Acceptable Use Policy

This Acceptable Use Policy ("AUP") applies to everyone who accesses the Resman Service — owners, users, staff, API integrators, and visitors. Breaching the AUP may lead to suspension, termination, or referral to the authorities.

1 Who This Applies To

This AUP forms part of the Resman Terms of Service. Capitalised terms not defined here have the meaning given in the Terms.

2 Prohibited Content & Activity

You must not use the Service to store, process, send, or facilitate:

Any content or activity that is illegal under Nigerian or other applicable law;
Sale of restricted or prohibited items without the required licences (e.g., tobacco, alcohol, pharmaceuticals, firearms, regulated medicines) in jurisdictions where such sale is restricted;
Gambling, betting, or games of chance not authorised by a competent regulator;
Adult sexual content, child sexual abuse material, or any content depicting the sexual exploitation of any person;
Content that promotes terrorism, violent extremism, or incites violence, hatred, or discrimination on the basis of race, religion, ethnicity, gender, sexual orientation, disability, or similar categories;
Malware, viruses, worms, trojans, ransomware, spyware, or any code intended to disrupt or damage software or hardware;
Intellectual-property infringement (pirated music, films, software, or counterfeit goods);
Fraud, identity theft, phishing, money laundering, or advance-fee schemes;
Political campaigning or election influence in breach of Nigerian or foreign electoral law;
Collection or disclosure of another person's personal data without lawful basis.

3 System Abuse

You must not, and must not attempt to:

Access data, systems, or accounts other than those you are authorised to access;
Probe, scan, or test the vulnerability of the Service except under a signed coordinated-vulnerability-disclosure agreement with us;
Overload, flood, or otherwise degrade the Service (including denial-of-service attempts, automated scraping beyond published API rate limits, or parallel credential-stuffing);
Circumvent or disable authentication, rate limiting, permission checks, or any other protective technology;
Run mining software, "farming", or unrelated heavy workloads on our infrastructure;
Use scraped or purchased account credentials of any kind;
Reverse-engineer, decompile, disassemble, or otherwise derive the source code or internal structure of the Service, except where this restriction is prohibited by applicable law;
Use the Service to develop a product that competes with it, or to benchmark or publish performance data without our prior written consent.

4 Email, SMS & Messaging

If you use Resman's email, SMS, receipt, or notification features to contact your own customers, staff, or other recipients, you must:

Only send messages to recipients who have a lawful basis to receive them (prior request, existing customer relationship, or opt-in consent);
Include a clear sender identity and, for marketing messages, a free and easy opt-out;
Comply with NDPA consent rules, NCC anti-spam guidelines, and any equivalent local law;
Not use misleading subject lines, deceptive header information, or spoofed "from" addresses;
Not send bulk unsolicited messages ("spam"), chain messages, or pyramid schemes.

We may rate-limit, throttle, or block messages that trigger spam complaints, bounce-back volumes, or reputation signals that threaten our sending infrastructure.

5 API & Integration Use

When using Resman's public API or integration tokens you must:

Keep API keys secret; never commit them to public source repositories;
Rotate keys on staff departures or suspected compromise;
Respect rate limits documented or enforced by the API;
Not use API tokens from one workspace to access another tenant's data;
Clearly identify your integration's user agent so we can contact you in case of issues.

6 Your Users & End Customers

You are responsible for the conduct of every User you authorise and for the data you process about your End Customers. In particular you must:

Only collect End Customer data that you have a lawful basis to process;
Tell End Customers, in your own privacy notice, that their data will be processed using Resman;
Not record a customer's sensitive personal data (health, biometric, religious, political, sexual) through Resman unless specifically required by law and with an appropriate lawful basis;
Respond to End Customer rights requests (access, correction, deletion) and involve us only where we are the Processor of the data in question;
Take reasonable steps to keep staff PINs and User passwords secure, and revoke access when staff leave.

7 Reporting Abuse

If you become aware of any violation of this AUP — on your workspace or another — please report it immediately:

Security issues / vulnerabilities: [email protected]
Abuse / illegal content: [email protected]
Privacy complaints: [email protected]

We investigate every credible report, but we do not promise to resolve each one to the reporter's satisfaction. We may disclose information to law-enforcement or regulators where required.

8 Our Enforcement Rights

We may, at our discretion and without prior notice where warranted by risk:

Remove or disable specific content, files, products, or messages;
Rate-limit, suspend, or restrict features of an account;
Suspend or terminate an account or individual User;
Report activity to law-enforcement, regulators, payment processors, or affected third parties;
Preserve data and logs for investigative or legal purposes;
Seek any remedy available in law or equity, including injunctive relief and recovery of costs.

Our exercise of one right does not waive any other. These remedies are cumulative.

9 Changes

We may update this AUP from time to time to reflect new risks or legal requirements. We will update the version and date at the top and, for material changes, give at least 14 days' prior notice to Owners.