Acceptable Use Policy

1. Overview

LegalsOne provides a hosted legal operations platform to law firms. The integrity and security of that platform — and the trust of every firm that relies on it — depends on responsible use. This Acceptable Use Policy ("AUP") supplements the Terms of Service and applies to all customers, authorized users, administrators, and any party accessing LegalsOne services. Violation of this AUP is grounds for immediate suspension or termination.

2. Permitted Use

The LegalsOne platform is intended for the following purposes:

• Managing legal matters, cases, clients, documents, and firm operations on behalf of a licensed law firm or legal services organization;
• Storing, organizing, and processing documents and data lawfully within a firm's scope of practice;
• Communicating with clients and firm staff through authorized integrations (Microsoft 365, Zoom, etc.);
• Automating legal workflows and generating reports for internal firm use;
• Using accounting and HR tools for internal operations;
• Accessing the platform through authorized integrations and official API endpoints.

3. Prohibited Activities

3.1 Illegal and Harmful Activities

• Using the Platform to engage in, facilitate, or conceal any activity that violates applicable federal, state, or local law;
• Storing or processing content that infringes intellectual property rights, including copyright, patent, or trademark;
• Engaging in fraud, money laundering, or financial crime;
• Transmitting, storing, or distributing child sexual abuse material (CSAM) or any content that sexually exploits minors;
• Engaging in activities that violate privacy rights, including unauthorized collection or disclosure of personal information.

3.2 Platform Abuse

• Attempting to gain unauthorized access to any account, system, or data outside your permitted scope;
• Probing, scanning, or testing the vulnerability of any LegalsOne system without prior written authorization;
• Introducing malware, ransomware, spyware, trojans, or any other malicious code;
• Engaging in denial-of-service attacks or any activity that deliberately impairs platform performance;
• Reverse engineering, decompiling, or disassembling any portion of the Platform;
• Automated scraping, harvesting, or data extraction outside authorized API or export features;
• Creating accounts, content, or workflows whose purpose is to stress-test or abuse the Platform infrastructure.

3.3 Unauthorized Access and Resale

• Sharing login credentials with individuals who are not authorized users of the subscribing firm;
• Reselling, licensing, sublicensing, or otherwise providing Platform access to third parties;
• Using the Platform to build, train, or power a competing product or service;
• Using automated bots or scripts to access the Platform in ways not expressly permitted by LegalsOne.

3.4 Cryptocurrency and Resource Misuse

• Mining cryptocurrency or engaging in any computationally intensive process unrelated to the firm's legal operations;
• Hosting general-purpose websites, file storage for non-firm content, or any service unrelated to the firm's legal work;
• Generating artificial load far outside normal legal operations use. See our Fair Use Policy for resource guidelines.

3.5 Harmful Content

• Uploading or transmitting content that is defamatory, harassing, obscene, or threatening;
• Engaging in discriminatory conduct based on protected characteristics;
• Publishing false or misleading information about any individual or entity.

4. Content Standards

All content uploaded to or generated within the Platform must relate to the subscribing firm's legal operations. Content must not violate applicable law or third-party rights. Customer retains responsibility for ensuring that all client data uploaded to their environment has been lawfully obtained and that they have authority to process it on the LegalsOne Platform.

LegalsOne does not actively monitor the content of customer environments. However, where LegalsOne becomes aware of content that violates this AUP or applicable law, LegalsOne reserves the right to review, restrict, or remove such content and, where required, report it to authorities.

5. Security Obligations

Customers and their users are responsible for:

• Using strong, unique passwords and enabling multi-factor authentication where available;
• Promptly revoking access for any user who leaves the firm or changes roles;
• Not circumventing LegalsOne's security controls, including RBAC configurations;
• Reporting any suspected security incidents to security@legalsone.com without undue delay.

6. Professional Conduct

Law firm customers are responsible for ensuring their use of the Platform complies with applicable rules of professional conduct, bar regulations, and ethics obligations in every jurisdiction where they practice. LegalsOne does not provide legal ethics advice. Firms should consult their state bar or bar counsel regarding questions about technology compliance and confidentiality obligations.

7. Enforcement

LegalsOne reserves the right, at its sole discretion, to:

• Issue a warning for minor first violations;
• Suspend access to the Platform immediately for serious or repeated violations without prior notice;
• Terminate the subscription for material or repeated violations;
• Report suspected illegal activity to law enforcement; and
• Seek injunctive relief or other equitable remedies without the posting of a bond.

Where a violation is curable, LegalsOne will provide written notice and a reasonable opportunity (typically 10 business days) to cure before termination, unless the nature of the violation poses an immediate risk to others or to platform integrity.

8. Reporting Violations

If you become aware of a potential AUP violation — including by another user of your own firm's environment — please report it to security@legalsone.com. We take all reports seriously. Reports may be submitted anonymously where applicable law permits.

For suspected security vulnerabilities, see our Vulnerability Disclosure Policy.

9. Contact

Questions about this policy: legal@legalsone.com