Acceptable Use Policy
Version: 1.8
Status: Approved
Last modified: May 2025
Next Review Date: November 2025
ISO Statement
oboloo Limited is actively preparing for ISO/IEC 27001 certification. This Policy forms part of our information security controls and is aligned with Annex A control objectives, ensuring appropriate system use and regulatory alignment.
Introduction
This Acceptable Use Policy (“Policy”) governs the standards that apply to any content you upload to our website, and any interactions with our website, platform, or its users. It is designed to support compliance with ISO/IEC 27001, particularly Annex A controls related to acceptable use, information security, and regulatory alignment.
Definitions
“Contribution”: Any material (e.g., text, images, videos, or other content) uploaded or contributed to our site.
“Users”: All individuals or entities accessing or using the oboloo platform, including employees, contractors, customers, suppliers, and third-party partners.
“Interactive Services”: Services on our site that allow interaction (e.g., chat rooms, bulletin boards, or forums).
“System Abuse”: Any action that violates this Policy, such as unauthorised access, resource misuse, or interference with operations.
Who We Are and How to Contact Us
This website is operated by oboloo Limited, a company registered in England and Wales (Company No. 12420854), with its trading address at:
7 Bell Yard, London, England, WC2A 2JR
For any enquiries regarding this Policy or our platform, please contact us at:
📧 hello@oboloo.com
Acceptance of Terms
By using our website or platform, you agree to comply with this Policy. If you do not agree, you must not use our services.
Changes to This Policy
This Policy may be updated periodically. All registered users will receive notifications when significant changes occur. The most current version will always be available on our website.
Related Policies
This Policy works in conjunction with our:
Together, these support our ISO/IEC 27001 compliance framework, including clause A.5.1.1.
Purpose
This Policy provides guidelines for the responsible and secure use of oboloo’s platform, protecting the confidentiality, integrity, and availability of systems and data.
Scope
This Policy applies to all users of the oboloo platform, including employees, contractors, customers, suppliers, and third parties accessing the system directly or via API integrations.
API Usage and Security
All users accessing the oboloo platform via API must:
Use unique authentication credentials per integration.
Adhere to API rate limits; abuse may lead to suspension or throttling.
Not attempt to bypass authentication or access controls.
Use HTTPS for all API communications.
Failure to comply may result in immediate suspension and further enforcement action.
Prohibited Uses
You must not use the platform for any activity that is:
Unlawful or fraudulent, or that breaches any applicable laws or regulations.
Intended to harm, intimidate, or harass any individual.
Involves sending, reusing, or downloading unauthorised content or third-party material.
Involves spam, phishing, or unauthorised promotions.
Involves malware (e.g., viruses, worms, spyware, trojans).
Attempts unauthorised access, bypasses security, or involves hacking.
Launches DoS or DDoS attacks, overloads infrastructure, or misuses network traffic.
Attempts to reverse engineer, replicate, or misuse our intellectual property.
Involves multi-user access via a shared licence (e.g., shared mailboxes).
Usage Responsibilities
You must:
Stay within your fair usage limits as per your licence.
Not upload disproportionately large files (e.g., high-res videos) without approval.
Request additional storage if required, subject to licensing fees.
Duplication and Interference
You may not:
Duplicate or reproduce site content without written permission.
Disrupt the operation of our platform or supporting infrastructure.
Interactive Services
We may offer moderated services (e.g., chat rooms or forums). Users must:
Follow content standards when using interactive tools.
Ensure that minors have parental consent when using these services.
We are not liable for loss resulting from user misuse of these services.
Content Standards
All Contributions must:
Be accurate (if factual) and genuinely held (if opinion).
Comply with the laws of England and Wales, and any applicable local law.
Not contain:
Defamatory, obscene, hateful, or discriminatory material.
Harassment, invasion of privacy, or false representations.
Child abuse content or material inciting violence or illegal acts.
Intellectual property violations or deceptive practices.
oboloo reserves the right to review, moderate, or remove content at its discretion.
Additional Obligations
Users must not:
Reverse engineer or decompile the platform.
Use the platform to develop competing services.
Redistribute, resell, or sublicense platform access.
Misrepresent identity or impersonate others.
Breach of This Policy
Any breach of this Policy is considered material and may result in:
Suspension or termination of access.
Removal of Contributions.
Legal action, including cost recovery.
Reporting to law enforcement or regulators.
Roles and Responsibilities
Data Protection Officer – Oversees privacy and data compliance.
Compliance Manager – Ensures adherence to legal and internal policies.
Information Security Officer – Investigates security incidents and enforces this policy.
Monitoring and Enforcement
oboloo reserves the right to:
Monitor user behaviour for violations.
Investigate reported misuse.
Take remedial, legal, or enforcement actions.
Cooperate with law enforcement where applicable.
Reporting Violations
If you become aware of any violation of this Policy, report it to:
📧 hello@oboloo.com
Accessibility & Publication
This Policy (including version history and last updated date) is published on the oboloo website for transparency and compliance tracking.
Policy Mapping to ISO/IEC 27001
Policy Section | ISO/IEC 27001 Control Ref | Description | |
---|---|---|---|
Acceptable Use & Behaviour
|
A.5.1.1 / A.6.1.1
|
Policy for acceptable use
|
|
Security Violations
|
A.13.2
|
Protection from malware and misuse
|
|
Monitoring & Enforcement
|
A.5.2 / A.18.1
|
Compliance monitoring and response
|
|
User Responsibilities
|
A.7.1.2 / A.9.3.1
|
Awareness of legal obligations
|
|
Review and Updates
Review Frequency: Bi-annually or after significant changes.
Update Method: All updates are published on our website and take effect immediately unless otherwise specified.
Legal Terms
Contract Transfer
We may assign this agreement to a third party, provided it does not adversely impact your rights.Jurisdiction
This Policy and any disputes arising from it are governed by the laws of England and Wales.For consumers: You may bring claims in England, Wales, Scotland, or Northern Ireland, depending on residency.
For business users: All disputes are subject to the exclusive jurisdiction of the courts of England and Wales.
Document Control
Version: 1.7
Date: May 2025
Description: Formalisation of acceptable use restrictions, enforcement rights, and fair use limits
Previous Versions:
-
Version 1.7 (June 2024): Clarified message abuse and DoS restrictions