TrustCheck Legal

Acceptable Use Policy

Effective date: June 2, 2026. Version: 2026-06-02.

These pages are product policy templates for TrustCheck operations and user consent. They are not legal advice; have qualified counsel review them before production launch.

This Acceptable Use Policy applies to all TrustCheck users, organizations, API clients, integrations, monitoring schedules, scans, brand protection workflows, and professional service requests.

1. Permitted Use

You may use TrustCheck to assess assets you own or are authorized to test, manage security evidence, monitor verified assets, detect brand impersonation, evaluate vendor risk, run approved attack simulations, request analyst vetting, and share valid TrustCheck badges or public profiles.

2. Prohibited Use

3. Third-Party Targets

You may not submit third-party domains, APIs, repositories, infrastructure, social accounts, or brand assets unless you have explicit authorization or are using a feature intended for passive vendor risk lookup. TrustCheck may request proof of authorization at any time.

4. API And Automation

API keys must be kept secret and used only for legitimate automation. You must not bypass rate limits, overload queues, automate abusive scans, or use connected apps to send spam or unauthorized messages.

5. Integrations And Notifications

You are responsible for ensuring that connected apps, webhooks, chat channels, and notification recipients are authorized to receive the security data sent to them.

6. Enforcement

TrustCheck may throttle, cancel scans, suspend monitoring, revoke API keys, disable integrations, remove content, require re-verification, or terminate access if this policy is violated or platform safety is at risk.