Skip to content

Acceptable Use Policy

This Acceptable Use Policy ("AUP") describes what you may not do with NovaHunt. It supplements the Terms of Service — a breach of this AUP is a breach of the Terms.

NovaHunt is a multi-tenant SaaS. Abuse by one account degrades the experience and the safety of every other account on the platform, so we take enforcement seriously and we automate the boring parts.

1. The hard rules

You may not, and you may not allow anyone using your account to:

1.1 Scrape NovaHunt or upstream job boards through NovaHunt

NovaHunt's job-board integrations (Greenhouse, Lever, Ashby, Workable, Adzuna, JSearch) are accessed through approved MCP servers under our own contracts and rate limits with those providers. You may not:

  • automate browser sessions, headless or otherwise, against trynovahunt.com to extract data in bulk;
  • use NovaHunt's API or features to harvest job postings and republish them outside your personal use;
  • send traffic that resembles scraping (high frequency, no organic interaction, fan-out searches across thousands of keywords) — our CANARY rule engine and ABACUS pattern analyst flag this automatically.

We pay for those upstream APIs, and breaches of upstream terms cost us the integration for everybody.

1.2 Upload resumes that aren't yours

The resume you upload must describe you. Submitting another person's resume, a fabricated work history, a fabricated identity, or an AI-generated CV that misrepresents your actual experience is identity fraud, breaches Section 3 of the Terms, and may also be a crime in the jurisdiction where the application is sent.

This includes:

  • impersonating another candidate to apply on their behalf without their authorisation;
  • using NovaHunt as a "ghost-applying" service against another person;
  • materially inflating titles, dates, or credentials that an employer would rely on.

We do not police minor copy-edits — tailoring how you describe your real experience is the point of the product. We do treat fabrication as a hard rule.

1.3 Automated applications to disinterested employers

NovaHunt supports auto-apply on Pro and higher tiers. The condition is that you are genuinely interested in each role the agent submits. You may not:

  • enable auto-apply on every match without filters, intending only to "see what sticks";
  • use NovaHunt as a job-board spam engine to apply to thousands of roles you have no intent to take;
  • bypass NovaHunt's submit_application RED-tier consent gate, which exists specifically to keep a human in the loop on every submission.

The submit-application action is classified RED in our consent engine and always requires re-authentication. Sustained attempts to circumvent this gate are grounds for suspension.

1.4 Abusive recruiter outreach via DISPATCHER

DISPATCHER and ENVOY send follow-up email on your behalf. You may not use them to:

  • send unsolicited bulk email outside the job-seeking workflow (CAN-SPAM Act, US; EU ePrivacy Directive; UK PECR);
  • harass, threaten, or repeatedly contact a recruiter or hiring manager who has asked you to stop;
  • send messages that defame an individual or an organisation;
  • impersonate another person or organisation in outreach;
  • contact minors.

CRIER respects unsubscribe signals from recipients; do not try to evade them.

1.5 Account sharing

Accounts are personal. You may not:

  • share your magic-link email with anyone else;
  • share an active session, exported cookies, or your authjs.session-token;
  • operate multiple accounts to multiply free-tier quotas, evade a suspension, or fragment activity to evade abuse detection.

Team plans exist precisely so multiple people can use NovaHunt under one billing relationship — use them.

1.6 Reverse-engineering the agent system

You may not attempt to:

  • extract our agent prompts (the "Constitutional Preamble", VANGUARD's synthesis prompt, APPRAISER's scoring prompt, etc.);
  • enumerate or reproduce our internal scoring logic via probing;
  • bypass, disable, or interfere with WARDEN, the consent engine, TURNSTILE, CANARY, ABACUS, or WATCHTOWER;
  • decompile, disassemble, or otherwise derive the source of any non-open-source component;
  • conduct security research against NovaHunt without first contacting security@trynovahunt.com.

Legitimate security research is welcome — email security@trynovahunt.com and we will scope it with you. Surprising us is not.

1.7 Discrimination

NovaHunt may not be used to facilitate discrimination against any class protected under federal, state, or local employment law (in the United States: Title VII, the ADEA, the ADA, GINA, state and local equivalents; in the EU/UK: the relevant national equality and anti-discrimination statutes; equivalents elsewhere). This applies particularly to any future recruiter-facing or enterprise tooling — you may not configure NovaHunt to exclude candidates, filter outreach, or score matches on the basis of a protected class.

If our automated controls or a human report show a pattern consistent with discriminatory use, we will suspend the account pending review.

1.8 General lawfulness

You may not use NovaHunt for anything that is unlawful in your jurisdiction, the employer's jurisdiction, or our jurisdiction (the United States). This includes, without limitation, fraud, money laundering, sanctions evasion, malware distribution, infringing distribution of copyrighted material, or any activity that violates a court order.

2. How enforcement works

NovaHunt's defence-in-depth is mostly automated and mostly transparent.

WATCHTOWER and its specialists watch every account. CANARY detects per-event abuse rules deterministically (e.g. high-frequency submissions, suspicious account-creation patterns, threshold crossings). ABACUS analyses spend and behaviour patterns over time (e.g. sustained 3× baseline activity, unproductive spend, off-hours bursts). Together they generate flags with a severity (review or suspend).

TURNSTILE blocks before damage compounds. When an account is on a hold (spend_holds), TURNSTILE refuses to authorise the next privileged call regardless of remaining cap. You see a clear "Your account is on hold. Reason: [...]. Confirm to resume?" modal. Severity review clears with your single-click confirmation. Severity suspend requires admin approval in addition.

WARDEN audits the decision. Every consent change, cap bump, suspension, and resume is appended to the hash-chained WARDEN audit log. This means we cannot quietly act on your account without leaving a trail, and you cannot quietly evade a suspension by repeating the action under a different alias.

Escalation ladder.

  1. Warning notification in the daily briefing for low-severity flags.
  2. Account hold (review) — most features paused; you can resume in one click after acknowledging the reason.
  3. Account hold (suspend) — paid features paused, admin must approve resumption; outreach and auto-apply remain disabled until a human reviews.
  4. Termination — for material or repeated breaches, identity fraud, or anything that puts the multi-tenant platform at risk.

3. Multi-tenant impact

Because NovaHunt is shared infrastructure, abuse by one account can affect others by:

  • consuming our shared rate limits to upstream job boards (Greenhouse / Lever / Ashby / Workable / Adzuna / JSearch);
  • damaging our standing with Resend, which delivers the daily briefing for every user;
  • exhausting tenant-level or global Claude spend ceilings, at which point TURNSTILE blocks LLM calls across the platform.

We will not let one account hurt the rest. Abuse that has multi-tenant impact is escalated to suspend severity faster than abuse that affects only the abuser's own account.

4. Appeals

If your account has been held, suspended, or terminated and you believe it was a mistake, email appeals@trynovahunt.com from the email address on the account, including:

  • a brief description of what you were trying to do;
  • the date/time and any reference ID from the notification you received;
  • anything you would like us to consider.

A human will respond within 5 business days. Appeal outcomes are final.

5. Reporting abuse

If you suspect another NovaHunt user is breaching this AUP — for example, you received unsolicited bulk outreach you believe came from NovaHunt — email abuse@trynovahunt.com with the recipient address, headers if you have them, and a brief description. We investigate every report and take action when warranted.

6. Changes

We may update this AUP. Material changes are announced in the daily briefing and posted here at least 14 days before they take effect.

Last updated: 2026-05-19

Contact: legal@trynovahunt.com

Questions? Email legal@trynovahunt.com.