Acceptable Use Policy

1. Purpose & Scope

CyberVault's Acceptable Use Policy ("AUP") establishes the standards and guidelines governing the use of our cybersecurity platforms, services, APIs, and associated infrastructure. This policy applies to all clients, end-users, administrators, partners, and third parties accessing CyberVault's systems.

By accessing or utilizing any CyberVault service, you acknowledge that you have read, understood, and agreed to comply with this AUP. CyberVault reserves the right to modify this policy at any time to reflect changes in technology, legal requirements, or security best practices.

2. Permitted Uses

CyberVault services are designed and authorized for the following legitimate business and security purposes:

• Deployment and management of authorized cybersecurity monitoring, threat detection, and incident response tools.
• Integration with approved enterprise security stacks via documented APIs and webhooks.
• Security assessments, vulnerability scanning, and penetration testing strictly within pre-approved scopes and written authorization.
• Storage, processing, and analysis of security telemetry, logs, and threat intelligence data for defensive purposes.
• Training, simulation, and awareness exercises conducted in isolated or sandboxed environments.

3. Prohibited Activities

The following actions are strictly prohibited and may result in immediate service suspension, account termination, and/or legal action:

1. Unauthorized Access: Attempting to bypass, disable, or circumvent authentication, encryption, or access controls on CyberVault systems or client infrastructure.
2. Malicious Use: Using CyberVault services to launch, facilitate, or coordinate cyberattacks, including but not limited to DDoS, malware distribution, ransomware, or phishing campaigns.
3. Data Misuse: Harvesting, selling, or sharing customer data, threat intelligence, or system logs without explicit written consent.
4. Reverse Engineering: Decompiling, disassembling, or reverse-engineering CyberVault software, APIs, or proprietary algorithms.
5. Resource Abuse: Consuming excessive compute, bandwidth, or storage resources in a manner that degrades service quality for other users.
6. Illegal Content: Storing, transmitting, or processing content that violates criminal statutes, copyright laws, or sanctions regulations.
7. Impersonation: Falsifying identities, credentials, or organizational affiliations to gain unauthorized access or privileges.

4. Security Responsibilities

Maintaining a secure environment is a shared responsibility. Clients must adhere to the following security obligations:

• Maintain strong, unique credentials for all CyberVault accounts and enforce multi-factor authentication (MFA).
• Keep all client-side integrations, agents, and dependencies patched and updated.
• Immediately report suspected compromises, unauthorized access, or anomalous activity to CyberVault's SOC.
• Implement least-privilege access controls and regular access reviews for personnel interacting with CyberVault platforms.
• Ensure all data transmitted to or stored within CyberVault services is properly classified and encrypted where required by policy or regulation.

5. Monitoring & Data Handling

To maintain service integrity, security, and compliance, CyberVault may monitor platform activity, system logs, API calls, and network traffic associated with your account. This monitoring is conducted solely for:

• Detecting and preventing fraudulent, abusive, or prohibited use.
• Ensuring service availability, performance, and uptime.
• Complying with legal obligations, court orders, or regulatory requirements.
• Improving product functionality and threat detection capabilities.

CyberVault will not sell, license, or commercially exploit customer data. All collected telemetry and metadata are processed in accordance with our Privacy Policy and data processing agreements.

6. Enforcement & Termination

Violations of this AUP will be investigated promptly. Depending on the severity and recurrence, CyberVault may take one or more of the following actions:

• Issue a formal warning and require remediation within a specified timeframe.
• Suspend or throttle specific features, API endpoints, or network access.
• Terminate the service agreement and permanently disable account access.
• Preserve logs and evidence for law enforcement or legal proceedings.
• Pursue civil or criminal liability where applicable.

CyberVault reserves the right to take immediate action without prior notice in cases involving imminent security threats, illegal activity, or severe policy violations.

7. Limitation of Liability

CyberVault provides its services "as is" and does not guarantee uninterrupted or error-free operation. To the maximum extent permitted by law, CyberVault shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from the use, inability to use, or unauthorized use of our services, including data loss, business interruption, or third-party claims.

Client misuse of CyberVault platforms in violation of this AUP voids all warranty and liability protections. Clients are solely responsible for ensuring their usage complies with applicable laws and third-party contracts.

8. Policy Updates

This Acceptable Use Policy is subject to periodic revision. Changes will be communicated via in-platform notifications, email to designated account contacts, and public updates to this document. Continued use of CyberVault services following the effective date of any modification constitutes acceptance of the updated terms.

9. Contact & Reporting

If you believe your account has been compromised, suspect a policy violation, or have questions regarding this AUP, please contact our security and compliance team immediately:

• Email: compliance@cybervault.io
• Security Hotline: +1 (800) 555-SECURE (7243)
• Reporting Portal: report.cybervault.io

All reports are handled confidentially by our dedicated Trust & Safety team. CyberVault encourages responsible disclosure and cooperative remediation for all security-related concerns.