CEARTscore Acceptable Use Policy Effective as of January 16, 2026 1. Overview and Objective CEARTscore’s goal is to help you and your team optimize your performance, do your best work, and succeed. In order to do so, we must ensure that our services run smoothly, rapidly, and without distraction. For this to happen, we need help from you, our users: You must not misuse or abuse our services. To explain exactly what we mean by “misuse” or “abuse” – and help us identify such transgressions and react accordingly – we’ve created this Acceptable Use Policy (“Policy”). Under this Policy, we reserve the right to take action if we see objectionable content that is inconsistent with the spirit of this Policy, even if it’s not something that is forbidden by the letter of this Policy. 2. Scope This Policy applies to the use of, or access to, any services offered by CEARTscore LLC or its affiliates (collectively, “CEART”, “we”, “us”, or “our”), where “services” refers to all websites owned or operated by CEART, and any related websites, sub-domains and webpages, as well as any cloud services provided or made available by CEART. Any person or entity (where “entity” includes any joint venture, general partnership, limited partnership, limited liability company, corporation, or other incorporated or unincorporated entity) that uses or otherwise accesses the services (which such person or entity may be referred to in this Policy as “you” or “user”): (i) agrees to and accepts the terms of this Policy; and (ii) shall be bound by and subject to the terms of this Policy. 3. Changes to Policy CEART may make changes to this Policy by posting an updated version of the Policy on its website, and such updated version shall be effective upon posting. 4. Content As used in this Policy, the term “content” means: (i) any information, data, text, software, code, scripts, music, audio, sound, images, graphics, videos, recordings, messages, tags, interactive features, or other materials that a user creates, posts, uploads, shares, submits, or otherwise provides in any manner to the services; and (ii) any other materials, content, or data a user provides to CEART or uses with the services. “Content” also includes submissions by other persons or entities that a user has authorized or facilitated to use the services. 5. Prohibited Actions Users may not use a service to, or allow any third party to use a service, in any of the following ways: A. Disruptive Activities 1. Compromising the security or operation of CEART’s systems or the systems or networks that host or support the services. This could include probing, scanning, or testing the vulnerability of any system or network that hosts our services. This prohibition does not apply to security assessments expressly permitted in writing by CEART. 2. Tampering with, reverse-engineering, or hacking our services, circumventing any security or authentication measures, or attempting to gain unauthorized access to the services, related systems, networks, or data. 3. Modifying, disabling, or compromising the integrity or performance of the services or related systems, network, or data. 4. Deciphering any transmissions to or from the servers running the services. 5. Overwhelming or attempting to overwhelm our infrastructure by imposing an unreasonably large load on our systems which excessively consumes resources (CPUs, memory, disk space, bandwidth, etc.), such as: a. Using “robots,” “spiders,” “offline readers,” or other automated systems to send more request messages to our servers than a human could reasonably send in the same period of time by using a normal browser. b. Going beyond the use parameters applicable to a given service. c. Consuming an unreasonable amount of storage for content in a way that’s unrelated to the purposes for which the services were designed. B. Wrongful Activities 1. Misrepresentation of a user, or disguising the origin of any content (including by “spoofing”, “phishing”, manipulating headers or other identifiers, impersonating anyone else, or falsely implying any sponsorship or association with CEART or any third party). 2. Using the services to violate the privacy of others, including publishing or posting a person’s private or confidential information without such person’s express permission, collecting or gathering other people’s personal information (including account names or information) from our services, or inferring characteristics or personal information (including sensitive information) about other people using our services. 3. Using our services to stalk, track, or monitor others or harass, bully, intimidate, or post direct, specific threats or acts of violence (including terrorism) against others. 4. Using the services in furtherance of any illegal purpose, or in violation of any laws (including without limitation data, privacy, and export control laws). 5. Accessing or searching any part of the services by any means other than our publicly supported interfaces (for example, “scraping”). 6. Using meta tags or any other “hidden text” including CEART’s or our suppliers’ or service providers’ product names or trademarks. 7. Using the services for the purpose of providing alerts on disaster scenarios or any other situations directly related to health or safety, including but not limited to acts of terrorism, natural disasters, or emergency response. 8. Using the services to engage in, promote or facilitate practices or behaviors that could lead to discriminatory, unfair or harmful treatment of individuals or groups of people, particularly on the basis of sensitive or protected attributes or characteristics. C. Inappropriate Communications 1. Using the services to generate or send chain letters or spam. 2. Soliciting our users for commercial purposes, unless expressly permitted in writing by CEART. 3. Disparaging CEART or our partners, vendors, service providers, or affiliates. 4. Promoting or advertising products or services other than your own without appropriate authorization. D. Inappropriate Content 1. Posting, uploading, sharing, submitting, or otherwise using the services to generate, facilitate, promote, or provide content that: a. Violates or infringes CEART’s or a third party’s intellectual property or other rights, including any copyright, trademark, patent, trade secret, moral rights, privacy rights of publicity, or any other intellectual property right or proprietary or contractual right, or where we receive notice of alleged violation or infringement. b. User does not have the right to submit. c. Is false, misleading, deceptive, fraudulent, illegal, obscene, defamatory, libelous, threatening, harmful, sexually explicit (including child sexual abuse or exploitation material, which we will remove and report to law enforcement and the National Center for Missing and Exploited Children), indecent, harassing, or hateful. d. Depicts or encourages serious harm or any form of violent, illegal, terrorist, tortious, fraudulent, malicious, or dangerous conduct. e. Attacks or discriminates against others based on their race, ethnicity, national origin, religion, sex, gender, sexual orientation, disability, medical condition, or other similar status. f. Contains viruses, bots, worms, scripting exploits, or other similar materials. g. Is intended to be inflammatory. h. Could otherwise cause injury, damage, death, or credible risk of harm to CEART, the services, its users, or any third party. i. Has previously been removed for violating this Policy. 6. Artificial Intelligence Services, Features, and Offerings A. Artificial technology will continue to be used in new and innovative ways. Users are responsible for determining if their use of these technologies is safe. B. CEART expressly prohibits the use of any of our artificial intelligence services, features, or offerings (collectively, “AI Services”) for the following purposes: 1. To seek or provide advice that would ordinarily be provided by a qualified or licensed professional, including legal, financial or other professional advice of any kind. 2. To make automated decisions with legal or similarly significant effects, including in any domains that may affect an individual’s rights, safety, or well-being (for example, in the domains of finance, credit, insurance, employment, housing, education, essential services, law or law enforcement, migration, management of critical infrastructure, judicial proceedings or social scoring). 3. To engage in activities classified as prohibited or high-risk use under the laws of the jurisdiction(s) that apply to your use and any output you generate, including, for example, (i) to infer the emotions of an individual in workplace and other settings, (ii) to deduce or infer sensitive attributes of individuals (for example, race or political opinions), or (iii) to evaluate or classify individuals based on their social behavior or personal characteristics in a way that leads to detrimental or unfavorable treatment. 4. To engage in political campaigning or lobbying, including generating campaign materials to influence a political process, or to interfere with participation in electoral, democratic or civic processes. 5. To mislead individuals into believing that they are communicating with a human when they are not, or claim that content generated through our AI Services was generated by a human. C. When using CEART’s AI Services, we deem it a violation of this Policy if you use such AI Services to: 1. Seek to override or circumvent the technical or safety measures designed to safeguard our services, including, for example, by using techniques such as prompt injection and jailbreaking, or intentionally prompt our services to act in a manner that violates this policy. 2. Depict or impersonate any other individual or organization without their consent, authorization, or legal right to do so. 3. Engage in, generate, or promote disinformation, misinformation, false online engagement (such as fake reviews), or plagiarism. 4. Engage in any inappropriate chat with our AI Services. 7. Violations A. CEART reserves the right to interpret this Policy and take (or refrain from taking) action in its sole discretion. Without affecting any other remedies available to us, CEART may permanently or temporarily remove or disable access to unacceptable content or terminate or suspend a user’s account or access to the services, without notice or liability if CEART, in its discretion, determines that a user has violated this Policy. You agree to cooperate with us as reasonable to investigate and remedy any violation. B. A violation of this Policy shall constitute a breach of any agreement governing the user’s use of the services. 8. Disclaimer While CEART endeavors to ensure that its services provide accurate and up-to-date information, CEART cannot guarantee the accuracy of such information given, for example, that such services may utilize artificial intelligence (“AI”) and AI-generated content may be inaccurate, incomplete, misleading, or outdated. The information provided by CEART’s services, e.g., any scoring or rating metrics, evaluations, assessments of viability, analyses, reports, or other output, is for general, informational purposes only and does not constitute professional advice, including, without limitation, legal, financial, or technical advice. Users must not rely on such output for decision-making purposes. Instead, users must independently verify all such information prior to acting, or otherwise relying, upon it. A user’s use of CEART’s services constitutes its acceptance and agreement that CEART shall not be liable for any errors, omissions, or damages resulting from its reliance on the CEART services and CEART disclaims any and all such liability. A user shall not rely upon CEART’s services or any outputs provided or derived therefrom in taking any action or refraining from taking any action. Users voluntarily and freely assume all risks associated with their reliance on such outputs, including any resulting financial loss, legal complications, or otherwise.