Actionboard.ai Logo

Actionboard Security Policy

Effective Date: November 20, 2025

Last Updated: November 20, 2025

Version: 1.0

Introduction

Actionboard is committed to providing a secure, collaborative platform for users to leverage AI agents, actionboards, and integrations to drive productivity and innovation. This Security Policy outlines the rules, responsibilities, and protections for all users (individuals or organizations using Actionboard) and partners (integration partners, actionboard collaborators, and third-party developers). By using Actionboard, you agree to comply with this policy.

Our goal is to foster a safe environment where users can share data, build AI-driven workflows, and collaborate without compromising privacy, security, or ethical standards. This policy aligns with global regulations like GDPR, CCPA, and HIPAA, and emphasizes responsible AI use. Violations may result in warnings, content removal, account suspension, or termination.

If you have questions, contact support@actionboard.ai.

1. High-Level Principles

Actionboard operates on these core security principles:

  • Privacy by Design: We protect user data at every step, minimizing collection and ensuring transparency.
  • Accountability: Users and partners are responsible for their actions; Actionboard enforces compliance through monitoring and audits.
  • Integrity and Availability: We safeguard against unauthorized access, data tampering, or service disruptions.
  • Ethical AI Use: AI agents must enhance productivity without harm, bias, or misuse.
  • Transparency: We clearly explain how data is handled, shared, and protected.
  • Proportional Response: Enforcement actions match the severity of violations, with appeals available.

These principles guide all features, including AI agents (e.g., RAOARA loop agents), actionboards (collaborative workspaces), data sharing, and tool integrations (e.g., APIs, third-party apps).

2. User Responsibilities and Guidelines

This section applies to all Actionboard users. You must maintain secure practices and use the platform responsibly.

2.1 Data Privacy

Actionboard prioritizes your privacy. We collect only necessary data (e.g., account details, actionboard content, AI interaction logs) to provide services.

  • Rules and Examples:
    • Do not share personal or sensitive data (e.g., health records, financial info) in actionboards unless encrypted or anonymized. Example: Use pseudonymized data for AI agent testing to avoid PII exposure.
    • We do not sell user data. Data is used for service improvement, with opt-out options for analytics.
    • Comply with privacy laws: If you're in the EU, you have GDPR rights (access, deletion); in California, CCPA rights apply.
    • Data retention: Actionboard content is kept as long as your account is active; deleted accounts trigger 30-day data purge (except for legal holds).
  • Actionboard-Specific: When sharing data in actionboards, use role-based access (e.g., view-only for collaborators). AI agents process data in secure, isolated environments; do not input regulated data (e.g., HIPAA-protected health info) without encryption.
  • Prohibited: Uploading or sharing data without consent (e.g., others' personal info). Violations may lead to data removal and account review.

2.2 Acceptable Use

Use Actionboard only for lawful, productive purposes. Misuse harms the community and violates this policy.

  • Rules and Examples:
    • Permitted: Creating actionboards for business planning, AI agent workflows (e.g., RAOARA loops for task automation), or collaborative projects.
    • Prohibited Activities (Detailed Rules):
      • Illegal or Criminal Content: No actionboards involving illegal activities, such as planning crimes, hacking, or terrorism. Example: An actionboard for "phishing tutorial" is banned.
      • Pornographic or Adult Content: No child pornography or any adult/sexual content in actionboards, AI prompts, or integrations. This includes explicit images, text, or AI-generated outputs. Example: Using AI agents to create erotic stories or images is prohibited.
      • Fraud-Related Content: No actionboards promoting scams, fraud, or deceptive practices (e.g., fake investment schemes). Accounts involved will be immediately suspended, with potential legal reporting.
      • Other Bans: Harassment, hate speech, spam, or malware distribution. Example: Flooding actionboards with unsolicited ads.
  • Actionboard-Specific: AI agents must align with ethical use—e.g., no prompts for harmful simulations. Data sharing in actionboards requires explicit consent; tool integrations (e.g., API connections) must not expose unauthorized data.
  • Enforcement: We monitor for violations using automated tools and human review. Appeals: Contact support within 7 days.

2.3 Account Security

Protect your account to prevent unauthorized access.

  • Rules and Examples:
    • Use strong, unique passwords (at least 12 characters, with multi-factor authentication enabled).
    • Do not share credentials or use shared accounts for sensitive work.
    • Report suspicious activity (e.g., unauthorized logins) immediately via support.
    • Example: If collaborating on an actionboard, use guest access instead of sharing your main login.
  • Actionboard-Specific: AI agents and tool integrations inherit your account permissions—review and revoke access regularly (e.g., via the dashboard).
  • Prohibited: Account sharing, brute-force attempts, or using bots to automate logins. We may lock accounts after failed attempts.

2.4 Intellectual Property (IP)

Respect IP rights in all content.

  • Rules and Examples:
    • You retain ownership of your actionboard content and AI outputs, but grant Actionboard a non-exclusive license to host and process it.
    • Do not upload copyrighted material without permission. Example: Using AI agents to generate code from proprietary sources without a license is prohibited.
    • Actionboard-generated content (e.g., AI summaries) is yours to use, but attribute if required by source licenses.
  • Actionboard-Specific: In data sharing or integrations, ensure collaborators have IP rights. AI agents must not scrape or reproduce protected content.
  • Prohibited: IP theft, such as copying others' actionboards without credit. We remove infringing content upon valid DMCA notices.

2.5 Content Moderation

We moderate to ensure a safe platform.

  • Rules and Examples:
    • Flag inappropriate content via the report button; we review within 24 hours.
    • AI agents auto-moderate for obvious violations (e.g., explicit language), but human oversight applies for edge cases.
    • Example: An actionboard with violent content will be hidden and reviewed.
  • Actionboard-Specific: Tool integrations must comply with moderation—e.g., no unfiltered external APIs that bypass our checks.
  • Prohibited: As listed in Acceptable Use; repeated reports lead to suspension.

2.6 Responsible AI Use Within Actionboard

AI agents (e.g., RAOARA loops) are tools for productivity—use them ethically.

  • Rules and Examples:
    • Prompts must not seek harmful outputs (e.g., no bias-inducing queries). Example: Use AI for task organization, not generating discriminatory hiring criteria.
    • Human oversight: Review AI outputs before acting, especially for high-stakes decisions.
    • Bias mitigation: Flag biased AI responses; we refine models based on feedback.
  • Actionboard-Specific:
    • AI Agent Usage: Limit to platform-approved patterns (e.g., Chain-of-Thought for planning). No jailbreaking or overriding safety prompts.
    • Data Sharing in Actionboards: Share only with trusted collaborators; use encryption for sensitive files. Example: In a team actionboard, set permissions to prevent accidental leaks.
    • Tool Integrations: Securely connect third-party tools (e.g., APIs) with OAuth; do not integrate malware-prone services.
  • Prohibited: Using AI for deception (e.g., deepfakes) or evading platform rules.

3. Partner Responsibilities and Guidelines

Partners (integration partners, actionboard collaborators, third-party developers) extend Actionboard's ecosystem. You must adhere to this policy and our Partner Agreement.

3.1 Security Aspects for Partners

  • Data Access and Sharing: Access only necessary data via secure APIs. Example: Integration partners must use encrypted connections (TLS 1.3+) and delete data after use.
  • Compliance: Follow privacy laws and Actionboard's standards (e.g., SOC 2 for developers). Conduct annual audits for integrations.
  • Shared Responsibilities: Partners secure their side (e.g., no storing Actionboard data without consent); we secure the platform.
  • Actionboard-Specific: For tool integrations, implement rate limiting to prevent DoS. Collaborators in actionboards must respect IP and privacy settings.
  • Prohibited: Unauthorized data scraping, insecure integrations (e.g., hard-coded credentials), or reselling Actionboard data.

3.2 Onboarding and Enforcement

  • Partners undergo security review before integration.
  • Violations: Revocation of access, with 30-day notice for non-critical issues.

4. Enforcement and Consequences

  • Monitoring: We use AI and human review for compliance; logs are anonymized.
  • Actions: Warnings for minor issues; suspension/termination for severe (e.g., fraud, illegal content). Fraud-related accounts are suspended immediately and reported to authorities.
  • Appeals: Submit via support@actionboard.ai within 7 days; decisions are final.
  • Changes: We may update this policy; you'll be notified via email/dashboard.