Legal
Acceptable Use Policy
Last updated: 2026-06-07
Privian is in beta. This page describes our current practices and policies in plain language. Material updates will be noted here and on /updates.
This policy applies to all use of Privian and is part of our Terms of Service. Violations may result in suspension or termination, and where applicable notification to law enforcement.
1. Prohibited use
You may not use Privian to:
- Violate any applicable law or regulation.
- Develop, distribute or operate malware, ransomware, spyware, rootkits or other malicious code.
- Conduct phishing, credential theft, account takeover, or social engineering campaigns.
- Abuse upstream model providers — for example denial of service, attempts to extract training data, circumvention of provider rate limits, or violation of the provider's own terms.
- Attempt to bypass, disable or interfere with Privian's masking, security or governance controls, including by deliberately embedding sensitive data outside detectable patterns to defeat masking.
- Attempt to reverse-engineer the gateway, probe other tenants, or access data that does not belong to you.
- Send spam or unsolicited bulk communication.
- Conduct privacy-invasive surveillance, including covert monitoring of individuals without lawful basis.
- Generate, store, transmit or solicit child sexual abuse material (CSAM). Any such use will be reported in accordance with applicable law.
- Harass, threaten, defame, or incite violence against any individual or group.
- Infringe intellectual property or other rights of third parties.
2. High-risk and regulated use
Privian is not designed or certified for high-risk decision-making without human oversight. You must not use Privian as the sole basis for decisions in safety-critical domains (for example medical diagnosis, autonomous vehicles, life-support systems, or legally binding individual decisions) unless you have implemented adequate human-in-the-loop controls and your use complies with applicable law in the relevant jurisdiction.
3. Provider terms
Privian forwards your masked requests to the upstream LLM provider you configured under BYOK. You are responsible for complying with each provider's own terms of service and acceptable use policy. Privian may suspend access to specific providers if required by the provider or by law.
4. Operational abuse
You may not interfere with the operation of Privian or other customers' use of the service. This includes excessive automated signups, attempts to exhaust shared resources, deliberate ill-formed traffic intended to trigger failure modes, or unauthorized load testing.
5. Reporting violations
Suspected violations can be reported to support@privian.io. We investigate reports and may suspend access pending investigation.