Acceptable Use Policy

This Acceptable Use Policy ("AUP") applies to all users of the EventMann platform operated by ChetsApp UG, including but not limited to organizers, attendees, vendors, sponsors, and any person or system that accesses our website, APIs, or services.

This AUP is incorporated into and forms part of our Terms of Service. By accessing or using EventMann, you agree to comply with this policy. We may update this AUP from time to time, and your continued use of the platform constitutes acceptance of any changes.

The purpose of this policy is to protect the integrity, security, and availability of our platform for all users. It establishes clear boundaries for acceptable behavior and outlines the consequences of misuse.

EventMann is designed for the following legitimate purposes:

• Event management: Creating, publishing, and managing events of all types — conferences, concerts, workshops, meetups, and more.
• Ticket sales and purchases: Selling tickets as an organizer and purchasing tickets as an attendee through our secure checkout process.
• Team collaboration: Inviting team members, assigning sub-roles, and coordinating event operations within the platform.
• Analytics and reporting: Accessing event analytics, sales reports, and attendee data for legitimate event management purposes.
• Communication: Sending event-related communications to attendees, team members, and other stakeholders through platform-provided channels.
• API integration: Using our public APIs to integrate EventMann data and functionality into your own applications, subject to our API terms and rate limits.

All use of the platform must be lawful and consistent with the purpose for which the feature was designed. Using platform features for purposes other than those intended is a violation of this policy.

The following activities are strictly prohibited on EventMann. This list is not exhaustive — any activity that threatens the security, integrity, or availability of the platform or harms other users is prohibited.

Scraping and data harvesting:

• Using automated tools, bots, crawlers, or scrapers to extract data from EventMann without express written permission.
• Harvesting email addresses, attendee lists, or other personal data from event pages or user profiles.
• Systematically downloading or copying event content, images, or descriptions for use outside the platform.

Bots and automation abuse:

• Using bots or automated scripts to create accounts, purchase tickets, or interact with platform features.
• Deploying ticket-buying bots to gain an unfair advantage in purchasing limited-availability tickets.
• Automating any platform interaction in a way that could degrade performance or availability for other users.

Spam and unsolicited communications:

• Sending unsolicited promotional messages, advertisements, or marketing materials through platform messaging features.
• Creating events solely for the purpose of advertising unrelated products or services.
• Posting repetitive, irrelevant, or misleading content to manipulate search results or visibility.

Hacking and security violations:

• Attempting to gain unauthorized access to other users' accounts, platform systems, or internal infrastructure.
• Exploiting vulnerabilities, bugs, or security flaws in the platform — report these responsibly through our contact page instead.
• Distributing malware, viruses, trojans, or any other malicious code through the platform.
• Performing denial-of-service attacks or any action intended to disrupt platform availability.

Abuse and manipulation:

• Creating multiple accounts to circumvent bans, restrictions, or rate limits.
• Manipulating pricing, availability, or ticket inventory through deceptive means.
• Filing fraudulent chargebacks or disputes to obtain tickets or services without payment.
• Engaging in any form of financial fraud, money laundering, or terrorist financing through the platform.

If you access EventMann through our APIs, the following additional rules apply:

• Authentication: All API requests must be properly authenticated using valid API keys or OAuth tokens. Sharing API credentials with unauthorized parties is prohibited.
• Purpose: API access must be used for legitimate integrations that enhance the event management experience. Using API access to build competing services, scrape data, or circumvent platform limitations is prohibited.
• Attribution: Applications that display EventMann data must properly attribute the source and comply with our brand guidelines.
• Data handling: Any personal data accessed through our APIs must be handled in compliance with GDPR and our Data Processing Agreement. You must not store personal data longer than necessary or use it for purposes beyond what attendees have consented to.

We reserve the right to revoke API access at any time if we determine that your usage violates this policy or poses a risk to our platform or users. API access is granted on a best-effort basis, and we do not guarantee uptime or performance of API endpoints.

To ensure fair access and platform stability for all users, EventMann enforces rate limits on platform usage and API calls:

• Web requests: Standard users are limited to a reasonable number of requests per minute. Exceeding this limit may result in temporary throttling or blocking.
• API calls: API rate limits vary by endpoint and authentication level. Current limits are documented in our API documentation and returned in response headers (X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset).
• Ticket purchases: To prevent bot activity and ensure fair access, ticket purchase endpoints have stricter rate limits during high-demand sales periods.
• File uploads: Upload sizes and frequencies are limited to prevent abuse. Maximum file sizes and allowed formats are documented in the platform interface.

If you consistently hit rate limits during normal use, please contact us to discuss your needs. We may be able to adjust limits for legitimate high-volume use cases.

Deliberately circumventing rate limits — through rotating IP addresses, distributing requests across multiple accounts, or other evasion techniques — is a serious violation of this policy and may result in immediate account termination.

ChetsApp UG reserves the right to monitor platform usage to ensure compliance with this Acceptable Use Policy. Monitoring may include:

• Automated analysis of traffic patterns, request volumes, and usage anomalies
• Review of reported content and user behavior
• Security scanning and vulnerability assessment
• Audit logging of administrative and sensitive actions

When we identify a violation of this policy, we may take one or more of the following actions without prior notice:

• Rate limiting or throttling of requests from the offending source
• Temporary suspension of the user's account or API access
• Permanent termination of the account, including forfeiture of any pending payouts in cases of fraud
• Legal action where the violation constitutes a criminal offense or causes material harm to ChetsApp UG or its users

We aim to enforce this policy fairly and proportionally. However, in cases involving security threats, fraud, or illegal activity, we may act immediately and without prior warning to protect the platform and its users.

If you become aware of any activity that violates this Acceptable Use Policy, we encourage you to report it promptly. Early reporting helps us protect the platform and all its users.

To report abuse, please contact us with the following details:

• A description of the suspected violation
• The URL(s) or user account(s) involved
• The date and time of the observed activity
• Any screenshots or evidence that may assist our investigation

For security vulnerabilities, please use our responsible disclosure process. Do not publicly disclose vulnerabilities before they have been addressed. We appreciate the security research community and will acknowledge valid reports.

All abuse reports are reviewed by our operations team and handled confidentially. We will not retaliate against users who report violations in good faith, even if the report ultimately proves unfounded.