Acceptable Use Policy

Version 1.0. Last updated 8 June 2026 Canonical version: https://pip.app/legal/acceptable-use Change history: https://pip.app/legal/acceptable-use/changes UK ICO registration ZC117586

This Acceptable Use Policy applies to every user of the Service, whether you use it as a consumer or for business. It sets out the categories of use that are not permitted, explains that Pip routes requests to third-party model providers whose own usage policies you must follow, and points to the enforcement, liability, and reporting provisions that apply. This Policy forms part of, and is incorporated into, the consumer Terms of Service and the Commercial Terms. Where this Policy and either of those documents address the same subject, those documents govern, and the order of precedence in section 14 applies.

1. Introduction and Scope

This Acceptable Use Policy (the "Policy") sets out the ways in which you may not use Pip, the AI chat product available at pip.app, operated by Chxrles LTD (trading as Pip Decks), a company registered in England and Wales (company number 11587388), with its registered address at Merchants House, Market Place, Stockport, England, SK1 1EU. Chxrles LTD is registered with the UK Information Commissioner's Office, registration number ZC117586. In this Policy, "we", "us", "our" and "Pip Decks" mean Chxrles LTD.

This Policy applies to every user of the Service, whether you have accepted the consumer Terms of Service or the Commercial Terms. It applies whether you access the Service yourself or through an account operated on your behalf, and it applies to all content you submit to the Service and to the use you make of Pip's replies. You must meet the minimum age requirement set out in the consumer Terms of Service to use the Service; using the Service if you do not meet that requirement is not permitted.

By using the Service you agree to comply with this Policy.

2. Definitions and interpretation

In this Policy, the following terms have the meanings given below. Where a term is also defined in the consumer Terms of Service (section 2) or in the Definitions section of the Commercial Terms, it bears the same meaning here, and if the two ever diverge the definition in the document that ranks higher under section 14 governs.

"Service" means Pip, the AI chat product available at pip.app (including the chat experience at pip.app/chat), together with the related websites, applications, and features we make available.
"Pip" means the AI chat assistant within the Service that generates replies in response to your prompts.
"consumer" means a natural person acting wholly or mainly outside that person's trade, business, craft, or profession.
"business user" and use "for business purposes" mean use by, or on behalf of, a customer under the Commercial Terms, or any use that is not consumer use. Where a provision of this Policy is expressed to apply only to consumers or only to business users, it applies accordingly.
"enabled provider" means each third-party artificial-intelligence model provider we route requests to from time to time, as identified in section 3.
"reply" or "output" means any text, content, or other material the Service generates in response to a prompt.
"processor" and "sub-processor" mean a third party that processes personal data on our behalf or on behalf of a processor we engage, as further described in the Privacy Policy.
"Regulated Data" has the meaning given in section 4.
"Documentation" means any usage guidance, help materials, or published policies we make available for the Service.
"Commercial Terms" means the commercial terms of service that apply to business users, "consumer Terms of Service" means the terms of service that apply to consumers, "Privacy Policy" means our privacy policy, and "DPA" means any Data Processing Agreement signed between you and us.

References in this Policy to sections of the consumer Terms of Service, the Commercial Terms, the Privacy Policy, or the DPA are to those sections as they may be renumbered, amended, or replaced from time to time. Where this Policy cites a provision by both name and number, the name controls if the two ever diverge, and if a cross-reference no longer matches because a document has been renumbered, the reference is to the provision that deals with the same subject matter. Where a referenced document, or a provision of it, is not in force between you and us, the cross-reference has no effect and the remainder of this Policy continues to apply.

3. Model Providers and Their Usage Policies

Pip generates its replies using third-party artificial-intelligence model providers. Requests are routed through the Vercel AI Gateway to one or more such providers. At the date of this Policy these are Anthropic, PBC (the primary provider) and OpenAI, L.L.C. (a fallback provider used when the primary provider is unavailable, for example during an outage or capacity limit). When a fallback provider serves your request, the same conversation content is processed by that provider. The full list of processors that may receive your conversation content, what each does, and where each is located, is set out in the Processors section of the Privacy Policy (Privacy Policy section 5).

In addition to the model providers above, the Service uses a memory feature that extracts and stores facts from your conversations so that Pip can recall context across your chats. These extracted facts are stored as "memories" in our own systems, in the same database that holds your conversation history, and are governed by the Privacy Policy. You can view and delete your memories at any time from the Service's settings, and deleting your account deletes them. The Privacy Policy (sections 4, 5, and 6) describes how memory data is handled, who processes it, and how long it is retained.

How we use and share the personal data in your conversations, your choices over that data, and your rights under UK and EU data-protection law and under US state privacy laws (including the California Consumer Privacy Act as amended by the California Privacy Rights Act, the CPRA) are set out in the Privacy Policy. We do not sell, and we do not share for cross-context behavioural advertising, the personal data in your conversations; the Privacy Policy explains this, the US-state-rights opt-out and sensitive-personal-information mechanisms that go with it, and the further rights that apply (see the Your Rights section of the Privacy Policy, Privacy Policy section 7).

For business users, the model provider's output intellectual-property indemnity under the Commercial Terms (Commercial Terms section 7) covers replies generated by the primary provider only. Replies generated by a fallback provider during a primary-provider outage are subject to the Customer-verification obligation in those Terms and are excluded from that indemnity. We give no warranty and accept no liability for the intellectual-property status of any reply generated by a fallback provider, and you are solely responsible for verifying such output before you use, publish, or rely on it. Your obligations under this section apply to whichever provider serves a given reply.

The replies you receive are generated by an artificial-intelligence system, not by a human. The disclosure that you are interacting with an AI system, and not a human, is given to you in the consumer Terms of Service (section 3, Service Description and AI Disclosure) and in the Privacy Policy (section 4, Conversation Data Handling), consistent with the transparency expectations of Article 50 of Regulation (EU) 2024/1689 (the EU AI Act) for AI systems that interact with natural persons. Separately, where you republish, distribute, or otherwise make available any output of the Service in a market that imposes AI-content transparency or labelling obligations (for example Article 50 of the EU AI Act), it is your responsibility to comply with those obligations, including labelling the content as AI-generated where required.

As a condition of using Pip, you agree to comply with the acceptable-use and usage policies of each enabled provider, in addition to this Policy:

Anthropic's Acceptable Use Policy (https://www.anthropic.com/legal/aup), and
OpenAI's usage policies (https://openai.com/policies/usage-policies),

together with the acceptable-use terms of any additional model provider we may enable in future, which we will identify in this Policy. Your obligations under this section apply to whichever provider serves a given reply. Anything prohibited under an enabled provider's acceptable-use or usage policy is also prohibited under this Policy.

Our model providers may operate their own automated and human trust-and-safety processes on conversation content. Those processes are outside our control and may change at any time. We do not warrant the existence, scope, operation, or outcome of any provider's review process. To our understanding, and without warranty, a provider may flag conversation content that appears to breach its policies. We treat any such flag as a strong signal that this Policy has also been breached, and we may act on it (see section 7 below).

We carry out our own automated checks on conversation content to detect and prevent misuse and abuse of the Service. Our lawful basis for this processing is our legitimate interests in protecting the Service, our users, our providers, and the public from harm and abuse, balanced against your rights, and where applicable our need to comply with our providers' terms. This legitimate-interests basis, the balancing test we carry out, and your right to object to the processing are set out in the Your Rights section of the Privacy Policy (Privacy Policy section 7); the identity of the processors involved is set out in the Processors section (Privacy Policy section 5). You can object to this processing, and read more about how we weigh our legitimate interests against your rights, as described in Privacy Policy section 7. Where an automated check could lead to an account-level decision, we do not rely on automated processing alone for that decision; a member of our team reviews the matter before any suspension or termination, and you may contest the decision as described in sections 5 and 7.

4. Prohibited Uses

You may not use the Service, or permit anyone using your account to use the Service, for any of the following.

Unlawful or harmful activity.

Anything that is unlawful in your jurisdiction, in the United Kingdom, in the European Union, or in the United States (where some of our providers are based and where some of our infrastructure is hosted).
Generating content intended to cause physical, psychological, financial, or reputational harm to a specific person or group.
Generating content that promotes self-harm, suicide, or eating disorders, or that targets vulnerable users.
Generating sexual content involving minors, non-consensual sexual content, or content that sexualises real identifiable individuals without consent.
Generating content that incites violence, hatred, or discrimination on the basis of a protected characteristic.
Generating instructions, designs, or operational uplift for weapons capable of mass casualties (chemical, biological, radiological, nuclear, or high-yield explosives) or for cyber-weapons designed to cause significant harm.
Using the Service if you do not meet the minimum age requirement in the consumer Terms of Service, or permitting anyone who does not meet that requirement to use it through your account.

Prohibited artificial-intelligence practices.

Any practice prohibited by Article 5 of Regulation (EU) 2024/1689 (the EU AI Act) where that Regulation applies to you. Without limiting that, you may not use the Service to deploy subliminal techniques, or purposefully manipulative or deceptive techniques, that materially distort a person's behaviour in a way that causes or is likely to cause that person or another person significant harm; to carry out social scoring of natural persons that leads to detrimental or unfavourable treatment; or to create or expand facial-recognition or other biometric-identification databases through the untargeted scraping of facial images or biometric data. The reference to the EU AI Act is illustrative of categories of prohibited practice and does not subject Pip Decks to the jurisdiction of any EU court or regulator.

Infringing or fraudulent activity.

Infringing the intellectual property rights, privacy rights, or publicity rights of any third party.
Defaming, harassing, stalking, or impersonating any person or organisation.
Generating content for use in fraud, phishing, social engineering, or identity-theft campaigns.
Generating content for use in disinformation, election interference, or other attempts to mislead a population about matters of public significance.

Misuse of the Service itself.

Scraping, crawling, harvesting, or systematically downloading content from the Service or from the Pip Decks card-deck library, except as permitted by an open API or in accordance with our robots.txt (https://pip.app/robots.txt).
Using automated tools (bots, scripts, headless browsers) to interact with the Service except where we have authorised such use in writing or via a published API.
Submitting prompts or sequences of prompts intended to bypass Pip's safety guardrails, to extract its system prompt, to elicit content that violates an enabled provider's acceptable-use or usage policy, or to otherwise manipulate the model into behaviour we have not authorised (commonly called "prompt injection" or "jailbreaking").
Attempting to reverse-engineer, decompile, or otherwise discover the Service's models, prompts, weights, or internal infrastructure.
Attempting to extract, reconstruct, or infer training data, model weights, or other proprietary materials of any model provider or of Pip Decks.
Sharing your account credentials with another person, or operating one account for the use of multiple people, except where you hold a multi-seat business subscription that expressly permits it.
Operating multiple accounts to circumvent rate limits, free-trial limits, or any account-level enforcement we apply under this Policy.
Interfering with, disrupting, or overloading the Service or its supporting infrastructure, including by means of denial-of-service attacks, malware, or automated traffic at a volume that materially exceeds normal human use.
Using the Service to develop, train, or improve a competing AI product or service.
Reselling, redistributing, or providing the Service to a third party as a hosted service without our prior written consent.

Misuse of conversation content.

Submitting personal data of other people without a lawful basis to do so.
Submitting Protected Health Information (under the US Health Insurance Portability and Accountability Act, HIPAA), nonpublic personal information of consumers (under the US Gramm-Leach-Bliley Act, GLBA), education records (under the US Family Educational Rights and Privacy Act, FERPA), special-category data under UK or EU data-protection law, sensitive personal information under applicable US state privacy laws (for example the CPRA), or comparable regulated or sensitive data under any other applicable law (together, "Regulated Data"). The references above to US and EU statutes are illustrative of categories of regulated data and do not subject Pip Decks to the jurisdiction of any court or regulator outside England and Wales.
Submitting content that you do not have the right to submit, or that you are under a confidentiality obligation not to disclose.

The Service is not designed to receive Regulated Data, and you should not submit it. Unless you and Pip Decks have separately signed a Data Processing Agreement that expressly covers Regulated Data (see DPA section 11A), you must not submit Regulated Data to the Service at all. The consumer Service does not include such an agreement.

If you use the Service for business purposes, you warrant that any data you submit is not Regulated Data, and the indemnity in section 6 applies to any claim arising from Regulated Data you submit in breach of this section. If you are a consumer, you should not submit Regulated Data and the consumer Service is not designed for it; we ask you to take reasonable care not to do so. Subject to section 8, we give no warranty and accept no liability in respect of Regulated Data submitted in breach of this section. Nothing in this paragraph excludes or limits any liability that cannot be excluded or limited against a consumer, and the consumer carve-outs and mandatory protections in section 8 apply to this paragraph in full.

Personal data you submit, including any submitted in breach of this section, is handled under the Privacy Policy (sections 4, 5, 6 and 7, covering conversation handling, processors, retention, and your rights). Where any of that data is extracted into a memory, it is stored in our own database and handled as described in section 3 and the Privacy Policy. We do not separately quarantine prohibited-but-submitted personal data; it is retained under the same regime as ordinary conversation data until deleted in the normal course. You may ask us to delete any data you have submitted, including any special-category or other Regulated Data submitted in breach of this section, using the rights and routes set out in the Privacy Policy (section 7).

5. Reporting Abuse and Contacting Us

If you believe another user is violating this Policy, or you have encountered content generated by Pip that is harmful, illegal, or otherwise serious, email support@pipdecks.com. Please include enough detail to allow us to investigate, including (where you can safely provide them) the affected URL, the approximate time, the user account involved if known, and a description of the issue. We aim to acknowledge a report sent to that address within five working days, and where the report concerns content or conduct that may breach this Policy, a member of our team will review it. These are target timeframes rather than binding commitments, and a particular report may take longer where it is complex or where we need further information from you.

If you wish to contest an account decision we have taken under section 7 (for example a suspension or termination), email the same address with your account details and the reason you believe the decision was wrong. We aim to acknowledge an appeal within five working days, and a member of our team will review the matter; account-affecting decisions are not taken by automated means alone (see section 3).

If you are a consumer and we are unable to resolve a complaint between us, you may be able to use an out-of-court dispute resolution route. The complaints procedure, including any alternative dispute resolution body we use and (for EU and EEA consumers) the route to a national out-of-court redress entity, is set out in the consumer Terms of Service (the Complaints section, consumer Terms of Service section 20). You can also, for data-protection complaints, contact the regulator named below.

For data-protection matters, including subject-access requests and complaints about how we handle personal data, our data-protection contact is support@pipdecks.com, and the full procedure is set out in Privacy Policy section 7. How we use and share the personal data in your conversations, and your rights under UK and EU data-protection law and under US state privacy laws (including the CPRA), are set out in the Privacy Policy. You also have the right to complain to the Information Commissioner's Office, the UK supervisory authority for data protection, at https://ico.org.uk, or to your local supervisory authority if you are in the EU or EEA. For security vulnerabilities, email security@pipdecks.com or see Privacy Policy section 11.

Formal legal notices to us must be sent to Chxrles LTD, Merchants House, Market Place, Stockport, England, SK1 1EU, marked for the attention of the company secretary, and may additionally be sent to support@pipdecks.com. We will give you any notice relating to a decision under this Policy by email to the address registered to your account, or in the Service.

6. Indemnity (business users)

This section applies only where you use the Service for business purposes (that is, you are, or are using the Service on behalf of, a customer under the Commercial Terms). If you are a consumer, this section does not apply to you. A consumer's liability to us is limited to that which arises under the general law, and nothing in this section affects the statutory rights of a consumer that cannot be excluded or limited by agreement.

Where this section applies, you will defend, indemnify, and hold harmless Chxrles LTD and its officers, employees, and agents, and the processors and sub-processors we engage in connection with the Service, against all claims, demands, proceedings, damages, losses, liabilities, fines, penalties, and reasonable legal and other professional costs arising out of or in connection with:

your breach of this Policy;
any content you submit to the Service;
your use of, or reliance on, any reply generated by the Service;
your violation of any law or of any third-party right, including intellectual property, privacy, publicity, and confidentiality rights; and
any Regulated Data you submit in breach of section 4.

We will notify you of any claim to which this indemnity applies, allow you to control its defence and settlement (provided any settlement that imposes a non-monetary obligation on us, or that does not fully release us, requires our prior written consent), and give you reasonable cooperation at your expense. This section survives termination of your account and of any agreement between you and us. This indemnity does not apply to the extent that the liability in question arises from our own fraud, or from our gross negligence or wilful misconduct, and nothing in this section requires you to indemnify us against liability that cannot lawfully be shifted to you.

7. Enforcement

Where we reasonably believe this Policy has been breached, we may take one or more of the following actions. These actions are taken in line with the suspension and termination provisions of the consumer Terms of Service (the Termination section, consumer Terms of Service section 22) and of the Commercial Terms (the Suspension and Termination section, Commercial Terms section 10):

issue a warning;
refuse to generate a particular reply, or filter a class of prompts;
remove or restrict access to specific content;
impose a temporary rate limit or feature-level suspension;
suspend the affected account;
terminate the account and any associated subscription;
report the matter to law enforcement, regulators, or to a model provider, where we are required to do so or where we reasonably consider it necessary (such disclosures are made on the lawful bases set out in the Privacy Policy, sections 3 and 7, and using the international-transfer safeguards set out in the Privacy Policy, section 8, with the processor identities set out in section 5);
take any further legal remedy available to us, including (in cases of harm to third parties) cooperation with the affected party.

We may, in our sole discretion, use any one or more of these measures, in any order, and we are not obliged to apply a lesser measure before a greater one, or to give notice or an opportunity to cure, before acting. We generally aim to use a proportionate response and, where it is reasonable and safe to do so, to give you notice of a suspension or termination and the reason for it, together with an opportunity to address a curable breach before we escalate. These are statements of our general approach, not binding commitments, and we may depart from them in any case.

In particular, we are not obliged to give prior notice or an opportunity to cure where, in our reasonable opinion, the breach exposes us or a third party to legal, regulatory, intellectual-property, reputational, financial, safety, or security risk, where there is a credible threat to a person, an active security incident, or a legal order requiring us to act, or where prior notice would be impractical or would frustrate the purpose of the action.

Where we terminate a consumer's paid subscription under this section other than for the consumer's serious or repeated breach, we will refund any prepaid fees covering the period after termination, in line with the Cancellation and Refunds section of the consumer Terms of Service (consumer Terms of Service section 9). Where a consumer's paid subscription is terminated for an alleged breach (including breach of the trial-abuse or multiple-account rules in section 4), we will still refund prepaid fees for the unused period unless and until the breach is established and is serious or repeated, and the human-review and contest routes in section 5 apply before any refund is withheld. This does not limit your statutory rights.

For business users, termination for breach does not entitle you to any refund of prepaid fees, and the treatment of fees on termination is governed by the Commercial Terms (the Suspension and Termination section, Commercial Terms section 10).

We are not liable to you or to any third party for any suspension, restriction, or termination of access taken under this section, save to the extent set out in the carve-outs in section 8 and save for any refund due to a consumer under this section. A member of our team will review any account-affecting decision before it takes effect, and you may contest a decision as described in section 5.

8. Limitation of Liability and No Warranty

This section applies to this Policy and to your use of the Service under it, and is subject to the mandatory carve-outs at the end of this section.

No warranty. The Service, and every reply generated by Pip, are provided "as is" and "as available". To the fullest extent permitted by law, we give no warranty, representation, condition, or other term of any kind, whether express or implied, including any implied term as to satisfactory quality, merchantability, fitness for a particular purpose, accuracy, completeness, reliability, or non-infringement, in respect of the Service or of any AI-generated output, whether that output is generated by the primary provider or by a fallback provider. Replies are generated by automated systems, may be inaccurate, incomplete, or unsuitable for your purpose, and are not professional advice. You are responsible for evaluating and verifying any reply before relying on or acting on it.

If you are a consumer, the exclusion above does not affect the statutory protections you have under the Consumer Rights Act 2015, including that any paid service is performed with reasonable care and skill and matches any description we give of it. Those protections cannot be excluded or limited. The disclaimers in this section apply to the fullest extent permitted by law and, for consumers, only to the extent the law allows.

No service-level guarantee. The Service, including model availability and the generation of replies, is provided without any guarantee of uptime, continuity, or throughput. Access may be rate-limited, degraded, suspended, or interrupted, including because of the limits, throttling, or outages of third-party providers, without liability to you. This Policy does not create any service level. Any availability commitment, and any relief for events beyond our reasonable control (force majeure), is governed by the consumer Terms of Service (the Service Availability and Force Majeure sections, consumer Terms of Service sections 16 and 17) and the Commercial Terms (the Service Availability and Force Majeure sections, Commercial Terms sections 11 and 12), which apply to this Policy. In any event, and whether or not any of those provisions is in force between you and us, we are not liable to you for any failure or delay in performance, or for any unavailability of the Service, caused by an event beyond our reasonable control, including the limits, throttling, or outages of third-party providers.

No liability for user content or reliance. We are not liable for any content you or any other user submits to the Service, nor for how you or any other user relies on, uses, or acts on any reply.

Excluded losses. To the fullest extent permitted by law, we are not liable, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, for any indirect, incidental, consequential, special, exemplary, or punitive loss, or for any loss of profit, revenue, business, goodwill, anticipated savings, or data, in each case arising out of or in connection with this Policy or your use of the Service. For consumers, this exclusion applies only to losses that were not reasonably foreseeable to both you and us when you began using the Service, and does not affect your statutory rights. For consumers, nothing in this paragraph excludes or limits our liability for loss or damage that results from our failure to perform the Service with reasonable care and skill (Consumer Rights Act 2015 section 49) or that otherwise cannot be excluded or limited against a consumer; the exclusion of liability for loss of data in this paragraph is therefore subordinate to those rights for consumers and applies in full only to business users.

Cap on liability. If you are a consumer, this cap does not cut down any refund or compensation you are entitled to by law. Subject to the mandatory carve-outs below, our total aggregate liability arising out of or in connection with this Policy and your use of the Service is the cap set out in the Terms that apply to you: for consumers, the Limitation of Liability section of the consumer Terms of Service (consumer Terms of Service section 15), and for business users, the Limitation of Liability section of the Commercial Terms (Commercial Terms section 8). This Policy sets no separate or lower cap of its own. Where this Policy and the applicable Terms are read together, the cap in the applicable Terms governs, and this Policy never tightens the consumer cap below what the consumer Terms of Service and statute allow. In any event, and to the extent no such cap in the applicable Terms is in force between you and us or is held not to apply, our total aggregate liability arising out of or in connection with this Policy and your use of the Service is limited to the greater of the fees you paid to us in the twelve months before the event giving rise to the claim and one hundred pounds sterling (GBP 100). This cap does not apply to a consumer to the extent it would limit any remedy you have under the Consumer Rights Act 2015 or other mandatory consumer law; for a consumer, the cap applies only to losses for which liability may lawfully be capped.

Mandatory carve-outs. Nothing in this Policy or this section excludes or limits our liability for death or personal injury caused by our negligence, for fraud or fraudulent misrepresentation, or for any other liability that cannot lawfully be excluded or limited under the law of England and Wales. Nothing in this Policy affects the statutory rights of a consumer that cannot be excluded or limited by agreement.

9. Governing Law and Jurisdiction

This Policy, and any dispute or claim (including any non-contractual dispute or claim) arising out of or in connection with it or its subject matter, is governed by and construed in accordance with the law of England and Wales.

If you are a business user, you and we submit to the exclusive jurisdiction of the courts of England and Wales.

If you are a consumer, you may bring legal proceedings in respect of this Policy either in the courts of England and Wales or in the courts of the country where you live, and we will bring legal proceedings against you only in the courts of the country where you live. Nothing in this Policy deprives you, where you are a consumer, of the protection of the mandatory consumer-protection rules, and the mandatory law of consumer contracts, of your country of residence. For a consumer resident in the EU or EEA, Article 6 of the Rome I Regulation preserves the mandatory law of your country of habitual residence, and you keep that substantive protection as well as the right to bring or defend proceedings in the courts of that country. The same applies to a consumer in the United Kingdom, Switzerland, or any other country whose mandatory consumer-protection law applies to you and cannot be excluded by agreement.

Nothing in this section prevents us from applying for injunctive or other urgent equitable relief in any court of competent jurisdiction to protect our rights, our users, our providers, or third parties from imminent or actual harm, including where conduct breaches section 4. Applying for such protective relief is a procedural step and does not displace the substantive mandatory consumer protections preserved above.

The references in section 4 to US and EU statutes are illustrative of categories of Regulated Data, and the reference in section 4 to the EU AI Act is illustrative of categories of prohibited practice; neither subjects us to the jurisdiction of any court or regulator outside England and Wales. This clause operates alongside, and does not displace, the governing-law and jurisdiction provisions of the consumer Terms of Service and the Commercial Terms, which govern in the event of any conflict.

10. EU Representative

For the purposes of Article 27 of the EU General Data Protection Regulation, we are required to designate a representative in the European Union for data-protection matters concerning users in the EU and EEA. We have appointed our EU Article 27 representative. You can contact our representative about your personal data via privacy@pipdecks.com. We will publish our representative's full contact details here once the appointment is finalised. EU and EEA users may also contact us directly, and may exercise all of the rights described in the Privacy Policy, through the contact routes in section 5, and may complain to their local supervisory authority as described in section 5.

11. Third-Party Rights

The persons named as beneficiaries of the indemnity in section 6 (our officers, employees, and agents, and the processors and sub-processors we engage in connection with the Service), and any model provider, processor, or sub-processor we engage in connection with the Service and refer to in sections 3, 7, and 8, may enforce the benefit conferred on them by the relevant provision of this Policy under the Contracts (Rights of Third Parties) Act 1999. Except as set out in the preceding sentence, a person who is not a party to this Policy has no right under that Act to enforce any of its terms. Chxrles LTD and the user may vary, suspend, waive, or rescind this Policy, or any provision of it, without the consent of any such third party. This section is consistent with the third-party-rights provisions of the consumer Terms of Service and the Commercial Terms, which govern in the event of any conflict.

12. Assignment

You may not assign, transfer, charge, sub-contract, or otherwise deal with any of your rights or obligations under this Policy without our prior written consent. We may assign, transfer, novate, charge, or sub-contract any of our rights or obligations under this Policy to an affiliate or to a successor in connection with a reorganisation, merger, acquisition, or sale of all or part of our business or assets, provided that doing so does not reduce the protections you have as a consumer under any mandatory law that applies to you.

13. Severability and No Waiver

If any provision of this Policy is held to be invalid, illegal, or unenforceable by any court or regulator of competent jurisdiction, that provision is to be read down to the minimum extent necessary to make it valid and enforceable, or, if that is not possible, severed from this Policy; in either case the remaining provisions continue in full force and effect.

No failure or delay by us in exercising any right or remedy under this Policy operates as a waiver of that right or remedy, and no single or partial exercise of any right or remedy prevents any further exercise of it or the exercise of any other right or remedy. A waiver by us of any breach is effective only if given in writing and does not waive any later breach.

14. Entire Agreement and Precedence

This Policy, together with the consumer Terms of Service or the Commercial Terms (as applicable to you), the Privacy Policy, and (where signed) the Data Processing Agreement, forms the entire agreement between you and us in relation to your use of the Service, and supersedes any prior agreement, arrangement, representation, or understanding on the same subject. Nothing in this section limits or excludes any liability for fraud or fraudulent misrepresentation, or any statutory right of a consumer that cannot be excluded.

Where there is a conflict between the documents that form the agreement, the following order of precedence applies, with the document listed first prevailing to the extent of the conflict:

any signed Data Processing Agreement or signed Commercial Terms (including any order form or statement of work under them);
the consumer Terms of Service (for consumer use);
this Acceptable Use Policy;
the Privacy Policy.

This order of precedence does not reduce any protection a consumer has under mandatory law, and the consumer Terms of Service govern over this Policy on any matter of consumer protection.

15. Notices and Contact

Our company details, registered address for formal notices, data-protection contact, abuse-reporting and account-appeal routes, security-disclosure address, and the route for complaints to the Information Commissioner's Office are set out in section 5. The data-protection contact is support@pipdecks.com, and data-protection matters are dealt with under the Privacy Policy (section 7).

16. Changes to this Policy

We may update this Policy from time to time to reflect changes in the Service, in our providers' or processors' policies, in the law, or in regulator guidance.

For minor or clarifying changes, we will post the updated Policy at https://pip.app/legal/acceptable-use with a new version number and "Last updated" date, and the change takes effect from that date.

For material changes, including any change that expands the prohibited uses in section 4 or reduces your rights under this Policy, we will give you notice before the change takes effect, by email to the address registered to your account or by an in-product notice, and we will also notify any related data-processing changes in line with the Privacy Policy (section 12). We will give reasonable notice of the effective date of a material change. If you continue to use the Service on or after the effective date of a material change, you accept the updated Policy. If you do not accept a material change, you may stop using the Service before the effective date, and (if you are a consumer) you may cancel under the Cancellation and Refunds section of the consumer Terms of Service (consumer Terms of Service section 9). Nothing in this section affects any statutory right you have to cancel or to a refund.

The current version and its effective date are shown at the top of this Policy, and earlier versions are available through the change history linked there, so you can always identify which version governs at a given time.

Annex A. Sub-processors

The processors below process personal data on our behalf in connection with the Service. We put an Article 28 data-processing agreement in place with each processor that handles personal data on our behalf before it begins processing, and we require each processor to apply appropriate technical and organisational safeguards. Where a processor is hosted in the UK or EEA, no Chapter V transfer arises. For transfers to the United States, the mechanism depends on the recipient: where the recipient is certified under the EU-US Data Privacy Framework and its UK Extension, that Framework is the transfer basis, with the EU Standard Contractual Clauses and the UK International Data Transfer Agreement (IDTA) as a backstop; where the recipient is not Framework-certified (currently our AI model providers, Anthropic and OpenAI), we rely on the EU Standard Contractual Clauses and the UK IDTA, supported by a transfer impact assessment. International transfers are made under the safeguards described in the Privacy Policy (section 8). The current, authoritative list, with locations and transfer mechanisms, is maintained in the Processors section of the Privacy Policy (section 5); the summary below is provided for convenience and the Privacy Policy governs in the event of any difference.

Sub-processor	Role	Personal data processed	Transfer mechanism
Anthropic, PBC	Primary AI model provider (generates replies)	Conversation content	SCCs + UK IDTA (not DPF-certified)
OpenAI, L.L.C.	Fallback AI model provider, used during a primary-provider outage	Conversation content (only when serving a fallback request)	SCCs + UK IDTA (not DPF-certified)
Clerk, Inc.	Authentication (email one-time code; no social sign-in)	Email address and sign-in data	EU-US Data Privacy Framework + UK Extension (SCCs/IDTA as backstop)
Neon, Inc.	Primary database (account data and conversation history)	Account data and conversation content	EU-US Data Privacy Framework + UK Extension (certified via parent Databricks, Inc.; SCCs/IDTA as backstop)
Vercel Inc.	Application hosting and storage of account data-export archives	All application data; subject-access export bundles	EU-US Data Privacy Framework + UK Extension (SCCs/IDTA as backstop)
Upstash, Inc.	Rate-limiting and transient stream-recovery cache	Transient request counters and in-flight message fragments	EU-US Data Privacy Framework + UK Extension (SCCs/IDTA as backstop)
Stripe, Inc.	Payments	Email address and billing data (card data held by Stripe)	EU-US Data Privacy Framework + UK Extension (SCCs/IDTA as backstop)
PostHog, Inc.	Product analytics, session replay, and AI-usage metadata (no conversation text)	Usage events, device data, AI-generation metadata	EU-hosted (Frankfurt), no Chapter V transfer; PostHog Inc DPF-certified for any onward US access
Resend (Plus Five Five, Inc.)	Transactional email	Email address	EU-US Data Privacy Framework + UK Extension (SCCs/IDTA as backstop)
Klaviyo, Inc.	Marketing email (consent-gated)	Email address and name	EU-US Data Privacy Framework + UK Extension (SCCs/IDTA as backstop)
Google LLC (Firebase, legacy)	Legacy onboarding and customer-data-platform record reads only (read-only; not used for chat, authentication, or account data)	Legacy customer records	EU-US Data Privacy Framework + UK Extension (SCCs/IDTA as backstop)

We may add, remove, or replace a sub-processor from time to time, and we will reflect any change in the Privacy Policy (section 5) and, where required, give notice in line with section 16 and the Privacy Policy (section 12).