Acceptable Use Policy

This Acceptable Use Policy defines prohibited behavior and security expectations for anyone using CASHO services.

The purpose is to maintain a safe, secure, and legal platform for all users.

You must not use CASHO to violate laws, infringe intellectual property rights, distribute malware, commit fraud, or facilitate unauthorized access.

You must not submit harmful, defamatory, deceptive, threatening, harassing, or abusive content.

You must not impersonate CASHO staff, team members, household members, or other users.

You must not engage in phishing, social engineering, or deceiving other users into disclosing credentials or financial information.

You must not use CASHO for money laundering, sanctions evasion, or terrorist financing.

You must not probe, scan, penetration test, reverse engineer unlawfully, decompile, or disassemble CASHO infrastructure, code, or systems.

You must not overload, disrupt, or cause denial-of-service (DDoS) attacks against CASHO infrastructure.

You must not bypass authentication, security controls, encryption, or rate-limiting protections.

You must not perform credential stuffing, brute force attacks, or automated account takeover attempts.

You must not scrape, crawl, or bulk-extract user data beyond reasonable personal use.

Security researchers: Report vulnerabilities responsibly to security@casho.com.au; do not publicly disclose before CASHO patches.

You must only access data you are authorized to access based on your account type and household membership.

You must respect privacy rights of household members and other users; do not share, sell, or disclose their financial data.

You must not attempt to access, download, or export financial data of other users without permission.

You must not link or connect CASHO accounts to other users without their explicit written consent.

You must comply with privacy laws and regulations applicable to personal financial data.

You must not submit content that violates laws in any jurisdiction.

You must not submit content that violates third-party rights (copyright, trademarks, privacy, personality rights).

You must not submit content that depicts illegal activity, violence, self-harm, or exploitation.

CASHO monitors for violations and may, at its sole discretion: suspend account temporarily, terminate account permanently, remove/edit content, restrict feature access, report to authorities.

Violation discovery: CASHO proactively monitors logs, reports abuse, and investigates suspicious account activity.

Investigation process: If potential abuse detected, CASHO may disable account access, investigate (5-15 business days), and notify user of findings.

Appeal process: If you believe your account was suspended in error, contact support@casho.com.au within 30 days with evidence. Senior team will review.

Immediate termination: For severe violations (fraud, hacking, illegal content), CASHO may terminate without notice or appeal period.

CASHO may remove user-submitted content that violates this policy, laws, or third-party rights.

Non-urgent removals: CASHO sends 7-day notice describing the violation and offering appeal opportunity. User may respond with evidence of compliance or request review.

Urgent removals: For child safety, defamation, IP infringement, or immediate legal concerns, content is removed immediately; appeal available afterwards.

Appeal: Send appeals to support@casho.com.au with explanation; decision provided within 7 business days.

Report security vulnerabilities, bugs, or abuse to: security@casho.com.au

Include: description of issue, steps to reproduce, impact assessment, your contact info.

CASHO acknowledges receipt within 24 hours and provides expected timeline for fix/response.

Report account abuse (harassment, impersonation, fraud) to: support@casho.com.au

Include: account email, description of abuse, screenshots/evidence, date/time.

CASHO may disclose user information to law enforcement, government agencies, or courts when lawfully required (subpoena, warrant, regulatory request).

CASHO will provide notice to affected users unless legally prohibited (e.g., gag order).

CASHO retains right to cooperate with authorities without user consent when legally required.

If your account is compromised or unauthorized access occurs, immediately change your password and notify support@casho.com.au.

CASHO recommends: use unique, strong passwords; enable multi-factor authentication (MFA); log out from inactive sessions; do not share credentials.

CASHO is not liable for losses from compromised accounts if you fail to secure your credentials according to best practices.

CASHO may update this policy with 30 days' notice via email.

Material changes (e.g., expanded prohibited conduct) allow 30-day opt-out; continued use implies acceptance.

For policy questions: support@casho.com.au

For abuse reports: security@casho.com.au

For appeals: support@casho.com.au with subject 'APPEAL: [reason]'