Acceptable Use Policy

Last updated: January 2026

This Acceptable Use Policy ("Policy") describes prohibited uses of the ComplySherpa platform ("Service"). By using the Service, you agree to comply with this Policy. Violations may result in suspension or termination of your account.

1. Prohibited Activities

You may not use the Service to:

Illegal or Harmful Content

  • Store, transmit, or distribute content that violates any applicable law or regulation
  • Share malware, viruses, or other malicious code
  • Distribute child sexual abuse material or content that exploits minors
  • Promote terrorism, violent extremism, or human trafficking
  • Facilitate illegal gambling, money laundering, or fraud

Security Violations

  • Attempt to gain unauthorized access to the Service or other users' accounts
  • Probe, scan, or test the vulnerability of any system or network
  • Breach or circumvent any authentication or security measures
  • Reverse engineer, decompile, or disassemble any part of the Service
  • Use automated tools (bots, scrapers, etc.) without express written permission
  • Overload, flood, or spam the Service (e.g., denial-of-service attacks)

Abuse & Harassment

  • Harass, threaten, stalk, or impersonate others
  • Collect or harvest personal information without consent
  • Send unsolicited communications (spam, phishing attempts)
  • Engage in hate speech, discrimination, or content that incites violence

Misuse of Platform

  • Upload content you don't have the right to use (copyright/trademark violations)
  • Create multiple accounts to evade enforcement or exceed usage limits
  • Resell or sublicense access to the Service without authorization
  • Use the Service for benchmarking or building a competing product
  • Store backups of unrelated systems (the Service is not a general-purpose backup tool)

2. Account Security Requirements

You are responsible for:

  • Strong passwords: Use unique, complex passwords (minimum 12 characters recommended)
  • Multi-factor authentication: Enable MFA when available
  • Credential confidentiality: Do not share login credentials with unauthorized individuals
  • Prompt reporting: Notify us immediately if you suspect unauthorized access

3. Content Standards

All content uploaded to the Service must:

  • Be accurate, complete, and not misleading
  • Comply with applicable data protection laws (GDPR, PIPEDA, CPRA, etc.)
  • Not contain sensitive personal data unless properly anonymized or secured
  • Respect third-party intellectual property rights

Best Practice

When uploading evidence or policy documents, ensure they do not contain unnecessary PII (Personally Identifiable Information). Redact sensitive data like Social Security Numbers, credit card numbers, or personal health information unless required for compliance.

4. Fair Use & Rate Limits

The Service is designed for reasonable business use. We reserve the right to enforce rate limits, storage quotas, and API call restrictions to ensure equitable access for all users. Excessive or abusive usage may result in throttling or account suspension.

Examples of Excessive Use:

  • Uploading duplicate evidence files to circumvent storage limits
  • Running automated scripts that generate thousands of API requests per hour
  • Storing non-compliance-related data (e.g., using the platform as a file-sharing service)

5. Monitoring & Enforcement

ComplySherpa reserves the right to:

  • Review content to ensure compliance with this Policy (manual or automated)
  • Remove or disable access to content that violates this Policy
  • Suspend or terminate accounts for repeated or severe violations
  • Report illegal activity to law enforcement authorities

Immediate Suspension

Activities that pose an immediate security risk (e.g., malware distribution, attempted hacking) will result in immediate account suspension without prior notice.

6. Reporting Violations

If you become aware of a violation of this Policy, please report it to:

Security Issues: security@complysherpa.com

Abuse Reports: abuse@complysherpa.com

Legal Concerns: legal@complysherpa.com

7. Consequences of Violations

Depending on the severity and frequency of violations, we may:

  1. Issue a warning: First-time minor violations may result in a written warning
  2. Temporary suspension: Repeated violations or moderate severity issues
  3. Account termination: Severe violations (illegal activity, security breaches)
  4. Legal action: We reserve the right to pursue legal remedies for damages caused by violations

8. Changes to This Policy

We may update this Policy from time to time. Material changes will be communicated via email or in-app notification. Continued use of the Service after changes constitutes acceptance of the updated Policy.

9. Questions

If you have questions about this Policy or need clarification on acceptable use, contact us at legal@complysherpa.com.

Related Policies: Terms of ServicePrivacy PolicyData Processing AgreementSecurity Practices