Legal
Acceptable Use Policy
Effective June 2026 · Version 1.0 · NE-OS SpA
Authorized Users
Access is granted only to individuals or organizations with a valid, signed agreement with NE-OS SpA and a demonstrated history of ethical security testing. You must maintain a current, approved scope of work on file with NE-OS SpA for each testing engagement.
Mandatory Written Authorization
No testing may be initiated without explicit, written authorization from the target organization. This authorization must include the scope, duration, and systems to be tested. You must provide a copy of the target's authorization to NE-OS SpA upon request.
Prohibited Activities
The following are strictly forbidden: unauthorized access to any system; malware generation, deployment, or propagation; attacks on critical infrastructure (power, water, healthcare, government); data exfiltration from target systems beyond authorized scope; denial-of-service attacks; and resale or sub-licensing of API access.
Reporting & Compliance
All security vulnerabilities discovered must be reported to NE-OS SpA within 24 hours of confirmation. You must retain logs of all API calls and target authorizations for at least one year and produce them upon request.
Enforcement
Violation of this AUP will result in immediate, permanent termination of API access, forfeiture of any prepaid fees, and potential referral to law enforcement. NE-OS SpA reserves the right to suspend access pending investigation without liability.
Contact
Questions about this policy: founder@ne-os.com