NEOS

Legal

Acceptable Use Policy

Effective June 2026 · Version 1.0 · NE-OS SpA

Authorized Users

Access is granted only to individuals or organizations with a valid, signed agreement with NE-OS SpA and a demonstrated history of ethical security testing. You must maintain a current, approved scope of work on file with NE-OS SpA for each testing engagement.

Mandatory Written Authorization

No testing may be initiated without explicit, written authorization from the target organization. This authorization must include the scope, duration, and systems to be tested. You must provide a copy of the target's authorization to NE-OS SpA upon request.

Prohibited Activities

The following are strictly forbidden: unauthorized access to any system; malware generation, deployment, or propagation; attacks on critical infrastructure (power, water, healthcare, government); data exfiltration from target systems beyond authorized scope; denial-of-service attacks; and resale or sub-licensing of API access.

Reporting & Compliance

All security vulnerabilities discovered must be reported to NE-OS SpA within 24 hours of confirmation. You must retain logs of all API calls and target authorizations for at least one year and produce them upon request.

Enforcement

Violation of this AUP will result in immediate, permanent termination of API access, forfeiture of any prepaid fees, and potential referral to law enforcement. NE-OS SpA reserves the right to suspend access pending investigation without liability.

Contact

Questions about this policy: founder@ne-os.com