Acceptable Use Policy

This Acceptable Use Policy (the "AUP") sets out the rules for using Veri5. It is incorporated into the Terms of Service by reference; breaching the AUP is a breach of the Terms. The AUP applies to all users — Users, Businesses, and PAYG visitors.

1. Lawful Use

You must use the Service in compliance with all applicable laws — including UK law in your locality and your country of residence — and with the published rules of any third-party platform on which you share Veri5 proofs (Telegram, WhatsApp, third-party booking platforms, and so on).

You must not use the Service in furtherance of, or to facilitate:

• Any criminal offence, including fraud, money laundering, terrorism financing, child sexual abuse material, modern slavery, human trafficking, illegal drug supply, or unauthorised access to computer systems;
• Misrepresentation of your age, identity, or eligibility to access an age-restricted product or service;
• Activities that breach UK sanctions or any sanctions list to which the UK is a party;
• Activities prohibited by Stripe's restricted businesses list (stripe.com/legal/restricted-businesses) — even if those activities are legal in your jurisdiction. This protects our payment-processing relationship, on which the Service depends.

2. Verification System Integrity

The Service exists because Businesses and counterparties trust that a Veri5 proof corresponds to a real, verified individual. Anything that undermines that trust is prohibited:

• No fraudulent verification. Do not use forged, stolen, or someone else's identity documents at the Didit step. Do not use synthetic identities, deepfakes, or manipulated images to attempt to pass KYC.
• No code sharing or sale. Proof codes are personal to the User who generated them. Do not transfer, sell, gift, or otherwise share a code with anyone other than the Business or counterparty you are presenting it to in real time. Do not facilitate a marketplace for codes.
• No proxy verification. Do not generate proof codes on behalf of another person. Do not accept proof codes you suspect were generated by someone other than the person presenting them.
• No circumvention. Do not attempt to bypass age, subscription, rate-limit, or geographic gates. Do not use VPNs or anonymising proxies in a way that conceals a sanctions-list location.
• No automation. Do not use bots, scripts, or automated tooling to generate, consume, or check proof codes except through our published APIs and within their rate limits.

3. Revshare Integrity (Business accounts)

Business accounts are eligible for Revshare on attributed Users and referred Businesses. The system relies on attribution and referrals being genuine. The following are prohibited:

• Self-attribution. Verifying yourself or accounts you control to claim attribution Revshare on your own subscription;
• Sock-puppet referrals. Creating Business accounts you control to chain referral Revshare back to yourself;
• Coerced referrals. Pressuring others to use your referral code or sign up under false pretences;
• Misleading promotion. Promoting your referral link with claims that misrepresent Veri5, the Revshare program, or the Business tier's features.

Where we detect, in our reasonable judgement, attempted manipulation of the Revshare system, we may forfeit the relevant accruals (paid or unpaid) and terminate the offending accounts.

4. Privacy and Other Users

• Do not attempt to identify another User from their account ID, avatar, proof code, or any other identifier exposed by the Service;
• Do not collect, scrape, or compile information about other users from the Service;
• Do not leave Business-to-User ratings that are abusive, defamatory, harassing, or otherwise unlawful. Ratings should reflect a genuine, lawful interaction between a Business and a User.

5. Account Security

• Do not share your sign-in credentials with anyone;
• Use strong, unique passwords (or sign in via OAuth);
• Notify us promptly at support@veri5.app if you suspect your account has been compromised.

6. Platform Integrity and Security

You must not, and must not attempt to:

• Probe, scan, or test the vulnerability of the Service except as part of a coordinated disclosure programme — please email security@veri5.app first;
• Breach or circumvent any authentication, rate-limit, or access control measure;
• Interfere with or disrupt the Service or the servers and networks that host it (denial-of-service or similar);
• Reverse-engineer or extract source code from the Service, except to the limited extent permitted by law;
• Introduce any malware, virus, or other malicious code;
• Use the Service to send unsolicited communications.

7. Reporting

If you encounter conduct on Veri5 that you believe breaches this AUP, or content that appears unlawful, please report it to report@veri5.app. For security-specific concerns (vulnerabilities, suspected attacks), use security@veri5.app.

We aim to acknowledge reports within two working days and act proportionately based on the severity and supporting evidence.

8. Enforcement

We may take any of the following actions, individually or in combination, in response to a breach of this AUP:

• Issue a warning;
• Restrict specific features (e.g. pause Revshare accruals, limit code generation);
• Forfeit unpaid Revshare accruals where the breach relates to Revshare manipulation;
• Reverse a verification outcome where it was obtained fraudulently;
• Suspend the account, with or without prior notice;
• Terminate the account permanently;
• Refer the matter to law enforcement, regulators, or other affected parties where appropriate.

Where we suspend or terminate an account, we will give reasons unless doing so would prejudice an investigation or expose us to legal risk.

9. Changes to This Policy

We may update this AUP from time to time. The "Last updated" date above will reflect the latest version. Material changes will be notified in-app or by email.

10. Contact

General questions about this Policy: legal@veri5.app. Reports of misuse: report@veri5.app. Security: security@veri5.app.