Acceptable Use Policy

1. Introduction and Purpose

This Acceptable Use Policy ("AUP" or "Policy") governs the conduct of all individuals who access or use the Druid Learning Hub platform ("Platform"), including its websites, applications, interactive tools, communication features, and all associated services. This Policy supplements and forms an integral part of our Terms of Service.

The purpose of this Policy is to ensure that Druid Learning Hub remains a safe, inclusive, and productive learning environment for all Users — including students of all ages, instructors, parents, corporate professionals, and administrators. Education thrives in an atmosphere of mutual respect, academic honesty, and responsible use of shared resources. This Policy sets forth the standards of conduct expected of every User and describes the activities and content that are prohibited on the Platform.

By accessing or using the Platform, you acknowledge that you have read, understood, and agree to comply with this Policy. Violations of this Policy may result in consequences ranging from a formal warning to permanent account termination and, where warranted, referral to law enforcement authorities. If you do not agree to abide by this Policy, you must not access or use the Platform.

Druid Learning Hub reserves the right to update this Policy at any time. Material changes will be communicated in accordance with §14 of this document. Your continued use of the Platform after any such update constitutes your acceptance of the revised Policy.

2. Scope

2.1 Who This Policy Applies To

This Policy applies to every individual who accesses or uses the Platform in any capacity, including but not limited to:

• Students — learners enrolled in courses, completing lessons, submitting work, or using Dojo creative tools, in both the SCHOOL learning context (managed by teachers and educational institutions) and the HOME learning context (managed by parents);
• Instructors — teachers, trainers, and content creators who author courses, design lessons, grade submissions, and interact with students;
• Parents — users who manage child accounts in the HOME learning context, assign courses, set schedules, review submissions, and monitor their children's progress;
• Corporate Users — employees and professionals who access learning paths, skill assessments, and certification programs through organizational accounts;
• Administrators — platform administrators who manage users, moderate content, configure settings, and oversee the operation of the Platform;
• Visitors — unauthenticated individuals who browse publicly accessible pages, including the course catalog, public showcase, and informational pages.

2.2 What This Policy Covers

This Policy governs all activities conducted on or through the Platform, including:

• All user-generated content, including but not limited to code submissions, design projects, notebook files, showcase projects, comments, feedback, and profile information;
• All interactions within the Platform's Dojo creative tools: Code Studio (Python and JavaScript execution), Data Studio (Pyodide and sql.js notebooks), Web Studio (HTML/CSS/JS with live preview), Design Studio (Fabric.js canvas graphics), Visual Logic Designer (flowcharts and system diagrams), and the Design Editor;
• All use of browser-based code execution environments, including Python execution via Pyodide, SQL execution via sql.js, and HTML/CSS/JS rendering in sandboxed iframes;
• All use of AI-powered feedback and assistance features;
• All communications between Users, including instructor-student interactions, parent-instructor communications, and any messaging or feedback mechanisms;
• All account-related activities, including registration, authentication, profile management, and account administration;
• Any use of the Platform's APIs, export features, or integration endpoints, whether documented or undocumented.

2.3 Relationship to Other Policies

This Policy operates in conjunction with our Terms of Service, Privacy Policy, and Cookie Policy. In the event of a conflict between this Policy and the Terms of Service, the Terms of Service shall prevail. Where this Policy imposes stricter requirements than the Terms of Service, this Policy shall apply to the extent of the stricter requirement.

3. General Conduct Standards

3.1 Respect and Civility

All Users are expected to interact with one another in a respectful, courteous, and professional manner. The Platform serves a diverse, global community of learners and educators spanning different ages, cultures, nationalities, languages, religions, and backgrounds. You agree to:

• Treat all Users with dignity and respect, regardless of their role, age, gender, ethnicity, nationality, religion, disability, sexual orientation, or any other characteristic;
• Engage in constructive dialogue and provide feedback that is helpful, specific, and encouraging;
• Refrain from language or conduct that is demeaning, condescending, hostile, or intimidating;
• Respect cultural and linguistic differences when communicating with Users from different backgrounds;
• Acknowledge that learners progress at different paces and avoid shaming or ridiculing others for their skill level.

3.2 Honesty and Truthfulness

Users must be honest and transparent in all their interactions on the Platform. You agree to:

• Provide accurate and truthful information when registering an account, creating a profile, or communicating with other Users;
• Not misrepresent your identity, qualifications, credentials, or affiliations;
• Not fabricate, falsify, or materially alter data, results, grades, or progress metrics;
• Accurately represent the authorship of submitted work, providing proper attribution where collaboration or external sources have been used;
• Not create false or misleading course reviews, ratings, or feedback.

3.3 Academic Integrity and Ethical Learning

Druid Learning Hub is fundamentally an educational platform, and the integrity of the learning experience depends on every User's commitment to honest academic conduct. Users are expected to:

• Complete assignments, exercises, and assessments through their own effort and understanding;
• Use permitted resources and tools in the manner intended by the course or lesson design;
• Not engage in any form of plagiarism, cheating, or academic fraud (detailed further in §7);
• Report suspected academic dishonesty to the appropriate instructor or administrator;
• Understand that the purpose of exercises is learning — bypassing challenges without engaging with the material undermines the educational experience.

3.4 Lawful Use

You must use the Platform only for lawful purposes. You agree not to use the Platform in any manner that violates any applicable local, state, national, or international law or regulation, including but not limited to the Cybercrimes (Prohibition, Prevention, etc.) Act 2015 of Nigeria, the Computer Fraud and Abuse Act (18 U.S.C. § 1030) of the United States, the Computer Misuse Act 1990 of the United Kingdom, and Directive 2013/40/EU on attacks against information systems.

3.5 Responsible Resource Usage

The Platform is designed to run efficiently on low-resource machines. Users are expected to use the Platform's computational resources (browser-based execution, storage, bandwidth) responsibly and not engage in activities that degrade the experience for other Users or place undue strain on shared infrastructure.

4. Prohibited Content

Users must not create, upload, transmit, share, or otherwise make available any content that falls within the following categories. This applies to all areas of the Platform, including code submissions, design projects, notebooks, showcase projects, profile information, comments, feedback, and any other user-generated content.

4.1 Illegal Content

Content that is illegal under the laws of the Federal Republic of Nigeria, the jurisdiction in which the User resides, or any other applicable jurisdiction is strictly prohibited. This includes, without limitation, content that promotes, facilitates, or constitutes:

• Drug trafficking or the manufacture of controlled substances;
• Weapons trafficking, including firearms, explosives, and weapons of mass destruction;
• Human trafficking, slavery, or forced labour;
• Fraud, money laundering, or financial crimes;
• Terrorism or the promotion of terrorist activities, as defined under the Terrorism (Prevention and Prohibition) Act 2022 of Nigeria, the U.S. material support statutes (18 U.S.C. §§ 2339A-2339B), and EU Directive 2017/541.

4.2 Malware and Malicious Code

Content that contains, distributes, or is designed to facilitate the creation of malicious software is strictly prohibited. This includes:

• Viruses, worms, trojans, ransomware, spyware, adware, rootkits, keyloggers, or any other form of malware;
• Scripts or code designed to exploit vulnerabilities in software, operating systems, browsers, or network infrastructure;
• Phishing pages, credential-harvesting tools, or social engineering kits;
• Exploit code, shellcode, or payloads — even if presented as "educational" — unless part of an explicitly authorized and sandboxed cybersecurity curriculum approved by Platform administrators;
• Code designed to circumvent security controls, authentication mechanisms, or access restrictions on the Platform or any third-party system.

4.3 Hate Speech and Discriminatory Content

Content that promotes hatred, discrimination, or violence against individuals or groups based on protected characteristics is strictly prohibited. This includes:

• Content that incites violence, hostility, or hatred towards any person or group based on race, ethnicity, nationality, religion, gender, gender identity, sexual orientation, disability, age, or any other protected characteristic;
• Slurs, derogatory terms, dehumanizing language, or symbols associated with hate groups;
• Content that denies, trivializes, or glorifies genocide, war crimes, or crimes against humanity;
• Propaganda for extremist ideologies or supremacist movements;
• Content that stereotypes, demeans, or marginalizes any group of people.

4.4 Harassment and Threatening Content

Content that harasses, bullies, threatens, or intimidates any individual is strictly prohibited. This includes:

• Direct or indirect threats of physical violence, harm, or property damage;
• Cyberbullying, including persistent unwanted contact, public humiliation, or targeted ridicule;
• Doxxing — publishing or threatening to publish another person's private information (name, address, phone number, email, workplace, or other identifying details) without their consent;
• Stalking, surveillance, or monitoring of another User's activities without authorization;
• Encouraging or inciting others to harass, threaten, or harm a specific individual.

4.5 Child Sexual Abuse Material (CSAM)

Any content that depicts, promotes, or facilitates the sexual exploitation or abuse of children is absolutely prohibited and will result in immediate, permanent account termination and mandatory reporting to law enforcement. In compliance with U.S. federal law (18 U.S.C. §§ 2251-2260A), the Nigerian Cybercrimes Act 2015 (§23), the UK Sexual Offences Act 2003, and EU Directive 2011/93/EU on combating the sexual abuse of children:

• Any visual depiction, description, or representation of a minor engaged in sexually explicit conduct is prohibited;
• Any content that solicits, entices, or grooms minors for sexual purposes is prohibited;
• Druid Learning Hub will report all suspected CSAM to the National Center for Missing & Exploited Children (NCMEC), the Nigerian Computer Emergency Response Team (ngCERT), and/or the relevant national law enforcement agency;
• We cooperate fully with law enforcement investigations involving CSAM.

4.6 Copyrighted Material

Content that infringes the intellectual property rights of others is prohibited. Users must not upload, share, or distribute:

• Copyrighted text, code, images, videos, music, or other creative works without authorization from the rights holder or a valid fair use/fair dealing justification;
• Pirated software, cracked applications, serial numbers, license keys, or tools designed to circumvent digital rights management (DRM);
• Course materials, textbooks, or educational content copied from other platforms without authorization;
• Trademarks, logos, or brand assets used in a manner that implies false endorsement or affiliation.

For details on our copyright enforcement procedures, including our DMCA-compliant takedown process, see §8 of this Policy.

4.7 Personal Data of Others

Users must not upload, share, or expose the personal data of other individuals without their explicit, informed consent. This includes:

• Full names, addresses, phone numbers, email addresses, or other contact information;
• Government-issued identification numbers (national ID, passport, social security, BVN, NIN);
• Financial information, including bank account numbers, credit card details, or salary information;
• Health or medical information;
• Biometric data (fingerprints, facial scans, voice recordings);
• Location data or tracking information;
• Login credentials or authentication tokens belonging to other individuals.

Violations of this section may constitute offences under the Nigeria Data Protection Act 2023, the GDPR (Regulation (EU) 2016/679), and other applicable data protection legislation.

4.8 Deceptive Content

Content that is deliberately misleading, fraudulent, or designed to deceive other Users is prohibited. This includes:

• Impersonation of other Users, instructors, administrators, or any real person;
• Fake testimonials, fabricated credentials, or forged certifications;
• Misleading course descriptions, exaggerated claims about learning outcomes, or false representations of content;
• Disinformation or deliberate spreading of false information;
• Social engineering attempts to manipulate Users into revealing personal information or credentials.

4.9 Spam and Unsolicited Communications

Spam, unsolicited commercial communications, and disruptive promotional activity are prohibited. This includes:

• Posting repetitive, irrelevant, or unsolicited content across courses, comments, or other areas of the Platform;
• Using the Platform to distribute bulk messages, chain letters, or pyramid schemes;
• Advertising products, services, or external websites without prior written authorization from Platform administrators;
• Creating accounts or submitting content primarily for the purpose of link building, SEO manipulation, or driving traffic to external sites;
• Using automated tools (bots, scripts, crawlers) to generate content or interact with the Platform.

These restrictions align with the requirements of the CAN-SPAM Act (15 U.S.C. § 7701 et seq.), the EU ePrivacy Directive (2002/58/EC), and the Nigerian Cybercrimes Act 2015.

4.10 Sexually Explicit and Obscene Content

The Platform is an educational environment used by learners of all ages, including minors. Sexually explicit, pornographic, or obscene content is strictly prohibited in all forms, including text, code comments, images, designs, project names, profile information, and any other user-generated content.

4.11 Violent and Graphic Content

Content depicting gratuitous violence, gore, animal cruelty, or graphic real-world injuries is prohibited, except where such content is part of a legitimate educational context (e.g., medical or historical education) and has been explicitly approved by Platform administrators.

5. Prohibited Activities — Code Execution Environment

The Platform provides several browser-based code execution environments through the Dojo creative tools. These tools — Code Studio, Data Studio, Web Studio, Design Studio, Visual Logic Designer, and the Design Editor — are provided exclusively for legitimate educational purposes. The following activities are strictly prohibited when using any code execution environment on the Platform.

5.1 Cryptocurrency Mining

Using any Platform code execution environment for cryptocurrency mining, blockchain computation, proof-of-work calculations, or any form of distributed computation that consumes device resources for financial gain is strictly prohibited. This applies to all mining algorithms and cryptocurrencies, including but not limited to Bitcoin, Ethereum, Monero, and any token or coin. This prohibition extends to:

• Running mining scripts directly in Code Studio, Data Studio, or Web Studio;
• Embedding mining code within HTML/CSS/JS projects in Web Studio or the Design Editor;
• Loading external mining libraries or connecting to mining pools through any Dojo tool;
• Using WebAssembly, WebGL, or Web Workers for mining-related computations.

5.2 Resource Exhaustion and Denial of Service

Users must not write or execute code that intentionally or recklessly consumes excessive computational resources, including:

• Infinite loops — code that enters an unbounded loop without termination conditions, consuming CPU cycles and potentially freezing the User's browser or device;
• Memory exhaustion — code that allocates unbounded amounts of memory (e.g., continuously appending to lists, creating massive arrays, recursive data structures without bounds);
• Fork bombs and process spawning — code patterns designed to recursively create processes or threads to overwhelm system resources;
• Excessive storage consumption — writing abnormally large volumes of data to browser storage mechanisms (localStorage, IndexedDB, sessionStorage) or to the Platform's storage infrastructure;
• Excessive network requests — code that generates a high volume of HTTP requests, WebSocket connections, or other network traffic from the User's browser;
• Deliberate browser crashes — code specifically crafted to trigger browser crashes, tab hangs, or system instability through known browser vulnerabilities or resource pressure.

While the Platform implements safeguards (execution timeouts, memory limits) to mitigate the impact of such activities, deliberately attempting to trigger these safeguards or circumvent them constitutes a violation of this Policy.

5.3 Network Scanning and Reconnaissance

Users must not use any Dojo tool to perform network scanning, port scanning, vulnerability scanning, or any form of reconnaissance against the Platform's infrastructure, other Users' devices, or any third-party system. Specifically, you must not:

• Attempt to discover, probe, or map the Platform's server infrastructure, network topology, or internal services;
• Use JavaScript fetch(), XMLHttpRequest, WebSockets, or any other mechanism to probe internal IP ranges, localhost services, or cloud metadata endpoints;
• Craft requests designed to perform Server-Side Request Forgery (SSRF) or similar attacks;
• Scan for open ports, running services, or version information on any system;
• Attempt DNS enumeration, subdomain discovery, or directory brute-forcing against the Platform or any third-party system.

These activities may constitute offences under the Nigerian Cybercrimes Act 2015 (§§6-8), the U.S. Computer Fraud and Abuse Act (18 U.S.C. § 1030), and the UK Computer Misuse Act 1990 (§1).

5.4 Sandbox Escape Attempts

All code execution on the Platform occurs within sandboxed environments (Pyodide for Python, sql.js for SQL, sandboxed iframes for HTML/CSS/JS, Fabric.js canvas for graphics). Users must not attempt to:

• Escape, bypass, or circumvent the browser sandbox in any manner;
• Access the host operating system, file system, or hardware resources beyond what the sandbox explicitly permits;
• Execute system commands, spawn child processes, or interact with the operating system shell;
• Access browser APIs that are restricted within the sandbox context (e.g., navigator.geolocation, camera, microphone, Bluetooth, USB) without user consent and a legitimate educational purpose;
• Manipulate the iframe sandbox attributes, Content Security Policy (CSP) headers, or other security boundaries;
• Use eval(), Function(), importScripts(), or dynamic code loading to bypass security controls;
• Exploit postMessage or other inter-frame communication mechanisms to access data or functionality outside the intended scope.

5.5 Exploiting Pyodide, sql.js, or Other Embedded Library Vulnerabilities

Users must not attempt to discover, exploit, or weaponize vulnerabilities in any of the third-party libraries embedded in the Platform, including but not limited to:

• Pyodide — the WebAssembly-compiled Python runtime. Users must not attempt to access the underlying Emscripten filesystem, exploit memory corruption vulnerabilities, or leverage Pyodide to execute arbitrary WebAssembly modules;
• sql.js — the WebAssembly-compiled SQLite engine. Users must not attempt SQL injection against the Platform (as opposed to within their own sandboxed database), exploit memory corruption, or access data beyond their own sandboxed database instance;
• Fabric.js — the canvas rendering library. Users must not exploit prototype pollution, XSS through SVG parsing, or other known vulnerability classes;
• Ace Editor / CodeMirror — the code editing components. Users must not exploit editor vulnerabilities to execute code outside the intended execution context;
• JSZip — the ZIP archive library. Users must not craft malicious ZIP files (zip bombs, path traversal archives) designed to cause harm when processed.

If you discover a security vulnerability in any Platform component, you are encouraged to report it responsibly through the process described in §12, rather than attempting to exploit it. Druid Learning Hub appreciates responsible disclosure and will acknowledge valid security reports.

5.6 Data Exfiltration and Cross-User Access

Users must not use code execution environments to access, read, modify, or exfiltrate data belonging to other Users. Specifically:

• Do not attempt to access other Users' code submissions, projects, notebooks, or personal data through any mechanism;
• Do not craft code that attempts to read browser storage (cookies, localStorage, IndexedDB) belonging to other origins or the Platform itself;
• Do not attempt to intercept, sniff, or man-in-the-middle network traffic between other Users and the Platform;
• Do not use the Platform to collect, harvest, or aggregate personal information about other Users.

5.7 External Service Abuse

Users must not use the Platform's code execution environments as a launchpad for attacks against, or abuse of, external services. This includes:

• Distributed Denial of Service (DDoS) or volumetric attacks against any external server or service;
• Credential stuffing, brute-force login attempts, or password spraying against external services;
• Sending spam emails, SMS messages, or other unsolicited communications through external APIs;
• Scraping, crawling, or automated data collection from external websites in violation of their terms of service;
• Using the Platform as a proxy, relay, or anonymization layer for any malicious activity.

6. Prohibited Activities — AI Features

Druid Learning Hub provides AI-powered feedback and assistance features designed to support and enhance the learning experience. These features use artificial intelligence to provide hints, explain errors, suggest improvements, and offer guidance on submitted code and design work. The following activities related to AI features are strictly prohibited.

6.1 Prompt Injection and Manipulation

Users must not attempt to manipulate, override, or subvert the AI system's intended behaviour through prompt injection or similar techniques. This includes:

• Crafting inputs specifically designed to cause the AI to ignore its system instructions, safety guidelines, or role constraints;
• Injecting hidden instructions within code comments, variable names, or other content fields that are processed by AI features;
• Attempting to make the AI assume a different persona, role, or set of instructions than those configured by the Platform;
• Using the AI to generate content that the AI has been instructed not to produce (jailbreaking);
• Systematically probing the AI system to map its constraints, filters, or safety boundaries for the purpose of circumventing them.

6.2 Training Data Extraction

Users must not attempt to extract, reconstruct, or reverse-engineer the AI system's training data, model weights, system prompts, or internal configuration. This includes:

• Crafting queries designed to cause the AI to reveal its system prompt, instruction set, or configuration details;
• Attempting to extract memorized training data through targeted prompting;
• Using the AI's responses to reconstruct proprietary datasets, copyrighted material, or personal data that may have been part of training data;
• Systematically querying the AI to build a competing model or service.

6.3 Generating Harmful Content Through AI

Users must not use AI features to generate content that would be prohibited under §4 of this Policy. Specifically, you must not attempt to use AI features to generate:

• Malware, exploit code, or attack tools;
• Hate speech, discriminatory content, or content that targets any individual or group;
• Sexually explicit, violent, or graphic content;
• Disinformation, propaganda, or deliberately misleading content;
• Personal information about real individuals;
• Instructions for illegal activities, including weapons manufacture, drug synthesis, or hacking techniques that could be used against real systems.

6.4 Misrepresenting AI-Generated Work

Users must not submit AI-generated output as their own original work without appropriate disclosure. The Platform's AI features are designed as learning aids — tools to help you understand concepts, debug errors, and improve your skills. They are not intended to do your work for you. Specifically:

• If you use AI feedback to substantially revise or rewrite a submission, you should acknowledge the AI assistance when submitting;
• Copying AI-generated code or text verbatim and submitting it as your own original work constitutes a form of academic dishonesty (see §7);
• Using external AI tools (not provided by the Platform) to complete assignments is governed by the specific course's collaboration policy — when in doubt, ask your instructor;
• Instructors and administrators may use automated tools to detect AI-generated content, and submissions flagged as AI-generated may be subject to further review.

6.5 Excessive or Abusive AI Usage

Users must not abuse AI features through excessive, automated, or bad-faith usage, including:

• Using automated scripts or tools to submit a high volume of requests to AI features;
• Repeatedly submitting the same or trivially modified inputs to drain AI resources;
• Using AI features for purposes entirely unrelated to the educational content of the Platform;
• Attempting to use AI features as a general-purpose AI assistant for tasks unrelated to your coursework or learning activities.

7. Academic Integrity

Academic integrity is the foundation of meaningful education. Druid Learning Hub is committed to maintaining an environment where learning outcomes reflect genuine understanding and effort. All Users — whether students, instructors, parents, or corporate learners — are expected to uphold the highest standards of academic honesty.

7.1 Plagiarism

Plagiarism — presenting another person's work, ideas, code, designs, or creative output as your own — is strictly prohibited. This includes:

• Code plagiarism — copying code from other students, external websites (Stack Overflow, GitHub, tutorials), or AI tools and submitting it as your own work without attribution;
• Design plagiarism — replicating another User's design projects, CSS layouts, or visual compositions and claiming them as original work;
• Text plagiarism — copying written explanations, documentation, or comments from external sources without quotation and citation;
• Self-plagiarism — resubmitting previously graded work for a different assignment without instructor permission;
• Paraphrasing without attribution — rewording someone else's code logic, algorithm design, or explanation closely enough that it is substantially derived from the source, without giving credit.

7.2 Collaboration Rules

Collaboration can be a valuable part of the learning process. However, collaboration policies vary by course, lesson, and assignment. Users must adhere to the following guidelines:

• Check the specific collaboration policy for each assignment — some assignments are individual work only, while others permit or encourage collaboration;
• When collaboration is permitted, all collaborators must be identified in the submission;
• Even in collaborative assignments, each User must write their own code and create their own designs — sharing the final deliverable is not the same as collaborating on learning;
• Sharing your solutions, completed code, or answer keys with other Users who have not yet completed the assignment is a violation, unless explicitly permitted by the instructor;
• Posting assignment solutions on external websites, social media, or forums is prohibited.

7.3 Proper Attribution

When incorporating external code, ideas, or resources into your work, you must provide proper attribution. Acceptable attribution includes:

• In-code comments identifying the source (e.g., # Adapted from: https://example.com/tutorial);
• A references section in your project documentation;
• Acknowledgment in the submission notes or comments;
• Compliance with the license terms of any open-source code you incorporate (e.g., MIT, GPL, Apache 2.0).

7.4 Auto-Detection Measures

Druid Learning Hub employs a range of automated and manual measures to detect academic integrity violations, including:

• Code similarity detection — automated tools that compare submissions against other students' work, historical submissions, and known external sources;
• Behavioral analysis — monitoring for suspicious patterns such as sudden spikes in completion speed, submission of code that significantly exceeds the student's demonstrated skill level, or identical error patterns across multiple accounts;
• AI content detection — tools that assess the likelihood that submitted work was generated by an AI system;
• Instructor review — manual review of flagged submissions by course instructors;
• Timestamp and edit history analysis — review of editing patterns, time spent on assignments, and the progression of work.

Users suspected of academic integrity violations will be notified and given an opportunity to explain before any consequences are imposed (see §13).

7.5 Consequences of Academic Dishonesty

Consequences for academic integrity violations are determined by the severity and frequency of the offence and may include:

• A zero grade on the specific assignment;
• Revocation of earned XP, badges, or achievements related to the dishonest submission;
• A formal warning placed on the User's account;
• Temporary suspension from the affected course;
• Permanent removal from the course with no refund;
• Account suspension or termination for repeat or severe offences;
• Notification to the User's school, parent, or corporate organization, as applicable.

8. Intellectual Property

8.1 Respect for Copyright

Users must respect the intellectual property rights of others at all times. All content uploaded to the Platform must be either original work, properly licensed, or used within the boundaries of applicable fair use or fair dealing exceptions. The Platform's copyright protections operate under the Nigerian Copyright Act 2022, the U.S. Digital Millennium Copyright Act (DMCA, 17 U.S.C. § 512), the UK Copyright, Designs and Patents Act 1988, and the EU Copyright Directive (2019/790).

8.2 DMCA-Style Takedown Process

Druid Learning Hub operates a notice-and-takedown procedure for reports of copyright infringement:

8.2.1 Filing a Takedown Notice

If you believe that your copyrighted work has been infringed on the Platform, you may submit a takedown notice to our designated agent. A valid takedown notice must include:

• Identification of the copyrighted work claimed to be infringed;
• Identification of the infringing material on the Platform, with sufficient detail to allow us to locate it (e.g., URL, course name, submission ID);
• Your contact information (name, mailing address, telephone number, email address);
• A statement that you have a good-faith belief that the use of the material is not authorized by the copyright owner, its agent, or the law;
• A statement, under penalty of perjury, that the information in the notice is accurate and that you are the copyright owner or authorized to act on behalf of the owner;
• Your physical or electronic signature.

8.2.2 Processing Takedown Notices

Upon receipt of a valid takedown notice, Druid Learning Hub will:

• Promptly remove or disable access to the allegedly infringing material;
• Notify the User who posted the material of the takedown and provide a copy of the notice;
• Provide the User an opportunity to file a counter-notification if they believe the takedown was issued in error.

8.2.3 Counter-Notification

If you believe your content was removed in error, you may file a counter-notification containing:

• Identification of the material that was removed and the location at which it appeared before removal;
• A statement under penalty of perjury that you have a good-faith belief that the material was removed as a result of mistake or misidentification;
• Your name, address, and telephone number, and a statement consenting to the jurisdiction of the appropriate court;
• Your physical or electronic signature.

8.2.4 Repeat Infringers

Druid Learning Hub maintains a repeat infringer policy. Users who are the subject of three (3) or more valid takedown notices may have their accounts permanently terminated without further notice.

8.3 User Content Licensing

By uploading content to the Platform, you grant Druid Learning Hub the licenses described in the Terms of Service §7-8. You retain ownership of your original content. You represent and warrant that you have the right to grant these licenses and that your content does not infringe any third party's intellectual property rights.

8.4 Open-Source Compliance

If you incorporate open-source code into your submissions or projects, you must comply with the terms of the applicable open-source license. In particular:

• Code licensed under copyleft licenses (GPL, AGPL) may impose requirements on derivative works — understand these obligations before incorporating such code;
• Retain all copyright notices, license texts, and attribution requirements from open-source components;
• Do not strip license headers or remove attribution from code you did not write.

8.5 Designated Copyright Agent

All copyright-related notices should be sent to:

9. Account Security

9.1 Credential Protection

You are responsible for safeguarding your account credentials. You must:

• Choose a strong, unique password that is not used for any other online service;
• Never share your username, password, or any authentication token with another person, including friends, family members, classmates, or colleagues;
• Never store your password in an unencrypted file, code comment, or publicly accessible location;
• Change your password immediately if you suspect it has been compromised;
• Log out of the Platform when using shared or public devices.

9.2 No Account Sharing

Each account is for the exclusive use of the individual who registered it. Account sharing is prohibited because:

• It undermines the integrity of progress tracking, XP awards, streaks, and certifications;
• It may expose the account holder's personal data to unauthorized individuals;
• It makes it impossible to accurately attribute submissions and assess individual learning;
• For Parent-managed child accounts, only the designated parent and the child may access the account.

9.3 No Impersonation

Users must not impersonate other Users, instructors, administrators, or any other individual. Impersonation includes:

• Creating an account using another person's name, email address, or identifying information;
• Logging into another person's account (even with their permission, unless you are a parent accessing your child's account);
• Representing yourself as an instructor, administrator, or staff member of Druid Learning Hub when you are not;
• Using another person's profile photo, avatar, or biographical details.

9.4 No Multiple Accounts

Each individual may have only one active account on the Platform. Creating multiple accounts is prohibited, as it can be used to:

• Circumvent account suspensions or bans;
• Artificially inflate XP, streak counts, or other gamification metrics;
• Submit the same work multiple times under different identities;
• Exploit free-tier limitations or promotional offers.

The sole exception is that a Parent account holder may also have a separate Student or Corporate account if they are themselves a learner, provided that the accounts serve genuinely different purposes and are not used to circumvent any restriction.

9.5 Reporting Compromised Accounts

If you believe your account has been accessed without your authorization, you must immediately:

• Change your password;
• Review your recent activity for any unauthorized actions;
• Contact our support team at security@druidlearninghub.com with details of the suspected compromise;
• If you are a Parent and believe your child's account has been compromised, take the above steps and additionally review your child's recent submissions and communications.

Druid Learning Hub will investigate reported compromises promptly and may temporarily restrict account access while the investigation is ongoing.

10. Communication Standards

10.1 No Harassment or Bullying

All communications on the Platform — including feedback on submissions, comments on showcase projects, instructor-student messages, and parent-instructor exchanges — must be free of harassment, bullying, and intimidation. Prohibited conduct includes:

• Sending threatening, abusive, or demeaning messages to any User;
• Persistent unwanted contact after being asked to stop;
• Public humiliation, shaming, or ridiculing of another User's work, skill level, or identity;
• Coordinated campaigns of harassment against a specific User;
• Creating content (code, designs, projects) that targets, mocks, or demeans a specific individual;
• Using grading, feedback, or administrative powers to bully or retaliate against a User.

10.2 Professional Conduct

All Users, particularly those in positions of authority or trust (Instructors, Administrators, Parents), are expected to maintain professional standards in their communications:

• Instructors must provide feedback that is constructive, specific, and focused on the work rather than the person;
• Administrators must exercise their authority fairly, impartially, and in accordance with established policies;
• All Users should use appropriate, professional language in all Platform communications;
• Disagreements should be handled respectfully — critique the idea or approach, not the person.

10.3 Instructor-Student Boundaries

Instructors hold a position of trust and authority relative to their students. To maintain a safe and professional learning environment:

• All instructor-student communications must occur through the Platform's official channels, not through personal email, social media, or messaging applications;
• Instructors must not request personal contact information (phone numbers, personal email, social media handles) from students, particularly minor students;
• Instructor feedback must remain professional and focused on educational content;
• Instructors must not form personal, romantic, or inappropriate relationships with students;
• Any communication between an instructor and a minor student should be transparent and accessible to the student's parent or school administrator;
• Instructors must not accept gifts, favours, or compensation from students in exchange for grades, special treatment, or academic favours.

10.4 Parent-Instructor Communication

Parents in the HOME learning context may communicate with instructors regarding their children's progress, assignments, and feedback. These communications should:

• Remain respectful and focused on the child's educational needs;
• Not include threats, demands, or coercive language;
• Respect the instructor's professional judgment while allowing constructive dialogue about grading and feedback;
• Be conducted through the Platform's official communication channels.

11. Children and Minor Users

Druid Learning Hub recognizes its duty of care towards children and minor users. The Platform serves learners of all ages, including children under 13 who access the Platform through Parent-managed accounts. The following additional protections and restrictions apply.

11.1 Enhanced Protections for Child Users

In compliance with the U.S. Children's Online Privacy Protection Act (COPPA, 15 U.S.C. §§ 6501-6506), the UK Age Appropriate Design Code, GDPR Article 8, the Nigerian Child's Rights Act 2003, and the NDPA 2023:

• Child accounts (users under 13) are created and managed exclusively through Parent accounts;
• We collect only the minimum data necessary for educational purposes from child accounts;
• Child users have restricted access to social and public-facing features — Showcase publishing requires parental or instructor approval;
• AI features for child accounts may have additional safety filters and content restrictions;
• Child accounts do not have direct messaging capabilities with other Users unless the feature is explicitly enabled by a parent;
• We do not serve behavioural advertising or targeted marketing to child accounts;
• Children's Personal Data is never sold, rented, or shared with third parties for commercial purposes.

11.2 Contact with Minors

All Users must exercise heightened caution when interacting with or about minor users:

• Adults who are not the child's parent, guardian, or assigned instructor must not initiate direct communication with child users;
• Instructors who communicate with minor students in the SCHOOL or HOME context must ensure that communications are transparent, professional, and accessible to the child's parent or school administrator;
• No User may request personal information, photos, location data, or off-platform contact details from a minor;
• No User may arrange or attempt to arrange in-person meetings with a minor through the Platform;
• Any User who encounters suspicious or inappropriate contact directed at a minor must report it immediately (see §12).

11.3 Mandatory Reporting

Druid Learning Hub takes child safety extremely seriously. In accordance with applicable mandatory reporting laws and our duty of care:

• Any Platform user who becomes aware of child abuse, exploitation, or endangerment — whether through content on the Platform or through communications — is strongly encouraged to report it immediately;
• Instructors and administrators are required to report any suspected child abuse, exploitation, or inappropriate contact with minors to Platform administrators immediately;
• Druid Learning Hub will report suspected child exploitation to the appropriate authorities, including the National Center for Missing & Exploited Children (NCMEC), Nigeria Police Force, the National Agency for the Prohibition of Trafficking in Persons (NAPTIP), and/or the relevant child protection agency in the User's jurisdiction;
• We cooperate fully with law enforcement investigations involving the safety of minors;
• Content or communications that raise child safety concerns will be preserved as evidence and may be disclosed to law enforcement without prior notice to the User.

11.4 Parent Responsibilities

Parents who create and manage child accounts bear additional responsibilities:

• Monitor your child's activity on the Platform regularly using the parent dashboard and progress reports;
• Review your child's submissions, showcase projects, and any feedback they receive;
• Ensure your child understands the rules of conduct described in this Policy (in age-appropriate terms);
• Report any concerns about your child's interactions on the Platform to our support team promptly;
• Ensure that any content your child creates on the Platform is appropriate for an educational setting.

12. Reporting Violations

12.1 How to Report

If you witness or experience a violation of this Acceptable Use Policy, you should report it as soon as possible. Reports can be submitted through the following channels:

• Email: Send a detailed report to abuse@druidlearninghub.com;
• In-Platform reporting: Use the "Report" functionality available on submissions, projects, comments, and user profiles (where available);
• Instructor escalation: Students may report violations to their assigned instructor, who will escalate to Platform administrators;
• Parent reporting: Parents may report concerns through their parent dashboard or by emailing safety@druidlearninghub.com;
• Security vulnerabilities: Report suspected security vulnerabilities to security@druidlearninghub.com. Please do not disclose vulnerabilities publicly before they have been addressed.

12.2 What to Include in a Report

To help us investigate your report efficiently, please include as much of the following information as possible:

• Your account username or email address;
• The username or identifying information of the User(s) involved in the violation;
• A detailed description of the violation, including what happened, when it happened, and where on the Platform it occurred;
• Screenshots, URLs, or other evidence supporting the report;
• Any relevant context (e.g., the course, lesson, or Dojo tool involved);
• Whether the matter involves a child or minor user.

12.3 What Happens After a Report

Upon receiving a report of a Policy violation, Druid Learning Hub will:

• Acknowledge receipt — we aim to acknowledge all reports within 48 hours;
• Investigate — a member of our trust and safety team will review the reported content or behaviour, which may include reviewing user activity logs, submissions, communications, and account history;
• Preserve evidence — relevant content and logs will be preserved for the duration of the investigation;
• Take interim action if necessary — in cases involving imminent harm, child safety, or severe violations, we may take immediate action (content removal, account suspension) before the full investigation is complete;
• Reach a determination — we will determine whether a violation occurred and, if so, what consequences are appropriate;
• Notify the parties — we will notify the reporter (where appropriate) and the reported User of the outcome, subject to privacy considerations and legal constraints;
• Escalate to law enforcement — where the violation involves criminal conduct (CSAM, threats of violence, hacking, fraud), we will report to the appropriate law enforcement authorities.

12.4 No Retaliation

Druid Learning Hub strictly prohibits retaliation against any User who reports a violation in good faith. Retaliation includes:

• Harassment, bullying, or intimidation of the reporting User;
• Negative academic consequences (reduced grades, exclusion from courses) imposed in response to a report;
• Account restrictions or administrative actions taken against the reporting User as punishment for reporting;
• Doxxing or exposing the identity of the reporting User.

Users who engage in retaliation will face disciplinary consequences up to and including permanent account termination. If you believe you are experiencing retaliation for a report you made, contact abuse@druidlearninghub.com immediately.

12.5 False Reports

While we encourage good-faith reporting, submitting knowingly false, fabricated, or malicious reports is itself a violation of this Policy. Users who submit false reports with the intent to harm another User, waste investigative resources, or manipulate Platform processes may face the same consequences as those who commit the violations they falsely reported.

13. Enforcement and Consequences

Druid Learning Hub enforces this Policy through a graduated system of consequences, proportionate to the severity, frequency, and impact of the violation. We are committed to fair, consistent, and transparent enforcement.

13.1 Graduated Response Framework

The following actions may be taken in response to Policy violations, in escalating order of severity:

13.1.1 Formal Warning

For first-time minor violations (e.g., isolated instances of disrespectful communication, minor collaboration policy infractions, unintentional resource misuse), the User will receive a formal written warning. The warning will:

• Describe the specific violation and the Policy section that was breached;
• Explain what conduct is expected going forward;
• Be recorded on the User's account for future reference;
• Not result in any immediate restriction on the User's access to the Platform.

13.1.2 Content Removal

Content that violates this Policy may be removed, hidden, or disabled without prior notice. This includes code submissions, design projects, showcase projects, comments, and profile information. Where possible, we will notify the User that their content has been removed and explain the reason.

13.1.3 Feature Restriction

Users may have specific features restricted while retaining access to the broader Platform. Examples include:

• Temporary or permanent restriction from specific Dojo tools (e.g., suspension from Code Studio for code execution violations);
• Restriction from AI features for prompt injection or abuse;
• Restriction from Showcase or public-facing features for prohibited content;
• Restriction from communication features for harassment or bullying.

13.1.4 Temporary Suspension

For serious or repeated violations, a User's account may be temporarily suspended for a period of 7 to 90 days, depending on the severity. During suspension:

• The User cannot log in or access any Platform features;
• The User's content remains on the Platform but may be hidden from public view;
• Course progress, XP, and streak data are preserved but the streak may be broken;
• The User will be notified by email of the suspension duration, reason, and conditions for reinstatement.

13.1.5 Permanent Ban

For the most severe violations, or for Users who have received multiple prior warnings and suspensions, the account will be permanently terminated. Permanent bans are imposed for:

• Any involvement with CSAM (zero tolerance);
• Threats of physical violence;
• Distribution of malware or exploit code targeting the Platform or its Users;
• Repeated harassment after prior warnings;
• Systematic exploitation of Platform vulnerabilities;
• Identity fraud or impersonation of staff;
• Three or more DMCA takedown notices (repeat infringer policy);
• Any violation that poses a credible threat to the safety of other Users, particularly minors.

Permanently banned Users may not create new accounts. Druid Learning Hub reserves the right to take technical measures (e.g., IP blocking, email domain blocking) to enforce permanent bans.

13.2 Escalation to Law Enforcement

Druid Learning Hub will refer violations to appropriate law enforcement authorities when the violation constitutes, or is reasonably suspected to constitute, criminal conduct. This includes but is not limited to:

• Child sexual abuse material (reported to NCMEC, ngCERT, or the relevant national authority);
• Credible threats of physical violence (reported to local law enforcement);
• Unauthorized computer access or hacking (reported under the Cybercrimes Act 2015, CFAA, Computer Misuse Act, or equivalent legislation);
• Fraud, identity theft, or financial crimes;
• Distribution of malware with intent to cause harm;
• Terrorism-related content or communications.

In such cases, Druid Learning Hub will preserve all relevant evidence and cooperate fully with law enforcement investigations. We may disclose account information, activity logs, IP addresses, and content to law enforcement pursuant to valid legal process or where we have a good-faith belief that disclosure is necessary to prevent imminent harm.

13.3 Impact on Parent-Managed Accounts

When a child account under parental management is found to have violated this Policy:

• The parent will be notified of the violation and any consequences imposed;
• For serious violations, the parent may be required to acknowledge the violation and confirm that they have discussed appropriate conduct with their child before the account is reinstated;
• Parents are not held personally liable for their child's violations unless the parent facilitated or encouraged the prohibited conduct.

13.4 Appeals Process

Users who believe that enforcement action was taken in error or was disproportionate may appeal through the following process:

• Filing an appeal: Submit an appeal by email to appeals@druidlearninghub.com within 14 days of receiving notice of the enforcement action. The appeal must include the User's account information, a description of the enforcement action being appealed, and the reasons why the User believes the action was unjust;
• Review: Appeals will be reviewed by a member of the trust and safety team who was not involved in the original enforcement decision;
• Timeline: We aim to respond to appeals within 14 business days of receipt;
• Outcome: The appeal may result in the enforcement action being upheld, modified, or overturned. The decision on appeal is final;
• Continued access: During the appeals process, the original enforcement action remains in effect unless we determine that interim restoration is appropriate.

14. Modifications to This Policy

Druid Learning Hub reserves the right to modify this Acceptable Use Policy at any time to reflect changes in our services, applicable laws, industry best practices, or community standards. When we make changes:

• We will update the "Last Updated" date at the top of this document;
• For material changes (additions of new prohibited activities, changes to enforcement procedures, modifications to children's protections), we will provide at least 14 days' advance notice through the Platform (via banner notification, email, or in-app notification);
• For minor, non-substantive changes (typographical corrections, clarifications that do not alter the meaning of existing provisions), we may update the Policy without advance notice;
• The previous version of this Policy will be archived and available upon request.

Your continued use of the Platform after the effective date of any revised Policy constitutes your acceptance of the updated terms. If you disagree with any material changes, you must discontinue use of the Platform and may request deletion of your account in accordance with our Privacy Policy.

We encourage all Users to review this Policy periodically to stay informed of our expectations and any changes that may affect their use of the Platform.

14.1 Contact Information

If you have questions about this Acceptable Use Policy, need clarification on any provision, or wish to report a violation, please contact us: