Samsa Acceptable Use Policy. Content Provenance and AI-Content Marking.

Version 1.0 — effective as of 1 August 2026

This Acceptable Use Policy ("AUP") forms part of the Agreement between Samsa Labs AG ("Samsa") and the customer and applies to all use of Samsa’s services, including content generated, edited, or downloaded through them.

1. Background

Samsa marks AI-generated and AI-manipulated content in machine-readable form as required by Article 50(2) of Regulation (EU) 2024/1689 (the "EU AI Act"), and additionally offers visible AI labels supporting perceptible disclosure. The marks protected under this AUP ("Provenance Marks") include, without limitation:

a. C2PA Content Credentials — digitally signed, timestamped provenance metadata embedded in the content;

b. imperceptible watermarks embedded within the content; and

c. visible AI labels (including labels based on the EU icons published with the Code of Practice on Transparency of AI-Generated Content) where such labels have been applied.

2. Prohibition on removal, alteration and circumvention

You shall not, and shall not permit or assist any third party to:

a. intentionally remove, delete, strip, alter, obscure, or tamper with any Provenance Mark applied by Samsa or carried by content processed through the services;

b. circumvent, defeat, or impair the operation of any Provenance Mark or of Samsa’s marking or detection mechanisms;

c. develop, use, distribute, market, promote, or advertise any tool or service whose purpose is to circumvent machine-readable Provenance Marks (whether Samsa’s or a third party’s); or

d. use the services to produce content or software intended to achieve any of the above.

3. Exceptions — legitimate processing (downstream metadata maintenance; security audits and research)

Section 2 does not prohibit good-faith, legitimate processing:

a. where the modification, transformation, or replacement of metadata is necessary to maintain accurate and functional information following downstream processing (for example, a format conversion that rewrites technical metadata); or

b. of Provenance Marks for security audits and research purposes, provided that (i) the activity is conducted in a controlled, non-public setting, (ii) it does not result in the dissemination of unmarked or mis-marked AI-generated content, and (iii) findings affecting Samsa’s marking or detection mechanisms are reported to Samsa without undue delay.

4. Your own disclosure obligations (informational)

If you deploy AI-generated or AI-manipulated content — in particular deep fakes or text published to inform the public on matters of public interest — you may have your own disclosure obligations as a deployer under Article 50(4) of the EU AI Act, independent of Samsa’s provider obligations. Samsa provides optional tooling (including visible labels based on the official EU icons) to support such disclosure, but responsibility for deployer compliance remains with you. This Section 4 is informational and does not impose obligations beyond applicable law.

5. SVG outputs — Phase-1 marking scope-out (acceptance clause)

SVG (vector) outputs of the vectorize feature are not yet covered by Samsa’s machine-readable marking pipeline: Samsa’s C2PA signing and watermarking stack operates on raster pixel data, and current imperceptible-watermark techniques do not embed in SVG vector data. This is a technical-feasibility limitation of the kind Article 50(2) of the EU AI Act expressly accommodates (marking is required "as far as this is technically feasible, taking into account the specificities and limitations of various types of content …"). By requesting an SVG download and confirming the acceptance flag, you acknowledge that:

a. the SVG file is delivered without machine-readable AI-provenance marking;

b. you will not use unmarked SVG outputs as deep fakes or in contexts where Article 50(4) deployer disclosure obligations apply, unless you yourself provide the required disclosure; and

c. Samsa records your acceptance (document type, version, timestamp) for audit purposes.

6. Enforcement

Samsa may suspend or terminate access to the services, and/or refuse delivery of specific assets, in case of a violation of Sections 2 or 5, in accordance with the suspension and termination provisions of the Agreement. Samsa may also report violations where required by law and cooperate with competent market surveillance authorities pursuant to Article 74 of the EU AI Act.

7. Changes

Samsa may update this AUP to reflect changes in law (including the EU AI Act and the Code of Practice on Transparency of AI-Generated Content) or in Samsa’s marking technology. Material changes will be notified in accordance with the Agreement; continued use after the effective date constitutes acceptance. Acceptance of each version is recorded.