Acceptable use — buy.attestlayer.com

1. What this page covers

This Acceptable Use policy applies to use of buy.attestlayer.com, the checkout and intake surfaces reachable from it, and AttestLayer workspaces provisioned through it. Companywide acceptable use is published on attestlayer.com/legal/acceptable-use.

2. Prohibited uploads

• Passwords, private keys, root credentials, API secrets, raw production secrets.
• Personal data not necessary to package the evidence for the named buyer/reviewer (do not over-collect).
• Records the submitting party does not have the right to share with AttestLayer or with the named reviewer.
• Malware, exploit payloads, or content engineered to compromise AttestLayer or its subprocessors.
• Sanctioned-party content, illegal content, or content intended to facilitate fraud.

3. Prohibited use of issued packets

• Misrepresenting an AttestLayer evidence packet as a certification, audit opinion, attestation, legal opinion, or insurance product.
• Editing a packet outside the workspace and continuing to assert the original signature.
• Forwarding packets to recipients outside the scope agreed with the submitting party.

4. Prohibited use of the platform

• Probing, scanning, or attempting to bypass authentication, rate limits, or workspace isolation.
• Automated scraping of buy.attestlayer.com beyond the documented sitemap.
• Using AttestLayer to send unsolicited bulk communication.

5. Enforcement

AttestLayer may suspend or terminate access for material breach. Where a breach affects an active evidence packet, AttestLayer may also revoke the verification path for that packet and notify affected reviewers.

6. Report abuse

Report suspected abuse to security@attestlayer.com. Report a security vulnerability via the Vulnerability Disclosure page.