HomeLegal hubTermsPrivacyAcceptable useContact

Acceptable Use Policy

Last updated: March 28, 2026

This Acceptable Use Policy (“AUP”) sets rules for using the Benford SaaS Service, including the website, application, and—where available—the HTTP API and API keys. It supplements our Terms of Service and Privacy Policy.

Violations may result in suspension or termination of access, revocation of API keys, or legal action where appropriate.

1. Lawful use

You may use the Service only in compliance with applicable laws and regulations, including those governing data protection, export controls, sanctions, and industry-specific obligations.

You must not use the Service to process or store data you are not authorized to hold or analyze.

2. No harm to the Service or others

You must not:

  • Probe, scan, or test the vulnerability of the Service or related systems without prior written authorization.
  • Bypass or defeat authentication, authorization, rate limits, usage quotas, or billing controls.
  • Interfere with or disrupt the Service, networks, or other users (e.g. denial-of-service attacks, excessive automated load beyond fair use).
  • Access another user’s workspaces, data, or accounts without permission.
  • Introduce malware or exploit the Service to distribute harmful code.

3. API keys and automation

Where API access is enabled for your workspace:

  • Protect secrets. Treat API keys like passwords. Do not embed them in public repositories, client-side code, or shared screenshots.
  • Revoke leaks immediately. If a key is exposed, revoke it in workspace settings and create a new one.
  • Respect limits. Automated clients must honor rate limits, retry-after headers, and documented constraints.
  • No circumvention. Do not use multiple keys, accounts, or technical tricks primarily to evade quotas or enforcement.

4. Content and data

You must not use the Service to upload, store, or process:

  • Illegal content or data obtained through unlawful means.
  • Highly sensitive categories of personal data unless you have a lawful basis and our Service is appropriate for that processing (many audit analytics scenarios should be reviewed case by case).

You are responsible for redaction, minimization, and lawful basis for any personal data you submit.

5. Misrepresentation and spam

You must not:

  • Impersonate others or misrepresent your affiliation.
  • Send unsolicited bulk communications using our infrastructure.
  • Use the Service to phish, scam, or deceive third parties.

6. Intellectual property

Do not use the Service to infringe copyrights, trademarks, trade secrets, or other intellectual property rights of others.

7. Reverse engineering

Except to the extent permitted by law, you may not reverse engineer, decompile, or disassemble the Service or attempt to extract source code or underlying models of our proprietary systems.

8. Enforcement

We may investigate suspected violations. We may remove content, suspend accounts, revoke API keys, throttle or block traffic, and cooperate with law enforcement where required.

We are not obligated to monitor all activity but may use automated and manual means to protect the Service.

9. Reporting

To report abuse or security issues, contact [your security or support email].

(Replace with a real contact address.)