Acceptable Use Policy

Effective Date: 2026-03-11

1. Purpose

This Acceptable Use Policy ("Policy") establishes the rules and expectations governing how you may use the MyProtektor platform, including the web application, mobile application, and all related services (collectively, the "Service"). Its purpose is to protect the integrity of the platform, the safety of our users, and the communities served by the security firms that rely on MyProtektor.

This Policy forms an integral part of our Terms of Service. Where this Policy and the Terms of Service conflict, the Terms of Service shall prevail. Defined terms used in this Policy have the same meaning as in the Terms of Service unless stated otherwise.

2. Who This Applies To

This Policy applies to every individual who accesses the Service in any capacity, including but not limited to:

• Organisation Owners (Level 4): Individuals who hold the Owner role within a MyProtektor organisation
• Administrators (Level 3): Individuals assigned administrative responsibilities within an organisation
• Security Guards (Level 2): Field personnel who use the mobile application for incident reporting, patrol scanning, and GPS tracking
• Clients (Level 1): Protected property owners or managers who access published incident data and security reports
• LiteClients (Level 0): Individuals who subscribe to the panic alert service and receive area notifications
• Trial Users: Individuals evaluating the Service during a free trial period
• API Consumers: Third-party systems or integrations that access the Service programmatically

3. Acceptable Uses

The Service is designed and licensed exclusively for the following lawful purposes:

• Managing and coordinating professional security guard operations
• Reporting, documenting, and resolving genuine security incidents
• Tracking guard locations and verifying patrol route completion during authorised shifts
• Activating panic alerts in genuine emergency situations where personal safety is at risk
• Publishing incident reports to authorised clients for transparency and accountability
• Generating analytics, reports, and performance assessments for operational improvement
• Administering organisational membership, roles, and site configurations
• Training security personnel on platform features and operational procedures
• Processing subscription payments and managing billing through the designated interfaces

4. Prohibited Activities

The following activities are strictly prohibited. Engaging in any of these activities constitutes a material breach of the Terms of Service and may lead to immediate account termination.

4.1 Illegal Activities

• Using the Service to plan, facilitate, or carry out any activity that violates any applicable law, statute, regulation, or ordinance
• Operating a security business without the licences required by the Private Security Industry Regulatory Authority (PSIRA) or the equivalent body in your jurisdiction
• Submitting falsified credentials, forged licences, or misrepresented qualifications
• Using the Service to facilitate money laundering, fraud, bribery, or corruption
• Engaging in conduct that could expose MyProtektor or its users to criminal or civil liability

4.2 Abuse of Security Features

• False Incident Reports: Creating fabricated, exaggerated, or intentionally misleading incident reports. Every report must accurately describe a genuine event
• Panic Alert Misuse: Activating the panic button when no real emergency exists. False activations divert critical resources from genuine emergencies and may endanger lives
• GPS Spoofing: Using software, hardware, or any technique to falsify your geographic location data. All GPS coordinates transmitted to the Service must reflect your actual physical position
• Patrol Fraud: Scanning QR checkpoint codes without being physically present at the checkpoint location, or using any method to simulate a patrol that was not physically completed
• Evidence Tampering: Altering, fabricating, or manipulating photographs, videos, or other evidentiary material attached to incident reports

4.3 System Interference

• Attempting to gain unauthorised access to any part of the Service, other users' accounts, or the underlying infrastructure
• Introducing viruses, malware, trojans, worms, or any other malicious code into the Service
• Performing denial-of-service attacks, load-testing, or stress-testing against the Service without prior written authorisation
• Scraping, crawling, or using automated tools to extract data from the Service beyond what is available through provided export features
• Reverse-engineering, decompiling, disassembling, or attempting to derive the source code of any part of the Service
• Circumventing, disabling, or interfering with any security, authentication, or access-control mechanisms
• Exploiting bugs, vulnerabilities, or errors in the Service for personal gain or to cause harm (responsible disclosure via email is appreciated)

4.4 Harmful Content

• Uploading, transmitting, or sharing content that is threatening, abusive, harassing, defamatory, or obscene
• Distributing hate speech or content that incites violence, discrimination, or hostility based on race, ethnicity, gender, religion, sexual orientation, disability, or national origin
• Uploading sexually explicit, gratuitously violent, or otherwise objectionable material
• Sending spam, unsolicited messages, or bulk notifications that are not related to legitimate security operations
• Impersonating another person, organisation, or role within the Service

4.5 Privacy Violations

• Collecting, harvesting, or aggregating personal information of other users without their consent and a legitimate operational purpose
• Using guard tracking or location data for purposes unrelated to security operations, such as personal surveillance, stalking, or harassment
• Disclosing confidential security information, incident details, or client data to unauthorised third parties
• Sharing your account credentials with anyone or allowing anyone else to use the Service through your account
• Accessing incident reports, patrol records, or location data that is outside the scope of your assigned role and permissions

5. Role-Specific Guidelines

In addition to the general rules above, each role carries specific responsibilities and expectations.

5.1 Owners and Admins

• Compliance Oversight: You are responsible for ensuring that all members of your organisation comply with this Policy. Failure to address known violations within your organisation may result in action against the organisational account
• Accurate Role Assignment: Assign platform roles that accurately reflect each person's actual position and responsibilities. Do not grant elevated permissions to individuals who do not require them
• Data Governance: Establish and enforce internal data-handling procedures that align with our Privacy Policy and applicable data protection laws
• Billing Integrity: Maintain accurate subscription and payment information. Do not attempt to exploit free trials, promotional offers, or pricing structures through deceptive means
• Incident Review: Review incident reports submitted by guards with due diligence. Do not publish reports you know to be inaccurate or suppress reports to conceal security failures

5.2 Guards

• Truthful Reporting: Submit only factual, accurate, and complete incident reports. Document what you observed, not what you assume or speculate
• Physical Patrol Completion: Complete all assigned patrols physically. Scan QR checkpoints only when you are standing at the checkpoint location
• GPS Accuracy: Keep location services enabled on your device during active shifts. Never use VPNs, mock-location apps, or any tool to falsify your position
• Professional Conduct: Maintain professional behaviour when interacting with clients, the public, and fellow team members through the platform
• Equipment Responsibility: Use company-issued or personal devices responsibly. Report lost, stolen, or compromised devices to your administrator immediately

5.3 Clients and LiteClients

• Panic Alert Responsibility: Use the panic button exclusively for genuine emergencies where you believe your personal safety or the security of your property is at immediate risk
• Confidentiality: Treat all security information received through the platform as confidential. Do not share incident reports, guard locations, or operational details on social media or with unauthorised parties
• Accurate Information: Maintain current and accurate emergency contact details and property addresses in your account
• Constructive Engagement: Provide honest and constructive feedback to your security provider. Do not use the platform to harass or abuse security personnel

6. Data Handling Responsibilities

6.1 General Principles

• Access only the data that is necessary for your role and operational duties
• Do not download, copy, or export data from the Service unless required for a legitimate business purpose and authorised by your organisation
• Store any exported data securely and dispose of it when it is no longer needed
• Report any data breach or suspected data exposure to your organisation's Owner or Admin and to MyProtektor immediately

6.2 Incident Documentation Standards

• Report incidents as soon as reasonably practicable after they occur
• Provide factual, objective descriptions without speculation or personal opinion
• Attach photographic or video evidence that is relevant, unaltered, and captured at the scene
• Classify incident severity accurately based on the facts available at the time of reporting
• Preserve the chain of custody for all evidence submitted through the platform

6.3 Location Data

• GPS tracking data collected during shifts is the property of the employing organisation and must be treated as confidential operational data
• Admins and Owners must not use location tracking data for purposes other than legitimate security operations, patrol verification, and shift compliance purposes only
• If your role requires you to share your location, you must keep location services enabled during active duty periods as required by your organisational policies

Client Compliance Obligation: Organisations using MyProtektor's location tracking features are responsible for ensuring compliance with all applicable data protection and labour legislation, including but not limited to the Protection of Personal Information Act (POPIA) and the Basic Conditions of Employment Act (BCEA). This includes maintaining appropriate monitoring policies, providing written notice to tracked personnel, and establishing a lawful basis for processing location data. MyProtektor, as a technology service provider (operator), processes location data on behalf of and at the instruction of the subscribing organisation (responsible party).

7. Monitoring and Enforcement

MyProtektor reserves the right to monitor use of the Service to ensure compliance with this Policy. Monitoring may include:

• Automated Detection: Algorithmic systems that identify anomalous patterns, such as GPS spoofing signatures, improbable patrol completion speeds, or suspicious login activity
• Log Analysis: Review of access logs, audit trails, and system records for evidence of prohibited activity
• User Reports: Investigation of reports submitted by other users through the platform's reporting mechanism or by contacting us directly
• Periodic Audits: Scheduled reviews of organisational compliance with platform policies and applicable regulations

8. Consequences of Violations

When a violation is confirmed, we will take enforcement action proportionate to the severity and nature of the breach:

8.1 Progressive Discipline

• Written Warning: For first-time minor infractions, we will issue a formal written warning describing the violation and the expected corrective action
• Temporary Suspension: For repeated minor infractions or a single moderate violation, we may suspend your account for a defined period ranging from 7 to 90 days
• Permanent Termination: For serious violations, repeated moderate violations after prior warnings, or any activity that poses an immediate risk to safety, we will permanently terminate your account

8.2 Immediate Termination

The following violations will result in immediate account termination without a prior warning:

• Any illegal activity conducted through the Service
• GPS spoofing or systematic patrol fraud
• Deliberate filing of false panic alerts
• Attempting to breach the security of the Service or other users' accounts
• Distributing malware or conducting denial-of-service attacks
• Using location tracking features for stalking or harassment

8.3 Organisational Consequences

If multiple users within an organisation engage in prohibited conduct and the organisation's leadership fails to take corrective action, we may suspend or terminate the entire organisational account.

9. Appeals Process

If your account is suspended or terminated and you believe the action was taken in error or is disproportionate, you may appeal by following these steps:

• Step 1: Submit a written appeal to info@myprotektor.co.za within 14 days of receiving the enforcement notice. Include your name, email address, the nature of the violation cited, and your reasons for contesting the decision
• Step 2: We will acknowledge receipt of your appeal within 5 business days
• Step 3: An independent review of your case will be conducted, taking into account all available evidence, your appeal submission, and any mitigating circumstances
• Step 4: You will receive a written decision within 21 business days of appeal submission. The decision may uphold, modify, or overturn the original enforcement action
• Step 5: The appeal decision is final. If you remain dissatisfied, you may pursue the dispute resolution process described in our Terms of Service

10. Reporting Violations

If you witness or become aware of any conduct that violates this Policy, we encourage you to report it promptly. Reports can be made through the following channels:

When submitting a report, please provide as much detail as possible, including the identity of the individuals involved, a description of the prohibited activity, the date and time of occurrence, and any supporting evidence such as screenshots or log references.

We treat all reports seriously and will investigate each one. We will not retaliate against any user who makes a good-faith report of a policy violation.

11. Updates to This Policy

We may revise this Acceptable Use Policy from time to time to address new threats, legal requirements, or changes to the Service. When changes are made, we will:

• Update the "Effective Date" at the top of this document
• Notify all registered users by email for material changes
• Display a notice within the Service interface
• Publish the updated policy on our website

Your continued use of the Service after the revised policy becomes effective constitutes your acceptance of the updated terms.

12. Contact Information

If you have questions about this Acceptable Use Policy or need to report a violation, please contact us: