Acceptable Use Policy (AUP)

This Acceptable Use Policy ("AUP") governs the use of the CtrlOne Platform, including the CtrlOne Cloud Console, Windows Agent Software, APIs, websites, mobile applications, downloadable software, documentation, support services, and all related products and services (collectively, the "Services"). This AUP forms an integral part of the CtrlOne Terms of Service. By accessing or using CtrlOne, you agree to comply with this Acceptable Use Policy. Effective Date: July 14, 2026.

Last updated: July 14, 2026

1. Purpose

The purpose of this Policy is to:

  • Protect the security of all customers
  • Maintain platform reliability
  • Prevent misuse of CtrlOne
  • Protect intellectual property
  • Ensure compliance with applicable laws
  • Protect the integrity of managed Windows devices
  • Prevent cybercrime
  • Maintain service availability

2. Scope

This Policy applies to:

  • Customers
  • Organizations
  • Employees
  • Administrators
  • Managed Service Providers (MSPs)
  • Educational Institutions
  • Government Organizations
  • Contractors
  • Third-party administrators
  • Trial users
  • API users
  • Anyone accessing CtrlOne Services

3. Lawful Use Only

You may use CtrlOne only for lawful purposes. You agree not to use CtrlOne in violation of:

  • Indian Information Technology Act, 2000
  • Digital Personal Data Protection Act, 2023
  • Copyright Act, 1957
  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (where applicable)
  • Consumer Protection Act, 2019
  • Applicable labour, privacy, cybersecurity, export-control, or criminal laws
  • Any applicable foreign law when operating outside India

4. Authorized Business Use

CtrlOne is designed for legitimate administrative purposes, including:

  • Enterprise endpoint management
  • Device security
  • Windows policy enforcement
  • USB device management
  • Browser policy management
  • Software restriction
  • Compliance monitoring
  • Audit logging
  • Asset management
  • Device inventory
  • Educational computer lab management
  • Corporate workstation management
  • Public kiosk management
  • Healthcare endpoint management
  • Government endpoint management

5. Prohibited Activities

Users shall NOT use CtrlOne for the activities described in the following subsections.

5.1 Illegal Activities

  • Commit fraud
  • Commit cybercrime
  • Hack third-party systems
  • Steal data
  • Perform identity theft
  • Distribute malware
  • Spread ransomware
  • Operate botnets
  • Conduct phishing
  • Perform unauthorized penetration testing
  • Facilitate criminal activity

5.2 Unauthorized Access

You may not:

  • Access systems without authorization
  • Circumvent authentication
  • Bypass organizational policies
  • Escalate privileges unlawfully
  • Exploit vulnerabilities
  • Access another customer's account

5.3 Intellectual Property Violations

You may not use CtrlOne to:

  • Distribute pirated software
  • Circumvent software licensing
  • Violate copyrights
  • Violate trademarks
  • Infringe patents
  • Remove copyright notices

5.4 Reverse Engineering

Except where prohibited by law, you shall not:

  • Reverse engineer CtrlOne
  • Decompile the software
  • Modify binaries
  • Extract encryption keys
  • Circumvent licensing
  • Remove security protections
  • Tamper with digital signatures
  • Develop competing products using CtrlOne code

6. Platform Abuse

Users shall not:

  • Attempt denial-of-service attacks
  • Overload the platform
  • Abuse APIs
  • Generate excessive traffic
  • Interfere with platform availability
  • Exploit platform vulnerabilities
  • Disrupt shared infrastructure

7. Account Security

You must:

  • Protect administrator credentials
  • Use strong passwords
  • Enable Multi-Factor Authentication where available
  • Restrict access to authorized personnel
  • Immediately report credential compromise
  • Maintain accurate account information

8. Managed Device Responsibilities

You are solely responsible for ensuring that:

  • You own or are authorized to manage enrolled devices
  • Device users have been informed of organizational monitoring where required by law
  • Policies are configured appropriately
  • Deployments are tested before broad rollout
  • You maintain backups for critical systems

9. Privacy Compliance

You agree to use CtrlOne in compliance with applicable privacy laws. You must not:

  • Collect personal information unlawfully
  • Monitor employees without required legal authorization
  • Process personal data without a lawful basis
  • Use CtrlOne for unlawful surveillance

10. Content Filtering Responsibilities

If using Content Filter features, you are responsible for:

  • Maintaining appropriate allow/block lists
  • Reviewing filtering rules
  • Complying with local laws governing internet access
  • Avoiding discriminatory or unlawful restrictions

11. Application Control

You shall not use application-blocking features to:

  • Interfere with emergency services
  • Disable legally required software
  • Prevent lawful access to assistive technologies
  • Intentionally damage third-party systems

12. Browser Restrictions

Browser management features must not be used to:

  • Circumvent lawful investigations
  • Interfere with lawful regulatory requirements
  • Facilitate illegal censorship
  • Harvest credentials or sensitive information

13. USB Control

USB restrictions shall only be used for legitimate organizational security purposes. You may not:

  • Use USB controls to facilitate theft
  • Hide evidence
  • Interfere with lawful investigations
  • Destroy third-party property

14. Remote Administration

Remote administrative capabilities shall only be exercised by authorized personnel. Unauthorized remote management of devices you do not own or manage is strictly prohibited.

15. API Usage

If APIs are provided, you agree not to:

  • Exceed documented rate limits
  • Abuse authentication mechanisms
  • Scrape platform data
  • Interfere with API availability
  • Create automated attacks

16. Trial Accounts

Trial accounts may not be used to:

  • Avoid subscription fees
  • Create multiple fraudulent trials
  • Circumvent licensing
  • Operate production environments beyond trial limitations

17. Security Research

Good-faith security research is encouraged only when:

Unauthorized exploitation or public disclosure of vulnerabilities without prior notice may result in enforcement actions.

  • Conducted on systems you own or are authorized to test
  • Coordinated with CtrlOne through a responsible disclosure process
  • Not disruptive to the platform or other customers

18. Malware

You shall not use CtrlOne to:

  • Deploy malware
  • Deliver ransomware
  • Install spyware
  • Install keyloggers
  • Distribute trojans
  • Operate worms
  • Facilitate unauthorized remote access

19. Spam

Users shall not use CtrlOne to:

  • Send unsolicited communications
  • Operate spam campaigns
  • Distribute phishing emails
  • Harvest email addresses

20. High-Risk Activities

CtrlOne shall not be used as the sole control mechanism for environments where software failure could reasonably result in death, serious bodily injury, or severe environmental damage, including but not limited to:

  • Nuclear facilities
  • Aircraft flight control
  • Air traffic control
  • Life-support systems
  • Critical military operations
  • Medical devices requiring regulatory certification

21. Artificial Circumvention

Users may not:

  • Disable licensing controls
  • Tamper with offline enforcement
  • Modify registry protections implemented by CtrlOne
  • Bypass policy enforcement mechanisms
  • Interfere with software integrity verification

22. Monitoring and Enforcement

CtrlOne reserves the right to:

  • Investigate suspected violations
  • Suspend accounts
  • Restrict access
  • Remove abusive content where applicable
  • Limit API usage
  • Disable compromised accounts
  • Preserve logs for legal compliance
  • Cooperate with lawful requests from competent authorities

23. Consequences of Violations

Violations of this AUP may result in one or more of the following:

  • Warning notices
  • Temporary suspension
  • Permanent account termination
  • Revocation of licenses
  • Blocking of IP addresses
  • Reporting to law enforcement
  • Civil legal action where appropriate
  • No refund of subscription fees for material violations, subject to applicable law

24. Reporting Abuse

If you believe CtrlOne is being misused, you should promptly report the matter to CtrlOne's security or support team with sufficient details to enable investigation.

25. Changes to this Policy

CtrlOne may update this Acceptable Use Policy from time to time. Continued use of the Services after an updated version becomes effective constitutes acceptance of the revised Policy.

26. Governing Law

This Acceptable Use Policy shall be governed by and interpreted in accordance with the laws of the Republic of India. Subject to any agreed arbitration provisions in the Terms of Service, courts located in Rajkot, Gujarat, India, shall have exclusive jurisdiction over disputes arising from or relating to this Policy.

27. Contact

CtrlOne — UQuick Technologies India Limited

Website: https://ctrlone.online

Email: legal@ctrlone.online

Support: support@ctrlone.online