Acceptable Use Policy

The purpose of this AUP is to establish clear rules for the responsible, lawful, and ethical use of Keploy's products and services, including AI-powered features, consistent with:

• Keploy's AI Principles (Responsible, Transparent, Secure, Fair, Human-Centric)
• Keploy's Code of Business Ethics and Privacy Policy
• Global standards including ISO 27701:2022, SOC 2 Type II, HIPAA, GDPR, CCPA, and the EU AI Act

This AUP applies to all Customers, Customer Affiliates, Users, and third parties who access or use Keploy's platform, APIs, services, or integrations.

• Violating any applicable law, regulation, or contractual obligation (including data protection, intellectual property, AI governance, and export control)
• Engaging in fraud, bribery, corruption, money laundering, or other unethical conduct

• Harassing, exploiting, discriminating, or harming individuals, organizations, or protected groups
• Generating or transmitting malicious code, malware, spam, or denial-of-service attacks

• Using AI features for unlawful purposes, or in a manner intended to deceive, defraud, discriminate unlawfully, or cause harm.
• Attempting to disable, bypass, or tamper with AI safeguards, filters, or monitoring mechanisms
• Providing harmful or manipulative Inputs intended to create infringing, offensive, or unsafe Outputs
• Using AI features for high-risk prohibited purposes under the EU AI Act (e.g., biometric surveillance, predictive policing, social scoring)

• Collecting, processing, or sharing personal or sensitive data without a valid legal basis and required notices/rights processes under applicable law (e.g., GDPR, CCPA, DPDP Act).
• Uploading or processing regulated data such as payment card data (PCI DSS) or protected health information (HIPAA) unless expressly authorized in writing by Keploy and Customer and subject to an applicable addendum (e.g., BAA) and technical controls.
• Using Keploy services to create datasets for unrelated AI model training without authorization

• Reselling, sublicensing, or redistributing Keploy services without authorization
• Misusing APIs or features to overload, disrupt, or degrade Keploy systems or other customers' environments
• Circumventing access controls, security mechanisms, or account protections

• Fair usage limits (including daily test execution duration, concurrency, and timeouts) may apply as described in the applicable Order Form, plan description, or Documentation.
• Individual user limits may apply to prevent single-user overuse
• Idle sessions and long-running tests are subject to automatic termination after timeout

To ensure equitable distribution, limits are applied to:

• High-demand OS/browser/device combinations
• Specialized test configurations or infrastructure
• Concurrent usage of the same configuration

• Use parallel testing strategically rather than extending test duration
• Release unused/idle sessions promptly
• Distribute tests across different browsers, devices, and configurations
• Plan and schedule tests efficiently to optimize allocated time
• Work with Keploy support team for enterprise-level capacity planning

Customers must comply with applicable laws (GDPR, CCPA, DPDP Act, HIPAA, etc.).

• Payment card data (PCI DSS)
• Protected health information (HIPAA)
• Government-classified or export-controlled data
• Biometric identifiers or sensitive personal data without explicit consent