Acceptable use

Last updated 30 Apr 2026

Acceptable Use Policy

This Acceptable Use Policy (the "AUP") sets the rules for using korena.eu (the "Site"). It applies to every visitor and every account holder, and forms part of the Terms of Sale. Breach of this AUP may lead to account suspension, Order cancellation, and (where appropriate) civil action.

Quick read: Don't scrape, don't impersonate, don't try to bypass us to deal directly with the Partner Yard, don't game pricing or stock reservations, don't attack the Site, don't post anything illegal in any free-text field. Use it to buy slabs.


1. Who this applies to

The AUP applies to:

  • Visitors browsing the Site without an account.
  • Account holders: Consumers and Business Buyers.
  • Anyone otherwise interacting with the Site or its staff (email, chat, social channels operated by us).

2. Account responsibilities

If you create an account:

2.1. Provide accurate, current, complete information at registration and keep it up to date.

2.2. Keep your password confidential. You are responsible for activity on your account except where you have notified us promptly of unauthorised use.

2.3. Do not share your account with others. One account per natural person; one Business Buyer account per legal entity.

2.4. Notify us promptly at office@korena.eu if you suspect unauthorised access.

2.5. We may suspend or terminate accounts that materially breach these rules; for Consumer accounts we will follow the notice procedure in Terms of Sale §16.2 where the breach is curable.

3. Prohibited activities

You agree not to:

3.1. Technical abuse

  • Use automated systems (bots, scrapers, crawlers, spiders, AI agents acting on a buyer's behalf, headless browsers) to access, copy, monitor, or extract data from the Site, except for: (a) public search-engine indexers acting in line with our robots.txt; (b) feed readers consuming content we have explicitly published as a feed.
  • Bypass, attempt to bypass, or assist others in bypassing technical access controls (rate limits, CAPTCHAs, authentication, cart-reservation timers, payment-flow protections).
  • Probe, scan, or test the vulnerability of the Site or any related infrastructure without our prior written authorisation. Coordinated disclosure of suspected vulnerabilities is welcome. Email office@korena.eu.
  • Inject, upload, or transmit any virus, worm, trojan, time bomb, ransomware, or other malicious code or content.
  • Interfere with or disrupt the integrity or performance of the Site, including denial-of-service attacks, network flooding, or attempts to overload our infrastructure.

3.2. Order, stock, and payment abuse

  • Place Orders that you do not intend to pay for or take delivery of.
  • Repeatedly add slabs to cart to take them out of public availability without intending to buy.
  • Use stolen, fraudulent, or unauthorised payment instruments.
  • Attempt chargeback abuse on legitimately delivered Orders.

3.3. Identity, role, and circumvention

  • Impersonate any person or entity, including KORENA staff, a Partner Yard, a carrier, or a regulator.
  • Misrepresent your status as a Consumer or as a Business Buyer to obtain VAT or other treatment that would not apply.
  • Anti-circumvention (Business Buyers only). A Business Buyer who, in the course of a transaction, becomes aware of a Partner Yard's identity shall not use that information to solicit, contact, or contract with the Partner Yard outside our platform for a period of 12 months. This obligation does not apply to Consumers. This is the buyer-side mirror of the partner-side non-circumvention obligation in our Partner Agreement, and it exists to protect the integrity of the network that allows us to offer slabs across the EU at all.

3.4. Content and conduct

  • Post, transmit, or upload (in any free-text field, including support email, chat, reviews where present) any content that is illegal, defamatory, harassing, threatening, hateful, obscene, infringing, deceptive, or that violates third-party privacy.
  • Use the Site to send unsolicited commercial communications.
  • Use the Site to promote competing services or to direct buyers off the Site for transactions in our category.

3.5. IP, listing data, and text/data mining

  • Reproduce, modify, distribute, or publicly display photographs, polygon outlines, dimensions, Capture Bundles, descriptions, or other listing data, except as expressly permitted by Terms of Sale §15 or the Intellectual Property & Content Policy.
  • Train an AI/ML model on data scraped from the Site without our prior written consent.
  • Text and data mining (TDM) opt-out. For the purposes of Article 4 of Directive (EU) 2019/790 (Digital Single Market Directive), KORENA reserves the right to prevent text and data mining of all content on this Site. This reservation is expressed in machine-readable form via the Site's robots.txt, X-Robots-Tag HTTP headers, and an /ai.txt declaration. Lawful research text and data mining under Article 3 of the same Directive remains permitted.
  • Use the Site for any purpose that is illegal in your jurisdiction or in Bulgaria.
  • Use the Site in connection with persons, entities, or destinations subject to applicable EU, UN, US OFAC, or UK sanctions regimes. Where you believe you have been listed in error, contact office@korena.eu and we will review your case.

4. Reasonable use of the Site by automated agents on the user's behalf

We recognise that buyers increasingly use AI assistants to research and shop. Where an AI assistant is acting on your behalf and within your authority, the same rules apply to it as apply to you, and you remain responsible for its actions on the Site. In particular:

  • An AI assistant placing an Order is treated as you for all purposes: you are bound by the Terms. The natural person who authorises the AI assistant is the Buyer and is responsible for payment and delivery compliance.
  • An AI assistant must respect the same rate limits, robots.txt, anti-scraping rules, and stock-reservation timers as a human user.
  • An AI assistant may not be used to extract listing data into a competing dataset.
  • We may apply rate limits, CAPTCHA challenges, and bot-detection heuristics to requests that appear to be automated. Legitimate AI assistants may appeal a block by contacting office@korena.eu with evidence of authorisation.

If you operate an AI assistant or agent that needs to interact with the Site beyond what a single human buyer would (e.g., bulk-order automation, scheduled searches), contact us at office@korena.eu to discuss API or partner access.

5. Reporting violations

5.1. Breach reporting

If you become aware of a breach of this AUP (by another user, a Partner Yard, or KORENA staff), please report it to abuse@korena.eu with as much detail as you can provide.

5.2. Security vulnerability disclosure

For suspected security vulnerabilities, contact security@korena.eu with a description of the vulnerability; the same address is published in our /.well-known/security.txt per RFC 9116. Coordinated disclosure is welcome and we will respond in good faith within 5 Business Days with a remediation timeline.

6. Consequences of breach

For breaches of this AUP we may, depending on severity and in our reasonable discretion:

  • Issue a warning.
  • Suspend or terminate the offending account.
  • Cancel pending Orders.
  • Refuse to accept further Orders from the Buyer.
  • Block IP addresses or device identifiers.
  • Pursue any other remedy available at law, including injunctive relief and recovery of losses.

For Consumer accounts, where the breach is curable and not severe, we will give notice and an opportunity to cure before suspension.

7. DSA notice-and-action procedure

KORENA is a hosting service within the meaning of Regulation (EU) 2022/2065 (Digital Services Act) because the Site displays third-party content, including Partner Yard pages, Partner-supplied product imagery, customer reviews, and customer-uploaded photographs of finished pieces. The notice-and-action procedure below is therefore provided as required by DSA Articles 16 and 17, not as a voluntary commitment.

Notice format: email to abuse@korena.eu with:

  1. Your full name and contact details.
  2. The specific listing(s) or content item(s) at issue, with URL or slab ID.
  3. The reason you believe the content is illegal (with specific reference to applicable law if known).
  4. Any supporting evidence (screenshots, links, documentation).
  5. A statement, made in good faith, that the information in the notice is accurate and complete.

We will acknowledge receipt within 2 Business Days and notify you of the action taken (or our reasoned decision not to remove the content, with information on redress) within a further 5 Business Days where reasonably possible. KORENA's ultimate trader contact for DSA matters is the registered office: 8A Yordan Badev Str., 1700 Sofia, Vitosha District, Bulgaria. For IP-specific notices and counter-notices, see also the Intellectual Property & Content Policy §7.

8. Languages

This AUP is authored in English. Translations may be made available on the Site. Where required by law (notably for Bulgarian-resident Consumers), the Bulgarian translation is the binding version.


Last reviewed: 2026-04-30 · Next review: 2027-04-30 (or earlier on trigger).