Acceptable Use Policy

1. Purpose

This Acceptable Use Policy ("AUP") defines the rules and guidelines for using Privyn's fraud monitoring and payment protection platform. This policy supplements our Terms of Service and applies to all users of our Services.

2. Prohibited Activities

You may not use Privyn's Services in connection with any of the following:

Illegal or Fraudulent Activities

• Money laundering, terrorist financing, or sanctions evasion
• Processing transactions for illegal goods or services
• Operating ponzi schemes, pyramid schemes, or investment fraud
• Identity theft or unauthorized use of personal information
• Any activity that violates applicable federal, state, or international laws

Prohibited Goods and Services

• Controlled substances and illegal drugs
• Weapons, ammunition, and explosives (where prohibited by law)
• Counterfeit goods or intellectual property infringement
• Child exploitation material of any kind
• Products or services that promote hate, violence, or discrimination
• Unlicensed pharmaceutical products
• Gambling services (where unlicensed or prohibited by law)

Platform Abuse

• Attempting to bypass, disable, or circumvent fraud detection mechanisms
• Generating artificial or fake transactions to manipulate analytics
• Reverse engineering, decompiling, or scraping our platform or APIs
• Using automated tools to overwhelm our infrastructure (DoS/DDoS attacks)
• Sharing account credentials or API keys with unauthorized third parties
• Reselling access to Privyn's Services without written authorization

3. API Usage Guidelines

When using Privyn's APIs, you must:

• Respect published rate limits (documented in our API reference)
• Implement proper error handling and retry logic with exponential backoff
• Securely store and transmit API keys and authentication tokens
• Not cache or store fraud decision results beyond the current transaction context
• Report any discovered security vulnerabilities to security@privyn.com

4. Data Handling Requirements

As a merchant using our Services, you must:

• Maintain PCI DSS compliance appropriate to your transaction volume
• Obtain proper consent from your customers for data processing as required by applicable privacy laws
• Not misuse customer data obtained through Privyn's fraud analysis for marketing or profiling purposes
• Promptly report any data breaches that may affect data processed through our platform

5. Compliance Obligations

You are responsible for ensuring that your use of our Services complies with:

• Payment Card Industry Data Security Standards (PCI DSS)
• Applicable anti-money laundering (AML) regulations
• Know Your Customer (KYC) requirements
• General Data Protection Regulation (GDPR), where applicable
• California Consumer Privacy Act (CCPA), where applicable
• All other applicable federal, state, and local regulations

6. Enforcement

Violations of this AUP may result in:

• Warning: For first-time or minor violations, we may issue a warning with a deadline to remediate.
• Suspension: Repeated or serious violations may result in temporary suspension of your account.
• Termination: Severe violations, including illegal activities, will result in immediate account termination without refund.
• Legal Action: We reserve the right to pursue legal remedies for violations that cause harm to Privyn, our users, or third parties.

7. Reporting Violations

If you become aware of any activity that violates this AUP, please report it to abuse@privyn.com. All reports are investigated and treated confidentially.

8. Changes to This Policy

We may update this AUP from time to time. Material changes will be communicated with at least 15 days' notice. Continued use of the Services after changes take effect constitutes acceptance of the updated policy.

9. Contact

Questions about this policy? Contact us at:
Privyn, Inc.
Email: legal@privyn.com