TokenOne®

Acceptable Use Policy

The short version: don't use TokenOne® to harm people or break the law.

Draft. Engineering draft pending counsel review. This policy forms part of the Terms of Service.

Last updated: 21 April 2026

You may not use TokenOne® to

  • Generate illegal content · CSAM, material that incites violence, unauthorised copies of copyrighted works, or content that otherwise violates law in your jurisdiction or ours.
  • Harass or harm people · stalking, doxxing, non-consensual intimate imagery, targeted harassment campaigns, deepfake misrepresentation of real individuals.
  • Impersonate or deceive · pose as another person or organisation, run phishing or social-engineering campaigns, fabricate evidence.
  • Disrupt infrastructure · launch denial-of-service attacks, try to break our or third-party security, scan for vulnerabilities without authorisation, probe rate limits to extract blocked responses.
  • Exfiltrate model weights or train on our responses to build a competing AI product. Routing through our proxies for the purpose of training another model is prohibited.
  • Spam or mass-mislead · generate bulk unsolicited messaging, fake reviews, astroturfing, election disinformation.
  • Export-control violations · provide access in breach of sanctions or export laws that apply to you.
  • Scrape user data · systematically collect other TokenOne® users’ personal information without consent.
  • Resell as-is · repackage the TokenOne® API as a standalone service to end users. Legitimate in-product integration is fine; reselling the raw proxy is not.

High-risk use cases

The following require an enterprise agreement with additional safeguards · do not use TokenOne®’s standard plans for them:

  • Medical diagnosis, treatment, or health advice
  • Legal advice, document preparation, or case outcomes
  • Decisions about hiring, credit, housing, or benefits
  • Safety-critical systems (aviation, nuclear, medical devices)
  • Law enforcement or military applications

Reporting + enforcement

Report violations to abuse@tokenone.io. We investigate every report. We reserve the right to suspend or terminate accounts for AUP violations, with or without notice depending on severity. Repeat or egregious violations result in permanent ban.

Upstream provider terms

Calls you route through TokenOne® are also subject to the terms of the upstream provider that serves the call (Anthropic, OpenAI, Google, etc.). We pass through their usage policies. If you have reason to think an upstream policy is broader than ours, the stricter applies.

Questions: legal@tokenone.io.