MITRITY Platform — Acceptable Use Policy
Last updated: March 2026
This Acceptable Use Policy ("AUP") governs your use of the MITRITY Platform and is incorporated by reference into the Terms of Service. Capitalized terms not defined herein have the meanings given in the Terms of Service.
1. Purpose
This AUP is designed to protect the security, integrity, and availability of the Service for all customers. By using the Service, you agree to comply with this policy.
2. Prohibited Uses
You may not use the Service, the Edge Node, the API, or any component of the Platform to:
2.1 Illegal Activity
(a) Violate any applicable local, national, or international law or regulation;
(b) Facilitate, promote, or engage in fraud, money laundering, terrorist financing, or any other criminal activity;
(c) Process data that you are not legally authorized to process; or
(d) Infringe upon the intellectual property rights, privacy rights, or other rights of any third party.
2.2 Reverse Engineering and Competitive Misuse
(a) Reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, underlying algorithms, or architecture of the Service or the Edge Node software;
(b) Use the Service for the purpose of building a competing product or service;
(c) Benchmark or conduct performance testing of the Service for the purpose of publishing results or sharing them with a competitor without MITRITY's prior written consent;
(d) Scrape, harvest, or extract data from the Service for purposes unrelated to your legitimate use; or
(e) Circumvent, disable, or interfere with any security features, access controls, or usage limitations of the Service.
2.3 System Abuse
(a) Attempt to gain unauthorized access to the Service, other customers' accounts, or MITRITY's internal systems;
(b) Introduce viruses, malware, worms, Trojan horses, or other malicious code;
(c) Conduct denial-of-service attacks, flood attacks, or other actions designed to disrupt or degrade the Service;
(d) Use automated tools (bots, scrapers, crawlers) to access the Service in a manner that exceeds reasonable use or circumvents rate limits;
(e) Probe, scan, or test the vulnerability of the Service or any related system without MITRITY's prior written authorization; or
(f) Interfere with or disrupt the Service, servers, or networks connected to the Service.
2.4 Misrepresentation
(a) Impersonate any person or entity, or falsely claim an affiliation with any person or entity;
(b) Provide false, misleading, or inaccurate information during account registration or use of the Service; or
(c) Use the Service to generate false or misleading governance reports.
2.5 Unauthorized Data Processing
(a) Submit to the Service any data that you do not have the right to process, including data collected without proper consent or legal basis;
(b) Use the Service to process data in violation of applicable data protection laws (including GDPR); or
(c) Use the Service to monitor or surveil individuals without a lawful basis and appropriate transparency.
3. Rate Limits and Fair Use
3.1 Rate Limits
MITRITY enforces rate limits on API calls and Edge Node data ingestion to ensure fair use and Service stability. Current rate limits are published in the API documentation at https://mitrity.com/docs/api-reference.
| Resource | Starter | Professional | Enterprise |
|---|---|---|---|
| API requests | [STARTER_API_LIMIT]/min | [PRO_API_LIMIT]/min | Custom |
| Edge Node events ingested | [STARTER_EVENT_LIMIT]/sec | [PRO_EVENT_LIMIT]/sec | Custom |
| Concurrent Edge Nodes | [STARTER_EDGE_NODE_LIMIT] | [PRO_EDGE_NODE_LIMIT] | Custom |
| Data retention | [STARTER_RETENTION] | [PRO_RETENTION] | Custom |
Enterprise customers may negotiate custom limits in their Order Form.
3.2 Fair Use
Even within published rate limits, MITRITY reserves the right to throttle or restrict usage patterns that:
(a) Place disproportionate load on the Service infrastructure relative to the Subscription Plan;
(b) Negatively impact the performance or availability of the Service for other customers; or
(c) Are inconsistent with the intended use of the Service.
MITRITY will contact Customer before imposing restrictions under this section and will work with Customer to find an appropriate solution, which may include upgrading the Subscription Plan.
3.3 Burst Tolerance
MITRITY allows reasonable short-term bursts above published rate limits to accommodate legitimate operational spikes. Sustained usage above rate limits is not permitted without a plan upgrade or explicit written agreement.
4. Security Responsibilities
4.1 Account Security
Customer is responsible for:
(a) Maintaining the security and confidentiality of all account credentials;
(b) Ensuring that multi-factor authentication (MFA) is enabled and maintained for all Authorized Users, as required by the Service;
(c) Using strong, unique passwords for all accounts;
(d) Promptly revoking access for Authorized Users who no longer require it (e.g., employees who leave the organization); and
(e) Notifying MITRITY immediately at soc@mitrity.com if Customer becomes aware of any unauthorized access or security breach affecting Customer's account.
4.2 Edge Node Security
Customer is responsible for:
(a) Securing the infrastructure in which the Edge Node is deployed;
(b) Restricting network access to and from the Edge Node to authorized endpoints;
(c) Keeping the Edge Node software updated to a supported version; and
(d) Not modifying, tampering with, or attempting to extract components from the Edge Node binary.
4.3 API Key Management
Customer must:
(a) Treat API keys as confidential credentials;
(b) Not embed API keys in client-side code, public repositories, or unencrypted storage;
(c) Rotate API keys periodically and whenever a compromise is suspected; and
(d) Use the minimum scope necessary for each API key.
5. Reporting Violations
5.1 How to Report
If you become aware of any violation of this AUP, whether by another customer, a third party, or within your own organization, please report it to:
Email: abuse@mitrity.com
Reports should include as much detail as possible, including relevant dates, descriptions, and any supporting evidence.
5.2 Confidentiality
MITRITY treats violation reports confidentially and will not disclose the identity of the reporter except as required by law or as necessary to investigate the report.
5.3 Good Faith Reporting
MITRITY encourages good-faith reporting and will not take adverse action against customers who report violations in good faith, even if the report involves their own inadvertent violation.
6. Consequences of Violations
6.1 Investigation
MITRITY reserves the right to investigate any suspected violation of this AUP. During an investigation, MITRITY may:
(a) Review relevant logs and usage data;
(b) Request information or cooperation from Customer; and
(c) Consult with law enforcement if criminal activity is suspected.
6.2 Enforcement Actions
Depending on the severity and nature of the violation, MITRITY may, at its sole discretion, take one or more of the following actions:
(a) Warning — Issue a written warning specifying the violation and required corrective action;
(b) Throttling — Temporarily reduce rate limits or restrict access to specific features;
(c) Suspension — Suspend Customer's access to the Service, in whole or in part. MITRITY will provide notice before suspension unless immediate action is necessary to prevent harm to the Service or other customers;
(d) Termination — Terminate Customer's account and this Agreement in accordance with the Terms of Service; or
(e) Legal Action — Pursue legal remedies, including damages and injunctive relief.
6.3 Notice and Cure
For non-critical violations, MITRITY will provide written notice and a reasonable opportunity to cure (typically 15 days) before taking suspension or termination action. For violations that pose an immediate threat to the security, integrity, or availability of the Service, MITRITY may act immediately.
6.4 Effect on Fees
Suspension or termination for AUP violations does not entitle Customer to a refund of prepaid fees.
7. Vulnerability Disclosure
7.1 Responsible Disclosure
If you discover a potential security vulnerability in the Service, we encourage responsible disclosure. Please report vulnerabilities to soc@mitrity.com rather than publicly disclosing them.
7.2 Safe Harbor
MITRITY will not pursue legal action against researchers who:
(a) Act in good faith to discover and report vulnerabilities;
(b) Avoid accessing, modifying, or deleting data belonging to other customers;
(c) Do not disrupt the Service for other customers;
(d) Provide MITRITY reasonable time to address the vulnerability before any public disclosure; and
(e) Comply with all applicable laws.
8. Changes to This Policy
MITRITY may update this AUP from time to time. Material changes will be communicated with at least 30 days' advance notice via email or through the Service. Continued use of the Service after the effective date of updated terms constitutes acceptance.
9. Contact
For questions about this Acceptable Use Policy:
MITRITY Email: hello@mitrity.com Security: soc@mitrity.com Website: https://mitrity.com