45559c0e-d9d4-4741-94b7-ca25b55059d3

Acceptable Use & Fair Usage Policy

What you can—and can’t—do on Forgeon, plus how fair usage works.

Heads up: This policy keeps Forgeon safe and reliable for everyone. It is a practical baseline and not legal advice. Please have counsel review before launch.

Last updated: 2025-10-20

Acceptable Use & Fair Usage Policy

Forgeon is a modern PaaS for building and running applications. To protect our community and platform, the rules below apply to all use of the Services (as defined in our Terms of Service). Capitalized terms have the meanings given in the Terms and Privacy Policy.

1) Purpose

This policy explains:

  • Acceptable use of Forgeon’s platform, APIs, runtime, and network.
  • Prohibited content and activities that could harm others or the platform.
  • Fair usage expectations across free and paid plans.

2) Acceptable Use (Green Zone)

You may use Forgeon to:

  • Host web services, APIs, and apps you own or are authorized to deploy.
  • Store artifacts, logs, and backups necessary for your apps.
  • Run CI/build pipelines and scheduled jobs within plan limits.
  • Integrate with approved third-party services (e.g., GitHub, email).

You are responsible for your users, data, and compliance with applicable laws.

3) Prohibited Content & Activities (Red Zone)

You may not use Forgeon to:

  • Break laws or infringe rights (IP infringement, privacy violations, unlawful content).
  • Abuse the platform: DDoS, port scanning, credential stuffing, open relays/proxies, traffic laundering, or attempts to bypass quotas/billing/security.
  • Distribute malware or run crypto-mining/botnets without written approval.
  • Share sensitive data in places not intended for it (e.g., credentials in logs).
  • Harass, exploit, or endanger others, including hateful or violent content.
  • Exfiltrate or probe data from tenants or systems you don’t own/manage.

Security research is welcome under Responsible Disclosure (see Security) — not via production attacks.

4) Platform & Resource Usage

To keep the platform healthy for everyone:

  • Quotas & limits (CPU, memory, build minutes, bandwidth, storage, connection counts, log volume) apply per plan. See Pricing.
  • Autoscaling and bursting are subject to capacity and plan rules.
  • No background tasks that loop infinitely or evade idle/cron controls.
  • Artifacts & logs follow lifecycle policies; expired data may be pruned.

We may throttle or cap usage dynamically to preserve stability.

5) Security Requirements

  • Keep secrets and keys out of source control and logs; rotate when compromised.
  • Use strong auth (JWTs, OAuth, SSO) and least-privilege permissions.
  • Respect CORS, rate limits, and API constraints.
  • Report vulnerabilities to security@forgeon.io (see Security).
    Do not exploit issues or access data you do not own.

6) Email & Messaging

If you send email or messages from apps hosted on Forgeon:

  • No spam or unsolicited bulk messages.
  • Honor opt-outs and regulatory requirements (CAN-SPAM, GDPR/PECR, etc.).
  • Use verified sending domains and correct DNS (SPF/DKIM/DMARC).

We may suspend sending for poor reputation or abuse patterns.

7) API Usage & Rate Limits

  • Use documented endpoints and headers; do not scrape private surfaces.
  • Respect rate limits and backoff; avoid hot-loop polling.
  • Heavy integrations should use webhooks, event streams, or backoff strategies.

8) Fair Usage (All Plans)

  • Free/Trial: Intended for evaluation and light workloads. Persistent or high-volume production use may be restricted or require upgrade.
  • Paid: Usage must remain within your plan’s entitlements. Sustained loads that materially exceed plan expectations may require plan changes or custom terms.
  • We may throttle, isolate, or contact you to adjust workloads for platform health.

9) Enforcement

We may monitor, rate-limit, suspend, or terminate access to address:

  • Violations of this policy or the Terms,
  • Security threats or operational risks,
  • Abuse reports or legal demands.

We try to provide notice when feasible, but safety and stability come first.

10) Reporting Abuse or Security Issues

  • Abuse or policy violations: abuse@forgeon.io
  • Security vulnerabilities: security@forgeon.io
  • Privacy requests: privacy@forgeon.io
    Include relevant URLs, headers, and timestamps where possible.

11) Changes to this Policy

We may update this page as the platform evolves. Material changes will be announced via Releases or dashboard notices. Continued use after the effective date constitutes acceptance.

12) Related Documents

Before launch: Confirm plan limits on /pricing, add abuse@ and security@ inboxes, and align this policy with your Terms and incident playbooks.