This Acceptable Use Policy ("AUP") defines the standards of conduct required for all users of Oceanic Consulting VOF's services and platforms. It is incorporated by reference into our Terms of Service. Violations of this AUP may result in immediate suspension or permanent termination of your account.
1 Scope and Application
This AUP applies to every individual, organisation, and entity that accesses or uses any service, API, application, or digital product operated by Oceanic Consulting VOF or its ventures — including Hubrix AI, TOURIBO, TOTEM, and all associated websites and APIs — regardless of whether a paid account is held.
By accessing any Oceanic service, you agree to comply with this AUP in full. You are also responsible for ensuring that any authorised users on your account comply with this AUP.
2 General Conduct Standards
All users must:
- Use Oceanic services only for lawful purposes and in accordance with all applicable laws, regulations, and directives of the Netherlands, the European Union, and any other jurisdiction in which you operate
- Treat all other users, Oceanic staff, and third parties with respect and without harassment, abuse, or discrimination
- Provide accurate and truthful information in all interactions with Oceanic services and support
- Report any suspected security vulnerability, abuse, or illegal use of our platforms promptly to abuse@oceanicco.nl
- Not knowingly use Oceanic services in a way that degrades the experience of other users or places an unreasonable burden on shared infrastructure
3 Prohibited Activities — All Services
The following activities are strictly prohibited across all Oceanic platforms and services:
Illegal Activity
- Any activity that violates applicable national, EU, or international law or regulation
- Engaging in, facilitating, or promoting criminal activity of any kind
- Trafficking in illegal goods, weapons, controlled substances, or regulated content
- Violation of intellectual property rights, including copyright, trademark, and patent infringement
- Fraud, identity theft, phishing, or any form of financial deception
- Money laundering, terrorist financing, or sanctions evasion
Harmful and Abusive Content
- Generating, distributing, or storing child sexual abuse material (CSAM) or any content sexualising minors
- Harassing, threatening, or intimidating any individual or group
- Producing or distributing content that incites hatred, discrimination, or violence based on race, ethnicity, religion, gender, sexual orientation, nationality, disability, or other protected characteristics
- Non-consensual sharing of intimate imagery
- Doxing or publishing private personal information of individuals without consent
Platform Abuse
- Circumventing, bypassing, or disabling any security control, authentication mechanism, or access restriction on Oceanic systems
- Attempting to gain unauthorised access to any Oceanic system, database, or account
- Creating fake or multiple accounts to circumvent usage limits, bans, or restrictions
- Reselling or sublicensing Oceanic services without a written reseller agreement
- Using Oceanic services to provide competing products or services without prior written authorisation
- Scraping, crawling, or automated harvesting of platform data without prior written permission
Network and Infrastructure Abuse
- Launching denial-of-service (DoS/DDoS) attacks against any target, including Oceanic's own infrastructure
- Port scanning, network probing, or vulnerability scanning of third-party systems without authorisation
- Distributing malware, ransomware, spyware, or other malicious code
- Operating botnets, spam networks, or any infrastructure designed to carry out automated attacks
- Generating unsolicited bulk email (spam) or SMS messages using any Oceanic service
4 Hubrix AI — Specific Rules
When using Hubrix AI's AI models, document processing, and automation features, users must additionally comply with the following:
- Do not use AI-generated content to produce misinformation, disinformation, or deliberately misleading material intended for public distribution
- Do not submit prompts designed to jailbreak, override, or circumvent the safety guidelines of any AI model accessed through Hubrix
- Do not use Hubrix AI to process special categories of personal data (health data, biometric data, political opinions, etc.) without a valid legal basis and a signed Data Processing Agreement with Oceanic
- Do not use AI outputs as professional advice (medical, legal, financial, or clinical) without independent verification by a licensed professional
- Do not use Hubrix to generate content that impersonates a real person in a misleading or harmful way
- Respect the usage quotas and rate limits assigned to your plan; circumvention of quota mechanisms is prohibited
- Documents submitted for processing must not include content whose processing violates applicable data protection law or third-party rights
5 TOURIBO — Specific Rules
When using the TOURIBO AI travel planning platform:
- Travel information generated by TOURIBO is for planning assistance only. You are responsible for independently verifying visa requirements, entry conditions, health advisories, and transportation schedules
- Do not use TOURIBO to plan or facilitate illegal travel activities
- eSIM products integrated with TOURIBO must be used only for legitimate personal or business data connectivity — not for resale, tethering beyond reasonable personal use, or network testing
- Do not attempt to exploit eSIM activations, top-up systems, or referral programmes through fraudulent means
- AI itinerary outputs may not be republished commercially without Oceanic's written permission
6 TOTEM Private Access — Specific Rules
The TOTEM service provides private internet access for lawful purposes. The following uses are prohibited:
Absolutely Prohibited on TOTEM
- Any illegal activity, regardless of the legal status in any jurisdiction
- Accessing, distributing, or transmitting CSAM or illegal content
- Conducting cyberattacks, hacking, or penetration testing of third-party systems without explicit written authorisation from the target
- Operating spam infrastructure, phishing sites, or command-and-control servers
- Torrenting or distributing copyrighted material without authorisation
- Evading law enforcement investigations or court orders
- Evading sanctions imposed by the EU, Netherlands, UN, or other applicable bodies
- Operating exit-node or relay services that allow third parties to route traffic through your TOTEM connection
TOTEM does not retain browsing activity logs or DNS query logs. However, we retain the minimum connection metadata (timestamps, data volume, server used) required for operational and legal compliance purposes, as described in our Privacy Policy.
In the event we receive a valid, legally binding order from a competent court or authority under Dutch or EU law requiring us to act on specific account information, we will comply to the extent required by law and will notify affected users where legally permitted to do so.
7 eSIM and Connectivity Products
For eSIM data products purchased through TOURIBO or otherwise offered by Oceanic:
- eSIM profiles may only be installed on one device at a time, as governed by the technical eSIM standard (GSMA RSP Architecture)
- eSIM profiles may not be transferred, resold, or shared with third parties
- eSIM data plans must be used for ordinary personal or business internet browsing; excessive continuous streaming, bulk data transfers, or activities that degrade the shared network may result in throttling or suspension
- Any attempted manipulation of the eSIM provisioning system, ICCID swapping, or exploitation of activation flows is strictly prohibited and will result in permanent account termination
8 Security and Technical Rules
You may not:
- Perform load tests, stress tests, or benchmark testing on Oceanic infrastructure without prior written approval
- Deploy or run code designed to probe for or exploit security vulnerabilities in Oceanic systems
- Interfere with the normal operation of Oceanic's services for other users
- Attempt to reverse engineer, disassemble, decompile, or reconstruct source code from any compiled Oceanic application or API
- Use any technique to bypass rate limiting, IP blocks, or throttling mechanisms
Oceanic operates a responsible disclosure programme. Security researchers who discover vulnerabilities are encouraged to report them to security@oceanicco.nl before public disclosure. We commit to acknowledging reports within 5 business days and working to address confirmed vulnerabilities in a timely manner.
9 Enforcement and Consequences
Oceanic reserves the right to take any of the following actions in response to violations of this AUP, at our sole discretion and without prior notice where the severity warrants immediate action:
⚠️ Warning
Issued for minor, first-time, or unintentional violations. Your account remains active with a written caution.
⏸️ Temporary Suspension
Account access restricted pending investigation or while a remedy is implemented. Duration: 24 hours to 30 days.
🚫 Permanent Termination
Immediate closure of all accounts for serious, repeated, or deliberate violations. No refund is issued.
⚖️ Legal Action
Referral to law enforcement, civil litigation, or regulatory reporting for illegal activity or significant harm to Oceanic or third parties.
Where feasible and where the violation is not severe, Oceanic will provide notice and a reasonable period (minimum 24 hours) to remedy a breach before taking action. However, we may act immediately without notice in cases involving illegal content, security threats, or significant harm to other users or third parties.
Termination for AUP violations does not entitle you to a refund of any prepaid fees.
10 Reporting Violations
If you become aware of any use of Oceanic services that violates this AUP — whether by another user or by a third party — please report it to us:
Please include as much detail as possible (date, time, URLs, account identifiers, screenshots) to enable us to investigate promptly. We treat all abuse reports confidentially and will not disclose your identity to the reported party unless required by law.
Oceanic aims to acknowledge all abuse reports within 2 business days and to take appropriate action within 5–10 business days of confirmation.
11 Appeals
If you believe your account has been suspended or terminated in error, or that an enforcement action was disproportionate to the violation, you may appeal by emailing legal@oceanicco.nl within 14 days of the enforcement action.
Your appeal must include:
- Your account email address
- A description of the enforcement action taken
- Your explanation of why you believe the action was incorrect or disproportionate
- Any supporting evidence
Oceanic will review all appeals and respond within 10 business days. The decision on appeal is final and binding. During the appeal period, suspended accounts remain suspended. Permanently terminated accounts are not reinstated pending appeal unless exceptional circumstances exist.