Acceptable Use Policy

You may use the Service for lawful business purposes, including:

• Fraud prevention and risk scoring in payment, identity, and e-commerce flows.
• Cybersecurity monitoring, threat hunting, and SIEM enrichment.
• Ad-fraud detection and traffic quality assurance.
• Geo-compliance enforcement (content licensing, regional restrictions).
• Security research and academic study using publicly routed IP data.
• Building commercial products and services that incorporate our API outputs, subject to the data-distribution terms in your plan.

You must not use the Service, directly or indirectly, to:

• Track, monitor, or surveil individuals without their knowledge or legal authority.
• Facilitate stalking, harassment, or domestic abuse.
• Discriminate against individuals in employment, housing, credit, or public accommodation on the basis of any protected characteristic, even where IP signals correlate with such characteristics.
• Build products designed to deanonymise or re-identify individuals by combining IP data with other datasets.
• Resell, sublicense, or redistribute raw API response data to third parties without a signed data-distribution agreement with ipOptic.
• Systematically harvest or reconstruct ipOptic's underlying database through automated querying, crawling, or bulk downloads beyond your plan's permitted usage.
• Circumvent rate limits, access controls, authentication mechanisms, or usage quotas.
• Transmit malware, engage in denial-of-service attacks, or interfere with the Service's availability for other users.
• Violate any applicable law or regulation, including export control, sanctions, or anti-money-laundering rules.
• Use the Service in any jurisdiction where such use is prohibited by local law.

The following use cases require prior written approval from ipOptic and may be subject to additional contractual terms:

• Law enforcement or government intelligence applications.
• Automated decision-making that produces legal or similarly significant effects on individuals, within the meaning of GDPR Article 22.
• Integration into systems that operate critical national infrastructure.
• Resale of enriched data as part of a data brokerage or data-as-a-service product.

To request approval, contact legal@ipoptic.io with a description of the intended use case.

API usage is subject to the rate limits and monthly quotas specified in your plan. Sustained usage that materially exceeds your plan quota — even without triggering hard limits — may be subject to throttling or an upgrade requirement. Automated scripts must include a reasonable delay between requests and must honour HTTP 429 responses with exponential back-off.

If you become aware of any use of the Service that violates this AUP, please report it to abuse@ipoptic.io. We investigate all credible reports and will take appropriate action, which may include terminating the offending account.

ipOptic reserves the right to suspend or terminate access, without notice in cases of serious or repeated violations, and to pursue any available legal remedies including injunctive relief and damages. We will cooperate with law enforcement where required.

We may update this AUP to reflect changes in the Service, applicable law, or our policies. We will notify registered users of material changes at least 14 days before they take effect. Continued use of the Service constitutes acceptance of the revised AUP.

Questions about this AUP: legal@ipoptic.io. Abuse reports: abuse@ipoptic.io.