LEGAL · ACCEPTABLE USE POLICY

Acceptable Use Policy

The rules that govern what you can and can’t do with TradeOS. These exist to keep the platform safe, compliant, and useful for every operator and counterparty on it. Breaches can lead to suspension or termination.

Version

v1.0

Effective from

25 May 2026

Last updated

23 May 2026

Status

v1.0 · subject to evolution

PLAIN-ENGLISH NOTE

This document is written to be readable. It is a live legal instrument — please read carefully. For clarification, write [email protected] with subject [Legal]. EDMA Group reserves the right to update this document; material changes will be announced at least 30 days in advance via email and posted at /newsroom.

01 Scope

This Acceptable Use Policy (“AUP”) applies to all use of TradeOS, the Trade Marketplace, our APIs, and any related service operated by EDMA Group. It is incorporated into and forms part of the Terms of Service.

The Customer is responsible for ensuring that all Users — including its employees, contractors, and the suppliers, clients, logistics providers, and financiers it invites into portals under its tenant — comply with this AUP.

02 Prohibited content

The Customer must not upload, transmit, or store content that:

  • infringes a third party’s intellectual-property rights, including copyright, trade mark, or trade-secret rights;
  • is unlawful, defamatory, obscene, harassing, threatening, or otherwise tortious;
  • contains malware, viruses, worms, or any other malicious code;
  • is sexually explicit, depicts child sexual abuse, or otherwise violates applicable child-protection law;
  • relates to a transaction the Customer knows or should know to be fraudulent, deceptive, or otherwise illegal under applicable law;
  • contains personal data of a person who has not consented to that data being processed in TradeOS, where consent is the applicable legal basis.

03 Prohibited activities

The Customer must not, and must not permit any User to:

  • use the Service in violation of applicable law, regulation, court order, or government instruction;
  • misrepresent the Customer’s identity, the identity of any counterparty, or the nature of an underlying transaction;
  • use the Service to launder money, evade taxes, or commit fraud;
  • spam other users, including through invitation flows, portal notifications, or in-app messaging;
  • scrape, crawl, or systematically extract data from the Service other than through documented APIs and within published rate limits;
  • resell access to the Service except under a written reseller arrangement with EDMA;
  • use the Service in any way that could disable, overburden, damage, or impair the Service or any other party’s use of it;
  • create accounts using false, misleading, or impersonating credentials.

04 Security restrictions

The Customer must not, and must not permit any User to:

  • probe, scan, or test the vulnerability of any system or network of EDMA or our sub-processors without prior written authorisation (a formal security testing program may be available — write to [email protected] with subject [Security research]);
  • breach or attempt to breach any security or authentication measures;
  • access or attempt to access another customer’s data, account, or tenant;
  • introduce, deploy, or distribute viruses, worms, ransomware, time bombs, or other malicious code through or against the Service;
  • access the Service through anonymising proxies, Tor, or similar tools in a way that obscures genuine identity for the purpose of circumventing sanctions, AML, or audit controls.

If the Customer discovers a security vulnerability in the Service, the Customer must report it responsibly under §9 below and must not exploit it, share it publicly before disclosure, or use it to access data the Customer is not authorised to access.

05 Sanctions & trade controls

EDMA operates internationally and is subject to trade-control and sanctions regimes including (without limitation) US OFAC, EU consolidated sanctions, UK OFSI, and UN sanctions. The Customer must not:

  • use the Service to facilitate any transaction with a person, entity, or jurisdiction targeted by applicable sanctions (e.g. comprehensively sanctioned jurisdictions or specifically designated nationals);
  • route financing, payments, or documents through the Service for trade in goods subject to relevant export controls without the licences required by law;
  • misrepresent the end-use, end-user, or destination of goods or services covered by a record stored in the Service.

EDMA may screen Customer Data against sanctions lists and refuse to process transactions or terminate accounts where required by law. The Customer is responsible for its own sanctions and export-control compliance program; EDMA’s screening is not a substitute for the Customer’s own checks.

06 AI features — responsible use

TradeOS includes AI-powered features (Atlas Document Intelligence, Accounting AI, Bot Studio, and others). When using AI features the Customer must not:

  • submit prompts or content designed to elicit illegal output, unlawful targeting of individuals, or content that violates §2;
  • use AI output as the sole basis for a decision with significant legal or financial effect on an individual without human review (e.g. credit, hiring, insurance);
  • misrepresent AI-generated content as having been independently created or verified by a human, where such representation would mislead a counterparty or regulator.

AI outputs may be inaccurate. The Customer is responsible for verifying AI-generated outputs before acting on them.

07 Marketplace conduct

When using the Trade Marketplace, the Customer must not:

  • post listings for transactions that do not exist, that are knowingly inflated, or that misrepresent material facts about the cargo, counterparties, or financing structure;
  • circumvent the two-step disclosure protocol by other channels (e.g. revealing operator identity to a financier off-platform before approving disclosure on-platform);
  • collude with other operators or financiers to fix prices, allocate deals, or otherwise distort the competitive process the Marketplace is designed to support;
  • misuse pre-vetted financier status to solicit business outside the Marketplace and avoid platform fees on deals the Marketplace surfaced.

08 Enforcement

If EDMA determines that the Customer or a User has breached this AUP, EDMA may, in its discretion, and depending on the severity:

  • warn the Customer and require remediation;
  • remove or quarantine offending content;
  • suspend specific Users, features, or the entire account;
  • terminate the account for cause under §14 of the Terms;
  • report the violation to relevant authorities if required by law or warranted by the conduct.

EDMA will use reasonable efforts to notify the Customer of enforcement actions and to permit cure where the violation is curable and where doing so does not breach legal obligations or compromise the safety of other users.

09 Reporting violations

To report a suspected AUP violation, security vulnerability, or content that should be removed, write to [email protected] with subject [Abuse]. We acknowledge reports within one business day and investigate promptly.

For security vulnerabilities, please follow responsible disclosure: do not share the vulnerability publicly until we have had a reasonable chance to investigate and remediate.

QUESTIONS

Write us.

Clarifications, complaints, or to exercise a data right under this document — write [email protected] with subject [Legal]. We respond within one business day.

LEGAL ENTITY

EDMA Group

The entity behind TradeOS, the marketplace, and EDMA Group's broader operations. Registered company details available on request at the address above. edma.co →

ARCHIVE

Previous versions.

Older versions of this document are archived. To request a specific version, write [email protected] with subject [Legal archive].

Acceptable Use Policy | TradeOS