1. Purpose

This policy sets out permitted and prohibited activities to protect the confidentiality, integrity, and availability of the platform and customer data.

2. Permitted use

Users may:

• Create and seal authorised artefacts.
• Validate verification references against published cryptographic records.
• Integrate via documented APIs and interfaces.
• Use outputs strictly within defined verification-reference scope.

3. Prohibited activities

Users must not:

• Bypass, disable, or weaken security controls.
• Access unauthorised systems, accounts, or data.
• Upload unlawful, infringing, or malicious content.
• Misrepresent verification references as certification or compliance outcomes.
• Reverse engineer, replicate, or derive proprietary systems except as permitted by law.

4. Security abuse

Security testing requires prior authorisation or must comply with the responsible disclosure process.

5. Data handling responsibilities

Users are responsible for:

• Lawful data collection and submission.
• Appropriate classification, retention, and deletion controls.
• Implementation of access controls and least privilege.
• Compliance with applicable data protection laws and contractual obligations.

6. Fair use and platform integrity

Excessive or abusive usage that degrades platform performance or impacts other users may result in rate limiting, throttling, suspension, or termination.

7. Enforcement

Violations may result in investigation, access restriction, suspension, termination, and referral to authorities where required by law.

8. Changes

This policy may be updated periodically. Continued use constitutes acceptance of the current version published on this page.

9. Contact

Questions or reports relating to acceptable use can be directed to: legal@resolutionassurance.com