Acceptable Use Policy

What this policy is for. Luceria is an AI workflow coach for the move from education into work. It includes a public scam/risk checker, a signed-in product (CV Studio, AI Coach, Mock Interview, Interview Prep, the Application Tracker, suitability/fit checks and more), the Luceria Link community, and Luceria Lens (a Pro Plus browser extension). This AUP sets the ground rules for all of it.

Who it applies to. This policy applies to:

• everyone who uses the public scam/risk checker (you don't need an account for that); and
• everyone with a Luceria account, on any tier (Free, Pro or Pro Plus).

Your responsibility. You're responsible for everything done through your account and for anything you submit, paste, upload, post or generate using the service. If you let someone else use your account, their actions count as yours.

Relationship to the Terms. Accepting our Terms means you also accept this AUP. Breaking this AUP is a breach of the Terms, and the consequences in the [Consequences](#consequences) section below can follow. Nothing here removes any right you have as a consumer under UK law.

Don't use Luceria — including any content you submit, generate, post or share — to do any of the following.

Illegal content or activity

• Anything unlawful under the laws that apply to you, or that helps someone else break the law.
• Content that infringes someone else's intellectual property, contract or other rights.
• Buying, selling, arranging or promoting anything illegal (for example illegal goods, services or work arrangements).

Harming other people

• Harassment, bullying or threats — targeting, intimidating or threatening anyone.
• Hate — content that attacks or dehumanises people based on a protected characteristic (for example race, ethnicity, nationality, religion, disability, sex, sexual orientation, gender identity or age).
• Doxxing — publishing or threatening to publish someone's private information (home address, phone number, workplace, private accounts, etc.) to expose, locate or endanger them.
• Defamation — posting false statements that damage someone's reputation.
• Impersonation — pretending to be another person, a company, a recruiter or Luceria itself, or otherwise misrepresenting who you are.

Other people's private data and documents

• Don't share, upload or paste other people's private documents or personal data without the authority or lawful basis to do so. This specifically includes uploading someone else's CV, emails, messages or contact details without their permission or another lawful basis. Use Luceria for your own application materials — not to process other people's data behind their backs.
• Don't paste content that contains special-category data about other people (for example health, religion, sexuality, ethnicity) unless you have a clear lawful basis. As a rule of thumb: if it isn't yours and you wouldn't be comfortable showing the person, don't put it in.

Sexual content, minors and exploitation

• Zero tolerance for any sexual content involving minors, or any content that sexualises, exploits or endangers a child. We will report this to the relevant authorities (in the UK, that can include the NCA/CEOP and the police) and preserve relevant records as the law requires.
• No content that promotes, arranges or facilitates the sexual exploitation, trafficking or abuse of any person.
• Luceria is a careers tool, not an adult-content service: don't use it to create, request or distribute pornographic or sexually explicit material.

Self-harm and dangerous content

• Don't use Luceria to promote, encourage or give instructions for self-harm, suicide or disordered eating.
• Don't use it to plan or promote violence, terrorism, or the creation of weapons capable of mass harm.

If you're struggling, please reach out to someone who can help — in the UK you can contact the Samaritans on 116 123 (free, 24/7). Luceria is not a crisis service.

Don't attack, abuse or game the platform itself. Specifically, you must not:

Security and tampering

• Probe, scan or test the security of Luceria or its infrastructure without our prior written permission, or try to find or exploit a vulnerability for any purpose other than responsible disclosure (see [Reporting](#reporting)).
• Access, or try to access, data, accounts or areas you're not authorised to reach.
• Introduce malware, or interfere with, overload or disrupt the service (including denial-of-service style behaviour).
• Reverse-engineer, decompile or disassemble any part of the service or the Luceria Lens extension, except where the law gives you a non-excludable right to do so.

Scraping and automated access

• Scrape, crawl, harvest or bulk-extract content or data from Luceria (including Luceria Link) by any automated means, without our prior written permission.
• Use bots, scripts or other automation for bulk or automated access to the service.

Usage limits, gates and sharing access

• Circumvent, disable or attempt to bypass rate limits, usage caps, paywalls, feature gates or any other technical restriction (including the limits on the public scam checker).
• Create multiple or fake accounts to get around limits or evade a suspension.
• Share, sell, sublicense, rent or resell your account or access to paid features. Your subscription is for you. (Genuine institutional/multi-seat use is by separate written arrangement — contact us.)

The scam checker — no probing, no misuse

• Don't use the scam/risk checker to refine, test or improve a scam — for example by repeatedly tweaking a fraudulent message to see what gets flagged.
• Don't try to launder a scam through Luceria or present anything as "Luceria-verified" or "Luceria-approved safe". The checker is a screening aid that gives you a risk signal; it is not a certificate of legitimacy, and you must never represent its output to anyone else (a victim, a candidate, a counterparty) as proof that something is safe or genuine.
• Don't deliberately feed the checker misleading input to manipulate its output for someone else's consumption.

Luceria's AI features are assistive only — they help you draft, prepare and screen, and a human (you) stays in control. There is no solely-automated decision that produces a legal or similarly significant effect about you. With that in mind, you must not use Luceria's AI output to:

Deceive or defraud

• Deceive, defraud, scam or mislead anyone.
• Fabricate credentials — invent qualifications, degrees, grades, employment history, references, certifications or right-to-work status, or otherwise lie on a CV, cover letter, application or in an interview. AI can help you present real experience well; it must not invent experience you don't have.
• Plagiarise dishonestly — pass off Luceria's output (or anyone else's work) as your own where the rules of an institution, employer, exam board or assessment require it to be your independent work. AI assistance can break those rules — that's on you to check.

Discriminate

• Use AI output to discriminate against, or unfairly disadvantage, people based on a protected characteristic (for example race, religion, sex, sexual orientation, disability, age or gender identity) — for instance, to screen, rank or filter candidates unlawfully.

Attack the AI itself

• Attempt prompt injection or jailbreaks — trying to make the AI ignore its instructions, safety rules or this policy.
• Try to extract Luceria's system instructions, prompts, configuration, or another user's data or content.
• Use the AI to generate any of the prohibited content listed elsewhere in this policy.

A note on accuracy. AI output can be confidently wrong. Always review and verify before you rely on or send anything generated by Luceria. (See the AI output is guidance, not advice section of the [Terms](/terms).)

Luceria Link is our signed-in-only community (posts, comments, reactions, bookmarks, profiles, mute and a working report tool). It exists so students and recent grads can share real opportunities and support each other. Everything in this AUP applies in Link, plus these community rules. (For the fuller community standards, see the Community Guidelines — [PLACEHOLDER — Sully to complete: confirm route/URL for the Community Guidelines page and link it here].)

In Luceria Link, you must not:

• Post scams, fake opportunities, ghost jobs or pyramid/MLM-style "opportunities", or anything designed to extract money, data or fees from other members.
• Post recruitment-scam or phishing content — fake recruiter messages, links to credential-harvesting sites, "pay for a guaranteed job" offers, or requests for upfront payments, bank details or documents.
• Harass, bully, threaten, dox or demean other members, or post hateful content.
• Spam, mass-advertise, or repeatedly post off-topic promotional content.
• Post other people's private information or content without their permission.

Respect the report system. If you see something that breaks these rules, use the in-product report tool. Don't abuse reporting (for example, mass-reporting someone to harass them or silence them), and don't retaliate against people who report in good faith. We review reports and act under the [Consequences](#consequences) section.

(The Journal is editorial content written by Luceria, not user-generated, so these community rules don't apply to it.)

We act proportionately — the response depends on how serious the breach is, whether it was deliberate, whether it's a repeat, and the risk to other people. Depending on the circumstances, we may take one or more of these steps:

Serious harm = immediate action. For the most serious breaches — especially child sexual abuse material, credible threats of violence, or active fraud against other users — we may act immediately and without prior warning, including suspending your account and contacting the authorities.

Fairness. Except where the law, an emergency, or the safety of others means we can't, we'll aim to tell you what rule you've broken and, where appropriate, give you a chance to respond or fix it. If you think we got it wrong, you can contact us (see [Reporting](#reporting)) to ask us to review the decision. Nothing here affects your statutory rights as a consumer, and our paid-plan/refund terms are in the [Terms](/terms).

Effect on your subscription. If we suspend or terminate your account because you broke this AUP, the refund rules in the [Terms](/terms) apply — we generally won't refund fees where the closure results from your serious breach.

We rely on users to tell us when something's wrong. Please report it — quickly is best.

Reporting abuse, scams or illegal content in the product

• In Luceria Link, use the built-in report affordance on the post, comment or profile concerned.
• For anything else (including content from the scam checker or the AI features), email [PLACEHOLDER — Sully to complete: confirm the monitored abuse/report contact, e.g. support@luceria.co.uk] with a description and, if you can, a link or screenshot.
• If you believe you've encountered fraud or a scam in the UK, you can also report it to Action Fraud (actionfraud.police.uk) or, in an emergency, the police. For child safety concerns, you can report to CEOP (ceop.police.uk).

Reporting a security vulnerability (responsible disclosure)

If you think you've found a security flaw, please tell us privately first and give us a reasonable chance to fix it before disclosing it publicly. Don't access, alter or download other people's data while testing.

• Security contact: [PLACEHOLDER — Sully to complete: dedicated security/vulnerability-disclosure email, e.g. security@luceria.app, and confirm it's monitored].

If you report in good faith, stay within this policy and the law, and don't harm users or data, we won't pursue action against you for the investigation itself.

Logs and retention. To protect the service we keep limited technical records — for example IP addresses/identifiers used for rate-limiting (via Upstash Redis), held only transiently to detect and prevent abuse — and minimal security logs. These are kept only as long as needed for security and abuse-prevention and then deleted. [PLACEHOLDER — Sully to complete: confirm the specific retention period(s) for rate-limit identifiers and security logs.] See the [Privacy Policy](/privacy) for how we handle this data and your data-protection rights.

We may update this Acceptable Use Policy as the service evolves or the law changes. When we make a material change, we'll update the version and the "last updated" date below, and — where appropriate — ask you to re-accept before you keep using the service. Continuing to use Luceria after a change takes effect means you accept the updated policy. If you don't agree, you can stop using the service and delete your account at any time from Settings.

Version and date. The current version number and last-updated date for this document are shown on the page and are managed centrally (in lib/legal/versions.ts), so they stay in step with our other legal documents.

• Version: [rendered from versions.ts]
• Last updated: [rendered from versions.ts]

Questions about this policy? Email [PLACEHOLDER — Sully to complete: confirm monitored contact, e.g. support@luceria.co.uk].