# Agent Vault Acceptable Use Policy **Effective date:** [DATE] > This AUP is incorporated into the [Terms of Service](TERMS_OF_SERVICE.md). Violating it can result in suspension or termination. --- ## You must - Be a licensed U.S. insurance producer in good standing - Use Agent Vault only for collecting client information related to bona-fide insurance underwriting, binding, or servicing - Obtain the client's consent before texting or emailing them a Agent Vault link (TCPA compliance is your responsibility) - Identify yourself accurately on your agent profile - Maintain the security of your login credentials - Notify security@agentvault.io of any suspected unauthorized access within 24 hours ## You must not ### Identity & licensing - Misrepresent your identity, license number, or NPN - Use someone else's NPN or license - Continue using Agent Vault if your license is suspended, revoked, or expired ### Recipient consent & contact - Send Agent Vault links to anyone who has not consented to be contacted by you - Send links to wrong-number recipients or do "spray and pray" outreach - Use Agent Vault for unsolicited marketing — Agent Vault is not a marketing tool ### Data and content - Collect information for any purpose other than insurance underwriting/binding - Use Agent Vault to collect government-issued ID images, biometrics, or medical/clinical records (the form fields don't support these, but don't try to work around it) - Process information you are not legally authorized to process - Share or sell client information collected via Agent Vault to third parties ### Security & technical - Attempt to reverse-engineer, decompile, scrape, or extract source code from Agent Vault - Bypass or attempt to bypass rate limits, 2FA, the 90-second reveal window, or any other security control - Use bots, scripts, or automation to interact with Agent Vault without prior written permission - Probe, scan, or test for vulnerabilities outside of our published bug-bounty / responsible-disclosure channel (security@agentvault.io) - Use Agent Vault to relay malware, phishing payloads, or any malicious content ### Commercial restrictions - Resell, sublicense, white-label, or re-brand Agent Vault without a separate written agreement - Use Agent Vault to power a competing product - Use one Agent Vault account for multiple distinct agents (each agent needs their own seat — that's how license verification works) ### Legal & ethical - Use Agent Vault to violate any law, regulation, or court order - Use Agent Vault to facilitate identity theft, fraud, money laundering, or any other crime - Use Agent Vault in a way that harms minors ## What happens if you violate this policy | Severity | Action | |---|---| | Minor / first offense | Email warning + 7 days to remediate | | Repeated minor | 30-day suspension | | Major (e.g. misrepresented license, harassment) | Immediate termination, no refund | | Criminal (e.g. fraud, identity theft) | Immediate termination + law enforcement referral | We may take action without prior notice when necessary to protect users, clients, or the integrity of the Service. ## Reporting abuse If you believe someone is misusing Agent Vault — for example, impersonating an agent, sending unsolicited intake links, or attempting fraud — email abuse@agentvault.io with as much detail as you can. We will investigate. --- *Use Agent Vault for what it was built for: helping your real, consenting clients give you the information they need to buy real insurance.*