estøkad

acceptable use

Acceptable use

Last updated · 1 May 2026

We are a sovereign-by-design platform serving regulated businesses. The bar for acceptable use is correspondingly high. The list below is the floor, not the ceiling — common sense and EU law govern the rest.

1. Content prohibitions

You agree not to use Estøkad to store, publish, or distribute content that:

  • Is illegal under EU law or the law of any member state where it will be accessible.
  • Constitutes child sexual abuse material (CSAM) or sexualises minors in any way.
  • Promotes or coordinates terrorism, violent extremism, or genocide.
  • Constitutes hate speech, harassment, or incitement to discrimination based on protected characteristics.
  • Infringes intellectual property rights you do not own or licence.
  • Contains malware, viruses, or other harmful code.
  • Misrepresents financial advice, medical advice, or other regulated information without required disclaimers.

2. Conduct prohibitions

You agree not to:

  • Reverse engineer, decompile, or scrape the platform beyond what your subscription permits.
  • Use the platform to send unsolicited bulk email, conduct phishing, or perform any other form of abuse.
  • Probe, scan, or test the vulnerability of the platform without written authorisation.
  • Circumvent rate limits, billing meters, or scope-based access controls.
  • Resell or sublicense the platform without our written consent (white-label tier excepted).

3. Notice and takedown

Reports of content violating this policy go to legal@samarkandindustries.com. Include the workspace, the URL or asset id, and the basis for the claim. We acknowledge within 48 hours and act within 7 days for non-urgent reports, immediately for CSAM, terrorism, or active malware distribution.

4. Enforcement

We may suspend a workspace pending investigation if we have reasonable grounds to believe this policy has been breached. Confirmed breaches result in workspace termination. Where EU law requires it, we report to the relevant authority — including the Estonian Information System Authority (RIA) for cybersecurity incidents, AKI for personal-data breaches, and law-enforcement agencies for criminal content.

5. Security disclosures

Found a vulnerability? Report responsibly to security@samarkandindustries.com. We do not yet run a paid bug bounty; we acknowledge contributors publicly with permission.