About this policy.
This Acceptable Use Policy sets the rules for how you may use VYRA's services. VYRA Data Inc. ("VYRA", "we", "us", "our") is a company based in Halifax, Nova Scotia, Canada.
It applies to everyone who uses our services. That includes:
- Customers and account holders on our SaaS products: Vyra Insights, Vyra Life, Vyra Code, and the VYN AI teammate.
- People who use those products through a customer's account.
- Clients and their end users, where VYRA built or operates a website, a CRM, an ad account, or an AI system that processes personal information on the client's behalf.
This policy forms part of our Terms of service. If you break these rules, you break the terms. Where a signed services agreement applies to your engagement, that agreement and this policy are read together, and the stricter rule applies. How we handle personal information is set out in our Privacy policy. How our AI features work, and the disclosures that come with them, is set out in our AI policy.
The date this policy last changed is shown at the top of this page.
Compliance with law.
You may use the services only for lawful purposes. You must comply with all laws that apply to you and to the way you use the services, including privacy, anti-spam, intellectual-property, consumer-protection, export-control, and sanctions laws. You are responsible for making sure your use of the services is lawful where you are and where the people whose data you handle are located.
You must not use the services to break any law, to help anyone else break the law, or to do indirectly what the law or this policy forbids you from doing directly.
Prohibited conduct.
You must not use the services, and must not let anyone using your account use the services, to do any of the following.
Illegal and harmful activity.
- Break any law, or plan, promote, or carry out illegal activity.
- Post or transmit content that infringes another person's intellectual property, or that defames, harasses, threatens, bullies, or discriminates against a person or group.
- Engage in targeted harassment of any individual, or coordinate others to do so.
- Publish someone's private or identifying information without a lawful basis, including doxxing.
- Create, request, or share non-consensual intimate imagery.
- Incite or threaten violence, or promote self-harm.
Child safety.
We have zero tolerance for child sexual abuse material. Any attempt to generate, request, store, or share it results in immediate termination of your access and, where required by law, a report to law enforcement and the relevant authorities. You must not use the services to endanger, exploit, or sexualise a minor in any way.
Security and integrity of the services.
- Reverse engineer, decompile, or otherwise try to derive our source code, or extract, reconstruct, or derive any model weights.
- Use the services or their outputs to build or train a competing product or model.
- Probe, scan, or run vulnerability or penetration tests against the services without our written permission.
- Interfere with normal operation, launch a denial-of-service attack, or bypass or defeat rate limits, quotas, filters, or usage controls.
- Access another user's account or data without authorisation, or attempt to.
Data you submit.
- Submit personal information about other people without a lawful basis to do so.
- Submit sensitive or special-category data, such as health, biometric, or financial information, unless your contract with us authorises it. Biometric data carries specific obligations under Quebec Law 25, and we do not accept it unless your agreement provides for it.
- Send data you know, or should know, comes from or is about a child.
Deception and misuse.
- Impersonate any person or organisation, or misrepresent your identity or your affiliation.
- Send spam, or any commercial message that breaks Canada's anti-spam law (CASL) or the United States CAN-SPAM Act, including sending without valid consent, without a working unsubscribe, or without honouring an unsubscribe request within the time the law allows.
- Create or spread deepfakes or other synthetic media in a deceptive, harmful, or unlawful way, including presenting AI-generated content as real without the disclosure the law requires.
- Spread election disinformation, or use the services to interfere with an election or a democratic process.
High-stakes use.
- Use the services for high-stakes purposes, such as life-safety systems, medical devices, critical infrastructure, or weapons systems, without our written authorisation.
AI-specific rules.
These rules apply on top of everything above whenever you use an AI feature, including VYN, or use an AI system we built for you.
- Do not present AI output as professional advice. AI output is not legal, medical, financial, or mental-health advice, and you must not offer it to others as a substitute for a qualified professional.
- Do not use the services to make a fully automated decision that has a significant effect on a person, such as hiring, credit, insurance, or healthcare decisions, without a documented human review. A person must be able to review the decision and the main factors behind it.
- Do not use the services to impersonate a real person or to clone a real person's voice, face, or likeness without that person's consent.
- Do not attempt to jailbreak, bypass, or defeat safety features, and do not use prompt injection or similar techniques to override the system's guardrails or extract its instructions.
- Where you deploy an AI feature so that other people interact with it, you must tell those people they are interacting with an AI, not a person.
- Where the law requires it, synthetic outputs must be marked as artificially generated. Rules like the EU AI Act set out when this applies, and you must follow them for the content you publish.
AI output can be wrong, incomplete, or out of date. Treat it as a draft, not a decision, and review it for your own situation before you act on it or pass it on.
AI is the engine. The human is the brake.
Ads-specific rules.
These rules apply where we run static Meta ads (Facebook and Instagram) for you, or where you use measurement tools such as the Meta pixel or the Conversions API through our work.
- Comply with Meta's Advertising Standards, Community Standards, and Business Tools Terms. Content and targeting that Meta prohibits is prohibited here.
- Confirm that you have all the rights, permissions, and lawful basis needed for any data, pixel or conversion events, and contact lists used in your campaigns. Pixel and Conversions API events must fire only after the visitor has given the consent the law requires.
- Do not upload a contact list for a custom or lookalike audience unless you have valid CASL or CAN-SPAM consent for every contact on it.
- Do not target people using sensitive attributes that platform policy prohibits, and do not send sensitive information through advertising tools.
- Disclose material connections clearly and conspicuously in any endorsement, testimonial, or influencer content, as the FTC Endorsement Guides and Canada's Competition Bureau require. Disclose AI-generated or AI-altered content where guidance calls for it.
- Do not make performance claims you cannot substantiate.
Where we act as your agent, you authorise us to accept the relevant platform terms on your behalf, and you remain responsible for the accuracy and lawfulness of the content, data, and consents behind your campaigns.
Reporting abuse.
If you become aware of a violation of this policy, or of an AI-safety concern, report it to safety@vyradata.com. Tell us what you saw, where, and when, so we can act quickly.
To report a security vulnerability, email security@vyradata.com. For any other concern, email contact@vyradata.com.
Enforcement.
We may investigate suspected violations of this policy. To do that, and to protect people and the services, we may review relevant content and activity, consistent with our Privacy policy.
Where we find a violation, or a credible risk of one, we may take any step that fits the situation, including:
- Asking you to fix the problem within a set time, where the violation can be cured and the risk allows for it.
- Removing or disabling access to offending content.
- Throttling, suspending, or restricting your access.
- Terminating your account or the affected engagement.
Some violations are serious enough that we act immediately, without a cure period. These include child sexual abuse material, activity that puts people or the services at risk of harm, and unlawful conduct we must stop right away. In those cases we may suspend or terminate access at once, and we cooperate with law enforcement and provide information where the law requires or permits it.
Nothing here limits any other right or remedy we have under the Terms of service or the law. We may change this policy as our services and the law evolve, and we will update the date at the top when we do.
Contact.
To report abuse or an AI-safety concern, email safety@vyradata.com.
For security issues and vulnerability reports, email security@vyradata.com.
For general and legal questions, email contact@vyradata.com.
For privacy and data-rights requests, email privacy@vyradata.com.
You can reach us at VYRA Data Inc., Halifax, Nova Scotia, Canada.