Acceptable Use Policy
Effective date: 31 May 2026
1. Introduction
This Acceptable Use Policy ("AUP") applies to all use of the ThreatPrevent platform, APIs, website, applications, integrations, documentation, intelligence services, AI features, and related services ("Services").
You must comply with this AUP whenever you access or use the Services. Breach of this AUP may result in suspension or termination of access.
2. Lawful and Authorised Use
You may use the Services only for lawful, authorised, and legitimate business, security, compliance, supplier risk, payment risk, infrastructure risk, or cyber risk management purposes.
You are responsible for ensuring that you have the right and lawful basis to submit any data, domain, email address, IP address, company name, or other information to the Services.
3. Prohibited Use
- Violating any law, regulation, court order, or third-party right.
- Conducting unauthorised surveillance, profiling, harassment, stalking, doxxing, or targeting of individuals.
- Performing offensive cyber operations, unauthorised scanning, exploitation, intrusion, credential attacks, or attack planning.
- Developing, improving, distributing, or operating malware, phishing, botnets, exploit kits, credential theft tools, or harmful infrastructure.
- Attempting to bypass security controls, rate limits, billing controls, or access restrictions.
- Reverse engineering, scraping, cloning, reselling, redistributing, or reconstructing the Services, scoring model, API, datasets, or outputs except as expressly permitted in writing.
- Submitting excessive, automated, abusive, or disruptive requests.
- Using the Services to make unlawful employment, credit, insurance, housing, or eligibility decisions about individuals.
- Misrepresenting ThreatPrevent outputs as guarantees, certifications, legal conclusions, or definitive findings.
- Interfering with the security, availability, performance, or integrity of the Services.
4. API Key Security
You must keep API keys confidential and secure. You must not share API keys with unauthorised users, embed keys in public repositories, expose keys in client-side code, or allow third parties to use your keys without authorisation.
You must notify us immediately at hello@threatprevent.io if an API key is lost, leaked, compromised, or misused.
5. Rate Limits and Abuse Prevention
We may apply rate limits, quotas, response size limits, spend caps, request validation, throttling, blocking, or other controls to protect the Services and our customers.
You must not attempt to evade these controls by creating multiple accounts, rotating keys, masking traffic, distributing requests, or using automated systems to bypass restrictions. Contact us to talk about custom rate limits if required.
6. Data Submission Rules
You must not submit data that is unlawful, highly sensitive, unnecessary, excessive, malicious, or designed to disrupt or exploit the Services. You must not submit secrets, passwords, private keys, full payment card data, or information you are not authorised to process.
7. Security Research
You must not test, scan, probe, or attack the ThreatPrevent platform, infrastructure, API, authentication systems, billing controls, or integrations without prior written permission.
If you believe you have discovered a security issue, please contact hello@threatprevent.io with sufficient detail for us to investigate safely.
8. Resale and Redistribution
You may not resell, redistribute, sublicense, publish, or commercially exploit ThreatPrevent outputs, risk scores, intelligence data, API responses, or derived datasets unless expressly authorised in a written agreement.
9. Suspension and Enforcement
We may suspend, restrict, throttle, revoke, or terminate access immediately where we reasonably believe activity breaches this AUP, creates security, legal, operational, reputational, or billing risk, may harm ThreatPrevent or others, or may compromise the integrity, reliability, or availability of the Services.
10. Investigation and Cooperation
We may investigate suspected misuse and may preserve or disclose relevant information where reasonably necessary for security, legal compliance, fraud prevention, dispute resolution, or protection of our rights and users.
11. Changes
We may update this AUP from time to time. Continued use of the Services after publication of an updated AUP constitutes acceptance of the updated policy.