LEGAL
Acceptable Use Policy
Last updated:
Purpose
This Acceptable Use Policy (“AUP”) protects Kotao, our customers, their end-customers, and the broader internet. It applies to anyone using the Kotao platform, including the customer’s authorised users.
Prohibited Activities
The following activities are prohibited on the Kotao platform.
Illegal goods and services
- Controlled substances, weapons, counterfeit goods, and stolen property.
- Content that exploits or harms minors.
- Goods or services prohibited by applicable law.
Fraud and abuse
- Card-not-present fraud, chargeback abuse, and money laundering.
- Sanctions evasion and circumvention of trade controls.
- Misrepresentation of the nature of the business or its products.
Spam and unsolicited contact
- Bulk email or SMS without verifiable opt-in consent.
- Automated messaging at a scale that abuses the platform or third-party services.
Network attacks
- Denial-of-service attacks of any kind.
- Port scanning, intrusion attempts, or vulnerability scanning of third parties.
- Distributing malware, including ransomware and credential stealers.
Resource abuse
- Cryptocurrency mining or other computationally expensive workloads on shared infrastructure.
High-risk industries we do not serve
- Gambling beyond licensed lotteries authorised in the operator’s jurisdiction.
- Adult content and adult-services marketplaces.
- Tobacco and cannabis-as-payment in jurisdictions where such payments are restricted.
Restricted and regulated businesses
We do not serve the following businesses, or serve them only after prior approval, because they carry heightened legal or payment-specific requirements:
- Crypto-assets and virtual currencies — trading, exchanges, wallets, mining-hardware sales, and token issuance (ICO/IDO).
- Regulated financial services — money or value transfer, foreign exchange, securities, lending and crowdfunding, and debt-collection services.
- Pharmaceuticals and health products — prescription medication, online pharmacies, research chemicals, and supplements with unsubstantiated health claims.
- Weapons and related products — firearms, weapon parts, ammunition, explosives, and controlled blades, even where locally legal.
- Travel and stored-value offerings sold on prepayment — package-travel resale against advance payment, prepaid cards, and third-party voucher or stored-value programmes.
- Multi-level marketing, pyramid and Ponzi schemes, and “get rich quick” offerings.
- Paid adult services, escort, and pay-for-dating offerings.
Because payments are processed through our payment provider, its current list of restricted businesses applies in addition. Where they differ, the stricter rule governs.
Enforcement
We may issue a warning where the violation is minor and the operator can remediate it. For repeat or severe violations, Kotao may suspend or terminate accounts without refund. Where law requires, we will report illegal activity to the relevant authorities.
Reporting Abuse
To report abuse, contact abuse@kotao.com. Reports are accepted from anyone, including non-customers. For reports of illegal content on merchant shops hosted by Kotao, the notice-and-action mechanism under the Digital Services Act applies — see Illegal Content Reports (DSA).
Customer Responsibility
The customer is responsible for the activity of its end-users and for configuring its Kotao instance to prevent prohibited use.
Legal context
Other documents.
Privacy, security, terms, and usage rules should be read together when evaluating Kotao for multiple teams.
-
Cookie Policy
How Kotao uses cookies and similar technologies.
-
Data Processing Agreement
Kotao's Data Processing Agreement under Art. 28 GDPR.
-
Illegal Content Reports (DSA)
Notice-and-action mechanism under Art. 16 DSA and Kotao GmbH's points of contact.
-
Imprint
Legal entity information for Kotao GmbH per § 5 DDG.
-
Kotao Payments Terms
Supplementary terms for the integrated payment processing on the Kotao platform.
-
Privacy Policy
How Kotao GmbH collects, uses, and protects your personal data under GDPR.
-
Security Disclosure
How to report security vulnerabilities to Kotao.
-
Sub-processors
Kotao's published, versioned list of sub-processors under Art. 28 GDPR.
-
Terms of Service
The terms governing the use of Kotao's platform and services.