Acceptable Use Policy

This Acceptable Use Policy (“AUP”) governs your use of the CheckVibe website, dashboard, APIs, and related services (the “Service”). The AUP is part of, and incorporated by reference into, our Terms of Service. Capitalized terms used but not defined here have the meanings given in the Terms.

Violation of this AUP is a material breach of the Terms and may result in immediate suspension or termination of your account, refusal of refunds, referral to law-enforcement authorities, and any other remedy available to us at law or in equity.

1. Authorization to Scan

You may only use the Service to scan, analyze, or probe a website, system, repository, or service that you own or for which you have obtained, before initiating the scan, all express authorizations required from the owner. You are solely responsible for verifying your authority. Unauthorized scanning may violate the U.S. Computer Fraud and Abuse Act (18 U.S.C. § 1030), Article 143bis of the Swiss Criminal Code, Section 202a of the German Criminal Code, the UK Computer Misuse Act 1990, Articles 323-1 et seq. of the French Penal Code, and equivalent laws in other jurisdictions, and may expose you to civil and criminal liability.

2. Prohibited Conduct

You may not, and may not permit any third party to, use the Service to:

• Scan, probe, exploit, attack, attempt to gain unauthorized access to, or interfere with any system, network, account, or device without explicit authorization.
• Develop, test, or deploy malware, spyware, ransomware, worms, trojans, rootkits, keyloggers, or any other malicious code.
• Conduct, plan, or facilitate any cyberattack, including denial-of-service, distributed denial-of-service, credential stuffing, brute-force, phishing, smishing, vishing, business-email-compromise, supply-chain compromise, or social-engineering attack.
• Bypass, defeat, or circumvent any authentication, access control, paywall, rate limit, encryption, watermarking, or other technical protection measure of the Service or any third-party system.
• Use the Service to violate the rights of any person, including intellectual-property, publicity, privacy, data-protection, contract, or employment rights.
• Use the Service to facilitate, plan, or carry out fraud, identity theft, market manipulation, money laundering, terrorism financing, or any other illegal activity.
• Use the Service to harass, stalk, dox, threaten, intimidate, discriminate against, or harm any individual or group.
• Use the Service to collect, harvest, or compile personal data, business intelligence, or competitive information from third parties without lawful basis or consent.
• Use the Service to target government, military, intelligence, election, healthcare, financial-services, energy, water, telecommunications, transport, industrial-control, or other critical-infrastructure systems without our prior written consent and a separately executed master services agreement.
• Use the Service to develop, train, fine-tune, evaluate, or benchmark any competing security-scanning product, large-language model, or machine-learning model.
• Reverse-engineer, decompile, disassemble, or attempt to derive the source code, algorithms, or trade secrets of the Service, except to the extent expressly permitted by mandatory law that cannot be waived by contract.
• Resell, sublicense, lease, rent, white-label, frame, mirror, scrape, or otherwise commercially exploit the Service or its output without our prior written consent.
• Use automated tools, bots, scrapers, or headless browsers against the Service except through our documented APIs and within their published rate limits.
• Publish public benchmarks, comparative reviews, or competitive analyses of the Service without our prior written consent.
• Upload, submit, link to, or transmit content that is unlawful, infringing, defamatory, obscene, hateful, deceptive, or that contains malware or harmful code.
• Use the Service in any way that imposes a disproportionate or unreasonable load on our infrastructure, that interferes with other users' legitimate use, or that endangers the security, integrity, or availability of the Service.
• Violate export-control, sanctions, anti-bribery, anti-money-laundering, anti-terrorism, consumer-protection, or data-protection laws of any applicable jurisdiction.
• Use the Service for the design, development, or production of nuclear, chemical, biological, or missile weapons or any other weapon of mass destruction, or for any other purpose prohibited by U.S., EU, UK, Swiss, or UN export-control or sanctions regulations.
• Impersonate any person or misrepresent your affiliation with any individual or organization.
• Create accounts using false, misleading, or stolen identity information; share accounts across multiple individuals; or operate multiple accounts to evade restrictions, quotas, or pricing.
• Engage in any activity that, in our sole discretion, may expose us, our users, or any third party to legal, financial, reputational, or operational risk.

3. Responsible Disclosure

If, in the course of using the Service, you discover a security vulnerability affecting a third party, you must handle that information lawfully and responsibly. Where the third party operates a published vulnerability-disclosure or bug-bounty program, follow its rules. Where it does not, disclose the issue privately and give the operator a reasonable period to remediate before any public disclosure. Do not use information discovered through the Service to gain unauthorized access, extort, defraud, or harm any person.

To report a security issue in CheckVibe itself, please email support@checkvibe.dev with the subject “Security” and refrain from public disclosure for a reasonable period to allow remediation.

4. Quotas, Rate Limits & Fair Use

Your plan defines a quota of scans, projects, integrations, API calls, retention, and other resources. You must stay within those limits. We may apply additional rate limits, throttling, queuing, or temporary blocks to protect the Service and other users. Where a plan is marketed as “unlimited,” use must remain within ordinary, good-faith, individual use; bulk, automated, or commercial-distribution patterns of use do not qualify and may be throttled or terminated.

5. Reporting Abuse

To report a violation of this AUP, suspected abuse, or illegal activity involving the Service, email support@checkvibe.dev with the subject “Abuse Report.” Provide as much detail as possible (URLs, timestamps, account information, evidence). We will investigate reports promptly and take appropriate action.

6. Enforcement

We reserve the right (but have no obligation) to investigate any suspected violation of this AUP, to remove or disable access to any content, and to suspend or terminate any account, in each case in our sole discretion, with or without notice, and without liability. We may cooperate with law-enforcement authorities and produce information as required by lawful process or court order. We may also pursue any other legal or equitable remedy available to us, including injunctive relief and recovery of damages, costs, and reasonable attorneys' fees.

7. Changes

We may modify this AUP from time to time. The current version is always available at checkvibe.dev/acceptable-use with a “Last updated” date. Continued use after a change takes effect constitutes acceptance.