This Acceptable Use Policy ("AUP") sets out what you and your Authorised Users may and may not do when using The Run System ("Service"). It forms part of and is incorporated into the Terms of Service between you and Run With Ops Ltd ("RWO", "we", "us", "our").

Defined terms in this AUP have the meaning given in the Terms of Service unless defined here. Breach of this AUP is a material breach of the Terms of Service and may lead to suspension or termination of your access without refund.

If you become aware of any breach of this AUP, please tell us at [email protected].

1. General principle

You may use the Service only for lawful business purposes connected to the planning, execution, trafficking, reporting and activation of paid-media campaigns. You must use the Service in good faith and in line with the Terms of Service, this AUP, our Documentation, and all applicable laws and regulations.

2. You must not

You and your Authorised Users must not (and must not encourage, permit or assist anyone else to):

• Break the law — use the Service in any way that breaches any applicable law, regulation, code of practice or platform policy, including UK GDPR, PECR, the Bribery Act 2010, the Modern Slavery Act 2015, sanctions or export-control regimes, or any anti-money-laundering law;
• Infringe rights — upload, process or run campaigns containing content that infringes any third party's intellectual property, privacy, publicity, confidentiality or other rights;
• Process prohibited content — process through the Service any content that is unlawful, defamatory, harassing, threatening, hateful, discriminatory, obscene, pornographic, sexually explicit, gambling-related where unlicensed, related to firearms or weapons in violation of law, related to controlled substances in violation of law, related to malware, phishing or scams, or content harmful to minors;
• Process restricted personal data without authority — upload special category personal data (Article 9 UK GDPR), criminal-conviction data (Article 10), data relating to children, or large volumes of personal data of EU/UK data subjects without the appropriate lawful basis and without first putting in place our DPA;
• Bypass platform policies — use the Service to circumvent, evade or breach the terms, policies, rate limits, brand-safety rules, fraud-detection systems or platform integrity controls of any Third-Party Platform (including Meta, Google, LinkedIn, TikTok, Reddit, Snapchat), to fake engagement, click fraud, generate fake conversions, fake impressions, set up cloaked campaigns, or run "black-hat" advertising;
• Misrepresent identity or affiliation — use the Service to impersonate any person or entity, including spoofing brands, regulators or platforms, or to falsely claim affiliation with us or with any Third-Party Platform;
• Attempt to harm the Service — interfere with or disrupt the integrity, security or performance of the Service, including by introducing viruses, worms, trojans, ransomware, malicious code, denial-of-service attacks, fork bombs, prompt-injection attacks against our agents, jailbreaks, or any other malicious code or technique;
• Probe, scan or test our infrastructure without our prior written permission, including penetration testing, vulnerability scanning, fuzzing or red-teaming. (We welcome responsible disclosure — see section 5);
• Reverse engineer — copy, modify, decompile, disassemble, reverse-engineer, or attempt to derive the source code, architecture, model weights, prompts, schema or training data of the Service or any underlying AI models, except to the extent expressly permitted by law;
• Compete or commercialise — use the Service to build, train, fine-tune or evaluate a product or model that competes with the Service, or to provide a commercial service to third parties that resells, repackages or wraps the Service without our prior written agreement;
• Scrape or extract at scale — use bots, crawlers, scripts or other automated means to extract data from the Service or our marketing site (other than via APIs or features expressly provided for that purpose);
• Spam — use the Service to send unsolicited commercial communications in breach of PECR, the GDPR, CAN-SPAM, CASL or other applicable anti-spam laws;
• Mass-share or republish outputs — publicly share, redistribute, republish or broadcast Service outputs in a manner that suggests they are RWO's editorial output;
• Share credentials or access — share account credentials, allow more than one person to use a single login, or share Service access with third parties who have not been onboarded as Authorised Users under your subscription;
• Circumvent commercial controls — circumvent any usage limits, billing controls, rate limits, throttling, watermarking or other technical or commercial controls in the Service;
• Run anything we tell you to stop — continue any specific use of the Service that we have notified you in writing is a breach of this AUP or that poses a security, legal or platform-policy risk.

3. Sector and content restrictions

Even where lawful, the following uses require our prior written agreement (typically via an additional addendum on top of the Terms):

• adult content;
• gambling (other than UKGC-licensed operators advertising to UK markets in line with platform policies);
• cryptoassets, ICOs, NFT marketing or any FCA-regulated financial promotion;
• political advertising, election advertising or issue ads that fall within platform political-content policies;
• pharmaceutical, prescription medicines, supplements making health claims, alcohol or tobacco;
• weapons, ammunition, firearms-related products;
• "performance-enhancing" or anti-aging claims with weak substantiation;
• any campaign targeted at children under 18.

If you operate in one of these sectors, contact [email protected] before running campaigns through the Service.

4. Third-Party Platform compliance

You acknowledge and agree that:

• you remain responsible for compliance with the terms, policies and content standards of every Third-Party Platform you connect to TRS;
• platform policies (including Meta Advertising Standards, Google Ads policies, LinkedIn Marketing Policies, TikTok Advertising Policies) form additional restrictions over and above this AUP;
• a Third-Party Platform may, without notice to us, suspend or terminate your access for breach of its terms, and we are not responsible for that suspension or its consequences;
• we may rely on a Third-Party Platform's determination that a campaign breaches its policy and act accordingly under section 6.

5. Responsible security disclosure

If you discover a security vulnerability in the Service, please report it to [email protected]. Please do not exploit it beyond what is necessary to demonstrate the vulnerability, access data that is not yours, publicly disclose it before we have had a reasonable chance to fix it (typically 90 days), or demand payment as a condition of disclosure. We will acknowledge your report within five business days and credit you appropriately. Full policy at /security.

6. Enforcement

If we reasonably believe you or an Authorised User has breached this AUP, we may:

• contact you to investigate and require remediation;
• restrict or suspend access to all or part of the Service;
• remove or block specific content, instructions or campaigns;
• terminate your subscription under the Terms of Service;
• report serious or unlawful conduct to law enforcement, regulators or the relevant Third-Party Platform;
• recover from you all reasonable costs, losses and damages arising from the breach (including platform fines passed on to us and reasonable legal costs).

Where it is reasonable to do so we will give you notice and an opportunity to fix the breach first. Where the breach is serious, ongoing, or creates a risk to us, other customers or third parties, we may act first and notify you afterwards.

7. Changes

We may change this AUP from time to time. The "Last updated" date will change. Material changes will be notified by email or in-product notice and will take effect at the date stated, with reasonable advance notice where practicable.

8. Contact

[email protected] for AUP and security reports.
[email protected] for sector-restriction enquiries.

---

Questions about this document? Email [email protected].