1. Purpose
This Usage Policy ("Policy") sets out the rules governing your use of the Strata platform and related services (the "Services"). It applies to every user of Strata and is incorporated by reference into our Terms of Service. Violations may result in suspension or termination of your access to the Services.
Capitalized terms not defined here have the meanings given in the Terms of Service.
2. Acceptable Use
You may use the Services only for lawful business purposes and in compliance with this Policy, the Terms of Service, the Privacy Policy, and all applicable laws, regulations, and third-party rights. You are responsible for the conduct of every user of your account and for the content you submit through the Services.
3. Prohibited Content
You may not submit, generate, store, or transmit content through the Services that:
- Is unlawful, fraudulent, deceptive, defamatory, obscene, harassing, or otherwise objectionable
- Infringes any patent, copyright, trademark, trade secret, or other intellectual property right
- Violates any person's privacy, publicity, contractual, or other legal rights
- Constitutes child sexual abuse material (CSAM) or sexualizes minors in any way
- Promotes terrorism, violence, self-harm, or hatred against any group based on race, ethnicity, religion, gender, sexual orientation, disability, or other protected characteristic
- Contains malicious code, malware, or anything intended to disrupt, damage, or gain unauthorized access to systems
- Is regulated personal data (such as protected health information under HIPAA, payment card data under PCI-DSS, or government-classified information) unless your organization has executed an enterprise agreement that expressly permits such data and Strata has implemented the corresponding controls
4. Prohibited Conduct
You may not, and may not allow any third party to:
- Reverse engineer, decompile, disassemble, or attempt to derive the source code of the Services
- Circumvent rate limits, access controls, authentication, or other technical restrictions
- Use the Services to develop or train a competing product, model, or service
- Scrape, crawl, or systematically extract data from the Services beyond normal interactive use
- Resell, sublicense, or share access to the Services without our prior written consent
- Impersonate any person or entity, or misrepresent your affiliation with any person or entity
- Use the Services to send spam, unsolicited communications, or fraudulent messages
- Interfere with or disrupt the integrity, performance, or availability of the Services or related infrastructure
- Attempt to access data, accounts, organizations, or systems you are not authorized to access
5. AI-Specific Restrictions
The Services route prompts to third-party AI models (OpenAI, Anthropic, xAI) via Microsoft Foundry. In addition to the rules above, you may not:
- Submit prompts designed to extract, reconstruct, or infer the training data of the underlying AI models
- Use the Services to generate content intended to deceive, manipulate, or defraud (including deepfakes, synthetic identities, or impersonation of real people without consent)
- Use the Services to generate content used in high-stakes decisions about individuals (employment, credit, housing, insurance, legal, medical, or government benefits) without independent human review and qualified professional oversight
- Submit prompts that solicit instructions for creating weapons (including chemical, biological, radiological, nuclear, or cyber weapons), illegal drugs, or other content prohibited by our AI providers' usage policies
- Bypass or attempt to bypass safety controls, content filters, or model guardrails
- Use AI-generated outputs as the sole basis for irreversible actions without human verification
You are responsible for AI outputs. AI models can produce inaccurate, biased, or harmful content. You must independently review and verify AI-generated outputs before relying on them, sharing them, or acting on them.
6. Customer Representations & Warranties
By submitting any data, prompt, file, or other content (collectively, "Customer Data") to the Services, you represent and warrant that:
- You have all rights, licenses, consents, permissions, and authority necessary to submit the Customer Data and to authorize Kronisys and its subprocessors to process it as described in the Privacy Policy
- The Customer Data, including any third-party personal data it contains (such as recipients, names, addresses, contract terms, or other identifiers in emails or documents), does not violate any law, contractual obligation, or third-party right
- You have provided any notices and obtained any consents required under applicable law (including data protection laws such as GDPR, CCPA, and similar regimes) before submitting the Customer Data
- If you are submitting Customer Data on behalf of an organization, you have authority to bind that organization to this Policy and the Terms of Service
- You will not submit data that is subject to special regulatory regimes (HIPAA, PCI-DSS, FERPA, GLBA, classified information, etc.) unless your organization has an enterprise agreement that expressly permits such data
Third-party content awareness. Customer Data submitted to Strata — including emails, documents, database records, and prompts — is transmitted to third-party AI providers (OpenAI, Anthropic, xAI) via Microsoft Foundry to generate responses. While these providers are contractually prohibited from training on your data, they may temporarily log inputs and outputs for abuse detection, safety monitoring, and operational reasons. You acknowledge this processing and confirm you have the right to share Customer Data with these providers.
7. Database & Integration Use
When you connect a database or Microsoft integration (SQL Server, OneDrive, Outlook, Teams) to Strata:
- You authorize Strata to access and act on the connected service on your behalf
- You are responsible for the credentials and permissions you provide. We strongly recommend providing read-only credentials when possible
- You acknowledge that AI-generated SQL may produce incorrect or destructive queries. You must review write operations before execution and you bear all responsibility for the consequences of executing AI-generated queries against your data
- You will not connect databases or accounts you are not authorized to use
- You will not use Strata to exfiltrate data from systems your organization owns in a manner that violates your organization's policies
8. Enforcement
If we determine, in our sole discretion, that you have violated this Policy, we may take any of the following actions, with or without notice:
- Issue a warning
- Restrict, suspend, or revoke specific features or integrations
- Suspend your account or your organization's access to the Services
- Terminate your account and delete associated data in accordance with the Terms of Service
- Remove or disable access to violating content
- Report violations to law enforcement, regulators, or affected third parties when required by law or when we believe in good faith that such reporting is necessary
Enforcement decisions are not exclusive remedies. We reserve all other rights and remedies available under the Terms of Service and applicable law.
9. Reporting Violations
If you become aware of any violation of this Policy or any abuse of the Services, please report it to legal@kronisys.com. Include as much detail as possible: the nature of the violation, the affected account or content, and any supporting information. We investigate every report.
For copyright or trademark infringement, follow the DMCA procedure in our Terms of Service.
10. Changes to This Policy
We may update this Policy from time to time. When we make material changes, we will update the "Effective" date at the top of this page and, where appropriate, notify enterprise administrators by email or in-product notification. Your continued use of the Services after the updated Policy takes effect constitutes acceptance of the changes.
11. Contact Information
Questions about this Policy can be sent to: