Trust Center policy

TyriaCore Acceptable Use Policy

Permitted use, prohibited behavior, AI limits, and PHI handling boundaries.

Back to Trust CenterBack to the Engine
Document type
Published policy
Public policy page
Last updated
February 20, 2026
Current published revision
Access
Public
No authentication required

TyriaCore Acceptable Use Policy

Last Updated: February 20, 2026

This Acceptable Use Policy ("AUP") governs access to and use of Provider's TyriaCore software-as-a-service platform (the "Platform") and related services (the "Subscription Services").

This AUP is incorporated by reference into the Master SaaS and Services Agreement (the "Agreement") between Provider (Tyria LLC) and Customer to the extent referenced in an Order Form or otherwise incorporated into the Agreement.

Order of precedence. If there is a conflict between this AUP and the Agreement (or an Order Form, SOW, DPA, or BAA), the order of precedence in the Agreement controls.

No expanded liability / no warranties. This AUP does not create any warranties. Provider's disclaimers, limitations of liability, and remedies limitations in the Agreement apply.

1. Permitted Use

Customer may access and use the Platform only:

  • for lawful business purposes; and
  • in accordance with the Agreement, Documentation, and this AUP.

Customer is responsible for all activity under Customer accounts, including activity by Authorized Users.

2. Prohibited Activities

Customer (and Authorized Users) must not (and must not attempt to):

2.1 Reverse Engineering; Source Code; Competitive Use

  • reverse engineer, decompile, disassemble, or attempt to derive source code, underlying ideas, algorithms, or structure of the Platform (except to the extent prohibited by law);
  • use the Platform, Documentation, or Provider Confidential Information to develop, train, improve, or offer a product or service that is Competitive with the Platform, where such Competitive use is based on or derived from Customer's access to the Platform, Documentation, or Provider Confidential Information.

For clarity, "based on or derived from" includes use of outputs, performance characteristics, workflows, or non-public insights obtained through use of the Platform. Customer's provision of Feedback does not grant any right to use the Platform, Documentation, or Provider Confidential Information for competitive purposes, nor permit reliance on Feedback or Provider responses to Feedback to develop or offer a competing product or service. This restriction does not prohibit development that is independently created without reliance on non-public insights obtained through use of the Platform.

2.2 Security Circumvention; Abuse; Interference

  • circumvent, disable, bypass, or compromise security measures, access controls, authentication, rate limits, or usage restrictions;
  • probe, scan, or test the vulnerability of the Platform or related systems except as expressly authorized in writing by Provider;
  • interfere with or disrupt the Platform, servers, or networks, including via denial-of-service attacks, abusive traffic, or resource consumption;
  • introduce malware, harmful scripts, bots, scraping tools, or other destructive code.

2.3 Unlawful Use; Rights Violations

  • access or use the Platform in violation of applicable law or regulation;
  • infringe, misappropriate, or violate third-party rights (including intellectual property, privacy, publicity, contractual, or fiduciary rights);
  • submit unlawful, abusive, deceptive, or harmful content.

2.4 AI Feature Restrictions (If AI Features Are Enabled)

If the Platform provides AI Features and Customer enables or uses them, Customer must not:

  • use AI Features for unlawful purposes, or to violate third-party rights;
  • use AI Features in a discriminatory manner or in violation of civil rights, employment, housing, credit, or similar laws;
  • use AI Output as the sole basis for decisions that may materially impact an individual's rights, health, safety, employment, eligibility, credit, housing, legal status, or similar high-impact determinations without meaningful human review and independent validation;
  • submit sensitive data beyond what is necessary for Customer's lawful business purpose.

2.5 PHI and Regulated Data Restrictions

  • upload, store, transmit, or process PHI unless a HIPAA Business Associate Agreement ("BAA") is fully executed and in effect and the use is permitted by the BAA;
  • upload or process PHI in any non-production environment (including sandbox, demo, test, or pre-production) unless expressly authorized in writing by Provider and safeguarded appropriately;
  • upload data that Customer is not legally authorized to process or disclose.

3. Customer Security Obligations

Customer must:

  • maintain secure credentials and protect account access;
  • enforce MFA where available, especially for administrators;
  • configure least-privilege roles and permissions;
  • secure API keys, tokens, webhooks, and integrations;
  • promptly notify Provider in writing of any known unauthorized access to or misuse of the Platform.

4. Enforcement

Provider may suspend or terminate access (in whole or in part) for violations of this AUP or where reasonably necessary to protect the Platform, Customer Data, other customers, or Provider, or to comply with law.

5. Changes

Provider may update this AUP by posting a revised version and updating the "Last Updated" date. If incorporated into the Agreement, changes apply as described in the Agreement's policy change terms.

6. Contact

Questions about this AUP: support@tyria.app