Acceptable Use Policy

This Acceptable Use Policy ("AUP") forms part of the Terms of Service. By using the Service you agree to the following.

Don't do these things

• Don't use Millimetric to track people who have not been informed it's happening, where the law requires that they be.
• Don't send special-category data (e.g. health, race, sexual orientation, political opinion, religion) as event properties unless you have a clear legal basis.
• Don't send children's personal data in violation of COPPA or equivalent laws.
• Don't send full credit-card numbers, government IDs, passwords, or other secrets. They don't belong in analytics events.
• Don't attempt to reverse-engineer the Service, probe for vulnerabilities outside our security program, or run denial-of-service attacks.
• Don't share API keys publicly. Use the appropriate key type (pk_live_* for browser, sk_live_* for server, rk_live_* for read-only analytics).
• Don't use Millimetric to spam, scrape sites you don't own, run click farms or otherwise inflate metrics fraudulently.
• Don't host malware, illegal content, or content that promotes violence on a site running our snippet.
• Don't impersonate another person or entity.
• Don't use the Service to violate any applicable law or regulation, including sanctions and export controls.

Rate limits & abuse

We publish per-key and per-IP rate limits in the docs. If you need more, ask. Sustained abuse (sending events on behalf of a customer who didn't sign up, deliberately spiking another customer's bill, etc.) is grounds for immediate suspension.

Security research

Good-faith security research is welcome. Please report findings to security@millimetric.ai. We will not pursue legal action against researchers who comply with our disclosure policy and avoid accessing other customers' data.

Enforcement

Violations may result in warning, throttling, suspension, or termination, depending on severity. We'll try to talk first, but for clearly malicious behaviour we'll act first and explain later.