Revision 000 | Effective 27 May 2026
Document reference: SEVRON-LAC-FUP-PO-003
SEVRON FAIR USE POLICY
1. Purpose
1.1 This Fair Use Policy (the “Policy”) sets out the conditions under which the Customer and its Authorised Users may access and use the Safety365 platform and related services provided by Sevron Ltd. (“Sevron”, “we”, “us”). It is the “Fair Use Policy” referred to in clause 4.2 and defined in clause 13.1 of the Sevron Standard Terms and Conditions (the “Terms”), and forms part of the Agreement between Sevron and the Customer.
1.2 The purpose of this Policy is to ensure that the Services remain secure, reliable, performant and available for all customers, that subscription entitlements are used fairly, and that use of the Services including optional AI-assisted features is lawful and consistent with Sevron’s obligations under applicable law and its ISO/IEC 27001 and ISO 9001 certified management systems.
2. Scope
2.1 This Policy applies to:
2.1.1 the Customer and all Authorised Users (as defined in the Terms), including directors, officers, employees, agents and subcontractors who access the Services through the Customer’s account; and
2.1.2 all use of the Services and Service Content, including web interfaces, APIs, integrations, search facilities and optional AI-assisted features.
2.2 The Customer remains responsible for all acts and omissions of its Authorised Users as if they were its own, in accordance with the Terms. This Policy is in addition to, and does not replace, the Customer’s obligations under the Terms, the Data Processing Addendum (the “DPA”) and the Privacy Policy.
3. Definitions
3.1 Capitalised terms not defined in this Policy have the meanings given to them in the Terms or the DPA. In addition:
3.1.1 “Fair Use Threshold” means the volume, frequency and pattern of use that is reasonable for the Customer’s Subscription Plan, having regard to the Assessment Limit, SDS Limit and any other entitlements set out in the Proposal.
3.1.2 “Excessive Use” means use that materially exceeds the Fair Use Threshold, or that places a disproportionate or abnormal load on the Services or underlying infrastructure or subprocessors.
3.1.3 “Automated Access” means access to the Services by any script, bot, scraper, crawler or other automated means, other than through interfaces and APIs expressly made available by Sevron and used within their documented limits.
4. Principles of Fair Use
4.1 The Services are provided on a shared, multi-tenant basis. Fair use means using the Services:
4.1.1 in good faith and for the Customer’s own internal business purposes, as permitted by the licence granted in clause 2 of the Terms;
4.1.2 within the entitlements of the Customer’s Subscription Plan;
4.1.3 in a manner that does not degrade, disrupt or threaten the performance, security, integrity or availability of the Services for Sevron or other customers; and
4.1.4 in compliance with all applicable laws and with the Terms, the DPA and this Policy.
5. Usage Limits and Fair Throughput
5.1 Each Subscription Plan includes defined entitlements, which may include an Assessment Limit, an SDS Limit and other usage parameters set out in the Proposal. The Customer shall ensure that its use, and that of its Authorised Users, remains within those entitlements and within the Fair Use Threshold.
5.2 The Customer shall not:
5.2.1 exceed the Assessment Limit, SDS Limit or any other documented entitlement, except where additional use is expressly authorised in writing by Sevron and any additional fees are paid (consistent with clause 2.4 of the Terms);
5.2.2 generate artificial, inflated, repetitive or automated volumes of assessments, documents, searches or records that do not reflect genuine business use;
5.2.3 use the Services in a way that places a disproportionate or abnormal burden on the platform or its subprocessors, or that is intended to test, probe or circumvent capacity, rate or volume controls; or
5.2.4 resell, rent, sublicense, time-share or otherwise make the Services available to any person outside the Customer’s organisation, or use the Services to build a competing product or service (consistent with clauses 2.5 and 2.8 of the Terms).
6. Account, Licence and Access Sharing
6.1 Access to the Services is licensed on a non-exclusive, non-transferable basis for use by the Customer’s Authorised Users, as set out in clause 2 of the Terms. To ensure security and fair allocation of entitlements, the Customer shall ensure that:
6.1.1 login credentials (accounts, permissions and passwords) are kept confidential and are not shared between individuals;
6.1.2 each Authorised User has their own individual credentials and does not use generic, shared or “team” logins to circumvent per-user entitlements or licensing;
6.1.3 Authorised Users log out before allowing anyone else to use their device, and adequate security measures are maintained to prevent unauthorised use (consistent with clauses 4.5 to 4.8 of the Terms); and
6.1.4 access is promptly revoked when an Authorised User leaves the organisation or no longer requires access.
6.2 The Customer accepts full responsibility and liability for any unauthorised use of the Services and Service Content resulting from shared credentials or inadequate access controls.
7. Fair Use of AI-Assisted Features
7.1 The Services may include optional AI-assisted features. These are provided subject to clause 6.17 of the Terms and clause 13 of the DPA, and are processed by AI subprocessors under contractual terms that prohibit the use of Customer Personal Data to train their models. In addition to those terms, the Customer shall ensure that AI-assisted features are used fairly, and shall not:
7.1.1 submit excessive, bulk, automated or high-frequency requests to AI-assisted features beyond what is reasonable for genuine business use, or in a manner that constitutes Excessive Use or Automated Access;
7.1.2 use AI-assisted features to generate unlawful, harmful, defamatory, obscene, infringing, harassing or discriminatory material, or any of the prohibited content described in clause 2.7 of the Terms;
7.1.3 attempt to extract, reverse engineer, copy or replicate the underlying AI models, prompts or Service Content, or use the features to build a competing product or service;
7.1.4 rely on AI outputs without competent human review, or input personal data without a lawful basis and any necessary Article 9 conditions; the Customer remains the data controller for personal data processed via AI-assisted features and is responsible for the lawful basis, consents and consistency with its own privacy notices (consistent with clauses 6.17.2 and 6.17.3 of the Terms and clause 13 of the DPA); or
7.1.5 disable or circumvent any safeguards, rate limits or content controls applied to AI-assisted features.
7.1.6 AI outputs are technology aids only and are not a substitute for professional, commercial, legal or regulatory advice. The Customer acknowledges that AI subprocessors may retain prompts, outputs and uploaded files for a limited period for abuse-monitoring purposes, as described in Annex 3 of the DPA.
8. Prohibited and Unacceptable Use
8.1 In addition to the restrictions in clauses 2.7 and 2.8 of the Terms, the Customer and its Authorised Users shall not:
8.1.1 access, store, distribute or transmit any Virus, malware or harmful code, or attempt to gain unauthorised access to the Services, other accounts, or Sevron’s or any subprocessor’s systems or networks;
8.1.2 probe, scan, penetration-test or attempt to circumvent the security, authentication or access controls of the Services without Sevron’s prior written consent;
8.1.3 use Automated Access (scraping, crawling, bots) other than via interfaces or APIs expressly provided by Sevron and within their documented limits;
8.1.4 interfere with or disrupt the integrity or performance of the Services, or take any action that imposes an unreasonable or disproportionately large load on the infrastructure;
8.1.5 upload or process content that is unlawful, infringing, or that the Customer does not have the right to provide; or
8.1.6 use the Services in any way that breaches applicable law or causes Sevron to breach any law or its obligations to any subprocessor or third party.
9. Monitoring
9.1 Sevron records and retains details of account activity for the purposes of security, service management, capacity planning, billing and analysis, as described in clause 6.8 of the Terms and Sevron’s Privacy Policy. Sevron uses application performance monitoring and security-event logging to detect and investigate suspicious access and abnormal usage. Monitoring is carried out in accordance with the Data Protection Laws and Sevron’s Privacy Policy, and does not extend to inspecting the substantive content of Customer Data except where necessary for security, legal compliance, or to investigate a suspected breach of this Policy.
10. Consequences of Breach
10.1 Where Sevron reasonably considers that use of the Services constitutes Excessive Use, Automated Access, or otherwise breaches this Policy or the Terms, Sevron will ordinarily follow a graduated approach:
10.1.1 Notification. Sevron will notify the Customer of the nature of the concern and, where appropriate, request that the Customer brings its use back within the Fair Use Threshold within a reasonable period.
10.1.2 Throttling or restriction. If the behaviour continues, or where reasonably necessary to protect the Services or other customers, Sevron may apply rate limits, throttle throughput, or temporarily restrict access to the affected feature(s).
10.1.3 Suspension. Where the breach is serious, persistent, or unresolved after notification, Sevron may suspend the Customer’s access to the Services or the relevant features.
10.2 Sevron reserves the right to act immediately, without prior notice, where it reasonably believes that the behaviour poses a risk to the security, integrity or availability of the Services, breaches clause 2.7 of the Terms, is unlawful, or requires action to comply with applicable law or the instruction of a regulator or other competent authority (consistent with clauses 2.7, 5.3(d), 6.14 and 12.4(a) of the Terms).
10.3 Where Excessive Use reflects a genuine and ongoing increase in the Customer’s business needs, Sevron will discuss in good faith an appropriate upgrade to the Subscription Plan or additional entitlements, with any change taking effect in accordance with clause 5 of the Terms. Suspension or restriction of access does not relieve the Customer of its obligation to pay the Subscription Fee in full for the Subscription Term.
11. Relationship with Other Documents
11.1 This Policy forms part of the Agreement and is to be read together with the Terms, the DPA, the Privacy Policy, and the Cookie Policy for website cookie practices. In the event of any conflict, the order of precedence in clause 12.13 of the Terms applies: (a) the DPA, in relation to data protection matters; (b) the Proposal; (c) the Terms; (d) the Privacy Policy; and (e) any other referenced documents, including this Policy. Nothing in this Policy excludes or limits any liability that cannot lawfully be excluded or limited.
12. Changes to this Policy
12.1 Sevron may amend this Policy in accordance with the variation provisions in clause 12.4 of the Terms: with immediate effect where reasonably necessary to comply with applicable law, a court order or the instruction of a public or regulatory body; and otherwise on at least 30 days’ written notice. Continued use of the Services after a change takes effect constitutes acceptance of the amended Policy, as set out in clause 12.5 of the Terms.
13. Governing Law
13.1 This Policy is governed by the laws of England and Wales and is subject to the jurisdiction provisions in clause 12.8 of the Terms.
14. Contact
14.1 Questions about this Policy, or requests for additional entitlements, should be directed to Sevron at accounts@sevron.co.uk. Data protection queries should be directed to privacy@sevron.co.uk.