Acceptable Use Policy

This Acceptable Use Policy ("AUP") sets out the rules that apply to anyone accessing Karven, whether on the free tier, on a paid plan, through the public marketing site, or via the embeddable widget. It forms part of our Terms of Service.

We keep the rules deliberately short and behavioural. The goal is not to lawyer you to death, it is to keep the platform safe for every tradie using it and to keep us on the right side of Australian law.

You must not use Karven to:

• Commit, encourage, or facilitate any criminal offence under the laws of the Commonwealth, any Australian state or territory, or any country where the person affected is located.
• Engage in conduct that is fraudulent, deceptive, misleading, or designed to obtain a benefit by dishonesty (for example, billing a customer for work you did not perform).
• Threaten, harass, defame, vilify, stalk, or otherwise harm another person.
• Upload, store, or transmit any content that is unlawful, defamatory, obscene, sexually explicit, hateful, or that infringes another person's intellectual property.
• Operate Karven in a way that breaches the Privacy Act 1988 (Cth) or the Australian Privacy Principles in respect of your own customers' data.

Karven sends emails and SMS on your behalf. You are the sender for the purposes of the Spam Act 2003 (Cth). That means:

• You must only send commercial electronic messages to recipients who have consented (either expressly or by inference from a current business relationship).
• Every commercial message must clearly identify you and provide a functional unsubscribe mechanism. Karven adds this footer automatically; do not remove it.
• You must honour an unsubscribe within five business days as required by the Act.
• You must not use Karven to send unsolicited marketing to a list you have scraped, purchased, or otherwise acquired without consent.

Repeated abuse complaints (more than one verified complaint per 500 sends) will result in immediate sending suspension while we investigate.

You must not:

• Scrape, crawl, or otherwise extract data from the marketing site or the app beyond what is necessary for your own use.
• Attempt to reverse-engineer, decompile, or otherwise discover the source code of the Karven platform except to the extent that such restriction is prohibited by law.
• Probe the security of Karven, attempt unauthorised access, or test for vulnerabilities without our written permission. If you have a good-faith security finding, please email hello@karven.com.au. We don't have a paid bounty programme yet but we do respond promptly and we will credit you publicly if you wish.
• Use the API at a rate higher than the published rate limit. Excessive use will be throttled at the proxy.
• Operate bot-driven signups to create multiple accounts and circumvent the free-tier cap.
• Use Karven to mine cryptocurrency, host a torrent tracker, run a botnet command-and-control, or any other purpose that materially deviates from the quoting use case.

Anything you upload to Karven, like quote line items, photos, logo, customer notes or subbie certificates, must be your content or content you have permission to upload.

You must not upload:

• Other people's photos or images you do not have the right to use.
• Trade marks, logos, or brand assets you do not own.
• Personal information about a third party that you do not have a lawful basis to hold.
• Malware, viruses, trojans, scripts that execute on the recipient's device, or anything else designed to harm.

You must not represent Karven as your own product, white-label the marketing site, or use the Karven brand, name or trade marks in a way that implies a relationship other than the customer relationship you have under the Terms.

You may proudly say you use Karven; you may not say you built it.

Our response is proportionate to the breach. In rough order of severity:

• Warning: a written notice describing the breach and the action required. Most first-time, low-severity breaches are dealt with this way.
• Feature suspension: for example, blocking outbound email if abuse complaints spike. Restored once the cause is resolved.
• Account suspension: your account is locked and your data is preserved while we investigate. We respond to support emails throughout.
• Account termination: the account is closed under the termination section of the Terms. Where the breach is also a crime we will report it to the appropriate authority.

We try to give notice before suspending or terminating except where the breach is serious, ongoing, or where notice would prejudice an investigation.

If you believe another Karven user is breaching this policy, for example a tradie sending you spam from a Karven address, or someone using a Karven embed to harvest personal information, email hello@karven.com.au with as much detail as you can give us, including any evidence (email headers, screenshots, URLs). We will investigate and respond within five business days.

We may update this policy from time to time. Material changes will be notified to you by email at least 14 days before they take effect. The version date at the top of the page tells you when the current version took effect.