Elf Works Pty Ltd – Acceptable Use Policy (AUP)
Last Updated: 1 November 2025
This Acceptable Use Policy ("AUP") supplements the Elf Works Terms and Conditions ("T&Cs") and the Privacy Policy.
Capitalised terms used but not defined here have the meaning given in the T&Cs, AI Product Terms, or Privacy Policy. In the event of any direct conflict, the order of precedence in the T&Cs shall apply .
By using the Service, you and your Authorised Users agree to comply with this AUP.

1. Core Responsibilities
You must, and must ensure your Authorised Users:
• Use the Service lawfully and in accordance with your professional obligations.
• Keep all account credentials secure and confidential.
• Respect the rights of others, including confidentiality, intellectual property, and privacy rights.
• Comply with the "human-in-the-loop" and verification requirements in the AI Product Terms before relying on any AI-generated Output.

2. Prohibited Conduct
You and your Authorised Users may not use the Service to:
A. Compromise Security or Integrity
• Access, probe, or disrupt any account, system, or network without permission.
• Circumvent or attempt to bypass security controls, usage limits, or content safeguards (including "jailbreaking" or "prompt injection").
• Upload or transmit any virus, worm, or other malicious code.
B. Engage in Abuse or Harm
• Generate or disseminate content that is unlawful, defamatory, harassing, hateful, threatening, exploitative, or that incites violence.
C. Discriminate
• Discriminate against others, or incite or promote discrimination, hostility, or violence, based on race, religion, sex, sexual orientation, age, disability, ancestry, national origin, or any other protected basis.
D. Violate Privacy or Confidentiality
• Upload, process, or submit Personal Information without a lawful basis (and, where required, valid consent).
• Include government-related identifiers (e.g., TFNs) or Sensitive Information unless strictly necessary, proportionate to the task, and lawfully permitted.
• Breach any professional duty of confidentiality you owe to your clients or other third parties.
E. Infringe Legal Rights
• Infringe or misappropriate the intellectual property, privacy, or publicity rights of any third party.
F. Breach Professional or Regulated Use Standards
• Provide medical, legal, financial, or tax advice based solely on Outputs without appropriate human review and verification by a qualified professional.
• Deploy fully automated decisions that produce legal or similarly significant effects on individuals (e.g., decisions affecting access to services, credit, employment, or legal rights) without the required human review.
• Commit, promote, or facilitate any unlawful activity, including fraud, money laundering, or sanctions evasion.
G. Misuse the Service
• Resell, sublicense, or otherwise provide the Service to any third party, except as expressly permitted by the T&Cs.
• Benchmark or publish comparative performance tests of the Service in a misleading manner, in breach of confidentiality, or contrary to the T&Cs.
• Use automated means to extract large volumes of data (scraping) except via our documented APIs or with our written consent, or in a way that disrupts the Service or circumvents rate limits.

3. Fair Use and Usage Limits
You must respect all rate limits, credit quotas, and model-specific caps displayed within the Service or set out in your Subscription under the T&Cs. You must not attempt to evade these quotas (e.g., by creating multiple accounts).

4. Accounting & Tax Workflow Examples
To provide clear guidance, this section outlines examples of acceptable and unacceptable use for a professional accounting practice.
Allowed Examples (Human-in-the-Loop):
• Research: Generating a first-pass summary of ATO guidance for an internal memo, which a practitioner then reviews and verifies before using it as the basis for client advice.
• Classification: Submitting expense line items to an AI Feature to suggest tax categories, followed by human verification from a qualified staff member.
• Data Extraction: Uploading a client-provided PDF to extract key data points (e.g., ABNs, dates, amounts) for reconciliation, followed by a human check for accuracy.
• Drafting: Generating a draft checklist for year-end workpapers, which is then reviewed, adapted, and signed off by a manager.
Not Allowed Examples (Prohibited Conduct):
• No Verification: Automatically issuing a client advice letter or lodging a form based on an AI Output without a qualified practitioner first reviewing and verifying the content [Breach of 2(F)].
• Unnecessary Data: Uploading a full client register, including all TFNs and driver's licence scans, when not strictly necessary for the specific task [Breach of 2(D)].
• Deception: Using AI Features to fabricate payslips, ASIC extracts, or invoices to "test" a client's response or for any deceptive purpose [Breach of 2(B) & 2(F)].
• Publishing as Final: Publishing an AI-generated analysis of a complex tax ruling as your firm's final position without practitioner review and sign-off [Breach of 2(F)].
5. Monitoring and Enforcement
We may use automated safety systems to detect suspected breaches of this AUP, as described in the Privacy Policy and consistent with applicable law. If we reasonably believe a violation has occurred, we may rate-limit, suspend, or terminate access to the Service in accordance with the T&Cs .
6. Reporting Violations
If you become aware of any violation of this AUP, please contact us at legal@elfworks.ai.
7. Changes to this AUP
We may modify this AUP from time to time. Any changes will be notified and will take effect in accordance with the change process set out in the T&Cs .