Fair Use Policy

Last updated: May 19, 2026

This Fair Use Policy (the "Policy") supplements the CredentiAlert Terms of Service and governs the acceptable use of all products, features, and services (collectively, the "Service") provided by CredentiAlert ("Company," "we," "us," or "our"). This Policy applies to every user of the Service regardless of subscription tier, including plans that advertise unlimited access to one or more features.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree, you must discontinue use of the Service immediately.

1. Purpose and Scope

CredentiAlert is purpose-built to help small and medium local food and beverage businesses manage regulatory compliance, including permits, licenses, certifications, fleet operations, personnel credentialing, event compliance, and financial reporting. The Service is designed for businesses such as food trucks, food trailers, food carts, coffee shops, coffee carts, bakeries, caterers, restaurants, bars, breweries, wineries, market vendors, pop-up restaurants, ice cream vendors, and concession stands. Every feature of the Service is designed and provisioned to support this core mission.

Where a subscription plan includes features described as "unlimited," that designation refers to the absence of a fixed numerical cap under normal, good-faith business use. It does not confer an unrestricted right to consume platform resources without regard to the operational constraints described herein. All usage, whether metered or unmetered, remains subject to this Policy.

2. Acceptable Use

Acceptable use means engaging with the Service in a manner that is consistent with its intended purpose as a business compliance and operations management platform. The following are non-exhaustive examples of acceptable use:

Uploading, organizing, and managing permit, license, and certification documents that are directly related to your business operations.
Tracking fleet vehicles, equipment units, and associated maintenance or registration records across one or more operating locations.
Managing personnel records, including employee credentials, certifications, training documentation, and compliance status.
Generating event compliance packets for events in which your business is a registered or authorized participant.
Using the AI-powered document scanner to digitize, classify, and extract information from your own business permits, licenses, and certificates.
Generating financial summaries, tax preparation reports, and accounting records that pertain to your business activities within the platform.
Configuring notifications, reminders, and alerts related to document expiration, renewal deadlines, and compliance milestones.

In general, any use of the Service that a reasonable person would consider ordinary and proportionate for a small or medium food and beverage business falls within acceptable use.

3. Prohibited Conduct

The following activities are expressly prohibited. Engaging in any of the conduct described below constitutes a material violation of this Policy and may result in enforcement action as described in Section 8.

3.1 Automated and Programmatic Abuse

You may not use bots, scripts, crawlers, scrapers, browser automation frameworks, or any other automated mechanism to interact with the Service. This includes, without limitation, automated document uploads, mass generation of compliance packets, systematic data extraction, and programmatic API calls that fall outside the scope of normal application-driven interactions. Authorized integrations explicitly provided by CredentiAlert (such as published APIs with valid authentication) are excepted from this prohibition, provided they are used in accordance with their documented rate limits and intended purpose.

3.2 Resale, Redistribution, and Multi-Tenancy Abuse

You may not resell, sublicense, lease, or otherwise redistribute access to the Service or any of its features. Sharing account credentials with unauthorized individuals is prohibited. Operating a single CredentiAlert account to serve multiple unrelated business entities, whether for compensation or otherwise, constitutes a violation of this Policy. Each CredentiAlert account must correspond to a single business entity or sole proprietorship, unless otherwise authorized in writing by CredentiAlert.

3.3 Storage Misuse

CredentiAlert's document storage infrastructure is provisioned exclusively for materials related to permit, license, certification, fleet, personnel, and business compliance management. You may not use the Service as general-purpose file hosting, cloud backup, content distribution, or media storage. Files that do not have a reasonable nexus to your business compliance operations may be flagged, quarantined, or removed.

3.4 Circumvention and System Manipulation

Any attempt to bypass, defeat, or circumvent subscription tier restrictions, feature gates, rate limits, access controls, or other technical safeguards is strictly prohibited. This includes, but is not limited to, modifying client-side application code, reverse-engineering API endpoints, forging or tampering with authentication tokens or request headers, exploiting software vulnerabilities, and using third-party tools designed to override platform restrictions.

3.5 Disproportionate Resource Consumption

You may not engage in any pattern of use that consumes a disproportionate share of server compute capacity, storage volume, network bandwidth, API throughput, or other shared infrastructure resources relative to what is reasonably expected for normal business operations. Whether usage is "disproportionate" will be assessed by CredentiAlert in its reasonable discretion, taking into account factors such as your subscription tier, the nature of your business, the volume and frequency of your requests, and the impact on other users of the Service.

3.6 Malicious or Unlawful Content

You may not upload, transmit, or store any content that is malicious (including malware, viruses, trojans, or ransomware), fraudulent, defamatory, obscene, or otherwise in violation of applicable local, state, federal, or international laws and regulations. You are solely responsible for ensuring that all content you introduce to the Service complies with applicable law.

4. Rate Limiting and Throttling

CredentiAlert employs rate limiting across API endpoints, feature-specific operations, and account-level activity to preserve service quality, ensure equitable resource allocation, and protect platform stability. Rate limits are calibrated to accommodate the expected usage patterns of each subscription tier and are subject to adjustment at our discretion.

Transient or inadvertent exceedances of rate limits will typically result in temporary request throttling (HTTP 429 responses) without further consequence. However, sustained or deliberate patterns of rate-limit exceedance may be treated as a violation of this Policy and subject to the enforcement measures described in Section 8.

5. File Size, Storage Allocation, and Upload Restrictions

The following technical constraints apply to document storage within the Service:

Per-file size limit: Individual file uploads must not exceed 25 MB. Files exceeding this limit will be rejected at the point of upload.
Tier-based document allocation: Each subscription tier specifies a maximum number of stored documents. Usage beyond your tier's allocation will be blocked until you upgrade your plan or remove existing documents to free capacity.
Unlimited storage plans:Plans that advertise "unlimited" document storage are subject to this Fair Use Policy in its entirety. CredentiAlert reserves the right to establish reasonable aggregate storage thresholds to prevent abuse, and to contact you if your storage consumption materially exceeds the range typical of comparable accounts.
Supported file types: The Service accepts common document formats (PDF, JPEG, PNG, and other formats as specified in the application). Files in unsupported formats may be rejected or may not be fully processed by platform features such as the document scanner.

6. Document Scanner and AI Feature Usage

CredentiAlert's AI-powered document scanner and related intelligent features are resource-intensive services subject to the following conditions:

Scanner usage is metered on a monthly basis. Each subscription tier specifies the number of scans included per billing cycle. Unused scans do not roll over to subsequent billing periods.
Plans that include "unlimited" scanner access remain subject to this Policy. The scanner is intended for digitizing, classifying, and extracting data from your own business permits, licenses, and certificates. Bulk processing of third-party documents, batch OCR operations unrelated to compliance, and systematic use of the scanner for data harvesting are prohibited.
CredentiAlert may introduce additional AI-powered features over time. Unless otherwise stated, such features will be governed by the same fair use principles described in this Policy and subject to usage allocations defined by your subscription tier.

7. Email and SMS Notification Limits

Email and SMS notifications sent by the Service are delivered through third-party providers (currently Resend for email and Twilio for SMS) and incur per-message costs to CredentiAlert. Notification volumes are calibrated to support the expected operational needs of each subscription tier. CredentiAlert reserves the right to impose reasonable per-account, per-recipient, and aggregate caps on notification volume, and to throttle or suspend notification delivery for accounts whose volume materially exceeds typical patterns. Standard message and data rates from your wireless carrier may apply to SMS messages you receive.

8. Usage Monitoring

CredentiAlert reserves the right to monitor aggregate and account-level usage patterns for the purpose of detecting potential violations of this Policy, ensuring equitable resource distribution, capacity planning, and maintaining the security and integrity of the Service. Monitoring is conducted through automated systems and, where necessary, manual review.

Monitoring activities may include analysis of API request volumes, document upload frequency and size, scanner invocation rates, login patterns, and storage utilization trends. CredentiAlert does not access the content of your stored documents for policy enforcement purposes except where required to investigate a specific, credible report of prohibited conduct.

9. Enforcement

If CredentiAlert determines, in its reasonable discretion, that your use of the Service constitutes a violation of this Policy, we may take one or more of the following actions, which may be applied individually or in combination depending on the severity, frequency, and nature of the violation:

Notice: Issue a written warning via email or in-app notification describing the violation and requesting that you modify your usage within a specified remediation period.
Feature restriction: Temporarily or permanently restrict your access to specific features or functionality that are implicated in the violation.
Throttling: Impose additional rate limits, bandwidth restrictions, or processing delays on your account.
Tier adjustment: Downgrade your account to a subscription tier that is commensurate with your actual usage pattern, with prorated billing adjustments applied as applicable.
Suspension: Temporarily suspend your access to the Service in whole or in part, pending investigation or remediation.
Termination: Permanently terminate your account and revoke all access to the Service in cases involving severe, willful, or repeated violations.

CredentiAlert will make commercially reasonable efforts to provide advance notice before taking enforcement action. However, we reserve the right to act immediately and without prior notice where we reasonably believe that delay would result in harm to the Service, its infrastructure, or other users.

10. Limitation of Liability for Enforcement

To the fullest extent permitted by applicable law, CredentiAlert, its officers, directors, employees, agents, and affiliates shall not be liable for any direct, indirect, incidental, special, consequential, or punitive damages arising out of or related to any enforcement action taken pursuant to this Policy, including but not limited to damages for loss of data access, business interruption, lost revenue, or reputational harm. By using the Service, you expressly acknowledge and agree that enforcement actions taken under this Policy are made in good faith and in the exercise of our reasonable business judgment.

11. Data Retention and Portability Upon Downgrade or Termination

In the event that your account is downgraded, whether voluntarily, through subscription expiration, or as a result of an enforcement action, the following data handling provisions apply:

Existing data preserved: Your existing documents, records, and account data will be retained in accordance with our standard data retention policy. You will retain read-only access and the ability to export your data.
Write restrictions: You will not be permitted to upload new documents, create new records, or otherwise exceed the usage limits of your current (downgraded) tier until you upgrade or remove existing items to comply with the applicable limits.
Termination data access: In the event of account termination for cause, CredentiAlert will provide a minimum of thirty (30) calendar days from the date of termination notice during which you may export your data. After this period, your data may be permanently deleted in accordance with our data retention and disposal procedures.

12. Relationship to Other Agreements

This Policy is incorporated by reference into the CredentiAlert Terms of Service. In the event of a conflict between this Policy and the Terms of Service, the Terms of Service shall control, except with respect to matters of usage limits and acceptable use specifically addressed herein. This Policy does not create any rights or obligations not otherwise contemplated by the Terms of Service, and all capitalized terms not defined herein shall have the meanings ascribed to them in the Terms of Service.

13. Modifications

CredentiAlert reserves the right to modify, amend, or replace this Policy at any time. If we make material changes that adversely affect your rights or obligations, we will provide at least thirty (30) calendar days' advance notice via email to the address associated with your account or through a prominent in-app notification. Non-material changes (such as formatting, clarifications, or corrections that do not alter the substance of existing provisions) may take effect immediately upon posting.

Your continued use of the Service following the effective date of any modification constitutes your acceptance of the revised Policy. If you do not agree to a material change, you must discontinue use of the Service before the change takes effect and may request a prorated refund for any prepaid, unused portion of your current billing period.

14. Severability

If any provision of this Policy is held to be invalid, illegal, or unenforceable by a court of competent jurisdiction, such provision shall be modified to the minimum extent necessary to make it valid and enforceable, or if modification is not possible, shall be severed from this Policy. The invalidity or unenforceability of any provision shall not affect the validity or enforceability of the remaining provisions, which shall continue in full force and effect.

15. Governing Law

This Policy shall be governed by and construed in accordance with the laws of the State of Oregon, without regard to its conflict of laws principles. Any dispute arising under or in connection with this Policy shall be subject to the exclusive jurisdiction of the state and federal courts located in Multnomah County, Oregon.

16. Contact

If you have questions about this Policy, require clarification regarding acceptable use, or believe that your account has been incorrectly flagged or subjected to enforcement action in error, please contact us at contact@credentialert.com or through the support channel available within the application.

We will make reasonable efforts to respond to all inquiries within five (5) business days.