Acceptable Use Policy

Last updated: April 1, 2026 · Effective: April 1, 2026

1. Purpose

This Acceptable Use Policy governs how you may use the Comorando API and Service. Violation of this policy may result in immediate suspension or termination of your account without refund.

2. Permitted Uses

• Processing legitimate business events from your own applications
• Automating subscription lifecycle management
• Handling payment webhooks from authorized payment providers
• Building SaaS products that use event-driven backend logic

3. Prohibited Uses

You may not use the Service to:

• Violate any applicable law, regulation, or third-party rights
• Transmit malicious code, viruses, or harmful content
• Attempt to gain unauthorized access to Comorando's systems or other users' accounts
• Perform denial-of-service attacks or excessive API requests beyond plan limits
• Reverse engineer, decompile, or attempt to extract source code from the Service
• Resell, sublicense, or white-label the Service without written authorization
• Use the Service for any illegal, fraudulent, or deceptive purpose
• Forge or manipulate webhook signatures or event data
• Use the Service to process events from unauthorized or stolen payment methods

4. Rate Limits and Fair Use

Each plan includes a monthly event limit. Unlimited usage tiers are subject to fair use: excessive usage that impacts system stability, infrastructure costs, or service quality for other users may require plan adjustment or a custom enterprise agreement. Automated or scripted abuse of the API beyond reasonable use patterns — even within plan limits — may result in throttling or account review. We reserve the right to contact you if usage patterns appear abnormal. Comorando operates outside the critical payment processing flow and does not guarantee uninterrupted availability. SLA targets referenced in our materials are operational goals, not contractual guarantees, unless specified in a separate enterprise agreement. Decisions executed by Comorando are based on probabilistic AI models and do not guarantee specific financial outcomes. Liability for any loss arising from automated decisions is limited to the amount paid in the last 30 days.

5. API Key Security

You are solely responsible for the security of your API keys. Do not expose API keys in client-side code, public repositories, or unsecured environments. Compromised keys must be rotated immediately. Comorando is not liable for unauthorized use of your API keys.

6. Reporting Violations

To report abuse or security vulnerabilities, contact hello@comorando.com. We take all reports seriously and will investigate promptly.

7. Enforcement

Comorando reserves the right to suspend or terminate any account that violates this policy, with or without prior notice depending on severity. Accounts terminated for policy violations are not eligible for refunds.

8. Contact

Questions about this policy: hello@comorando.com