Acceptable Use Policy

What is and isn't allowed on the Workium platform

Last updated: 4 June 2026

Back to Terms

1. Who this Policy applies to

This Acceptable Use Policy ("AUP") applies to every person and organisation that accesses the Workium platform, including individual applicants, agency partners, employees of Workium business customers, community managers, candidates added by agencies, and visitors to the public website. Breaching this AUP is a breach of our Terms.

2. Prohibited behaviours

You must not, and must not permit any third party to:

  • Use the Services for any unlawful, fraudulent, deceptive or misleading purpose, including immigration fraud or document forgery.
  • Submit false, fabricated, altered or stolen identity documents, qualifications, employment records or financial statements.
  • Impersonate another person or misrepresent your relationship with any individual, employer, agency or institution.
  • Use automated scripts, bots, scrapers or crawlers to access the Services, including the Luna chat endpoints, the public vacancies API or the dashboard APIs, except for our published public endpoints accessed within reasonable rate limits.
  • Attempt to bypass, disable, exhaust or otherwise interfere with rate limits, anti-abuse filters, security audits or any access control on the Services.
  • Attempt prompt injection, jailbreaking or other manipulation of the Luna AI assistant intended to make it ignore its instructions, reveal its system prompt, generate unsafe content, take unauthorised in-product actions, or disclose data belonging to other users.
  • Probe, scan or test the vulnerability of the Services, or attempt to gain unauthorised access to any portion of the Services, other accounts, computer systems or networks.
  • Reverse engineer, decompile or attempt to derive source code from any part of the Services, save where such a restriction is prohibited by law.
  • Share, sell, transfer or sublicense your account credentials. Each Workium account is personal to the individual or organisation it was issued to. Agency, community-manager and business workspace credentials are confidential.
  • Upload viruses, worms, ransomware or any other malicious code; or distribute content that infringes the intellectual-property, privacy, publicity or contractual rights of any person.
  • Use the Services to harass, threaten, defame or discriminate against any person, including Workium staff, caseworkers, agencies, candidates or fellow community members.
  • Use the Services to send unsolicited commercial communications (spam), pyramid schemes, or to circumvent any opt-out preference of another user.
  • Re-publish, scrape or otherwise extract market data, employer lists, vacancy listings or pricing for the purpose of building a competing product.

3. AI-specific rules

When interacting with our Luna AI assistant, you must not attempt to extract personal data about other users, persuade Luna to perform unauthorised actions, or use Luna to generate content that is unlawful in your jurisdiction. Our automated filters log attempted prompt-injection and similar misuse for up to 90 days. Repeated misuse will result in account suspension.

4. Account security expectations

  • You are responsible for safeguarding your password and for any activity that occurs under your account.
  • You must notify security@workium.co.uk immediately if you suspect any unauthorised access to your account.
  • Where Workium offers or requires multi-factor authentication for your account type (in particular admin, agency and HR workspaces), you must enable and use it. Disabling MFA on an account where it is required may result in suspension.
  • Agency, community-manager and business administrator credentials may not be shared between people. Each operator must have their own account.

5. Enforcement, suspension and termination

Workium operates a security-audit log of significant events (including failed admin logins, blocked AI messages, attempted privilege escalation and other indicators of misuse). Where we reasonably believe that you have breached this AUP, we may, without prior notice and at our sole discretion:

  • Throttle or block your access to all or part of the Services;
  • Suspend or terminate your account, including any linked candidate or community-manager accounts;
  • Cancel pending applications or in-flight orders, with any unrecoverable third-party fees forfeited;
  • Notify the relevant employer, agency, financial-services partner or competent authority where there is reasonable suspicion of fraud, AML breach or other unlawful conduct;
  • Retain evidence (including audit logs and abuse logs) for up to 12 months for investigation and legal-claim defence;
  • Pursue any remedy available to us at law or in equity.

6. Reporting misuse

If you become aware of conduct on the platform that breaches this AUP — including suspected document fraud, harassment, security vulnerabilities or AI misuse — please report it to security@workium.co.uk. Reports of suspected security vulnerabilities are welcomed under our responsible-disclosure approach; please give us a reasonable opportunity to remediate before any public disclosure.

Contact

Security & abuse: security@workium.co.uk

General: hello@workium.co.uk

Workium Ltd · International House, 36-38 Cornhill, London, EC3V 3NG, United Kingdom

The Work Abroad Annual Summit 2026Nairobi · 31 OctRegister