Prism
Sign inCreate account
Legal

Acceptable Use Policy

Authorized-use boundaries, prohibited conduct, and operational responsibilities.

Legal hubTrustSupport

Acceptable Use Policy

Last updated: April 5, 2026

This Acceptable Use Policy ("AUP") governs use of Prism software, services, and related support systems (collectively, the "Services"). This AUP is intended to reduce legal, security, abuse, and operational risk.

You may use the Services only for lawful, authorized, and documented business purposes.

1. Core Rule

Use Prism only with systems, websites, accounts, applications, APIs, and data that you own, administer, or are expressly authorized to access and automate.

If you cannot clearly document your authorization, do not use Prism for that activity.

2. Permitted Categories

Subject to applicable law, contract, and authorization, Prism may be used for activities such as:

  • internal QA and regression testing;
  • browser-based workflow automation for your own teams;
  • customer support and account operations on systems you manage;
  • partner or client workflows where you have written authorization;
  • data entry, reconciliation, and back-office operations;
  • scheduled reporting and browser-driven operational tasks; and
  • other documented business processes where the operator has a valid right to access the target system and data.

3. Prohibited Uses

You may not use Prism to:

  • access, monitor, scrape, copy, or extract data from systems without valid authorization;
  • violate applicable law, regulation, court order, or government directive;
  • commit fraud or facilitate fraud, impersonation, identity abuse, or misrepresentation;
  • credential stuff, brute force, enumerate accounts, harvest credentials, or abuse authentication flows;
  • farm, buy, sell, rent, warm, or mass-manage accounts where such conduct is unlawful or unauthorized;
  • send spam, run phishing campaigns, distribute malware, or support other malicious cyber activity;
  • interfere with the availability, integrity, or security of a third-party service;
  • bypass access controls or security protections in violation of applicable law;
  • violate privacy, confidentiality, publicity, consumer protection, or intellectual property rights;
  • process sensitive personal information unless you have a valid legal basis, appropriate safeguards, and a legitimate business need;
  • use Prism in connection with stalking, harassment, surveillance of private persons, or other abusive conduct;
  • use Prism to create deceptive traffic, fake engagement, or synthetic account activity designed to mislead users, businesses, or markets; or
  • use Prism in any situation where failure of the automation could reasonably result in death, bodily injury, or significant property or environmental damage.

4. Customer Responsibilities

You are responsible for:

  • verifying that each target workflow is authorized before automating it;
  • maintaining records of approvals, client instructions, or internal authority for the workflows you run;
  • ensuring your credentials, proxy settings, datasets, and automation logic are managed securely;
  • training your users on lawful and compliant use of the Services;
  • complying with your own contractual obligations to third parties; and
  • monitoring the output of your automations for misuse, errors, or drift.

5. Restricted Data and Regulated Work

Do not use Prism for regulated or high-risk data unless you have confirmed that your configuration, security controls, legal basis, and contracts are adequate for that use case.

Examples include:

  • protected health information;
  • payment card data;
  • government-issued identity numbers;
  • financial account credentials;
  • children's data; and
  • export-controlled or classified information.

6. Security Expectations

You must use reasonable security measures when operating Prism, including:

  • strong unique passwords and multi-factor authentication where available;
  • least-privilege access to credentials, profiles, scripts, and logs;
  • secure storage for screenshots, session data, and exported files;
  • prompt rotation of compromised or shared credentials; and
  • timely installation of security updates and patches.

7. Monitoring, Enforcement, and Suspension

Prism may investigate suspected violations of this AUP and may suspend or terminate access if it reasonably believes:

  • the Services are being used in violation of this AUP or applicable law;
  • continued use presents legal, security, reputational, or operational risk; or
  • suspension is necessary to protect Prism, its suppliers, other customers, or third parties.

Prism may also report unlawful conduct to appropriate authorities and cooperate with legal process as required by law.

8. Reporting

If you become aware of misuse, compromise, unauthorized access, or a suspected violation of this AUP, promptly report it to:

the support, abuse-reporting, or security contact published on Prism's website, or the reporting channel identified in the applicable Order Form.

9. Changes

Prism may update this AUP from time to time. Updated versions become effective as stated in the updated policy or as otherwise permitted by your agreement with Prism.