Acceptable Use Policy

General principles

• Use the Service lawfully and only for legitimate business purposes.
• Respect the rights, privacy, and safety of others.
• Do not interfere with the Service or attempt to bypass security controls.
• Follow our Documentation, product guidance, and any usage limits communicated in the Service.
• Maintain accurate information and act in good faith.

Prohibited activities

• Violating any applicable law, regulation, or court order.
• Attempting to gain unauthorized access to accounts, data, or systems.
• Uploading malware, ransomware, or other malicious code.
• Phishing, spamming, or sending unsolicited bulk communications.
• Harassing, defaming, threatening, or abusing others.
• Impersonating another person or organization or misrepresenting identity.
• Infringing intellectual property rights or posting unlawful content.
• Scraping, harvesting, or bulk downloading data without permission.
• Reverse engineering, decompiling, or attempting to discover source code.
• Bypassing usage limits, access controls, or security features.
• Interfering with ad delivery or ad measurement in free plan workspaces.
• Using the Service to build or train competing products without written consent.
• Using the Service for high-risk activities where failures could cause harm or legal liability.
• Sharing credentials or allowing unauthorized users to access the Service.
• Reselling or sublicensing the Service without written permission.
• Using trials, promotions, or credits to evade payment obligations.
• Intentionally overloading the Service or degrading performance for others.

Content standards

• You must have the rights and permissions needed to submit Content.
• Content must not include personal data without proper notice and lawful basis.
• Do not submit content that is misleading, deceptive, or fraudulent.
• Do not submit content that violates confidentiality obligations or professional duties.

Restricted data types

Unless we have agreed in writing, you may not upload or process highly sensitive or regulated data, including:

• Payment card numbers or full banking credentials.
• Government-issued identifiers such as passport numbers or tax file numbers.
• Health, medical, genetic, or biometric data.
• Children's data or data subject to child protection laws.
• Authentication secrets, private keys, or passwords in plain text.
• Data governed by HIPAA, PCI DSS, GLBA, or similar regulated frameworks.
• Full card or bank details outside approved payment processor forms.

Automated access and APIs

• Automated access must comply with documented rate limits and usage controls.
• Do not use bots or scripts to create accounts or generate traffic without permission.
• Do not scrape or collect data outside approved export and API features.
• You are responsible for your API keys and must revoke them if compromised.
• Do not use automation to disrupt, probe, or stress test the Service.

Security testing

• You may not conduct penetration testing, vulnerability scanning, or security research without written consent.
• Contact us to coordinate authorized security testing.
• Do not attempt to exploit bugs, bypass authentication, or probe systems for weaknesses.
• Do not disclose vulnerabilities publicly without our prior coordination.

Export controls and sanctions

• You may not use the Service if you are located in a jurisdiction subject to comprehensive sanctions.
• You must comply with applicable export control and sanctions laws.

Enforcement

• We may remove or disable access to content that violates this policy or the law.
• We may suspend or terminate access for violations or if we believe your use poses a risk.
• We may report unlawful activity to law enforcement.
• We may restrict features or limit access while investigating suspected abuse.
• We may require corrective action before restoring access.

Report abuse