SENSERITY — Acceptable Use Policy

Version 1.0 | February 2026

Provider: Blueloop Limited Company No: 03981322 Registered Office: Blueloop House, Ilchester Road, Yeovil, Somerset BA21 3AA

This policy forms part of the Senserity Terms of Service. Defined terms have the same meaning as in the Terms of Service unless otherwise stated.

1. Purpose

This Acceptable Use Policy ("AUP") sets out the rules and restrictions that govern your use of the Senserity platform. It exists to protect the integrity of the Platform, the quality of the service for all users, and the rights of individuals whose data appears within the Platform.

By using the Platform, you agree to comply with this policy. Violation may result in suspension or termination of your access in accordance with Clause 16 of the Terms of Service.

2. Permitted Use

The Platform is provided for legitimate business intelligence and due diligence purposes. You may use the Platform to:

Assess the risk profile of suppliers, customers, partners, competitors, acquisition targets, and subsidiaries.
Monitor companies on your watchlist for changes in risk indicators and governance.
Generate due diligence reports for internal use or for sharing with identified third parties in accordance with the Terms of Service.
Screen companies and their officers against sanctions lists, adverse media, and other risk indicators.
Conduct compliance due diligence in support of your legal and regulatory obligations.
Use the API (where your Subscription Tier includes API access) to integrate Senserity data into your internal business systems.

3. Prohibited Conduct

3.1 Misuse of Data

You must not:

Resell or redistribute Company Data, Insight Tests, risk scores, or any other data obtained from the Platform to any third party, whether for commercial gain or otherwise, except as permitted in the Terms of Service (sharing due diligence reports with identified recipients).
Build a competing product using data obtained from the Platform, or use the Platform to train, improve, or supplement any other risk intelligence, data aggregation, or business information product or service.
Extract data in bulk through scraping, crawling, automated screen capture, systematic downloading, or any other automated means beyond the API access included in your Subscription Tier.
Circumvent access controls including subscription tier restrictions, credit limits, rate limits, or role-based access controls.
Share reports without context by distributing due diligence reports or risk assessments to third parties without making them aware that the data is subject to the limitations described in the Terms of Service.

3.2 Harm to Individuals

You must not:

Harass, stalk, defame, or intimidate any individual identified through the Platform, including company directors, officers, persons with significant control, or any other data subject.
Make solely automated decisions that produce legal effects concerning, or similarly significantly affect, any individual based on data obtained from the Platform. Insight Tests and risk scores are informational aids that must be subject to meaningful human review before any decision with legal or significant consequences is made.
Discriminate against any individual or company on the basis of protected characteristics using data obtained from the Platform.
Contact individuals directly using information obtained from the Platform for purposes unrelated to legitimate business due diligence (for example, using a director's correspondence address from Companies House data to send unsolicited marketing material).

3.3 Sanctions and Compliance

You must not:

Facilitate sanctions evasion by using the Platform to identify which sanctions apply to an entity or individual for the purpose of circumventing those sanctions.
Undermine compliance by using the Platform in any way that would violate the Sanctions and Anti-Money Laundering Act 2018, the Proceeds of Crime Act 2002, or any other applicable sanctions or anti-money laundering legislation.
Ignore sanctions matches that you know or suspect to be genuine. While false positives are common and expected, if your review of a sanctions match leads you to believe it is a genuine match, you should take appropriate action in accordance with your own compliance obligations and, where required, report to OFSI.

3.4 Account and Security

You must not:

Share login credentials with any other person, or allow any unauthorised individual to access the Platform through your account.
Create multiple accounts to circumvent subscription limits, credit allocations, or free tier restrictions.
Cycle companies through your watchlist in a manner designed to exploit the enrichment process beyond the limits of your Subscription Tier (for example, repeatedly adding and removing companies on the Free Tier to enrich more than the permitted number).
Attempt to access data, systems, or functionality that is not included in your Subscription Tier or role.
Probe, scan, or test the vulnerability of the Platform, or breach or circumvent any security or authentication measures.
Introduce malicious code including viruses, trojans, worms, logic bombs, or any other material that is malicious or technologically harmful.

3.5 Multi-Tenant Separation

You must not:

Transfer data between tenants by copying, exporting, or otherwise moving Company Data, reports, or Insight Tests from one Tenant to another without proper authorisation from both Tenants.
Use information from one Tenant context for the benefit of another Tenant without proper authorisation, even if you are an Authorised User of both.

3.6 Platform Integrity

You must not:

Overload the Platform by making excessive API calls, running automated processes, or otherwise consuming resources in a way that degrades the service for other users.
Reverse engineer the Platform, including its risk scoring algorithms, analytical methodologies, matching logic, or network graph analysis processes.
Misrepresent your identity or organisational affiliation when creating an account or inviting users.
Access the Platform from a sanctioned jurisdiction if you are located in or ordinarily resident in a jurisdiction subject to comprehensive sanctions imposed by HM Treasury or the European Union.

4. Querying Data Accuracy

If you believe that any data presented in the Platform is inaccurate, you are encouraged to use the data query mechanism within the Platform to flag the concern. This applies particularly to:

Sanctions matches that you believe to be false positives.
Adverse media results that you believe relate to a different individual.
Company data that you believe is outdated or incorrect.

Flagged data will be reviewed by Blueloop and corrected where appropriate. Where data originates from a public register, correction may require the source to be updated first.

You must not knowingly dismiss or ignore a genuine data quality concern in order to present a more favourable risk profile of a company.

5. Reporting Violations

If you become aware of any use of the Platform that violates this policy, please report it to us at legal@senserity.co.uk. We will investigate all credible reports.

6. Consequences of Violation

Violation of this policy may result in:

A written warning identifying the violation and requiring it to cease.
Temporary suspension of your access to the Platform while an investigation is conducted.
Permanent termination of your account and Subscription without refund.
Reporting to relevant authorities where the violation involves suspected criminal activity.

We will act proportionately and will generally provide an opportunity to remedy a violation before taking permanent action, except where the violation poses an immediate risk to the Platform, its users, or any individual.

7. Changes to This Policy

We may update this policy from time to time. Material changes will be notified to you at least 30 days in advance by email or through the Platform. The current version is always available on the Senserity website.

Version	Date	Changes
1.0	February 2026	Initial policy

8. Contact

For questions about this policy: legal@senserity.co.uk