Acceptable Use Policy

1. Purpose and Scope

This Acceptable Use Policy ("AUP") governs your use of the Traceable Digital platform ("Platform"), operated by Traceable Digital ("we", "us", "our"), accessible at traceable.digital. The Platform is a Software-as-a-Service product designed to create, manage, and publish Digital Product Passports ("DPPs") for EU regulatory compliance.

This AUP applies to all users of the Platform, including account holders, team members, supplier portal users, API consumers, and any person or system that accesses the Platform on your behalf. By accessing or using the Platform, you agree to comply with this AUP. This AUP supplements and forms part of our Terms of Service.

We reserve the right to update this AUP at any time. Continued use of the Platform following changes constitutes acceptance of the revised policy.

2. Acceptable Use

The Platform is intended exclusively for lawful activities related to product compliance and Digital Product Passports. Acceptable use includes, but is not limited to:

• Creating, editing, and publishing Digital Product Passports for products you manufacture, distribute, or are authorised to represent.
• Using the Platform to meet obligations under the EU Battery Regulation (EU 2023/1542), the Ecodesign for Sustainable Products Regulation (ESPR, EU 2024/1781), and related delegated acts.
• Uploading product documentation, test reports, compliance certificates, and supply chain data for the purpose of populating Digital Product Passport fields.
• Using AI document intelligence features to extract structured data from legitimately obtained compliance documents.
• Inviting suppliers to contribute data via the supplier portal for products within your supply chain.
• Integrating with the Platform via the API for programmatic passport creation and management within the scope of your subscription.
• Generating and distributing QR codes linked to published Digital Product Passports for placement on physical products and packaging.

3. Prohibited Conduct

You must not use the Platform in any manner that violates applicable laws, regulations, or this AUP. The following activities are strictly prohibited:

3.1 Falsification of Product Passport Data

Creating, submitting, or publishing Digital Product Passports that contain false, misleading, fabricated, or materially inaccurate data. This includes misrepresenting product composition, environmental performance, recycled content percentages, carbon footprint values, supply chain origins, or compliance status. Digital Product Passports are regulatory instruments; falsification may constitute a criminal offence under EU and member state law.

3.2 Uploading Malicious Files or Content

Uploading, transmitting, or distributing any file, script, or content that contains viruses, trojans, ransomware, spyware, malware, or any other harmful code. This includes uploading files designed to exploit vulnerabilities in the Platform, its infrastructure, or the systems of other users.

3.3 Circumventing Compliance Scoring

Attempting to manipulate, bypass, or artificially inflate compliance scores generated by the Platform. Compliance scores reflect the completeness and regulatory readiness of a Digital Product Passport. Any attempt to game scoring algorithms, submit placeholder data to inflate scores, or exploit scoring logic undermines the regulatory integrity of the Platform.

3.4 Scraping and Unauthorised Data Harvesting

Using the API, automated scripts, bots, crawlers, or any other means to scrape, harvest, extract, or collect data from the Platform beyond the scope permitted by your subscription and API rate limits. This includes scraping published passport data, user directories, or any Platform content for purposes unrelated to your own product compliance.

3.5 Sharing Account Credentials

Sharing, transferring, or disclosing your login credentials, API keys, or access tokens with any unauthorised third party. Each user account is personal. If you require additional users, invite team members through the Platform. You are responsible for all activity conducted under your account credentials.

3.6 Use Unrelated to Product Compliance

Using the Platform for any purpose unrelated to creating, managing, or publishing Digital Product Passports and associated regulatory compliance activities. The Platform is not a general-purpose document management system, data warehouse, or collaboration tool. Usage must be directly connected to product compliance obligations.

3.7 Reverse Engineering

Reverse engineering, decompiling, disassembling, or otherwise attempting to derive the source code, algorithms, data models, or proprietary processes of the Platform. This includes attempting to reconstruct compliance scoring algorithms, AI model prompts, template structures, or any other intellectual property of Traceable Digital.

3.8 Interfering with Service Availability

Engaging in any activity that disrupts, degrades, or interferes with the availability, performance, or security of the Platform. This includes denial-of-service attacks, excessive API calls beyond rate limits, load testing without prior written authorisation, exploiting vulnerabilities, or any action that negatively impacts the experience of other users.

3.9 Infringing Third-Party Intellectual Property

Uploading, submitting, or publishing any data, documents, images, or content that infringes the intellectual property rights of any third party, including copyrights, trademarks, patents, and trade secrets. You must have the legal right to use and submit all data entered into the Platform.

3.10 Using AI Features for Fraudulent Documentation

Using the Platform AI document intelligence features to generate, fabricate, or manipulate fraudulent compliance documents, test reports, certificates, or any other regulatory documentation. AI features are provided to extract and structure data from legitimate source documents. Using AI capabilities to create fictitious documentation or to alter the substance of extracted data is strictly prohibited and may constitute regulatory fraud.

4. Data Accuracy Obligations

You are solely responsible for the accuracy, completeness, and lawfulness of all data you enter, upload, or submit to the Platform. This includes, but is not limited to:

• Product identification data (model numbers, GTIN, batch identifiers).
• Material composition, substance declarations, and bill-of-materials data.
• Environmental performance data including carbon footprint, recycled content, and energy efficiency values.
• Supply chain data including supplier names, facility locations, and certificates of origin.
• Compliance documents, test reports, and regulatory certificates uploaded for AI extraction or manual entry.

Traceable Digital provides tools and AI-assisted extraction to help you populate Digital Product Passports, but we do not verify the underlying accuracy of source data. Published Digital Product Passports are regulatory documents accessible by consumers, market surveillance authorities, and other persons of legitimate interest. You bear full legal responsibility for the content of passports published under your account.

If you become aware that any data within a published passport is inaccurate, you must correct or unpublish the affected passport without undue delay.

5. Reporting Violations

If you become aware of any use of the Platform that violates this AUP, applicable law, or that you believe constitutes a security vulnerability, please report it immediately to legal@traceable.digital.

When reporting a violation, please include as much detail as possible, including the nature of the violation, any relevant account or passport identifiers, and supporting evidence. We will investigate all reports promptly and in confidence.

We will not retaliate against any user who reports a violation in good faith.

6. Enforcement

We reserve the right to investigate any suspected violation of this AUP and to take appropriate action at our sole discretion. Enforcement actions may include, depending on the severity and nature of the violation:

• Warning. A written notice identifying the violation and requiring immediate corrective action. Warnings are issued for first-time or minor violations where the user demonstrates willingness to comply.
• Suspension. Temporary suspension of your account, API access, or specific Platform features. Suspended accounts cannot create, edit, or publish passports during the suspension period. Existing published passports may remain accessible. Suspension may be imposed immediately for serious violations without prior warning.
• Termination. Permanent termination of your account and all associated access. Termination results in the unpublishing of all passports associated with your account and permanent revocation of API credentials. Termination may be imposed for repeated violations, refusal to remedy a violation after warning, or any single violation of sufficient severity (including but not limited to data falsification, fraudulent use of AI features, or malicious interference with the Platform).

Where we reasonably believe a violation constitutes a criminal offence or breach of regulatory requirements, we may report the matter to the relevant law enforcement or market surveillance authorities.

Enforcement of this AUP does not limit any other rights or remedies available to Traceable Digital under the Terms of Service or applicable law.

7. Changes to This Policy

We may revise this Acceptable Use Policy from time to time to reflect changes in our Platform, regulatory requirements, or enforcement practices. When we make material changes, we will notify affected users by email at least 30 days before the changes take effect and will update the "Last updated" date at the top of this page.

Continued use of the Platform after the effective date of a revised AUP constitutes acceptance of the updated terms. If you do not agree with the changes, you must discontinue use of the Platform before the effective date.

We encourage you to review this AUP periodically to stay informed about acceptable use of the Platform.