Skip to main content
Last updated: December 7, 2025

Overview

This Acceptable Use Policy (“AUP”) governs your use of Emby.dev’s services. By using our Service, you agree to comply with this policy. Violations may result in suspension or termination of your account.

1. General Conduct

1.1 Permitted Activities

You may use Emby.dev for: Software Development
  • Building AI-powered applications
  • Testing and prototyping
  • Code generation and assistance
  • Development tools integration
Business Applications
  • Customer service chatbots
  • Content generation
  • Data analysis and processing
  • Workflow automation
Research and Education
  • Academic research
  • Educational projects
  • Learning and experimentation
  • Non-commercial research
Personal Use
  • Personal projects
  • Hobby applications
  • Learning AI development
  • Creative writing assistance

1.2 Prohibited Activities

You may NOT use Emby.dev for: Illegal Activities
  • Any illegal purpose or activity
  • Violating local, national, or international laws
  • Facilitating criminal activity
  • Money laundering or fraud
Harmful Content
  • Generating malware, viruses, or malicious code
  • Creating content that promotes violence or terrorism
  • Producing child sexual abuse material (CSAM)
  • Generating content for harassment or bullying
Deceptive Practices
  • Creating deepfakes without disclosure
  • Impersonating individuals or organizations
  • Generating misleading or false information
  • Spam or phishing content
Intellectual Property Violations
  • Infringing on copyrights, trademarks, or patents
  • Plagiarism or unauthorized content reproduction
  • Circumventing DRM or access controls
  • Reverse engineering our Service

2. API Usage Guidelines

2.1 Fair Usage

Rate Limits
  • Respect rate limits for your subscription tier
  • Do not attempt to circumvent rate limiting
  • Contact us for higher limits if needed
Resource Usage
  • Use resources efficiently and responsibly
  • Avoid unnecessary or wasteful API calls
  • Implement proper error handling and retries
  • Cache responses when appropriate
Concurrent Requests
  • Stay within concurrent request limits
  • Implement proper queuing mechanisms
  • Avoid overwhelming our infrastructure

2.2 Prohibited API Practices

System Abuse
  • DDoS attacks or similar malicious traffic
  • Attempting to overload or crash our systems
  • Exploiting vulnerabilities or bugs
  • Unauthorized access attempts
Account Abuse
  • Creating multiple accounts to bypass limits
  • Sharing API keys publicly
  • Using expired or invalid credentials
  • Reselling API access without authorization
Data Scraping
  • Scraping our website or documentation
  • Automated data extraction beyond API usage
  • Collecting user information
  • Building competing services

3. Content Restrictions

3.1 Prohibited Content Generation

You may not use our Service to generate: Illegal Content
  • Child sexual abuse material (CSAM)
  • Content promoting terrorism or extremism
  • Instructions for illegal activities
  • Regulated goods without proper licensing
Harmful Content
  • Content promoting self-harm or suicide
  • Graphic violence or gore
  • Hate speech or discrimination
  • Harassment or bullying material
Deceptive Content
  • Misinformation or disinformation campaigns
  • Fake news or propaganda
  • Impersonation without disclosure
  • Fraudulent or scam content
Adult Content (Restrictions Apply)
  • Explicit sexual content (prohibited on free tier)
  • Non-consensual intimate imagery
  • Content sexualizing minors
  • Extreme or illegal sexual content

3.2 Regulated Use Cases

Some use cases require additional verification: Medical Applications
  • Must comply with healthcare regulations
  • Requires appropriate disclaimers
  • Cannot replace professional medical advice
  • Subject to additional terms
Financial Services
  • Must comply with financial regulations
  • Requires proper licensing
  • Cannot provide unauthorized financial advice
  • Subject to additional verification
Legal Services
  • Cannot replace licensed legal counsel
  • Requires appropriate disclaimers
  • Must comply with legal practice regulations
  • Subject to additional terms

4. Security Requirements

4.1 API Key Management

Required Practices
  • Keep API keys confidential and secure
  • Rotate keys regularly (recommended: every 90 days)
  • Use environment variables, not hardcoded keys
  • Implement proper access controls
Prohibited Practices
  • Sharing API keys publicly (GitHub, forums, etc.)
  • Embedding keys in client-side code
  • Using keys in insecure environments
  • Sharing keys across multiple organizations

4.2 Security Responsibilities

You Must
  • Implement proper authentication
  • Use HTTPS for all API communications
  • Protect user data appropriately
  • Report security vulnerabilities responsibly
You Must Not
  • Attempt to breach our security
  • Exploit discovered vulnerabilities
  • Access other users’ data
  • Interfere with security measures

5. Commercial Use

5.1 Permitted Commercial Use

Allowed
  • Building commercial applications
  • Providing services to customers
  • Internal business tools
  • SaaS products using our API

5.2 Restricted Commercial Use

⚠️ Requires Authorization
  • Reselling API access directly
  • White-labeling our Service
  • Competing services
  • High-volume commercial use (contact us)

5.3 Attribution

For free tier users:
  • Attribution to Emby.dev is appreciated
  • Not required but encouraged
  • Helps us grow and improve

6. Data and Privacy

6.1 User Data Protection

You Must
  • Comply with applicable privacy laws (GDPR, CCPA, etc.)
  • Obtain proper consent for data processing
  • Implement appropriate security measures
  • Provide privacy notices to your users
You Must Not
  • Process sensitive data without authorization
  • Violate user privacy rights
  • Share user data inappropriately
  • Store unnecessary personal information

6.2 Our Commitments

We Do Not
  • Store your prompts or responses (beyond 24h caching)
  • Train models on your data
  • Share your data with third parties for training
  • Sell your personal information

7. Compliance Requirements

You must comply with:
  • All applicable local, national, and international laws
  • Export control and sanctions regulations
  • Data protection and privacy laws
  • Industry-specific regulations
  • Intellectual property laws

7.2 Industry Standards

For specific industries: Healthcare (HIPAA, GDPR)
  • Requires Business Associate Agreement
  • Additional security measures
  • Compliance verification
  • Contact us for healthcare use
Finance (PCI-DSS, SOX)
  • Additional security requirements
  • Compliance documentation
  • Regular audits
  • Contact us for financial use
Government (FedRAMP, etc.)
  • Special compliance requirements
  • Security clearances may be needed
  • Contact us for government use

8. Monitoring and Enforcement

8.1 Our Rights

We reserve the right to:
  • Monitor usage for compliance
  • Investigate suspected violations
  • Suspend or terminate accounts
  • Report illegal activity to authorities
  • Modify this policy at any time

8.2 Violation Consequences

First Violation (Minor)
  • Warning notification
  • Temporary rate limiting
  • Required corrective action
Repeat Violations (Moderate)
  • Temporary account suspension
  • Mandatory compliance review
  • Restricted access
Serious Violations
  • Immediate account termination
  • Legal action if necessary
  • Report to law enforcement
  • No refunds

9. Reporting Violations

9.1 How to Report

If you discover violations of this AUP: Email: abuse@emby.ai
Subject: AUP Violation Report
Include:
  • Description of the violation
  • Evidence (screenshots, URLs, etc.)
  • Your contact information
  • Date and time of incident

9.2 Response Time

  • We review all reports within 24 hours
  • Serious violations addressed immediately
  • You will receive confirmation of receipt
  • Updates provided as investigation progresses

10. Responsible Disclosure

10.1 Security Vulnerabilities

If you discover a security vulnerability: Do
  • Report it privately to security@emby.ai
  • Provide detailed information
  • Allow reasonable time for fix
  • Work with us cooperatively
Don’t
  • Publicly disclose before fix
  • Exploit the vulnerability
  • Access other users’ data
  • Demand payment (we have a bug bounty program)

10.2 Bug Bounty

  • We reward responsible disclosure
  • Bounties based on severity
  • Details at https://emby.dev/security
  • Hall of fame for researchers

11. Updates to This Policy

11.1 Notification

  • Material changes notified via email
  • Changes effective immediately upon posting
  • Continued use constitutes acceptance
  • Previous versions available upon request

11.2 Your Responsibility

  • Review this policy regularly
  • Ensure ongoing compliance
  • Update your practices as needed
  • Contact us with questions

12. Contact Information

For questions about this Acceptable Use Policy: General Inquiries: hello@emby.ai
Abuse Reports: abuse@emby.ai
Security Issues: security@emby.ai
Legal Matters: legal@emby.ai Website: https://emby.dev
Address: Netherlands (EU)
Important: Violations of this Acceptable Use Policy may result in immediate account suspension or termination without refund. Serious violations may be reported to law enforcement.
Questions? If you’re unsure whether your use case complies with this policy, please contact us at hello@emby.ai before proceeding. We’re happy to help clarify!
Best Practice: Implement content filtering and moderation in your applications to ensure compliance with this policy and protect your users.