Acceptable Use Policy

Last updated:

1. Purpose

This Acceptable Use Policy (“Policy”) governs use of the service (“Service”) operated by the service provider (“we”, “us”, “our”).

This Policy forms part of the Terms of Service.

The Service is a read-only subscription integrity monitoring system designed to compare Stripe subscription data with internal entitlement data.

2. Permitted Use

You may use the Service only for lawful business purposes and strictly in accordance with:

• The Terms of Service
• Applicable UK law
• Applicable data protection legislation

The Service is intended solely for legitimate subscription integrity monitoring.

3. Prohibited Activities

You must not:

3.1 Unlawful Use

• Use the Service in violation of any applicable law or regulation
• Process personal data without proper authority or legal basis
• Upload or connect data you are not authorised to process

3.2 Security Violations

• Attempt to gain unauthorised access to the Service
• Attempt to probe, scan, or test system vulnerabilities
• Circumvent authentication or security measures
• Reverse engineer, decompile, or disassemble any part of the Service

3.3 Misuse of API Credentials

• Share Stripe API keys insecurely
• Upload API keys belonging to third parties without authority
• Use compromised credentials

You remain responsible for safeguarding your credentials.

3.4 Interference

• Interfere with or disrupt the integrity or performance of the Service
• Introduce malicious code, malware, or harmful scripts
• Attempt to overload, flood, or stress the system

3.5 Automated Abuse

• Use automated scripts to scrape, harvest, or extract data from the Service beyond its intended reporting functionality
• Attempt to build a competing service using information derived from the Service

3.6 Misrepresentation

• Represent the Service as modifying, enforcing, or correcting subscription systems
• Misrepresent reports as financial advice or certified audit opinions

4. Data Restrictions

You must not upload or process:

• Special category data under UK GDPR (e.g. health, biometric, political data)
• Payment card numbers or sensitive financial account data
• Data unrelated to subscription integrity monitoring

The Service is not designed for high-risk or special category processing.

5. Suspension

We may suspend or restrict access immediately where we reasonably believe:

• This Policy has been breached
• There is a security risk
• There is unlawful use
• Continued access would threaten system integrity

Suspension does not waive our other legal rights.

6. Reporting Concerns

7. Changes

We may update this Policy from time to time. Continued use of the Service constitutes acceptance of the updated version.