GuardLaneGuardLane

Acceptable Use Policy

Last Updated: February 14, 2026

DRAFT - REQUIRES LEGAL REVIEW

Last Updated: February 14, 2026

This Acceptable Use Policy ("AUP") governs your use of the AIAudit platform and services ("Service") provided by SMK SOFTWARE LLC ("we", "us", "our"). This AUP is part of our Terms of Service and applies to all users.

By using the Service, you agree to comply with this AUP. Violations may result in suspension or termination of your account, legal action, and reporting to law enforcement authorities.

1. Purpose and Scope

The AIAudit Service is designed to help developers and organizations improve code security through AI-powered security audits and analysis. This AUP ensures the Service is used lawfully, ethically, and in a manner that does not harm other users, our systems, or third parties.

This AUP applies to:

  • All users of the Service (free and paid)
  • All use of the Service, including web interface, API, and integrations
  • All content uploaded, generated, or shared through the Service
  • All interactions with our support team and other users

2. Permitted Uses

The Service may be used for:

2.1 Security Auditing

  • Conducting security audits of code repositories you own or have authorization to audit
  • Analyzing code for vulnerabilities, security weaknesses, and compliance issues
  • Generating audit reports and remediation guidance
  • Tracking and managing security findings over time

2.2 Code Quality Analysis

  • Assessing code quality, maintainability, and best practices
  • Identifying technical debt and areas for improvement
  • Analyzing dependencies and license compliance

2.3 Team Collaboration

  • Sharing audit results with authorized team members
  • Collaborating on remediation efforts
  • Managing project access and permissions

2.4 Educational and Research Purposes

  • Learning about code security and best practices
  • Academic research (with proper attribution)
  • Security training and awareness programs

2.5 Commercial Use

  • Using the Service to audit commercial software you develop or maintain
  • Providing security consulting services to clients (subject to plan limits)
  • Internal security compliance programs

3. Prohibited Activities

3.1 Illegal Activities

You may not use the Service to:

  • Violate any applicable laws, regulations, or legal obligations
  • Engage in any activity that constitutes or promotes illegal conduct
  • Process or store illegal content, including child exploitation material
  • Facilitate fraud, identity theft, money laundering, or other crimes
  • Violate export control or sanctions laws
  • Infringe on intellectual property rights of third parties

3.2 Unauthorized Access and Security Violations

You may not:

  • Audit code without authorization: Submit code for auditing that you do not own or have explicit permission to analyze
  • Bypass security measures: Attempt to circumvent authentication, access controls, rate limits, or other security features
  • Exploit vulnerabilities: Exploit security vulnerabilities in the Service for any purpose other than responsible disclosure
  • Brute-force attacks: Conduct password cracking, credential stuffing, or brute-force attacks against any systems
  • Unauthorized access: Access other users' accounts, data, or audit results without permission
  • Penetration testing: Conduct penetration testing or security assessments of our infrastructure without written authorization
  • Reverse engineering: Decompile, disassemble, or reverse engineer the Service (except as permitted by law)

3.3 Abuse of Service Resources

You may not:

  • Excessive usage: Exceed rate limits, API quotas, or abuse unlimited features in a manner that degrades service for others
  • Denial-of-service attacks: Launch distributed denial-of-service (DDoS) attacks or flood our systems with requests
  • Resource exhaustion: Submit intentionally malformed or resource-intensive code to overwhelm audit systems
  • Cryptocurrency mining: Use the Service for cryptocurrency mining or similar compute-intensive tasks
  • Automated abuse: Use bots, scripts, or automated tools to abuse the Service (except authorized API use)
  • Account manipulation: Create multiple free accounts to circumvent plan limits

3.4 Malicious Content

You may not upload, store, or transmit:

  • Malware: Viruses, worms, trojans, ransomware, or other malicious code intended to harm systems
  • Exploits: Active exploits or weaponized code designed to compromise systems (note: sample exploits for educational purposes in test repositories are permitted)
  • Phishing content: Content designed to deceive users into revealing credentials or personal information
  • Spam or scams: Unsolicited commercial content, chain letters, or fraudulent schemes

3.5 Inappropriate Content

You may not use the Service to process or store:

  • Illegal content: Content that violates applicable laws (child exploitation, terrorism, etc.)
  • Hateful content: Content promoting hatred, violence, or discrimination based on race, ethnicity, religion, gender, sexual orientation, disability, or other protected characteristics
  • Harassment: Content intended to harass, threaten, bully, or intimidate individuals
  • Private information: Unauthorized disclosure of personal information (doxxing), credentials, API keys, or secrets
  • Adult content: Pornographic or sexually explicit material (unless strictly necessary for legitimate security analysis)

3.6 Competitive and Commercial Restrictions

You may not:

  • Competitive analysis: Use the Service to conduct competitive intelligence or benchmarking against competing products without authorization
  • Scraping and data mining: Scrape, crawl, or systematically extract data from the Service for purposes other than your own security auditing
  • Reselling without authorization: Resell, redistribute, or white-label the Service without a written agreement
  • Service replication: Build a competing service using insights, data, or technology derived from the Service
  • Unauthorized commercial use: Use free plans for commercial purposes beyond the scope permitted in the plan terms

3.7 Misrepresentation and Fraud

You may not:

  • Impersonation: Impersonate any person, entity, or our employees/representatives
  • False information: Provide false, misleading, or fraudulent information during registration or use
  • Payment fraud: Use stolen credit cards, fraudulent payment methods, or engage in chargebacks abuse
  • Fake accounts: Create accounts using fake identities or automated processes

3.8 Interference with Service Operations

You may not:

  • Disruption: Interfere with, disrupt, or damage the Service, servers, or networks
  • System manipulation: Manipulate audit results, tamper with reports, or falsify security findings
  • Unauthorized modifications: Modify, adapt, or hack the Service in any way
  • Bug exploitation: Exploit bugs or vulnerabilities for personal gain or to harm others (instead, report via responsible disclosure)
  • Load testing: Conduct load testing, stress testing, or performance testing without prior written approval

4. Responsible Disclosure of Security Vulnerabilities

We encourage responsible disclosure of security vulnerabilities:

4.1 How to Report

  • Email: support@guardlane.io
  • Subject: "Security Vulnerability Report"
  • Information to include: Description of vulnerability, steps to reproduce, potential impact, and any proof-of-concept code

4.2 Expectations

  • Do not exploit: Do not exploit vulnerabilities beyond what is necessary to demonstrate the issue
  • Do not disclose publicly: Do not publicly disclose vulnerabilities until we have had reasonable time to remediate (typically 90 days)
  • Do not access data: Do not access, modify, or delete other users' data

4.3 Our Commitment

  • We will acknowledge your report within 5 business days
  • We will provide updates on remediation progress
  • We will credit researchers who responsibly disclose vulnerabilities (unless you prefer anonymity)
  • We will not take legal action against researchers who follow this policy

5. Data Protection and Privacy

You must comply with all applicable data protection and privacy laws when using the Service:

5.1 Personal Data

  • Minimize personal data: Avoid including unnecessary personal data in code repositories or audit submissions
  • Obtain consent: Ensure you have necessary consents and legal bases for processing personal data
  • Respect privacy: Do not use the Service to unlawfully collect, process, or share personal data

5.2 Credentials and Secrets

  • Do not submit secrets: Remove API keys, passwords, tokens, and credentials from code before auditing
  • Use secret scanning: Leverage the Service's secret detection features to identify and redact secrets
  • Secure storage: Do not store credentials or secrets in audit reports or project descriptions

5.3 Third-Party Rights

  • Respect intellectual property: Ensure you have the right to submit code for auditing
  • Confidentiality: Do not share confidential or proprietary code without authorization
  • License compliance: Respect open-source licenses and third-party terms

6. Consequences of Violations

6.1 Enforcement Actions

Violations of this AUP may result in:

  • Warning: Informal notice of violation with opportunity to correct
  • Suspension: Temporary suspension of account access (typically 7-30 days)
  • Termination: Permanent termination of account and deletion of data
  • Legal action: Civil or criminal legal proceedings for serious violations
  • Law enforcement referral: Reporting illegal activity to appropriate authorities

6.2 Factors Considered

When determining enforcement action, we consider:

  • Severity: Nature and severity of the violation
  • Intent: Whether the violation was intentional, negligent, or accidental
  • History: Prior violations or warnings
  • Impact: Harm caused to other users, our systems, or third parties
  • Cooperation: Your willingness to cooperate and remediate

6.3 Appeal Process

If your account is suspended or terminated:

  • You will receive notice with the reason for action
  • You may appeal by contacting support@guardlane.io within 14 days
  • We will review appeals in good faith and respond within 10 business days
  • Decisions are final unless new evidence is presented

6.4 No Refunds

Account termination for AUP violations does not entitle you to refunds for unused subscription fees.

7. Reporting Violations

7.1 How to Report

If you become aware of AUP violations by other users:

  • Email: support@guardlane.io
  • Subject: "AUP Violation Report"
  • Information to include: Description of violation, evidence (screenshots, logs), and affected parties

7.2 Our Response

  • We will investigate reports promptly and confidentially
  • We may request additional information from you
  • We will take appropriate enforcement action if violations are confirmed
  • We generally do not disclose enforcement actions against other users due to privacy

7.3 False Reports

Knowingly filing false or malicious reports is itself an AUP violation and may result in account suspension or termination.

8. Cooperation with Law Enforcement

We cooperate with law enforcement and regulatory authorities:

  • We may disclose user information in response to valid legal requests (subpoenas, court orders, warrants)
  • We may proactively report illegal activity to authorities
  • We comply with data preservation requests and production orders
  • See our Privacy Policy for more information on law enforcement cooperation

9. Intellectual Property Infringement

9.1 DMCA Compliance

We comply with the Digital Millennium Copyright Act (DMCA):

  • If you believe your copyrighted work has been infringed, submit a DMCA notice to support@guardlane.io
  • Include: identification of copyrighted work, location of infringing material, contact information, and good faith statement
  • We will investigate and remove infringing content as appropriate

9.2 Counter-Notices

If your content was removed due to a DMCA claim, you may submit a counter-notice if you believe the removal was erroneous.

9.3 Repeat Infringers

We may terminate accounts of users who repeatedly infringe intellectual property rights.

10. Third-Party Services and Integrations

10.1 Third-Party Terms

When using third-party integrations (GitHub, GitLab, Bitbucket):

  • You must comply with the third party's terms of service and acceptable use policies
  • We are not responsible for third-party services or their content
  • Violations of third-party terms may result in loss of integration access

10.2 API and Automation

If you use our API or automation tools:

  • Respect rate limits and quotas
  • Use API keys securely and do not share them
  • Comply with all provisions of this AUP
  • See our API documentation for specific usage guidelines

11. Changes to This Policy

11.1 Modifications

We may update this AUP to:

  • Reflect changes in laws or regulations
  • Address new abuse patterns or security threats
  • Clarify existing provisions
  • Improve user experience

11.2 Notice of Changes

  • Material changes: Notified via email and in-app notification (30 days' notice)
  • Non-material changes: Posted on website with updated "Last Updated" date
  • Continued use: Constitutes acceptance of changes

11.3 Immediate Changes

We reserve the right to immediately update this AUP without notice to address urgent security threats or legal requirements.

12. Interpretation and Enforcement

12.1 Discretion

We retain sole discretion to:

  • Interpret this AUP and determine whether conduct violates it
  • Determine appropriate enforcement actions
  • Grant exceptions or waivers on a case-by-case basis

12.2 No Obligation to Enforce

Our failure to enforce any provision of this AUP does not waive our right to enforce it in the future.

12.3 Good Faith Use

When in doubt, use the Service in good faith for its intended purpose: improving code security and quality. If you are unsure whether an activity is permitted, contact us at support@guardlane.io before proceeding.

13. Contact Information

For questions about this Acceptable Use Policy:

General Inquiries: Email: support@guardlane.io

Abuse Reports: Email: support@guardlane.io

Security Vulnerabilities: Email: support@guardlane.io

DMCA Notices: Email: support@guardlane.io

Legal Notices: SMK SOFTWARE LLC 38 Shengavit Street, Apartment 8, Shengavit District, 0050 Yerevan, Armenia

14. Acknowledgment

By using AIAudit, you acknowledge that:

  • You have read and understood this Acceptable Use Policy
  • You agree to comply with all provisions of this AUP
  • You understand the consequences of violations
  • You will use the Service lawfully and ethically

Last Updated: February 14, 2026

Related Policies:

  • Terms of Service
  • Privacy Policy
  • Data Processing Agreement
  • Cookie Policy

Report Violations: support@guardlane.io