1. PURPOSE AND SCOPE
This Acceptable Use Policy ("AUP") governs the use of all products, services, and technologies provided by
Overturn LLC under the BrandBay brand (collectively, the "Services"). This AUP applies to all Customers
(registered account holders), Invited Users (individuals invited to brand workspaces), and any individuals
who interact with publicly shared content or public upload features.
This AUP is incorporated by reference into the BrandBay Terms of Service. By using the Services, you agree to
comply with this AUP. Violations may result in suspension or termination of your account and, where required
by law, reporting to appropriate authorities.
BrandBay is a digital asset management platform designed for storing, organizing, and sharing brand assets.
Any use of the Services that is inconsistent with this purpose — including using the platform as a
general-purpose file hosting, web hosting, or content distribution service — is a violation of this AUP.
2. CUSTOMER ACCOUNTABILITY
Customers are responsible for their own conduct and for ensuring that all Invited Users and individuals who
access their brand workspaces comply with this AUP. This responsibility extends to:
- Any content uploaded, stored, or distributed through the Services, whether uploaded by the Customer,
Invited Users, or third parties through enabled public upload features.
- The configuration and management of permissions, including public sharing settings and public upload
access.
- Content hosted on asset hosting URLs and embedded in external websites.
- The conduct and content within any white-label portal operated by the Customer.
- Any third-party actions that result from a Customer's failure to implement reasonable access controls,
password protection, or content moderation on publicly accessible features.
Complaints regarding a Customer's use of the Services, or the actions of their Invited Users or third
parties, will be directed to the account holder. We reserve the right to take immediate remedial action,
including service suspension and content removal, without prior notice in cases of serious violations.
3. PROHIBITED CONTENT
The Services may not be used to upload, store, host, distribute, or facilitate access to any content that:
3.1 Illegal or Harmful Content
- Violates any applicable local, national, or international law or regulation.
- Depicts, promotes, or facilitates child sexual abuse material (CSAM) or any content that sexually
exploits minors in any way. In accordance with 18 U.S.C. § 2258A, we will report any apparent
violations involving CSAM to the National Center for Missing and Exploited Children (NCMEC) and
cooperate with law enforcement. Accounts involved in such violations will be terminated immediately and
permanently without notice or refund.
- Constitutes illegal obscenity under applicable law.
- Promotes, facilitates, or glorifies violence, terrorism, or acts of mass harm.
- Infringes any third-party intellectual property rights, including copyright, trademark, or trade
secrets.
- Defames, harasses, threatens, or invades the privacy of any individual.
- Violates any person's rights of publicity or privacy.
- Contains or distributes malware, viruses, ransomware, spyware, Trojan horses, or any other malicious
code.
3.2 Deceptive or Fraudulent Content
- Contains false, misleading, or deceptive claims about products, services, or brands.
- Constitutes phishing, identity theft, or impersonation of any individual, company, or brand.
- Is designed to facilitate fraud, scams, or social engineering attacks.
- Mimics the branding, login pages, or communications of any third party for deceptive purposes.
- Promotes or facilitates unauthorized access to third-party systems, accounts, or data.
3.3 Sanctions and Export Controls
You may not use the Services in violation of any applicable trade sanctions, export control laws, or embargo
programs, including those administered by the U.S. Department of the Treasury's Office of Foreign Assets
Control (OFAC), the U.S. Department of Commerce's Bureau of Industry and Security (BIS), or equivalent
authorities in other jurisdictions. You represent and warrant that you are not: (a) located in, organized
under the laws of, or a resident of any country or territory subject to comprehensive U.S. sanctions
(currently Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions of Ukraine); (b)
listed on any U.S. or applicable government restricted party list, including the OFAC Specially Designated
Nationals (SDN) list; or (c) owned or controlled by any such restricted person or entity.
3.4 Adult Content
Explicit sexual content is prohibited on the Services by default. If you believe your use case may involve
mature content (for example, brand assets for an age-restricted product), contact us at
support@zeruapps.com prior to use.
We do not accommodate CSAM under any circumstances.
4. PROHIBITED STORAGE AND HOSTING ACTIVITIES
BrandBay provides asset storage and hosting features specifically for digital brand asset management. The
following uses of the storage and hosting infrastructure are prohibited:
4.1 Prohibited Hosting Uses
- Using asset hosting URLs as a general-purpose content delivery network (CDN) for high-traffic websites,
applications, or services unrelated to brand asset management.
- Using the Services as a web hosting platform — including hosting web pages, single-page applications,
landing pages, or any executable web content.
- Using asset hosting URLs to serve content for phishing pages, scam sites, or deceptive landing pages,
regardless of where those pages are hosted.
- Embedding hosted assets in contexts designed to generate disproportionate bandwidth consumption relative
to normal brand asset distribution (e.g., embedding images on high-traffic forums, social media bots,
or ad networks).
- Using the Services as a general-purpose file backup, archival, or cold storage service unrelated to
brand asset management.
- Operating a file-sharing service, torrent tracker, or download site using BrandBay's storage
infrastructure.
4.2 Storage Abuse
- Uploading large volumes of files unrelated to brand asset management for the purpose of consuming
storage or bandwidth.
- Creating multiple accounts or brands for the purpose of circumventing storage limits or obtaining
additional free-tier storage.
- Using automated tools or scripts to bulk-upload files in a manner that degrades platform performance for
other users.
- Uploading content solely to generate public hosting URLs without legitimate brand asset management use
within the platform.
5. FILE TYPE RESTRICTIONS
To protect the integrity and security of the platform and to prevent misuse of the hosting infrastructure,
the following file types are prohibited from upload:
- HTML files (.html, .htm, .xhtml)
- JavaScript files (.js, .mjs, .jsx)
- PHP files (.php, .phtml)
- Server-side script files (.asp, .aspx, .jsp, .cgi, .pl, .py executed as web scripts)
- Any other web-executable file format that could be used to render a web page or execute code when
accessed via a hosted URL
Attempts to upload restricted file types will be blocked by the platform. We reserve the right to update the
list of restricted file types at any time without prior notice to address emerging security threats.
If you have a legitimate need to store a restricted file type as a brand asset (for example, a code snippet
saved as a .js file for reference purposes), please contact us at
support@zeruapps.com to discuss your use case. We may
accommodate legitimate requests on a case-by-case basis with appropriate safeguards (such as disabling
direct hosting access for the file).
6. PUBLIC SHARING AND UPLOAD RESPONSIBILITIES
6.1 Public Sharing Responsibilities
When you enable public sharing on a brand, collection, or asset, the content becomes accessible to anyone
with the link. You are responsible for:
- Ensuring that publicly shared content does not violate this AUP or applicable law.
- Applying password protection where appropriate to limit access to authorized individuals.
- Reviewing publicly shared content periodically to ensure it remains compliant.
- Promptly disabling public sharing if you become aware of misuse.
6.2 Public Upload Responsibilities
When you enable the public upload feature on a shared brand page, you are opening your brand workspace to
file uploads from non-authenticated third parties. This carries significant risk and responsibility. You
must:
- Actively monitor and moderate all files uploaded through the public upload feature.
- Remove any content that violates this AUP promptly upon discovery.
- Apply password protection to limit who can upload files whenever possible.
- Accept full responsibility for any content uploaded by third parties through your enabled public upload
feature, including any legal liability arising from such content.
- Disable the public upload feature immediately if you become aware of abuse.
We reserve the right to disable public upload features on any brand, collection, or account if we determine
they are being used to facilitate prohibited content or activities, or if we receive reports of abuse from
third parties or infrastructure providers. We may take such action without prior notice where necessary to
protect platform integrity.
7. PROHIBITED TECHNICAL ACTIVITIES
You may not use the Services to:
- Introduce, distribute, or execute any malware, viruses, ransomware, spyware, Trojan horses, or any other
malicious code.
- Conduct or facilitate denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks against
any target.
- Engage in port scanning, network sniffing, packet spoofing, or any unauthorized network probing.
- Attempt to gain unauthorized access to any system, network, account, or data — including systems
belonging to us, other Customers, or third parties.
- Circumvent any security, authentication, access control, file type restriction, or rate-limiting
mechanisms of the Services.
- Systematically scrape, harvest, or collect data from the Services using automated tools, bots, or
scripts without our prior written consent.
- Use the Services to test or probe for vulnerabilities without our prior written consent.
- Exceed reasonable resource usage in a manner that degrades performance for other Customers (as
determined at our sole discretion). Excessive usage may result in throttling, suspension, or additional
charges. See Section 13 (Fair Use) for further details.
- Attempt to reverse-engineer, decompile, or disassemble the application or underlying platform
infrastructure.
- Use automated tools to create accounts, brands, or upload files at scale without our prior written
consent.
8. WHITE LABEL PORTAL STANDARDS
Customers who operate a white-label portal on a custom domain are responsible for ensuring that their portal
and the activity within it complies with this AUP. In particular:
- Content presented through your white-label portal must comply with all provisions of this AUP.
- You must not use the white-label feature to impersonate another company, brand, or individual.
- You are responsible for the conduct of all users you invite through your white-label portal.
- If your white-label portal is used to facilitate any prohibited activity, we reserve the right to
suspend or terminate the white-label feature, remove the custom domain configuration, and/or terminate
your account.
- You must maintain accurate DNS records for your custom domain. Abandoned or misconfigured custom domains
may be removed from our systems.
9. IMPERSONATION AND BRAND MISUSE
You may not use the Services to impersonate Overturn LLC, BrandBay, Zeru Apps, or any of their employees,
representatives, or partners. You may not represent a significant business relationship with or endorsement
by Overturn LLC that does not exist. You may not use the BrandBay brand, logo, or trademarks in a way that
suggests official affiliation without our prior written consent.
10. CONSEQUENCES OF VIOLATIONS
If we determine, in our sole discretion, that you or individuals accessing your brand workspaces have
violated this AUP, we may take any or all of the following actions:
- Issue a warning and request immediate remediation.
- Remove or disable access to offending content without prior notice.
- Disable public sharing or public upload features on affected brands or your entire account.
- Disable asset hosting URLs for specific assets or your entire account.
- Temporarily suspend access to specific features.
- Suspend your account in its entirety, with or without prior notice, depending on the severity of the
violation.
- Permanently terminate your account without refund.
- Report conduct to law enforcement or regulatory authorities where required or appropriate.
- Pursue legal action for damages where applicable.
Service credits will not be issued for interruptions resulting from AUP enforcement actions.
11. ABUSE RESPONSE PROCEDURES
We investigate potential violations of this AUP on a reactive basis. Investigations may be triggered by:
- Reports submitted by users, third parties, or the public.
- Notifications from our infrastructure providers regarding abuse originating from our platform.
- Unusual usage patterns detected through platform monitoring.
- Legal process, law enforcement requests, or regulatory inquiries.
We aim to respond to abuse reports within 72 hours of receiving a complete report. In cases involving
imminent harm, illegal content (including CSAM), phishing, or active fraud, we may take immediate action —
including content removal and account termination — without prior notice to the account holder. We will
cooperate fully with law enforcement in all such cases.
We do not currently perform automated scanning of uploaded content. However, we reserve the right to
implement automated detection mechanisms for prohibited content categories (such as malware scanning or
hash-matching for known CSAM) in the future.
12. REPORTING VIOLATIONS
If you become aware of any use of the Services that appears to violate this AUP, please report it to us at:
legal@zeruapps.com
Please include a description of the activity, the URL or account involved (if known), and any supporting
evidence. We take all reports seriously and will investigate promptly.
If you are an infrastructure provider or law enforcement agency, please include your organizational
affiliation and any relevant reference numbers. We will prioritize and expedite such reports.
13. FAIR USE
We provide the Services with the expectation that usage will be consistent with the plan you have subscribed
to and with the intended purpose of digital brand asset management. If your usage is determined to be
excessive, inconsistent with the purpose of the Services, or materially outside the norms of your
subscription tier, we may contact you to discuss adjustments, apply additional charges as described in our
pricing, restrict hosting access, or throttle bandwidth. We will make reasonable efforts to notify you before
taking such action.
Fair use considerations include, but are not limited to:
- Total storage consumed relative to your plan's allocation.
- Bandwidth generated by asset hosting URLs relative to normal brand asset distribution patterns.
- Number of brands, collections, and assets relative to your plan's stated limits.
- Whether the primary use of the account is consistent with digital brand asset management.
14. MODIFICATIONS TO THIS POLICY
We reserve the right to modify this AUP at any time by publishing a revised version at https://www.brandbay.io/legal-acceptable-use.
Material changes will be communicated to active Customers via email or in-app notification at least 30 days
before the changes take effect. The revised version will be effective from the earlier of: (a) the date you
use the Services after the revised version is published and the 30-day notice period has elapsed; or (b) 30
days after publication. Your continued use of the Services after the effective date constitutes acceptance
of the revised AUP.
15. GOVERNING TERMS
This AUP is incorporated into and governed by the BrandBay Terms of Service. In the event of any conflict
between this AUP and the Terms of Service, the Terms of Service shall control.
For questions about this Acceptable Use Policy: