← BackWersja polska →

Content Policy

Version 2026-04-23 · effective from 23 April 2026.

This document constitutes the Acceptable Use Policy (AUP) for lucyboard. It supplements the Terms of Service and binds all Users.

The legally binding version of this document is the Polish one. In the event of any discrepancy, the Polish text prevails.

1. Purpose and scope

This policy governs content published, stored and shared in the Service — including board elements, text, images, PDFs, links, embeds, and audio/video streams during meetings. The goal is to keep the Service safe, lawful and professional for everyone.

The policy applies regardless of sharing mode (private, team, public boards, meetings). Each User is fully responsible for the content they publish or share.

2. Strictly prohibited content

Regardless of context, sharing level or participant “consent”, the following content is prohibited:

2.1. Illegal content

  • Child sexual abuse material (CSAM) — immediately reported to law enforcement (Polish police / prosecutor's office) and to NCMEC / Dyżurnet.pl; the reporting User's account is permanently blocked without notice.
  • Terrorism or violent extremism content.
  • Content related to human trafficking, forced labour, exploitation.
  • Offers to sell controlled substances, weapons, explosives or otherwise prohibited items.
  • Forgery of documents, official marks, currency.

2.2. Hate, violence, discrimination

  • Incitement to hatred or discrimination based on race, ethnic origin, nationality, religion, belief, gender, sexual orientation, gender identity, disability or other protected characteristics.
  • Credible threats, incitement to physical violence against persons or groups.
  • Glorification of genocide, war crimes and crimes against humanity.
  • Symbols of terrorist and totalitarian organisations used in an affirmative manner.

2.3. Infringement of others' rights

  • Content infringing copyright, related rights, trademarks, designs or patents (see section 9 — notice‑and‑takedown).
  • Doxxing — publishing personal data of third parties without a legal basis (home addresses, phone numbers, IDs, medical records).
  • Defamation of natural or legal persons.
  • Non‑consensual intimate imagery (“revenge porn”).
  • Impersonating persons, institutions or brands.

2.4. Sexual content

  • Pornographic material (real or generated).
  • Sexually explicit content that violates the dignity of other Users.
  • Unsolicited sexual advances toward other Users (especially minors — see 2.1).

2.5. Technical abuse

  • Malicious software: viruses, trojans, ransomware, keyloggers, attack tools (DDoS, brute‑force, weaponised exploit frameworks).
  • Content used for phishing, fake login pages, spoofed notifications.
  • Financial scams, Ponzi schemes, “miracle investment” promotions.
  • Spam, mass automated posting of identical content, scraping of accounts and boards.
  • Attempts to bypass security controls, access others' boards, escalate privileges, probe for vulnerabilities (except responsible disclosure — see section 11).

2.6. Deception

  • Disinformation regarding public health, vaccines, medicines.
  • Election manipulation, impersonating public institutions.
  • Fake official documents, certificates, diplomas.
  • Deepfakes intended to deceive about a person's identity or statements.

2.7. Self‑harm and exploitation

  • Content promoting suicide, self‑harm, eating disorders.
  • Content depicting harm to humans or animals.

3. Content requiring special care

The following categories are not prohibited but require care — publishing them without proper basis or labelling may result in moderation:

  • Third‑party personal data in work content — you are responsible for having a lawful basis and fulfilling information duties. Upon request, a data processing agreement can be concluded for business Users.
  • Confidential business information (internal docs, source code, trade secrets) — ensure you have the right to share and that you use an appropriately restricted sharing mode.
  • Personal likenesses — publishing a natural person's image requires their consent (with statutory exceptions — public figures, crowd scenes, landscape details).
  • AI‑generated content — if significant parts are AI‑generated, we recommend labelling them. Do not publish AI content posing as another person's work, especially real individuals.
  • Commercial/promotional content — permitted on your own boards; unsolicited advertising directed at other Users (invitations, comments, spam) is prohibited.
  • Sensitive educational / journalistic content — permitted for documentation, research, education, provided it does not directly incite prohibited conduct. The context should be clear from the board description.

4. Attachment rules

  • Allowed types: images (PNG, JPG, WebP, SVG, GIF) and PDF documents. MIME types are verified server‑side.
  • Size limit: enforced at upload; oversized files are rejected. Current limits are shown in the UI and may change per plan.
  • File content is subject to sections 2 and 3. Images and PDFs must not contain prohibited material (CSAM, pornography, hate content, embedded malware).
  • Moderation right: Operators may view the content of an attachment when it is reported or during routine security audits. Each access is logged with a reason.
  • Access: attachments are visible only to authorised Users. Hiding an attachment by a moderator makes it inaccessible to everyone except Operators.

5. Collaboration rules

On shared boards and in meetings we expect respectful behaviour. The following is prohibited:

  • Harassment, threats, offensive comments directed at other Users.
  • Deliberately disrupting group work (trolling, mass deletion of others' elements, bad‑faith permission changes).
  • Using meetings to transmit prohibited content — the host must stop the stream and report the incident.
  • Sharing account access with another person or using one account by multiple Users.

6. Reporting abuse

Any User may report a violation. Please send reports to:

abuse@lucyboard.com

To speed up processing please include:

  • the identifier or link to the board/attachment,
  • a brief description of the violation and the relevant section of the policy,
  • if possible — screenshots, e‑mails of suspected Users, other evidence,
  • reporter contact details (optional — anonymous reports are accepted but we cannot provide feedback then).

Response time: within 72 business hours. For high‑priority content (CSAM, credible violent threats, large‑scale copyright infringement) we act immediately, within a few hours of receipt.

7. Moderation process

Moderation happens at three levels:

  1. Board owner — controls members, share links and contents of their own board.
  2. Company admin — manages boards within their organisation; can hide policy‑violating attachments within the organisation, with a reason logged.
  3. Superadmin — Service‑wide moderation powers, handling higher‑priority cases and DMCA/notice‑and‑takedown submissions.

Decision logging: every moderation decision (hide, restore, permanent delete, account suspension) is recorded with operator identifier, action type, reason, note and timestamp. The affected User is notified with a justification.

8. Consequences

Measures are selected proportionally to the severity, history and impact:

  1. Warning — with reference to the breached section.
  2. Hiding content or attachment — inaccessible to Users; the file is retained for 30 days for potential appeal.
  3. Permanent deletion — including physical file deletion after retention expiry.
  4. Account capability restriction — temporary block on uploads, public boards, meetings.
  5. Account suspension — temporary, pending investigation.
  6. Permanent account deletion — for gross or repeated violations.
  7. Reporting to law enforcement — where a criminal offence is identified (without prior warning).

Right to appeal: within 14 days of the notification, send your appeal to abuse@lucyboard.com. Appeals are reviewed by a person other than the one who made the original decision, where technically possible. We respond within 14 days of receipt.

9. Notice‑and‑takedown (copyright)

In addition to the general reporting flow (section 6) we provide a dedicated procedure for copyright and related rights claims, aligned with the Polish Copyright Act and — where applicable — the US Digital Millennium Copyright Act (DMCA).

9.1. Report contents

A notice should include:

  • reporter identification (name or business name, address, e‑mail) and basis of entitlement (author, licensee, agent);
  • identification of the protected work (e.g. registration number, publication details);
  • specific locations of the infringement in the Service (board link, attachment id);
  • a statement of good faith, awareness of liability for false reports and authority to represent the rights holder;
  • a signature (electronic — first and last name in the e‑mail sent from the reporter's address is sufficient).

9.2. Procedure

  1. We forward the notice to the publishing User with information about potential hiding of the content.
  2. If the User does not submit a reasoned counter‑notice within 14 days, or the notice is clearly valid, the content is hidden.
  3. Content may be restored only upon a valid counter‑notice containing the User's statement of entitlement.
  4. For repeat infringers we apply a repeat‑infringer policy ending in permanent account deletion.

Please send DMCA notices to abuse@lucyboard.com with subject “DMCA notice” or “Copyright infringement notice”.

10. Rules for moderators

Operators must:

  • act only to the extent necessary for safety and policy compliance,
  • maintain confidentiality regarding content seen during moderation,
  • log every action with a precise reason,
  • refrain from acting in conflict of interest (e.g. moderating their own or close ones' boards),
  • escalate cases beyond their authority (criminal matters to superadmin and, where needed, to law enforcement).

Abuse by Operators (particularly unjustified access, leaks, arbitrary deletion) is a gross breach of duties and leads to revoking privileges and, where appropriate, legal action.

11. False reports and responsible disclosure

False reports filed in bad faith or to harass may lead to actions against the reporter, including reporting restriction, account suspension and, in special cases, legal liability toward the injured parties.

Responsible vulnerability disclosure: if you find a security issue, please report it to security@lucyboard.com (or, if no response, kontakt@lucyboard.com). Please do not exploit the issue, do not disclose it publicly before it is fixed, and include reproduction steps. Good‑faith security reports that do not violate other Users' privacy are not treated as policy violations.

12. Changes

Any material change will increase the version number. Users will be informed in‑app. Continued use after effect of a new version constitutes acceptance; for critical changes we require explicit re‑acceptance.

Version history:

  • 2026-04-23 — initial version.
Privacy PolicyTermsPolski
Content Policy · lucyboard