Acceptable Use Policy

§ 1 — Permitted Uses

Bespoke Mentis products are designed for, and may only be used for, the following purposes:

• Legitimate business operations consistent with applicable law and the contracted service description
• Enterprise AI engineering, analytics, content, CRM, and operational intelligence (MIOS)
• Governed B2B outbound sales prospecting and communication to lawfully-obtained prospect lists (Agent Conexus)
• Pharmaceutical and biotechnology competitive, clinical, regulatory, and market access intelligence (Foresight)
• Governed AI engineering, code generation, testing, and documentation within enterprise development environments (Mentis Console)
• General informational inquiry and product demonstration (Mentis AI chat)
• Any use expressly authorized in writing by Bespoke Mentis

§ 2 — Prohibited Uses — General

Regardless of product, the following uses are strictly prohibited:

• Illegal activity. Any use that violates applicable local, state, federal, or international law, including privacy laws, consumer protection laws, anti-spam laws (CAN-SPAM, CASL, GDPR), export controls, and sector-specific regulations
• Harmful content generation. Using AI systems to generate content that is defamatory, harassing, threatening, discriminatory, obscene, or designed to cause harm to individuals or groups
• Disinformation and deception. Generating content intended to deceive, manipulate, or mislead, including fake news, impersonation, deepfakes, or AI-generated content presented as human-authored without disclosure
• Spam and unsolicited communication. Using Agent Conexus or any email capability to send unsolicited bulk commercial messages (spam) or to contact individuals without lawful basis
• System circumvention. Attempting to bypass, disable, or override any governance layer, constitutional enforcement mechanism, human approval gate, rate limit, access control, or safety measure
• Reverse engineering. Attempting to extract, reconstruct, or reverse-engineer proprietary AI models, system prompts, governance architectures, or constitutional frameworks
• Unauthorized access. Attempting to access systems, data, accounts, or environments beyond your authorized scope
• Malicious code. Transmitting viruses, malware, ransomware, trojans, or any code designed to damage, disrupt, or gain unauthorized access to systems
• Competitive intelligence harvesting. Using Bespoke Mentis systems to systematically collect, aggregate, or analyze data for the purpose of building competing AI products or services
• Credential abuse. Sharing, selling, or sublicensing access credentials to unauthorized parties

§ 3 — Prohibited Uses — AI-Specific

The following AI-specific uses are prohibited across all Bespoke Mentis products:

• Weapons development. Using AI capabilities to research, design, develop, or improve weapons, including biological, chemical, nuclear, radiological, or conventional weapons
• Critical infrastructure attacks. Using AI capabilities to identify vulnerabilities in, attack, or disrupt critical infrastructure (power grids, water systems, financial systems, hospitals)
• Unlawful surveillance. Using AI capabilities to conduct surveillance of individuals without their knowledge or consent, in violation of applicable privacy law
• Discriminatory automated decisions. Using AI outputs to make automated decisions that discriminate against individuals on the basis of protected characteristics under applicable law (race, color, religion, sex, national origin, disability, age, etc.)
• Patient-level clinical decisions. Using Foresight or any Bespoke Mentis AI system as the sole basis for individual patient treatment decisions without qualified clinical review
• PHI processing without authorization. Submitting protected health information (PHI) into any Bespoke Mentis system without an executed HIPAA Business Associate Agreement (BAA)
• Confidential data without authorization. Submitting third-party confidential information, classified data, trade secrets of other entities, or data subject to professional privilege into Bespoke Mentis systems without appropriate authorization
• Adversarial prompting. Deliberately crafting inputs (jailbreaking, prompt injection) designed to cause AI systems to bypass safety controls, produce harmful outputs, or reveal confidential system information
• Autonomous high-stakes decisions. Relying solely on AI-generated outputs for decisions with significant legal, financial, health, or safety consequences without human review — especially where Bespoke Mentis's governance architecture mandates a human approval gate

§ 4 — Agent Conexus — Outbound Compliance

Users of Agent Conexus are specifically prohibited from:

• Sending commercial email to recipients who have opted out or unsubscribed from communications
• Misrepresenting the sender identity, company name, or purpose of outreach
• Contacting individuals in jurisdictions where cold outreach is prohibited without explicit consent (e.g., certain EU member states under GDPR)
• Using AI-generated email content without reviewing it for accuracy, compliance, and professional appropriateness before sending
• Purchasing or using prospect lists sourced from unlawful data brokers or scraped without consent
• Sending more than the contracted volume of sequences per month as specified in your Order Form

§ 5 — Mentis Console — Engineering Use Restrictions

Users of Mentis Console are specifically prohibited from:

• Deploying AI-generated code to production without the human review steps mandated by the constitutional governance architecture
• Bypassing or overriding human approval gates in the governance layer
• Using Mentis Console to generate code for weapons, cyberattack tools, or malicious software
• Submitting third-party proprietary code, licensed code, or classified code to Mentis Console without proper authorization from the IP owner

§ 6 — Enforcement

Violations of this AUP may result in:

• Immediate suspension or termination of access, without refund, at Bespoke Mentis's discretion
• Legal action to recover damages, including costs of investigation and remediation
• Referral to law enforcement authorities where criminal activity is involved
• Disclosure to affected third parties and relevant regulatory authorities as required by law

Bespoke Mentis reserves the right to investigate suspected AUP violations and to cooperate with law enforcement authorities and regulatory bodies as required.

§ 7 — Reporting Violations

To report suspected misuse of Bespoke Mentis systems, including potential AUP violations by other users or security vulnerabilities, contact:

We investigate all good-faith reports and maintain confidentiality of reporting parties to the extent practicable. See our Trust Center for our Vulnerability Disclosure Policy.

§ 8 — Updates

Bespoke Mentis reserves the right to update this AUP to reflect new products, regulatory requirements, or operational needs. Material changes will be communicated with at least 30 days' notice to enterprise customers. Continued use of the Services after the effective date of any update constitutes acceptance.