Legal

Acceptable Use Policy

Version: 1.0
Effective Date: To be updated before public launch
Platform: Diplotix
Contact: support@diplotix.com

1 Purpose

This Acceptable Use Policy explains what users must not do while using Diplotix.

It helps protect the security, reliability, fairness, and availability of Diplotix for candidates, recruiters, partners, administrators, and visitors.

This policy should be read together with the Diplotix Terms of Service, Privacy Policy, Community Guidelines, AI Usage Policy, Partner Program Terms, and Refund & Cancellation Policy.

2 Who This Applies To

This policy applies to anyone who accesses or uses Diplotix, including:

  • Candidates.
  • Recruiters and recruiter team members.
  • Partners and partner applicants.
  • Administrators.
  • Visitors.
  • API users, if Diplotix explicitly authorizes API access in writing.

Unless Diplotix has clearly authorized API access, Diplotix APIs and internal routes should be treated as private platform systems.

3 Account Misuse

You must not misuse accounts, identities, credentials, or access methods.

Do not:

  • Share accounts, passwords, magic links, OTPs, admin access, workspace access, or session access with unauthorized people.
  • Sell, buy, rent, transfer, or trade accounts.
  • Create or use accounts for another person without permission.
  • Impersonate another person, company, recruiter, partner, candidate, administrator, or Diplotix representative.
  • Use a false identity or misleading profile information.
  • Create fake accounts, fake companies, fake recruiter accounts, fake candidate accounts, or fake partner accounts.
  • Steal credentials or attempt to obtain credentials through phishing, deception, malware, or social engineering.
  • Attempt to access accounts, workspaces, dashboards, files, resumes, applications, billing records, payout records, or admin areas without authorization.
  • Create multiple accounts to evade limits, suspensions, billing rules, referral rules, trial rules, or enforcement.

4 Security Abuse

You must not attack, test, probe, or interfere with Diplotix systems without authorization.

Do not:

  • Hack, attack, disrupt, overload, or interfere with Diplotix.
  • Reverse engineer, decompile, copy, extract, or attempt to reconstruct platform code, workflows, models, prompts, ranking logic, APIs, or security controls.
  • Perform security testing, vulnerability scanning, penetration testing, probing, exploitation, or public vulnerability disclosure without written permission from Diplotix.
  • Attempt privilege escalation.
  • Attempt session hijacking.
  • Use credential stuffing, brute force attacks, password spraying, token theft, magic-link interception, or OTP abuse.
  • Upload, send, link to, or distribute malware, viruses, ransomware, spyware, worms, trojans, malicious scripts, or harmful code.
  • Attempt to bypass authentication, authorization, rate limits, payment checks, referral checks, admin gates, workspace permissions, or other access controls.
  • Interfere with audit logs, billing records, webhook processing, referral tracking, payout records, support records, or security investigations.

5 Automated Activity

You must not use automation to abuse, extract, manipulate, or overload Diplotix unless Diplotix explicitly authorizes it in writing.

Do not use bots, scripts, scrapers, crawlers, browser automation, automated clients, or similar tools for:

  • Scraping candidate, recruiter, company, job, partner, pricing, billing, referral, or platform data.
  • Data harvesting or bulk export.
  • Automated account creation.
  • Mass applications.
  • Automated job posting.
  • Automated recruiter outreach.
  • Referral automation.
  • Spam automation.
  • Artificial traffic.
  • Automated subscription, checkout, trial, or payment manipulation.
  • Circumventing product limits, feature limits, rate limits, paywalls, trials, or plan entitlements.

Automated access may be allowed only where Diplotix provides a written authorization, integration agreement, or product feature that clearly permits it.

6 AI Abuse

AI features must be used responsibly and only for authorized platform purposes.

Do not use AI features to:

  • Run prompt injection attacks.
  • Extract hidden prompts, system instructions, secrets, credentials, private data, or security details.
  • Manipulate, bypass, overload, or abuse AI systems.
  • Mislead or deceive candidates, recruiters, partners, administrators, or Diplotix.
  • Generate fraudulent resumes, fake qualifications, fake candidate profiles, fake applications, fake references, or fake work history.
  • Generate fake job postings, fake company descriptions, fake recruiter messages, or misleading hiring content.
  • Produce spam, phishing, scams, harassment, discriminatory content, or unlawful content.
  • Replace required human review in hiring decisions.
  • Process information you are not authorized to use.

AI output should be reviewed before use. For more information, see the AI Usage Policy.

7 Payment and Referral Abuse

You must not misuse subscriptions, payments, referrals, commissions, trials, coupons, or payout systems.

Do not:

  • Commit payment fraud.
  • Commit chargeback fraud or dispute abuse.
  • Abuse subscriptions, trials, plan limits, billing flows, or checkout flows.
  • Abuse coupons, discounts, credits, promotions, or offers.
  • Manipulate referral attribution.
  • Use cookie stuffing, referral hijacking, link laundering, or misleading attribution tactics.
  • Create self-referrals.
  • Create duplicate recruiter accounts to generate commissions, trials, credits, or fake activity.
  • Farm commissions or create fake subscriptions.
  • Generate artificial traffic, fake signups, fake recruiter activity, fake payment activity, or fake invoices.
  • Use refunded, disputed, charged back, voided, cancelled, fraudulent, or ineligible payments to claim benefits.
  • Provide false payout, tax, KYC, company, account holder, or UPI information.

Partner-related activity is also subject to the Partner Program Terms. Refunds, chargebacks, disputes, voids, fraud findings, or ineligible payments may affect commissions and payouts as described in the Partner Program Terms and Refund & Cancellation Policy.

8 Platform Integrity

You must not interfere with Diplotix operations or try to work around platform limits.

Do not:

  • Disrupt services or interfere with platform operation.
  • Send excessive requests or engage in denial-of-service behaviour.
  • Circumvent feature limitations.
  • Circumvent subscription limits, plan limits, AI limits, job limits, team limits, referral limits, application limits, or usage limits.
  • Circumvent security controls, admin controls, workspace permissions, recruiter access checks, candidate visibility settings, or payment checks.
  • Manipulate search, matching, recommendations, profile completion, applications, referrals, subscriptions, payouts, billing, reports, or audit records.
  • Use Diplotix in a way that degrades service availability, reliability, security, or fairness for others.

9 Data Misuse

You must respect personal data, confidential information, resumes, applications, recruiter information, partner information, and platform records.

Do not:

  • Download, copy, export, scrape, or collect personal data without authorization.
  • Sell, rent, trade, disclose, or misuse user information.
  • Collect resumes, candidate profiles, applications, contact information, or hiring data for unrelated purposes.
  • Use candidate information outside legitimate hiring purposes.
  • Redistribute resumes, applications, AI outputs, recruiter notes, interview feedback, or hiring records without authorization.
  • Use recruiter, company, billing, partner, referral, payout, or support information outside authorized platform purposes.
  • Post or share another person's personal information without permission.
  • Violate privacy, confidentiality, employment, data protection, or platform obligations.

For more information about how Diplotix processes personal information, see the Privacy Policy.

10 Intellectual Property

You must respect Diplotix intellectual property and the rights of other people and organizations.

Do not:

  • Copy platform content, design, software, documentation, workflows, product materials, or data unlawfully.
  • Remove copyright, trademark, proprietary, or rights notices.
  • Misuse Diplotix trademarks, logos, brand assets, screenshots, domains, social media handles, product names, pricing, or claims.
  • Upload, post, or distribute content that infringes copyrights, trademarks, privacy rights, publicity rights, contractual rights, or other legal rights.
  • Use company logos, names, job descriptions, resumes, portfolio materials, or other content unless you have the right to use them.

11 Enforcement

Diplotix may take action if this policy, the Terms of Service, the Community Guidelines, the Partner Program Terms, or other platform rules are violated.

Depending on the severity and context, Diplotix may:

  • Warn users.
  • Remove, restrict, or disable content.
  • Restrict features.
  • Block access.
  • Suspend accounts, workspaces, profiles, referral codes, subscriptions, or partner access.
  • Terminate accounts.
  • Cancel, hold, void, recover, or deny partner benefits where permitted by the Partner Program Terms.
  • Investigate suspicious activity.
  • Preserve records needed for security, billing, audit, fraud prevention, legal, tax, dispute, or platform integrity purposes.
  • Report unlawful conduct where required by law.

Actions may depend on the severity of the issue, user history, repeated behaviour, risk to other users, risk to Diplotix, legal obligations, payment risk, security risk, and available evidence.

12 Reporting Security Issues

Good-faith security reports are encouraged.

If you believe you have found a security issue, contact:

support@diplotix.com

When reporting, please include enough detail for Diplotix to understand and review the issue. Do not include unnecessary personal data, do not access data that is not yours, and do not publicly disclose unresolved issues in a way that increases risk.

Security testing, penetration testing, scanning, probing, exploitation, credential attacks, or attempts to bypass controls are prohibited unless Diplotix has given written authorization.

13 Policy Updates

Diplotix may update this Acceptable Use Policy over time as the platform, laws, security needs, payment flows, partner program, AI features, and abuse patterns evolve.

If this policy changes, the updated version will apply from the effective date stated in the updated document unless a different process is required by law.

14 Contact

For questions, reports, or concerns about this Acceptable Use Policy, contact:

support@diplotix.com