Acceptable Use Policy

1. Overview

This Acceptable Use Policy ("AUP") sets forth the rules and guidelines that govern your use of the Ovvoc automated dependency update platform ("Service"). This AUP applies to all users, including individuals, organizations, and entities that access or interact with the Service in any capacity.

This AUP supplements and is incorporated by reference into the Terms of Service ("Agreement"). In the event of any conflict between this AUP and the Agreement, the more restrictive provision shall apply. All capitalized terms not defined herein shall have the meanings ascribed to them in the Agreement.

The purpose of this AUP is to ensure the security, reliability, and integrity of the Service for all users. By accessing or using the Service, you agree to comply with this AUP in its entirety. We reserve the right to update this AUP at any time, and your continued use of the Service following any changes constitutes your acceptance of the updated policy.

2. Permitted Use

The Service is designed and intended exclusively for the following legitimate purposes:

• Automated dependency updates: Using the Service to monitor, update, and maintain software dependencies for your projects, including version detection, security vulnerability patching, and code transformation.
• Legitimate software development: Using the Service in connection with bona fide software development activities, including open-source projects, commercial products, internal tools, and client projects.
• Authorized repositories only: Connecting the Service exclusively to repositories that you own or for which you have explicit authorization from the repository owner to perform dependency updates. You must have the legal right to access, modify, and create pull requests against any repository connected to the Service.
• Dashboard and reporting: Accessing the Service dashboard to review update status, manage configurations, review dependency health, and configure notification preferences.
• API access: Interacting with the Service API in accordance with published documentation, rate limits, and authentication requirements.

3. Prohibited Activities

You shall not, and shall not permit any third party to, engage in any of the following activities in connection with the Service. This list is illustrative and not exhaustive; Ovvoc reserves the right to determine, in its sole discretion, whether any conduct violates the spirit or intent of this AUP.

3.1 Security Violations

• Attempting to gain unauthorized access to the Service, other user accounts, or any systems, networks, or data not intended for your use
• Exploiting or attempting to exploit vulnerabilities, bugs, or security flaws in the Service, including zero-day vulnerabilities, without prior written authorization from Ovvoc through our responsible disclosure program
• Conducting port scanning, network probing, or penetration testing against the Service or its infrastructure without express written consent
• Intercepting, monitoring, or sniffing network traffic not intended for your use, including packet sniffing, man-in-the-middle attacks, or traffic interception
• Bypassing, circumventing, or attempting to circumvent any authentication, encryption, access control, or security mechanism implemented by the Service
• Deploying or attempting to deploy malicious code, backdoors, rootkits, keyloggers, or any form of malware through the Service
• Using the Service to conduct denial-of-service attacks, distributed denial-of-service attacks, or any form of resource exhaustion attack against any target

3.2 Resource Abuse

• Using ephemeral containers or Service infrastructure for cryptocurrency mining, proof-of-work computation, or any form of computational resource extraction unrelated to dependency updates
• Making excessive, abusive, or programmatically generated API calls that exceed published rate limits or that are designed to degrade the performance or availability of the Service
• Intentionally overloading the Service through artificially inflated repository counts, fake dependency configurations, or manufactured workloads
• Circumventing, bypassing, or attempting to defeat rate limits, quotas, throttling mechanisms, or other usage restrictions implemented by the Service
• Using the Service in a manner that consumes a disproportionate share of infrastructure resources relative to your subscription plan, to the detriment of other users
• Creating multiple accounts to circumvent plan limits, free trial restrictions, or enforcement actions taken against a prior account

3.3 Content Violations

• Using the Service to distribute, store, or process malware, viruses, trojan horses, ransomware, spyware, or any other malicious software
• Using the Service in connection with repositories that contain illegal content under applicable law, including but not limited to child sexual abuse material, content that incites violence, or content that violates export control regulations
• Using the Service to send, distribute, or facilitate the sending of unsolicited bulk messages, spam, phishing emails, or deceptive communications
• Using the Service to host, distribute, or facilitate phishing pages, credential harvesting sites, or social engineering schemes

3.4 Intellectual Property Violations

• Using the Service to infringe upon, misappropriate, or violate the intellectual property rights of any third party, including copyrights, trademarks, patents, and trade secrets
• Using the Service to distribute, reproduce, or make available any software, code, or content without proper authorization from the rights holder
• Reverse engineering, decompiling, disassembling, or attempting to derive the source code of the Service or any of its proprietary components, except to the extent expressly permitted by applicable law
• Removing, obscuring, or altering any proprietary notices, labels, or markings on the Service or its output

3.5 Interference and Misuse

• Interfering with or disrupting the integrity, performance, or availability of the Service or any related systems, networks, or infrastructure
• Accessing, modifying, deleting, or tampering with another user's data, repositories, configurations, or account settings without authorization
• Impersonating any person or entity, or falsely representing your affiliation with any person or entity, in connection with the Service
• Using the Service to collect, harvest, or aggregate personal information about other users without their consent and a lawful basis
• Automating the creation of accounts, submitting content, or interacting with the Service through bots, scripts, or automated tools not provided or authorized by Ovvoc

3.6 Legal and Regulatory Compliance

• Using the Service in violation of any applicable local, state, national, or international law, regulation, or ordinance
• Using the Service in violation of export control laws, trade sanctions, or embargo regulations, including but not limited to those administered by the United States, the European Union, or the United Nations
• Using the Service to facilitate money laundering, terrorist financing, or any other financial crime
• Using the Service in jurisdictions where such use is prohibited by applicable law

4. Rate Limits and Fair Use

To ensure equitable access and reliable performance for all users, the Service implements the following usage constraints. These limits may vary based on your subscription plan and are subject to change with reasonable notice.

• API rate limits: API requests are subject to per-account rate limits as published in our documentation. Exceeding these limits may result in temporary throttling or request rejection (HTTP 429 responses).
• Concurrent job limits: The number of dependency update jobs that may run concurrently is determined by your subscription plan. Jobs exceeding the concurrent limit will be queued and executed in order.
• Repository limits: The maximum number of monitored repositories is determined by your subscription plan. Attempts to exceed your plan's repository limit will be rejected.
• Storage limits: Ephemeral container disk usage is subject to per-job limits. Dependency installations that exceed disk allocation will result in job failure.
• Fair use: All usage must be commercially reasonable and consistent with the intended purpose of the Service. Ovvoc reserves the right to contact users whose usage patterns are materially inconsistent with normal dependency update workflows and to request adjustments or plan upgrades as appropriate.

5. Monitoring and Enforcement

Ovvoc reserves the right, but does not assume the obligation, to monitor the use of the Service for compliance with this AUP. Monitoring may include automated systems that detect anomalous usage patterns, security threats, and policy violations.

In the event of a suspected violation, Ovvoc may, in its sole discretion and without prior notice:

• Investigate the suspected violation, including reviewing account activity, job logs, and usage patterns
• Suspend or restrict access to the Service pending the outcome of an investigation
• Terminate the offending user's account in accordance with the graduated enforcement procedures described in Section 7
• Remove or disable access to content that violates this AUP
• Report the violation to applicable law enforcement authorities where we have a good-faith belief that the activity constitutes a criminal offense or poses an imminent threat to the safety of any person
• Cooperate with law enforcement authorities and comply with valid legal process, including subpoenas, court orders, and search warrants

Ovvoc shall not be liable for any action taken in good faith to enforce this AUP, including any resulting suspension, restriction, or termination of access to the Service.

6. Reporting Violations

If you become aware of any violation of this AUP, or if you believe that the Service is being used in a manner that is unlawful, harmful, or inconsistent with this policy, we encourage you to report the matter promptly to [email protected].

When reporting a violation, please include the following information to assist with our investigation:

• Your name and contact information
• A detailed description of the suspected violation, including the specific provision of this AUP you believe has been violated
• The date(s) and time(s) when the violation occurred or was observed
• Any relevant evidence, including screenshots, URLs, log excerpts, or other documentation
• The identity of the alleged violator, if known (e.g., username, account identifier, or IP address)

Ovvoc will review all reports in a timely manner and will take appropriate action as described in this AUP. We may, but are not obligated to, provide the reporter with updates on the status or outcome of the investigation. All reports will be treated confidentially to the extent permitted by law.

7. Consequences of Violation

Ovvoc employs a graduated enforcement approach to address violations of this AUP. The specific response to any violation will be determined at Ovvoc's sole discretion, taking into account the nature, severity, and frequency of the violation, as well as the violator's history and intent.

• Warning: For first-time or minor violations, Ovvoc may issue a written warning to the offending user, specifying the nature of the violation and the corrective action required. The user shall be given a reasonable period to remedy the violation.
• Temporary suspension: For repeated violations, serious violations, or failure to remedy a previously warned violation, Ovvoc may temporarily suspend the user's access to the Service. The duration of the suspension will be determined based on the severity of the violation and may range from 24 hours to 30 days.
• Permanent termination: For severe violations, persistent violations despite prior warnings or suspensions, or violations that cause material harm to the Service, other users, or third parties, Ovvoc may permanently terminate the user's account. Terminated users are not entitled to a refund of any prepaid subscription fees.
• Legal action: Ovvoc reserves the right to pursue any and all legal remedies available under applicable law, including seeking injunctive relief, monetary damages, and recovery of costs and attorneys' fees, against any user who violates this AUP in a manner that causes harm to Ovvoc, the Service, other users, or third parties.

Notwithstanding the graduated enforcement approach described above, Ovvoc reserves the right to immediately suspend or terminate access to the Service without prior notice in cases involving: (a) imminent security threats; (b) illegal activity; (c) activity that poses a risk of harm to other users, third parties, or the Service; or (d) activity required to comply with applicable law or legal process.

8. Changes to This Policy

Ovvoc reserves the right to modify this AUP at any time. We will provide at least 30 days' prior written notice of any material changes to this AUP by posting the updated policy on our website and, for active subscribers, by sending a notification to the email address associated with your account.

Your continued use of the Service after the effective date of any modification to this AUP constitutes your acceptance of the modified policy. If you do not agree with the modified AUP, you must discontinue your use of the Service before the effective date of the modification.

The "Last updated" date at the top of this page indicates when this AUP was most recently revised. We encourage you to review this AUP periodically to stay informed about the rules governing your use of the Service.

For questions about this Acceptable Use Policy, please contact us at [email protected] or refer to the contact information in our Terms of Service.