This Acceptable Use Policy ("AUP") governs what you may and may not do with the Northern Inference platform and API. It supplements our Terms of Service and is enforceable as part of your agreement with us. Violations can result in immediate suspension, termination, and disclosure of your identity and request logs to upstream providers or law enforcement where required.
Northern Inference routes requests to third-party model providers including AWS Bedrock, Microsoft Azure OpenAI, Google Vertex AI, Anthropic, OpenAI, Mistral, Cohere, xAI, Groq, Together AI, and Perplexity. Every one of those providers imposes its own acceptable-use restrictions, and those restrictions flow through to you when we route your request. The prohibitions below represent the consolidated baseline. Specific providers may impose additional restrictions referenced under "Provider-Specific Policies" below.
1. Prohibited Content
You may not use the Service to generate, store, or transmit content that:
Sexually exploits, abuses, or endangers children (CSAM). This includes any attempt to generate, depict, describe, or solicit such material, whether photographic, illustrated, textual, or synthetic. We report confirmed CSAM incidents to the National Center for Missing and Exploited Children (NCMEC) and Canadian law enforcement.
Depicts non-consensual sexual content involving real or identifiable persons, including deepfake intimate imagery.
Provides instructions for creating weapons of mass destruction (chemical, biological, radiological, nuclear, or explosive) or advises on deploying them.
Provides credible, specific instructions for violence against persons, groups, or critical infrastructure.
Incites or glorifies violence, terrorism, or genocide, or recruits for organizations designated as terrorist by Canada or its allies.
Harasses, stalks, threatens, or doxes individuals.
Depicts or describes severe graphic violence or gore intended to shock or harm.
2. Prohibited Uses
You may not use the Service to:
Violate applicable laws of Canada, your jurisdiction, or any jurisdiction your output reaches.
Infringe intellectual property, privacy, or publicity rights of third parties.
Generate misleading political, electoral, or voter-suppression content, including impersonating elected officials, candidates, or election authorities.
Conduct fraud or scams, including phishing generation, fake reviews, impersonation for financial gain, or synthetic-identity creation for deception.
Generate malware, exploit code, ransomware, or instructions for unauthorized access to computer systems you do not own or have explicit written permission to test. Defensive security research, CTF practice, and red-team engagements on systems you are authorized to test are permitted.
Practice regulated professions without qualification: generate medical diagnoses, legal advice, financial planning, psychiatric counseling, or similar regulated advice without appropriate licensing and without a clear disclaimer to end users.
Make automated decisions with legal or similarly significant effects on individuals without appropriate human oversight, due-process safeguards, and (where applicable under PIPEDA, the AIDA framework, or the EU AI Act) transparency notices.
Generate credentialing, academic, or government-identification documents that could be mistaken for genuine.
Build services whose primary function is content moderation evasion, deepfake pornography, spam generation, or vote manipulation.
Train or fine-tune other models on outputs from the Service without the upstream model provider's written permission. Most providers prohibit this.
Resell, redistribute, or wrap the Service for third-party end users without our written authorization. This includes acting as a middleman aggregator.
3. Operational Restrictions
Do not attempt to circumvent rate limits, quotas, or abuse-detection systems.
Do not share API credentials between unrelated parties. Your credentials are bound to your account.
Do not attempt to extract, exfiltrate, or enumerate other users' data, requests, or responses.
Do not probe, scan, or attack our infrastructure, any provider's infrastructure, or the network paths between them.
Do not submit automated traffic designed to overwhelm or degrade the Service for other users.
4. Transparency Requirements
If you build a product on the Service whose outputs are presented to human end users:
Disclose AI involvement. Do not present model-generated content as human-authored in contexts where that distinction is material (news, journalism, dating, therapy, tutoring, etc.).
Disclose the provider chain on request. Users have a right to know which upstream provider processed their data. Northern Inference's chain-of-custody records are available to all customers via the customer portal. Pass that visibility through to your end users on reasonable request.
Do not generate content that falsely attributes statements to real people.
5. Provider-Specific Policies (Flow-Down)
When you send a request through the Service, you are also bound by the Acceptable Use policies of whichever upstream provider your request is routed to. Those are incorporated by reference. The authoritative current versions:
If any upstream policy imposes a stricter restriction than this AUP for a given use, the stricter restriction wins. If an upstream provider updates its policy, you are bound by the updated version as soon as it takes effect, without separate notice from us.
6. Enforcement
Our rights on violation
Immediate suspension without prior warning. We may suspend your account, revoke your API keys, and halt in-flight requests the moment we have a reasonable belief of a violation. Prior notice is not required.
Disclosure to upstream providers. When an upstream provider notifies us of a policy violation involving your traffic, we will cooperate with their investigation. This includes disclosing your identity, request logs, response bodies, and chain-of-custody records to the reporting provider.
Disclosure to law enforcement. We will preserve and disclose records to law enforcement in response to lawful requests under Canadian law, and proactively in cases involving imminent threats to life or confirmed CSAM.
Termination. Repeated or severe violations will result in account termination. Termination does not refund unused credits for terminated-for-cause accounts.
Legal action. We reserve the right to pursue damages for violations that cause us to incur provider penalties, legal fees, or reputational harm.
Your obligations on violation notice
Respond promptly. If we notify you of a suspected violation and request information, you have 48 hours to respond.
Preserve evidence. Do not delete logs, prompts, or artifacts related to the flagged traffic while an investigation is open.
Cooperate with upstream investigations. If an upstream provider requests information about your use, you consent to our passing through their request.
7. Reporting Abuse
If you believe another user of the Service is violating this AUP, or if you observe content apparently generated through the Service that violates this policy, please report it to abuse@northerninference.ca. Include as much detail as you can: timestamps, request IDs if available, the output you observed, and the harm caused. We investigate every report.
Imminent harm to life or safety: if you believe someone is in imminent danger, contact local emergency services first (911 in Canada), then notify us. Do not rely on email for time-critical threats.
8. Good-Faith Safety Research
Security researchers, AI safety researchers, and academics investigating potential harms are not the target of this policy. If you are probing model behavior in a controlled research context and would otherwise risk triggering an enforcement action, contact us at abuse@northerninference.ca in advance to coordinate. We will reasonably accommodate legitimate research that follows responsible-disclosure norms.
9. Changes to This Policy
We may update this AUP to reflect new providers, new regulations, or new categories of misuse we discover in the wild. Material changes will be announced at least 14 days in advance via email and a notice on this page. Your continued use of the Service after an update takes effect constitutes acceptance of the revised AUP.