Acceptable Use Policy

1. Prohibited activities

You will not (and will not permit any user or third party to) use the Service to:

1. Violate law. Engage in any activity that violates applicable Canadian, U.S., provincial, state, local, or foreign law, regulation, or order.
2. Commit fraud. Engage in fraudulent activity, deceptive trade practices, money laundering, sanctions evasion, or financing of illegal activity.
3. Bypass security or rate limits. Probe, scan, test the vulnerability of, or circumvent any security or authentication measure of the Service or any Third-Party Provider, except as expressly authorized in writing.
4. Conduct unauthorized access. Access any account, data, environment, or system without authorization, including other tenants' data, or attempt to do so.
5. Distribute malicious code. Upload or transmit viruses, worms, ransomware, trojans, time bombs, or any other malicious or harmful code.
6. Scrape, harvest, or exfiltrate. Use crawlers, scripts, or other automated tools to extract data from the Service except through documented and authorized interfaces.
7. Spam or violate marketing law. Use the Service or data obtained through it to send unsolicited commercial messages in violation of CASL, CAN-SPAM, the TCPA, or any other applicable marketing law.
8. Violate privacy. Process personal information without the legal basis and consents required of you under applicable law.
9. Infringe intellectual property. Upload, post, or transmit content that infringes any copyright, trademark, trade secret, patent, or other intellectual property right.
10. Misuse customer/store data. Use Shopify or other commerce platform data — including end-customer personal information — for any purpose other than the legitimate operation of the merchant's business, in compliance with the underlying platform's terms (including Shopify's Protected Customer Data requirements).
11. Abuse automation. Run integrations, scripts, bots, or automation that materially degrade the Service, generate excessive load, or are likely to cause Third-Party Providers to throttle our shared infrastructure.
12. Reverse engineer or copy the Service except to the extent these restrictions are prohibited by applicable law.
13. Resell or sublicense without authorization. Resell, sublicense, white-label, lease, time-share, or commercially exploit the Service except under a written agreement with LNC.
14. Misrepresent identity or use the Service in connection with deceptive business practices.
15. Harass or abuse any person, or facilitate illegal harassment.
16. Process prohibited data. Use the Service to process highly sensitive categories of data the Service is not designed for, including HIPAA-regulated Protected Health Information, full payment card numbers, government-issued identification numbers (where not part of standard order data), or personal information of children under the age of consent.

2. Operational expectations

• Use commercially reasonable security practices, including strong passwords, prompt removal of departing users, and protection of integration tokens.
• Promptly notify LNC at [Security Email] of any suspected unauthorized use of your account or any vulnerability.
• Comply with the terms of all Third-Party Providers you connect to LNC, including Shopify's partner and platform terms.
• Cooperate with reasonable investigation requests if LNC believes the Service is being misused.

3. Enforcement

LNC may, in its reasonable discretion:

• investigate suspected violations of this AUP;
• preserve and produce records to comply with legal process;
• throttle, suspend, or terminate accounts or specific features in response to actual or suspected violations or to protect the Service, other customers, or Third-Party Providers; and
• remove or refuse to process content that violates this AUP.

Where reasonable and consistent with security, LNC will provide notice and a chance to cure non-egregious violations.

4. Reporting

To report a suspected violation, contact [Security Email] or [Contact Email].