> ## Documentation Index
> Fetch the complete documentation index at: https://docs.oxara.cloud/llms.txt
> Use this file to discover all available pages before exploring further.

# Acceptable Use Policy

> Understand what is and what is not allowed when using Oxara CMS.

# Acceptable Use Policy

*Last updated: 7 July 2026*

This Acceptable Use Policy explains how Oxara CMS may and may not be used.

It exists to keep Oxara safe, reliable, and fair for everyone. By using Oxara CMS, you agree not to misuse the platform, interfere with other users, or use the service in a way that could cause harm.

## Who this applies to

This policy applies to anyone who uses Oxara CMS, including:

* Tenant owners
* Appointed tenant administrators
* Appointed tenant staff
* Tenant members
* Users accessing Oxara CMS through integrations, applications, or other connected services

## Allowed use

You may use Oxara CMS to manage legitimate community operations, including:

* Managing members and staff
* Handling tickets, reports, forms, and events
* Publishing announcements
* Configuring roles, permissions, and integrations
* Reviewing activity, logs, and reports
* Supporting moderation and administration teams

Your use of Oxara CMS should be lawful, respectful, and consistent with the purpose of the platform.

<Note>
  Not every legitimate use case may be listed here. This policy is intended to be interpreted using common sense and in line with the purpose of Oxara CMS.

  The Oxara Core Team may make the final decision on whether use of the platform is legitimate and may restrict, suspend, or terminate access where reasonably necessary to protect Oxara, its users, or the wider platform.
</Note>

## Prohibited use

You must not use Oxara CMS to:

* Break any applicable law or regulation
* Harass, threaten, abuse, or target another person or group
* Upload, store, or share illegal, harmful, or exploitative content
* Attempt to gain unauthorised access to Oxara, another account, or another tenancy
* Interfere with the security, availability, or performance of Oxara
* Bypass usage limits, restrictions, billing controls, or security measures
* Use Oxara to distribute spam, scams, malware, phishing attempts, or deceptive content
* Misrepresent your identity, affiliation, or authority
* Collect, store, or process personal data without the required rights, permissions, or lawful basis
* Use Oxara in a way that could damage the reputation, operation, availability, or security of the platform
* Use Oxara to encourage, enable, or coordinate harmful, abusive, fraudulent, or unlawful activity

<Note>
  Not every prohibited use case may be listed here. The Oxara Core Team may make the final decision on whether use of the platform is unacceptable and may take action where reasonably necessary to protect Oxara, its users, or the wider platform.
</Note>

## Security misuse

You must not attempt to:

* Probe, scan, or test the vulnerability of Oxara without written permission
* Reverse engineer, decompile, or attempt to extract source code from Oxara
* Access data, systems, accounts, or tenancies you are not authorised to access
* Interfere with authentication, permissions, rate limits, logging, or audit controls
* Introduce malicious code, automated abuse, scraping, denial-of-service activity, or excessive load to the platform
* Bypass, disable, or interfere with security, monitoring, or access-control systems

If you believe you have found a security issue, report it through our responsible disclosure process.

<Card title="Responsible Disclosure" icon="shield-check" href="/CMS/security/responsible-disclosure">
  Report a potential security issue safely and responsibly.
</Card>

## Data and privacy misuse

You must not use Oxara CMS to collect, store, share, or process personal data in a way that is unlawful, deceptive, unauthorised, or inconsistent with your responsibilities as a tenant.

This includes, but is not limited to:

* Collecting personal data without the required rights, permissions, or lawful basis
* Using member or staff data for purposes they would not reasonably expect
* Uploading sensitive information unless you have a valid reason and appropriate safeguards
* Sharing personal data with unauthorised people or systems
* Using Oxara to track, profile, or monitor individuals unlawfully
* Attempting to access, export, or disclose data from another tenancy

Tenant owners are responsible for ensuring their use of Oxara CMS complies with applicable data protection, privacy, and safeguarding obligations.

## Community responsibility

Tenant owners are responsible for how their tenancy uses Oxara CMS.

This includes ensuring staff have appropriate access, member data is handled appropriately, permissions are configured carefully, and community workflows are used lawfully and responsibly.

Tenant owners should regularly review staff access, integrations, audit logs, and configuration settings to reduce the risk of misuse.

## Integrations and third-party services

Where Oxara CMS connects to external platforms, integrations, bots, APIs, or third-party services, you are responsible for ensuring those connections are configured and used appropriately.

You must not use integrations to:

* Bypass Oxara security or permission controls
* Send spam, scams, malware, or deceptive content
* Transfer data to unauthorised systems
* Access accounts, communities, or services without permission
* Interfere with the operation of Oxara or any third-party platform

Oxara may restrict or disable integrations where we reasonably believe they are being misused or creating risk for Oxara, its users, or connected services.

## Enforcement

If we believe this policy has been breached, we may take action to protect Oxara, our users, and the wider platform.

This may include:

* Warning the account owner
* Requesting changes to configuration, content, integrations, or usage
* Restricting access to specific features
* Suspending or removing a tenancy
* Disabling accounts
* Removing content
* Preserving or reviewing logs where necessary
* Reporting serious misuse to relevant authorities where required
* Revoking licences

The action taken will depend on the severity, impact, and context of the breach.

<Note>
  We may not always provide advance warning before taking action. Where appropriate, we may take action we reasonably consider necessary to protect Oxara, its users, or the wider platform.

  Not all potential actions may be listed here. The Oxara Core Team may make the final decision on the outcome and how it is actioned.
</Note>

## Reporting misuse

If you believe someone is misusing Oxara CMS, please contact support with as much detail as possible.

<Card title="Contact Support" icon="message-circle" href="/CMS/support/contact-support">
  Report misuse, abuse, or suspicious activity.
</Card>

## Changes to this policy

We may update this Acceptable Use Policy from time to time.

When changes are made, the latest version will be published in the Oxara documentation.

<Note>
  Where possible, notice will be given. However, this cannot be promised. Notice may not always be given before updates are made to this policy.
</Note>

## Related pages

<CardGroup cols={2}>
  <Card title="Terms of Service" icon="file-text" href="/CMS/legal/terms-of-service">
    Read the terms that govern your use of Oxara.
  </Card>

  <Card title="Privacy Policy" icon="lock" href="/CMS/legal/privacy-policy">
    Understand how Oxara handles personal data.
  </Card>
</CardGroup>
