Skip to Main Content
Main Menu
Legal Center

Acceptable Use Policy (AUP)

This Acceptable Use Policy (“AUP”) describes prohibited uses of the Services, Content, Output and/or Documentation provided by TrustArc. The examples described in this AUP are not exhaustive. TrustArc may modify this AUP at any time by posting a revised version on the TrustArc website at By using the Services, Content, Output and/or Documentation, You agree to the latest version of this AUP. If You, Your affiliates, employees, directors, agents or other representatives violate this AUP or authorize or help others to do so, TrustArc may suspend or terminate Your use of the Services, Content, Output and/or Documentation.


  • a) “Content” means any current or future text, documents, data, applications, e-services, images, audio and video files created by or for TrustArc and held in and provided through the Services. Examples of Content include, but are not limited to, MoFo Notes reports, Research References, the TrustArc Privacy Compliance Report, TrustArc Law Tables Reports and Data Subjects Requests.
  • b) “Documentation” means TrustArc’s online user guides and help and training material as updated from time to time, accessible via login to the applicable Service.
  • c) “Malicious Code” means code, files, scripts, agents or programs intended to do harm, including, for example, viruses, worms, time bombs, Trojan horses.
  • d) “Output” means the analytics, results, and related reports generated by Your use of the Service and based upon Your Data. Examples of Output include Your Attestor Score Card Results and Benchmarks Reports.
  • e) “User” means an individual who is authorized by You to use the Service, for whom subscriptions to a Service have been procured, and who have been supplied unique user identifications and passwords by You (or by TrustArc at Your request). Users may include, for example, Your employees, consultants, contractors, agents, and third-parties with which You transact business.
  • f) “Service(s)” means the products and services that are ordered by You and made available online by TrustArc, including and any other sites designated by TrustArc for You, associated offline components, as described in the Documentation.
  • g) “You” or “Your” means the individual using the Services provided by TrustArc or company or other legal entity for which you are accepting this AUP, and affiliates of that company or entity.
  • h) “Your Data” means all information submitted by You while using the Services, which is solely generated by You prior to the execution of this AUP.

Usage Restrictions

To ensure the ongoing availability and quality of the Services and Content therein, You will not:

  • a) without TrustArc’s prior written permission, sell, reproduce, resell, duplicate, republish, distribute, display, transmit, rent, lease, sublicense, modify, translate, create derivative works of the Services or any Output, or otherwise exploit the Services, and any Content or Output, for commercial purposes.
  • b) decompile, disassemble, reverse engineer or reverse assemble any portion of the Services or Output, or attempt to discover any source code or underlying ideas or algorithms of the Services;
  • c) access the Services in order to build a competitive product or service, or copy any features, functions or graphics of the Services;
  • d) use the Services to store or transmit material in violation of third-party privacy rights, or in other circumstances where You do not have a right to transmit the material under any law, contract or as a result of any fiduciary relationships (e.g., information protected under non-disclosure agreements);
  • e) engage in large scale copying, downloading or duplication of Content or Output to facilitate non-renewal of the subscription, where a User is leaving the subscriber’s organization, or to facilitate or establish a competitive service offering;
  • f) transmit unsolicited commercial or non-commercial email via the Services;
  • g) use the Services to store or transmit software viruses or any other Malicious Code, files or programs;
  • h) interfere with or disrupt the integrity or performance of the Services or third-party data contained therein;
  • i) use the Services in any manner that could harm, infect, take over, disable, overburden, or otherwise impair TrustArc’s computer systems, including but not limited to servers, networks, and other components connected to or used for the Services;
  • j) use any robot, spider, other automatic software or device, or manual process to monitor or copy the Services, or any Output or Content, without TrustArc’s prior written consent;
  • k) use any network monitoring or discovery software to determine the Service architecture, or extract information about usage, individual identities or Users;
  • l) interfere with any other party’s use and enjoyment of the Services;
  • m) attempt to gain unauthorized access to the Services or their related systems or networks, including through hacking, password mining or any other means;
  • n) remove or alter any trademark, logo, copyright or other proprietary notices associated with the Output, without TrustArc’s prior written consent, and with the exception of TrustArc Templates;
  • o) access the Services for purposes of monitoring their availability, performance, or functionality, or for any other benchmarking or competitive purposes; and
  • p) use or otherwise export or re-export the Services or any portion thereof, or the Content in violation of local export control laws and regulations.

You may copy and share Content and Output among Users within Your organization for internal business purposes only and not for any commercial use or gain, except where further copying and sharing is expressly permitted.

For certain Services, the Content and Output available through these Services is intended to be manipulated by Users in order to create organization-specific policies, procedures, documents, presentations, reports, etc. Please refer to the Legal Notices, this AUP and Copyright Statements found on the face of such Content and Output.

No Illegal, Harmful, or Offensive Use or Content

You may not use or encourage, promote, facilitate or instruct others to use the Services for any illegal, harmful, fraudulent, infringing or offensive use, or to transmit, store, display, distribute or otherwise make available content that is illegal, harmful, fraudulent, infringing or offensive. Prohibited activities or content include:

  • a) illegal, harmful or fraudulent activities. any activities that are illegal, that violate the rights of others or that may be harmful to others, our operations or reputation, including disseminating, promoting or facilitating child pornography, offering or disseminating fraudulent goods, services, schemes, or promotions, make-money-fast-schemes, Ponzi and pyramid schemes, phishing or pharming.
  • b) infringing content. Content that infringes or misappropriates the intellectual property or proprietary rights of others;
  • c) offensive content. Content that is defamatory, obscene, abusive, invasive or privacy or otherwise objectionable, including content that constitutes child pornography, relates to bestiality or depicts non-consensual sex acts.
  • d) harmful content. Content or other computer technology that may damage, interfere with, surreptitiously intercept, or expropriate any system, program or data, including viruses, Trojan horses, worms, time bombs or cancelbots.

No Network Abuse

Prohibited activities include:

  • a) monitoring or crawling of Service that impairs or disrupts the Service being monitored or crawled;
  • b) inundating a target with communications requests so the target either cannot respond to legitimate traffic or responds so slowly that it becomes ineffective;
  • c) interfering with the proper functioning of any Service, including any deliberate attempt to overload a system;
  • d) operating network services like open proxies, open mail relays or open recursive domain name servers; and
  • e) using manual or electronic means to avoid any usage limitations placed on a Service, such as access and storage restrictions.

TrustArc Monitoring and Enforcement

TrustArc reserves the right, but does not assume the obligation, to investigate any violation of this AUP or misuse of the Service. TrustArc may:

  • a) investigate violations of this AUP or misuse of the Service; or
  • b) remove, disable access to, or modify any Content or resource that violates this AUP or any other agreement TrustArc has entered into with You for use of the Service.

TrustArc may report any activity that it suspects to be in violation of any law or regulation to appropriate law enforcement officials, regulators or other appropriate third-parties. TrustArc’ s reporting may include disclosing appropriate customer information. TrustArc may also cooperate with appropriate law enforcement agencies, regulators or other appropriate third-parties to help with the investigation and prosecution of illegal conduct by providing network and systems information related to the alleged violations of this AUP.

Back to Top