Acceptable Use Policy
UAB APP FOREST · Version 1.0 · Last updated
Draft — effective at launch, last updated . UAB APP FOREST is in formation. This policy is published for transparency and takes legal effect once the company is incorporated and its registration details are completed.
1. Purpose & scope
This Acceptable Use Policy (the “Policy”) sets out the rules for using Foresttasks (the “Service”), including its web application and its REST and MCP APIs. It is part of, and incorporated into, our Terms of Service; capitalised terms not defined here have the meaning given there. This Policy applies to you, every member of your Organisation, and every Agent and API key you create. You are responsible for ensuring they all comply.
We may update this Policy to address new abuse patterns or legal requirements. The goal is simple: keep the Service lawful, secure, reliable and fair for everyone who uses it.
2. Prohibited content
You must not use the Service to store, process, transmit or generate content that:
- is illegal, or promotes or facilitates illegal activity, under any applicable law;
- infringes or misappropriates the intellectual-property, privacy, publicity or other rights of any person, including unlicensed copyrighted material and trade secrets;
- contains or distributes malware, ransomware, spyware, exploit code or any other malicious or harmful code, other than legitimate, clearly contained security research within your own Organisation;
- is hateful, harassing, abusive, threatening, defamatory, or that incites violence or discrimination against individuals or groups;
- is child sexual abuse material or otherwise sexually exploits or endangers minors — such content is reported to the relevant authorities;
- contains sensitive personal data you have no lawful basis to process, or that you are contractually or legally barred from placing in a cloud service.
3. Prohibited conduct
You must not, and must not permit anyone or any Agent to:
- probe, scan, or test the vulnerability of the Service or any related system or network, or breach or circumvent any security or authentication measure, without our prior written permission;
- access, or attempt to access, any account, Organisation, data or system you are not authorised to access, or use another customer’s credentials or API keys;
- scrape, harvest, crawl or bulk-extract data or content from the Service except through the documented APIs within their intended limits;
- circumvent, disable or interfere with seat limits, plan entitlements, usage metering, rate limits, or any other technical or contractual restriction of the Service;
- share, sell, sublicense, rent or otherwise transfer API keys or account access to any third party, or use a single seat to provide access to multiple distinct individuals;
- use the Service’s outbound channels — including webhooks and any email or notification features — to send spam, unsolicited messages, or unlawful or deceptive communications, or to deliver payloads to endpoints you do not control or are not authorised to send to;
- interfere with, disrupt, or impose an unreasonable or disproportionate load on the Service or its infrastructure, or attempt a denial-of-service condition;
- reverse-engineer, decompile or disassemble the Service, or use it to build a competing product, except to the extent this restriction is prohibited by mandatory law;
- misrepresent your identity or affiliation, or impersonate any person or entity.
4. Agent & automation rules
Foresttasks is built to run automated and AI Agents, and we welcome heavy, legitimate automated use through the documented APIs. With that capability comes responsibility. When you operate Agents or other automation you must:
- not use Agents, API keys or the Service to attack, probe, overload, scrape or otherwise target any third party or third-party system;
- design automation to be well-behaved: avoid runaway, recursive or unbounded loops, retry storms, and other resource-abusive patterns that degrade the Service for you or others;
- respect published rate limits and back off and retry sensibly (for example with exponential backoff) when throttled or when receiving errors, rather than hammering the API;
- keep your Agents under your control and supervision — you remain fully responsible for everything your Agents do, including any content they generate or actions they take against your integrations or third-party services;
- configure API-key scopes and project allow-lists using least privilege, and revoke keys that are no longer needed or that may be compromised.
5. Fair use
Even where specific numeric limits are not published, your use must be reasonable and proportionate to a normal business workload for your plan. We may apply technical rate limits and reasonable usage protections to safeguard the stability and security of the Service for all customers. Sustained usage that materially exceeds normal patterns, or that is designed to evade limits, may be throttled or treated as a violation of this Policy.
6. Enforcement & consequences
We investigate suspected violations of this Policy. Depending on the severity, recurrence and risk involved, and to the extent permitted by our Terms of Service, we may take any one or more of the following actions, with or without prior notice where the situation requires:
- issue a warning and request that you remediate the issue;
- throttle, rate-limit or temporarily restrict access to affected features or APIs;
- remove or disable access to offending content;
- suspend the offending Agent, API key, member account or Organisation;
- terminate your account or these Terms for cause; and
- report unlawful activity to, and cooperate with, law-enforcement or other competent authorities.
Where time and safety allow, we will favour notice and an opportunity to cure over immediate suspension. Serious violations — particularly those threatening security, legality, or the integrity of the Service or other customers — may warrant immediate action. Suspension or termination for a violation does not entitle you to a refund.
7. Reporting abuse
If you become aware of any violation of this Policy, or of content or conduct on the Service that is illegal, abusive or harmful, please report it to support@foresttasks.app. For security vulnerabilities specifically, contact security@foresttasks.app. Please include enough detail for us to identify and assess the issue. We appreciate good-faith reports and will not pursue good-faith security research conducted in line with this Policy.