Legal

Acceptable Use Policy

Last updated: january 1, 2026 ·  PolicyForges, Inc.

1. Purpose and Scope

This Acceptable Use Policy ("AUP") sets out the rules and guidelines governing your use of the PolicyForges enterprise policy and compliance management platform and all associated services (collectively, the "Services"). This policy applies to all users, administrators, and organizations that access the Services, including employees, contractors, and third-party agents acting on behalf of a subscribing organization.

PolicyForges is designed to support legitimate enterprise governance, risk management, and compliance activities. This AUP protects the integrity of the Platform, safeguards other customers, and ensures the Services remain available and performant for all users.

2. Permitted Uses

The Services are provided for the following legitimate enterprise business purposes:

  • Creating, managing, and distributing organizational policies, procedures, and governance documentation
  • Managing compliance programs, regulatory obligations, and internal control frameworks
  • Routing documents through structured approval and review workflows
  • Tracking employee policy acknowledgements and certifications
  • Monitoring compliance status, risk indicators, and governance KPIs
  • Preparing and maintaining audit documentation and records
  • Collaborating with internal stakeholders on governance and compliance activities
  • Generating compliance reports, analytics, and regulatory documentation
  • Managing document lifecycle including versioning, review cycles, and archival

3. Prohibited Activities

You must not use the Services to engage in any of the following activities:

3.1 Illegal and Harmful Activities

  • Violate any applicable local, state, national, or international law or regulation
  • Upload, share, or distribute content that is unlawful, defamatory, harassing, abusive, fraudulent, obscene, or otherwise objectionable
  • Engage in activities that facilitate money laundering, bribery, corruption, or other financial crimes
  • Use the Platform to perpetrate fraud, deception, or misrepresentation
  • Circumvent or falsify compliance documentation, audit records, or acknowledgement logs

3.2 Security Violations

  • Attempt to gain unauthorized access to any part of the Platform, other users' accounts, or our infrastructure
  • Upload or transmit malware, ransomware, viruses, Trojan horses, or any malicious code
  • Conduct penetration testing, vulnerability scanning, or security assessments without prior written authorization from PolicyForges
  • Attempt to bypass, disable, or circumvent any security controls, authentication mechanisms, or access controls
  • Intercept, monitor, or capture another user's data without their knowledge and consent
  • Conduct denial-of-service attacks or any activity that disrupts the Services for other users

3.3 Platform Misuse

  • Reverse engineer, decompile, disassemble, or attempt to extract the source code or algorithms of the Platform
  • Modify, adapt, translate, or create derivative works based on the Platform without written permission
  • Resell, sublicense, or provide unauthorized access to the Services to third parties
  • Use automated bots, scrapers, or crawlers to access, harvest, or extract data from the Platform
  • Overload the Platform infrastructure through excessive automated requests or API abuse
  • Use the Services in a manner that could damage, impair, or overburden our servers or network

3.4 Data and Privacy Violations

  • Upload or process personal data in violation of applicable data protection laws (GDPR, CCPA, HIPAA, etc.)
  • Collect, process, or store sensitive personal data categories without appropriate legal basis or safeguards
  • Share Platform access credentials with unauthorized individuals
  • Use the Platform to collect personal data without proper notice to data subjects
  • Process employee data for purposes beyond the scope of your organization's privacy notices

3.5 Intellectual Property Violations

  • Upload, distribute, or publish content that infringes on any copyright, patent, trademark, or trade secret
  • Remove or obscure any proprietary notices, labels, or marks on the Platform
  • Use PolicyForges trademarks or branding without prior written authorization

4. Content Standards

All content uploaded, created, or shared through the Platform must meet the following standards:

  • Accuracy: Content should be accurate and not deliberately misleading
  • Legality: Content must comply with all applicable laws in your jurisdiction
  • Appropriateness: Content must be appropriate for a professional enterprise environment
  • Data Classification: Content containing highly sensitive data should be appropriately classified and access-controlled within the Platform

5. API Usage Guidelines

Customers with API access must comply with the following additional guidelines:

  • API access is limited to the rate limits specified in your subscription plan
  • API credentials must be stored securely and not exposed in public repositories or client-side code
  • API usage must comply with all other provisions of this AUP and the Terms of Service
  • Automated workflows must be designed to avoid excessive load on the Platform infrastructure

6. Reporting Violations

If you become aware of any violation of this Acceptable Use Policy, including misuse of the Platform or potential security issues, please report it immediately to:

  • Security issues: security@policyforges.io
  • AUP violations: legal@policyforges.io
  • General concerns: support@policyforges.io

PolicyForges takes all reports seriously and investigates them promptly. We encourage responsible disclosure of security vulnerabilities.

7. Enforcement

PolicyForges reserves the right to investigate suspected violations of this AUP. Upon confirmation of a violation, we may take the following actions, with or without notice:

  • Issue a formal warning to the violating account or organization
  • Temporarily suspend access to specific features or the entire Platform
  • Permanently terminate the account and subscription without refund
  • Remove or disable offending content
  • Report violations to relevant law enforcement or regulatory authorities
  • Pursue civil or criminal legal action where appropriate

8. Changes to This Policy

PolicyForges reserves the right to update this Acceptable Use Policy at any time. Material changes will be communicated to account administrators via email at least 14 days before taking effect. Continued use of the Services constitutes acceptance of the updated policy.

9. Contact

For questions or concerns about this Acceptable Use Policy:
PolicyForges Legal Team
Email: legal@policyforges.io
Support: support@policyforges.io