Veri-Tech

Acceptable Use Policy

Effective Date: December 3, 2024 · Last Updated: March 14, 2026

1. Introduction

This Acceptable Use Policy ("AUP") governs your use of the Veri-Tech platform ("Service") provided by Veri-Tech ("Veri-Tech," "we," "us," or "our"). This AUP is incorporated into and forms part of the Veri-Tech Terms of Service.

By using the Service, you agree to comply with this AUP. Veri-Tech may update this AUP from time to time by posting a revised version on the Service. Your continued use of the Service after such changes constitutes acceptance.

2. Permitted Use

The Service is intended for the following legitimate business purposes:

  • Generating Standard Operating Procedure (SOP) documentation from your own Microsoft 365 tenant configurations
  • Conducting compliance assessments of your own Microsoft 365 tenant against industry security frameworks
  • Remediating identified compliance gaps in your own Microsoft 365 tenant through the automated remediation engine
  • Managing compliance posture across tenants you are authorized to administer (MSP use case)
  • Comparing and tracking compliance drift across tenants under your management

You must have administrative authority over any Microsoft 365 tenant you connect to the Service, either as a direct administrator or as an authorized managed service provider.

3. Prohibited Conduct

You agree not to use the Service to:

3.1 Unauthorized Access

  • Access, scan, assess, or remediate any Microsoft 365 tenant for which you do not have explicit administrative authorization
  • Use the Service to probe, test, or evaluate security configurations of tenants belonging to third parties without their written consent
  • Attempt to bypass, circumvent, or disable any security features of the Service
  • Share your account credentials or authentication tokens with unauthorized individuals

3.2 Harmful or Malicious Activities

  • Deploy remediation changes intended to disrupt, disable, or degrade a Microsoft 365 tenant's functionality
  • Use compliance assessment data to exploit identified security gaps rather than remediate them
  • Intentionally trigger remediation that would lock users out of their accounts or services
  • Use the Service as part of any attack, exploitation, or unauthorized penetration testing
  • Introduce malware, viruses, or other harmful code through the Service

3.3 Abuse of Service Resources

  • Exceed documented rate limits or attempt to circumvent rate limiting controls
  • Use automated scripts, bots, or scrapers to interact with the Service outside of the documented API
  • Generate excessive or unnecessary load on the Service infrastructure
  • Create multiple accounts to circumvent usage limits, billing, or enforcement actions
  • Resell, sublicense, or redistribute access to the Service without Veri-Tech's written authorization

3.4 Legal and Regulatory Violations

  • Use the Service in violation of any applicable law, regulation, or industry standard
  • Use the Service to process, store, or transmit data in violation of data protection or privacy laws
  • Misrepresent compliance assessment results or generated documents as official certifications or audit reports
  • Falsely claim that use of the Service constitutes compliance with any regulatory framework

3.5 Intellectual Property Violations

  • Reverse engineer, decompile, or disassemble any component of the Service
  • Copy, modify, or create derivative works of the Service software, compliance mappings, or remediation logic
  • Remove or alter any proprietary notices, labels, or branding on the Service or generated outputs
  • Use Veri-Tech's or Veri-Docs' trademarks, logos, or branding without written permission

4. MSP and Multi-Tenant Responsibilities

If you use the Service to manage multiple Microsoft 365 tenants (as an MSP or multi-tenant administrator):

4.1 You must have a current, valid service agreement with each client tenant you connect to the Service.

4.2 You are responsible for obtaining all necessary authorizations and consents from each client before connecting their tenant.

4.3 You must ensure that each client is aware that the Service accesses their tenant configuration data and, if applicable, that remediation changes may be applied.

4.4 You are responsible for your clients' compliance with this AUP to the extent their data is processed through your account.

4.5 You must not use assessment or remediation data from one client's tenant for the benefit of another client without explicit consent.

5. Remediation Responsibilities

If you use the automated remediation feature:

5.1 You must review and understand each remediation action before authorizing it.

5.2 You must maintain a valid break-glass (emergency access) account in your tenant before initiating remediation.

5.3 You must not authorize remediation changes that you know or reasonably should know will disrupt critical business operations without appropriate change management procedures.

5.4 You are responsible for communicating planned remediation changes to affected users within your organization.

5.5 You must monitor the impact of remediation changes during observation periods and take corrective action if issues arise.

6. Generated Document Use

6.1 Documents generated by the Service (SOPs, compliance reports, gap analyses) are tools to assist your compliance efforts. They are not substitutes for professional legal, regulatory, or compliance advice.

6.2 You may use, distribute, and modify generated documents within your organization or as part of your service delivery to clients you manage.

6.3 You must not present generated compliance reports as independently audited or certified assessments unless they have been independently verified.

6.4 You must not attribute generated documents to Veri-Tech or Veri-Docs if you have substantially modified them, unless Veri-Tech has agreed to such attribution in writing.

7. Reporting Violations

If you become aware of any violation of this AUP, please report it to security@veri-tech.net. Veri-Tech takes all reports seriously and will investigate promptly.

8. Enforcement

8.1 Investigation. Veri-Tech may investigate suspected violations of this AUP using available information, including service logs, usage patterns, and reports from third parties.

8.2 Actions. If Veri-Tech determines that a violation has occurred, we may take one or more of the following actions at our sole discretion:

  • Issue a warning and request corrective action
  • Temporarily suspend access to the Service
  • Permanently terminate your account
  • Remove or disable access to specific tenants
  • Report the violation to law enforcement if we believe illegal activity has occurred

8.3 No Liability. Veri-Tech shall not be liable for any actions taken in good faith to enforce this AUP, including suspension or termination of accounts.

8.4 Appeal. If you believe enforcement action was taken in error, you may contact legal@veri-tech.net within thirty (30) days to request a review.

Contact Information

Veri-Tech
AUP Violations and Security: security@veri-tech.net
Legal Inquiries: legal@veri-tech.net
General Support: support@veri-tech.net