties

Customer shall not use the Services:

  • in violation of applicable sanctions laws;
  • on behalf of restricted persons;
  • on behalf of sanctioned entities; or
  • in prohibited jurisdictions.

PROHIBITED CONTENT

Customer shall not use the Services to create, store, process, transmit, display, distribute, promote, or facilitate content that:

Illegal Content

Violates applicable law.

Intellectual Property Infringement

Infringes copyrights, trademarks, patents, trade secrets, publicity rights, privacy rights, or other proprietary rights.

Fraudulent Content

Facilitates fraud, deception, scams, impersonation, or misleading conduct.

Malware and Malicious Content

Contains or distributes malware, ransomware, spyware, viruses, worms, trojan horses, or malicious code.

Hate and Extremist Content

Promotes, encourages, or glorifies hate, discrimination, violent extremism, terrorism, or unlawful violence.

Child Exploitation

Contains, promotes, or facilitates child sexual abuse material, child exploitation, child trafficking, or exploitation of minors.

Human Exploitation

Promotes or facilitates human trafficking, forced labor, sexual exploitation, or unlawful exploitation of individuals.

Illegal Goods and Services

Promotes or facilitates unlawful sale, distribution, or trafficking of illegal drugs, illegal weapons, counterfeit goods, or other unlawful goods or services.

PROHIBITED PLATFORM ACTIVITIES

Customer shall not use the Services to:

Unauthorized Access

Access or attempt to access systems, networks, accounts, or data without authorization.

Credential Theft

Obtain, collect, harvest, or misuse credentials, authentication tokens, passwords, or account information.

Security Circumvention

Disable, bypass, interfere with, or circumvent security controls, access controls, rate limits, monitoring systems, or protective measures.

Malware Activities

Develop, distribute, host, operate, facilitate, or support malware or malicious software.

Network Abuse

Conduct or facilitate denial-of-service attacks, distributed denial-of-service attacks, resource exhaustion attacks, network disruption, or infrastructure abuse.

Unauthorized Security Testing

Perform penetration testing, vulnerability scanning, security testing, or similar activities against brainCloud systems without prior written authorization.

Spam and Unsolicited Communications

Generate, distribute, publish, facilitate, or support spam, unsolicited bulk communications, unsolicited advertising, or abusive messaging campaigns.

Resource Abuse

Use the Services in a manner designed to:

  • avoid billing;
  • evade usage limits;
  • exhaust resources;
  • create unreasonable operational burden; or
  • interfere with other customers’ use of the Services.

Unauthorized Resource Consumption

Customer shall not use the Services to:

  • mine cryptocurrency;
  • perform proof-of-work activities;
  • operate blockchain validation services;
  • consume resources unrelated to legitimate application functionality; or
  • otherwise use the Services primarily as a computing utility.

Billing Abuse

Customer shall not attempt to:

  • manipulate usage metrics;
  • evade fees;
  • conceal usage;
  • misrepresent traffic; or
  • interfere with billing systems.

AI-SPECIFIC RESTRICTIONS

AI Services

Customer shall not use AI Services in a manner that violates applicable law, this AUP, the Terms of Service, or other applicable policies.

Prohibited AI Uses

Customer shall not use AI Services to:

  • generate malware;
  • facilitate cyberattacks;
  • facilitate phishing;
  • facilitate credential theft;
  • facilitate fraud;
  • facilitate identity theft;
  • facilitate unlawful surveillance;
  • facilitate harassment;
  • facilitate unlawful discrimination;
  • facilitate unlawful conduct; or
  • facilitate violations of intellectual property rights.

Safety Circumvention

Customer shall not attempt to:

  • bypass AI safety mechanisms;
  • defeat AI restrictions;
  • manipulate AI safeguards;
  • circumvent usage controls; or
  • use AI Services in a manner designed to undermine platform security.

Misrepresentation

Customer shall not represent AI-generated content as human-generated where such representation would be deceptive, fraudulent, or unlawful.

High-Risk Activities

Customer remains solely responsible for evaluating whether AI-generated content is appropriate for any high-risk use case.

brainCloud does not guarantee the accuracy, completeness, reliability, legality, or suitability of AI-generated content.

COMMUNITY AND USER GENERATED CONTENT

Community Features

Where Customer utilizes messaging, chat, guilds, forums, comments, social systems, or other community functionality, Customer remains responsible for moderation and compliance obligations.

Harassment

Customer shall not use the Services to facilitate:

  • harassment;
  • bullying;
  • intimidation;
  • threats;
  • stalking; or
  • targeted abuse.

Privacy Violations

Customer shall not use the Services to:

  • doxx individuals;
  • (b) publish personal information without authorization;
  • (c) facilitate unlawful disclosure of information; or
  • (d) facilitate privacy violations.

Impersonation

Customer shall not impersonate:

  • individuals;
  • organizations;
  • governmental entities;
  • brands; or
  • other persons

in a misleading, deceptive, fraudulent, or unlawful manner.

Manipulation

Customer shall not use the Services to facilitate:

  • coordinated abuse;
  • deceptive campaigns;
  • manipulation of users;
  • artificial engagement;
  • inauthentic activity; or
  • other deceptive conduct.

Artificial Accounts

Customer shall not use the Services to facilitate:

  • fake accounts;
  • automated account creation;
  • bot farms;
  • account farming; or
  • deceptive user activity.

PRIVACY AND DATA COLLECTION RESTRICTIONS

Lawful Collection

Customer shall collect, use, store, disclose, and Process information only where permitted by applicable law.

Unauthorized Collection

Customer shall not use the Services to collect:

  • Personal Data;
  • credentials;
  • authentication tokens;
  • payment information; or
  • other sensitive information

through deceptive, misleading, or unauthorized means.

Tracking and Monitoring

Customer shall not use the Services to facilitate unlawful:

  • surveillance;
  • monitoring;
  • tracking;
  • interception; or
  • collection of communications.

Sensitive Data

Customer remains solely responsible for determining whether Processing sensitive information through the Services is lawful and appropriate.

Consent Requirements

Customer remains solely responsible for obtaining any notices, permissions, authorizations, or consents required by applicable law.

SECURITY RESEARCH AND RESPONSIBLE DISCLOSURE

Responsible Disclosure

brainCloud supports responsible disclosure of security vulnerabilities.

Individuals discovering potential vulnerabilities are encouraged to report them through designated reporting channels.

Authorized Testing Only

No person may conduct security testing against brainCloud systems without prior written authorization from brainCloud.

Prohibited Activities

Without authorization, Customer shall not:

  • conduct penetration testing;
  • perform vulnerability scanning;
  • exploit vulnerabilities;
  • access data without authorization;
  • interfere with Services; or
  • impact other customers.

Vulnerability Reports

Security reports should include sufficient information to allow reproduction and investigation of the reported issue.

Public Disclosure

Customer shall not publicly disclose security vulnerabilities affecting the Services prior to:

  • brainCloud acknowledging the report; and
  • brainCloud having a reasonable opportunity to investigate and remediate the issue.

Nothing in this Section restricts disclosures protected by applicable law.

ENFORCEMENT

Investigation

brainCloud may investigate suspected violations of this AUP.

Enforcement Actions

brainCloud may take any action reasonably necessary to address violations, including:

  • warnings;
  • content removal;
  • feature restrictions;
  • account suspension;
  • service suspension;
  • account termination;
  • reporting to authorities; or
  • other actions permitted by the Terms of Service.

Emergency Actions

brainCloud may take immediate action without prior notice where reasonably necessary to:

  • protect the Services;
  • protect customers;
  • protect infrastructure;
  • comply with legal obligations; or
  • address security threats.

Cooperation

Customer shall reasonably cooperate with investigations relating to suspected violations of this AUP.

Preservation of Platform Integrity

brainCloud may take actions reasonably necessary to preserve:

  • Service stability;
  • Service availability;
  • platform security;
  • customer safety; and
  • compliance obligations.

No Obligation to Monitor

brainCloud is not obligated to monitor Customer Content, User Generated Content, End User activity, or Customer use of the Services. However, brainCloud reserves the right to investigate and take action regarding suspected violations of this AUP, applicable law, or the Terms of Service.

Copyright Infringement and Notice-and-Takedown

brainCloud respects the intellectual property rights of others and expects users of the Services to do the same. brainCloud responds to clear notices of alleged copyright infringement that comply with applicable law.

Reporting alleged infringement

If you believe that content hosted on or made available through the brainCloud Public BaaS infringes your copyright, please send a written notice to brainCloud’s designated agent (below) that includes:

  • A physical or electronic signature of the copyright owner or a person authorized to act on their behalf;
  • Identification of the copyrighted work claimed to have been infringed;
  • Identification of the material that is claimed to be infringing, with information reasonably sufficient to allow brainCloud to locate it (for example, a URL or sufficient description);
  • Your contact information, including name, address, telephone number, and email address;
  • A statement that you have a good-faith belief that the use of the material is not authorized by the copyright owner, its agent, or the law; and
  • A statement, made under penalty of perjury, that the information in the notice is accurate and that you are the copyright owner or are authorized to act on the owner’s behalf.

Designated agent

Notices of alleged copyright infringement should be sent to:

brainCloud Copyright Agent c/o bitHeads Inc. 1100-343 Preston Street Ottawa, Ontario K1S 1N4 Canada Email: <le***@***********ud.com>

Counter-notification

If you believe that material you posted was removed or disabled by mistake or misidentification, you may submit a written counter-notification to the designated agent containing:

  • your physical or electronic signature;
  • identification of the material and its location before removal;
  • a statement under penalty of perjury that you have a good-faith belief the material was removed as a result of mistake or misidentification; and
  • your name, address, and telephone number, together with a statement consenting to the jurisdiction of the applicable court and to accept service of process from the party that submitted the original notice.

Repeat infringers

brainCloud maintains a policy of terminating, in appropriate circumstances, the accounts of users who are determined to be repeat infringers.

Notices Under Canadian Law (Notice-and-Notice)

bitHeads Inc. is a Canadian company. To the extent the brainCloud Public BaaS is subject to the notice-and-notice regime under the Copyright Act (Canada), the following applies to notices of claimed copyright infringement relating to content hosted on the Services.

Contents of a notice

A notice of claimed infringement must be in writing and must:

  • State the claimant’s name and address;
  • Identify the work or other subject-matter to which the claimed infringement relates;
  • State the claimant’s interest or right with respect to the copyright in that work or subject-matter;
  • Specify the location data (such as an IP address or URL) associated with the claimed infringement;
  • Specify the claimed infringement; and
  • Specify the date and time of the claimed infringement.

How brainCloud responds

On receipt of a notice that complies with these requirements, brainCloud will, as soon as feasible, forward the notice electronically to the user associated with the identified location data and inform the claimant of the forwarding (or, if forwarding was not possible, explain why). brainCloud will retain records enabling the identity of the relevant user to be determined for the period required by law.

What this process does and does not do

Forwarding a notice does not require brainCloud to remove or disable access to the content identified, and does not constitute a determination that any infringement has occurred. brainCloud does not disclose the identity of a user in response to a notice except as required by a court order or applicable law.

Notices that will not be forwarded

brainCloud is not required to forward, and may decline to act on, any notice that contains an offer to settle the claimed infringement, a request or demand for payment or for personal information, a reference (including by hyperlink) to such an offer, request, or demand, or any other content prohibited by the Copyright Act (Canada).

REPORTING VIOLATIONS

Reporting

Suspected violations of this AUP may be reported to brainCloud at <ab***@***********ud.com>.

Security Reports

Security vulnerabilities may be reported through brainCloud’s designated security reporting process at <se******@***********ud.com>.

Abuse Reports

Abuse, fraud, spam, harassment, illegal content, or other violations may be reported at <ab***@***********ud.com>.

CHANGES TO THIS POLICY

Updates

brainCloud may modify this AUP from time to time.

Continued Use

Continued use of the Services following publication of an updated AUP constitutes acceptance of the revised AUP to the extent permitted by applicable law.

Conflicts

In the event of a conflict between this AUP and the Terms of Service, the Terms of Service shall govern except where this AUP expressly provides otherwise.

Thanks for Connecting!

We’ll get back to you as soon as we can.