Acceptable Use Policy

Extracted from BloomLightly Terms

1.1. You must not, and must not permit others to:
(a) access or attempt to access data/systems without authorization;
(b) probe, scan, test, or bypass security controls except with explicit written permission;
(c) reverse engineer, decompile, disassemble, or attempt to derive source code except where non-waivable law allows;
(d) upload malware or execute denial-of-service, credential-stuffing, scraping, bot abuse, or similar attacks;
(e) use the Service for unlawful, infringing, fraudulent, or deceptive activities;
(f) interfere with service stability, integrity, or performance.
(g) access or use the Service for the purpose of building, benchmarking, copying, competing with, or developing a product or service that is substantially similar to the Service, including systematic feature analysis, competitive intelligence gathering, automated data extraction, or use of the Service to train competing machine learning systems.

1.2. We may implement rate limits, anti-bot controls, geofencing, and technical restrictions to enforce security and policy compliance.
1.3. For camera/webhook integrations, you must follow published technical and security guidance, including use of HTTPS and required authentication headers/secrets.
1.4. You must not upload content that violates law, exceeds documented technical limits, or intentionally attempts to bypass webhook protections (including replay protection, client binding, or rate limits).
1.5. You must promptly rotate secrets and disable compromised webhook endpoints if a device, URL, token, or secret is suspected to be exposed.
1.6. You are responsible for lawful deployment of cameras, including required signage, employee/visitor transparency, and any consultation with labor/privacy representatives required by local law.

2.1. The Service may provide application programming interfaces (APIs), webhooks, or integration endpoints that allow automated interaction with the Service.
2.2. You must use APIs and integrations in accordance with published technical documentation and any applicable rate limits, authentication requirements, or security guidelines.
2.3. You must not use the API or integration interfaces to:
(a) overload, disrupt, or degrade the Service or its infrastructure;
(b) perform automated scraping or bulk extraction of Service data beyond the intended operational use;
(c) circumvent plan limits, billing mechanisms, or usage restrictions;
(d) probe or attempt to bypass security mechanisms or authentication controls.

2.4. The Provider may enforce rate limits, throttle requests, suspend API access, rotate credentials, or disable integration endpoints where necessary to protect service stability, security, or fair use. Repeated violations of API usage policies may result in suspension or termination of the associated account.
2.5. The Provider may modify or deprecate API endpoints or integration features with reasonable notice where practicable.

3.1. We may collect and review technical logs, security events, API usage records, and billing telemetry to operate the Service, detect abuse, investigate incidents, and enforce these Terms.
3.2. Monitoring is conducted proportionately and in line with our Privacy Policy and applicable data protection law.
3.3. You agree to reasonably cooperate with incident investigations and to provide requested information relevant to misuse allegations.
3.4. For camera webhook features, we may log configuration and security events (including creation/modification/deletion, secret rotation, timestamps, user identifiers, and source IP where necessary) to support accountability and incident response.
3.5. In multi-user farm workspaces, we may maintain action attribution logs (e.g., acting user, action type, target entity, timestamp, source metadata) for security, auditability, and dispute resolution.