Acceptable Use Policy

This Acceptable Use Policy ("AUP") sets out what is and is not allowed when using Finatha. It supplements the Terms of Service. Where it conflicts with the Terms of Service, the Terms of Service control.

Finatha is a personal financial planning tool. It is not a regulated financial service. The conduct rules below help us keep the Service safe, lawful, and useful for everyone.

You agree to use Finatha only for personal, non-commercial planning purposes and only in compliance with all applicable laws, including the laws of your country of residence and any country whose data you enter.

Even though Finatha does not move money, you must not use the Service in connection with money laundering, terrorist financing, sanctions evasion, fraud, tax evasion, or any other unlawful financial activity. Doing so will result in immediate termination and may be reported to authorities.

You must not:

• Impersonate another person, misrepresent your identity, or use a fake or stolen email address.
• Attempt to access another user's account, data, or sessions.
• Attempt to identify other users or to derive identifying information from anonymised data.
• Probe, scan, or test the vulnerability of the Service without our written permission, or breach security or authentication measures.
• Disable, bypass, or interfere with security features, rate limits, or access controls.
• Upload or transmit malware, viruses, ransomware, worms, or any code intended to harm or interfere with the Service or other users.
• Use the Service to send unsolicited communications, spam, or phishing.
• Scrape, crawl, or extract data using automated tools, except via interfaces and rate limits we publish.
• Reverse engineer, decompile, or disassemble the Service except where applicable law permits despite this prohibition.
• Re-sell, re-distribute, or sub-licence the Service.
• Use the Service in a way that imposes an unreasonable load on our infrastructure.
• Manipulate or attempt to bypass AI safety features, exploit prompt injection, or use AI features to generate harmful, illegal, or infringing content.
• Use Finatha to make decisions for someone else without their knowledge and consent, or to process other people's data without a lawful basis.
• Publish performance, security, or benchmarking data about Finatha without our prior written consent.

If you believe you have found a vulnerability, please write to security@finatha.app with the details. We will work with you in good faith. Do not access, modify, or extract any data that is not your own. Do not run denial-of-service attacks. Do not publish details before we have had a reasonable chance to fix.

If someone is misusing Finatha, write to abuse@finatha.app with as much context as you can: the account or content involved, what happened, and any evidence. We treat reports confidentially.

We may take action when this AUP is breached. Action depends on the severity and may include:

• A warning.
• Removal or suspension of specific content.
• Temporary suspension of the account.
• Permanent termination of the account.
• Reporting to law enforcement or regulators where required.

For serious or repeated breaches we may act without prior notice.

We may update this AUP. The current version is always at finatha.app/acceptable-use and shows a "last updated" date. Material changes are notified the same way as Terms changes.