Home

Acceptable Use Policy

Last updated: 16 July 2026

This Acceptable Use Policy sets out what you can and can't do with Compliance One. It exists to keep the service secure, reliable, and fair for everyone — a compliance platform that people misuse helps no one. It's part of our Terms of Service, and it applies to everyone who uses the service.

The spirit of it

Use the service for its intended purpose — running your own compliance programme — and don't do anything that harms the service, other customers, or third parties. If a reasonable person would look at what you're doing and wince, don't do it. The specifics below make that concrete.

Don't break the law or harm others

  • Don't use the service for anything illegal, fraudulent, or deceptive.
  • Don't upload or store content you don't have the right to, or that infringes someone's intellectual property or privacy.
  • Don't use the service to harass, threaten, defame, or violate the rights of any person.
  • Don't upload malware, ransomware, or anything designed to harm systems or data.

Don't undermine security

  • Don't attempt to access another organisation's data, account, or environment — tenant isolation is not a challenge to beat.
  • Don't probe, scan, or test the vulnerability of the service except under our Responsible Disclosure Policy.
  • Don't bypass or interfere with authentication, rate limits, or any security or access control.
  • Don't share your credentials, or let unauthorised people use your access.

Don't abuse the platform

  • Don't overload, disrupt, or degrade the service (for example with excessive automated requests or denial-of-service traffic).
  • Don't scrape, crawl, or bulk-export the platform beyond the features and APIs we provide for that purpose.
  • Don't reverse-engineer, decompile, or copy the platform, or use it to build a competing product.
  • Don't resell, sublicense, or provide the service to third parties unless your agreement expressly allows it.

Keep your content clean

The service is for your compliance evidence and records — not a general file host. Don't use it to store content unrelated to your compliance programme, and don't upload highly sensitive data the platform isn't designed for (for example, don't paste raw payment card numbers into a free-text field).

If something goes wrong

If we believe you've breached this policy, we may investigate, ask you to stop, remove offending content, or — for serious or repeated breaches — suspend or terminate access. Where we can, we'll warn you first and give you a chance to put it right; where the risk is urgent (like an active security threat), we may act immediately to protect the service and other customers.

Reporting abuse

Seen something that breaks this policy — abuse, a compromised account, infringing content? Tell us at hello@complianceonecloud.com (or security@complianceonecloud.com for security issues) and we'll look into it.