Legal

Acceptable Use Policy

Last updated: 3 March 2026

1. Purpose

This Acceptable Use Policy (“AUP”) sets out the rules and boundaries for using the Govix platform, website, and services. It is designed to protect our users, our systems, and the integrity of the regulatory data and compliance outputs we provide.

This AUP supplements our Terms of Service and Privacy Policy.

2. Permitted Use

The Govix platform is designed for use by authorised personnel within regulated financial services firms for legitimate compliance, governance, and risk management purposes. Permitted uses include:

  • Identifying and filtering relevant regulatory obligations for your firm
  • Mapping obligations to policies, procedures, controls, and evidence
  • Generating policy and procedure outputs from mapped obligations
  • Producing traceability packs and audit-readiness artefacts
  • Exporting structured regulatory data for internal use
  • Managing regulatory change impact across your compliance framework

3. Prohibited Use

You must not use the Govix platform to:

  • Process, store, or transmit personal data of data subjects beyond what is necessary for compliance mapping (e.g., do not upload customer records, personal identification documents, or sensitive personal data)
  • Reverse engineer, scrape, or systematically extract regulatory content for use in competing products or services
  • Redistribute, resell, or sublicense Govix outputs, data, or regulatory content to third parties without authorisation
  • Attempt to gain unauthorised access to other users’ accounts, data, or workspaces
  • Introduce malicious code, malware, or conduct any activity that could compromise system integrity
  • Use the platform for any unlawful purpose or in violation of applicable regulations
  • Misrepresent Govix outputs as legal advice or as a substitute for qualified compliance counsel

4. AI and Automated Processing

Govix uses artificial intelligence and automated processing to assist with regulatory interpretation, obligation filtering, mapping, and policy generation. The following principles govern AI use within the platform:

4.1 Transparency

Where AI is used to generate or suggest outputs (such as obligation interpretations, relevance assessments, or policy language), Govix will clearly indicate that the output involves automated processing. Users are responsible for reviewing and validating AI-assisted outputs before relying on them for compliance decisions.

4.2 Data handling

  • Client data submitted to the platform is processed solely to provide our services and is not used to train general-purpose AI models
  • Regulatory content analysis is performed within secure, isolated environments
  • AI-generated outputs are based on the regulatory sources, firm profile, and mapping data specific to your workspace

4.3 Defensibility

AI-assisted outputs are designed to be defensible and traceable. Every automated suggestion includes the source material and reasoning that informed it, enabling users to verify, override, or document the basis for compliance decisions.

4.4 Human oversight

Govix is designed to assist compliance professionals, not replace them. All AI-generated outputs should be reviewed by qualified personnel before being adopted as the basis for compliance actions or regulatory submissions.

5. Data Handling Boundaries

To protect both your data and the integrity of our platform:

  • Do upload: Regulatory texts, firm policies, procedures, control descriptions, governance documents, and mapping artefacts
  • Do not upload: Customer personal data, financial records, transaction data, personal identification documents, or any data classified as sensitive personal data under GDPR/UK GDPR
  • Data isolation: Each client’s data is logically isolated within the platform. Your data is never accessible to other clients or used to inform other clients’ outputs
  • Data retention: Platform data is retained in accordance with our Privacy Policy. You may request data export or deletion at any time

6. Security Responsibilities

While we implement robust security measures, you are responsible for:

  • Maintaining the confidentiality of account credentials
  • Ensuring only authorised personnel access your workspace
  • Promptly reporting any suspected security incidents to security@govix.ai
  • Following your own organisation’s information security policies when using the platform

7. Compliance with Laws

You must use the Govix platform in compliance with all applicable laws and regulations, including but not limited to data protection legislation (GDPR, UK GDPR, DPA 2018), financial services regulations, and any industry-specific requirements applicable to your firm.

8. Enforcement

Violation of this AUP may result in:

  • Warning and request to cease the prohibited activity
  • Temporary suspension of access to the platform
  • Permanent termination of access
  • Legal action where appropriate

We will make reasonable efforts to notify you before taking enforcement action, except where immediate action is necessary to protect the platform, other users, or comply with legal obligations.

9. Changes to This Policy

We may update this AUP from time to time. Material changes will be communicated through our platform or by email. Continued use of our services after changes take effect constitutes acceptance of the revised policy.

10. Contact

Questions about this Acceptable Use Policy should be directed to:

Govix
Email: legal@govix.ai
Security: security@govix.ai
General: hello@govix.ai