Get Started!

Acceptable Use Policy

TITLESCOUT ACCEPTABLE USE POLICY (AUP)
Last Updated: [September 15, 2025]

This AUP describes permitted and prohibited uses of the TitleScout Services. Capitalized terms have the meanings given in the Terms of Use. We may update this AUP from time to time; material changes will be notified via email to your admin contact or via in‑app notification, and will be effective as stated in that notice.

1) ACCOUNT & ACCESS
a. Authorized Users only; no shared credentials.
b. Promptly disable access for departed personnel and report suspected compromise to security@titlescout.io or legal@titlescout.io.
c. Configure role‑based access aligned to least privilege.

2) DATA & CONTENT
a. You must have rights and permissions to upload, provide, or instruct us to ingest Customer Data.
b. Prohibited content includes unlawful, infringing, deceptive, or malicious content; malware; and content that violates privacy or publicity rights.
c. Sensitive data.
i. GLBA NPPI customary to title services (e.g., names, addresses, loan numbers, settlement information, and documents from closing files) may be processed.
ii. Unless expressly agreed in writing (e.g., via a Business Associate Agreement), do not submit protected health information (PHI) under HIPAA, government‑classified data, ITAR‑controlled data, or export‑controlled technical data.
iii. Do not submit payment card data subject to PCI DSS (e.g., full PAN, CVV, magnetic‑stripe or chip data). TitleScout does not provide a PCI‑compliant environment.
d. FCRA. Do not use the Services to furnish “consumer reports,” take “adverse action,” or otherwise engage in activities regulated by the Fair Credit Reporting Act (FCRA).
e. Accuracy & Lawful Collection. You are responsible for the accuracy, quality, legality, and means of acquisition of Customer Data, and for providing any notices/consents required by law.

3) PLATFORM INTEGRITY
a. Do not probe, scan, or test the vulnerability of the Services, bypass security or rate limits, or access non‑public areas.
b. Do not interfere with or disrupt the Services (e.g., denial of service, excessive automated queries, or abuse of shared resources).
c. Do not reverse engineer, publicly benchmark, or disclose performance tests without our written consent.

4) AUTOMATION, CONNECTORS & APIS
a. Automated access (e.g., connectors, scripts, RPA) must comply with technical and rate limits we specify.
b. Any API access will be subject to separate API terms and this AUP; we may modify or suspend API endpoints to protect the platform.

5) EMAIL & MESSAGING
TitleScout has no in‑app messaging or outbound email features. You may not use the Services to send unsolicited or deceptive messages through external systems in a manner that would attribute the activity to TitleScout.

6) THIRD‑PARTY RIGHTS & DMCA
Respect intellectual property and privacy rights. If you believe content infringes your rights, notify our DMCA Agent:
– DMCA Agent: Legal Department
– Email: legal@titlescout.io
– Address: Sandstorm Technology Group, L.L.C., 3200 SW Huntoon Street, Topeka, KS 66604

7) COMPLIANCE; EXPORT; SANCTIONS
Comply with applicable laws (including GLBA, data‑security, and record‑retention requirements). Do not use the Services in embargoed jurisdictions or by prohibited parties under U.S. export/sanctions laws (including OFAC and EAR).

8) FAIR USE & RESOURCE LIMITS
We may apply reasonable technical limits (e.g., storage, ingestion throughput, concurrent indexing jobs, or API calls) to maintain stability. We will notify you if your usage materially exceeds typical patterns and work with you on a capacity plan.

9) HIGH‑RISK USE
The Services are not designed for life‑safety systems or to be the sole source of verified wire instructions. Always follow industry best practices to verify wire instructions through out‑of‑band channels.

10) ENFORCEMENT
We may investigate suspected violations and may suspend or terminate access for violations of this AUP or law. Reinstatement may require written assurance of future compliance and, where applicable, remediation steps (e.g., removal of offending data, user retraining, or implementing additional controls).