Acceptable Use Policy

Version 1.0 — Last updated: February 14, 2026

1. Overview

This Acceptable Use Policy ("AUP") governs your use of the RISA Docs platform operated by RISA Capital Inc. This AUP is incorporated into and forms part of our Terms of Service. Capitalized terms not defined here have the meanings given in the Terms of Service.

We designed RISA Docs to help Canadian businesses manage their documents and bookkeeping. This policy ensures the Service remains secure, reliable, and available for all users.

2. Prohibited Content

You may not upload, store, or process the following types of content through the Service:

  • Malicious software: Viruses, trojans, ransomware, spyware, or any file designed to damage, disrupt, or gain unauthorized access to computer systems.
  • Illegal material: Content that violates Canadian federal or provincial law, including but not limited to content related to fraud, money laundering, tax evasion, or terrorist financing.
  • Unrelated content: The Service is intended for business document management. Content unrelated to business operations (personal photos, entertainment media, etc.) should not be stored on the platform.
  • Regulated data beyond scope: RISA Docs is designed for financial and business documents. Do not use the Service to store or process:
    • Personal health information (PHI) subject to provincial health privacy legislation
    • Data subject to ITAR, EAR, or other export control regulations
    • Payment card data (PCI DSS scope) — use your payment processor directly
    • Classified or government-restricted information

3. Prohibited Conduct

You may not:

  • Bypass security controls: Attempt to access other organizations' data, circumvent tenant isolation, or bypass authentication or authorization mechanisms.
  • Reverse engineer: Decompile, disassemble, reverse engineer, or attempt to derive the source code of the Service or any of its components.
  • Share credentials: Share your login credentials with anyone outside your organization, or use shared/generic accounts. Each user must have their own account.
  • Automated access: Use bots, scrapers, or automated tools to access the Service except through our documented APIs with a valid API key.
  • Resell or redistribute: Resell, sublicense, or provide access to the Service to third parties without our prior written authorization.
  • Impersonate: Impersonate another user, organization, or RISA Docs staff.
  • Interfere with service: Take any action that imposes an unreasonable load on our infrastructure, degrades performance for other users, or disrupts the availability of the Service.

4. System and Resource Abuse

  • Rate limits: Respect API rate limits and usage quotas associated with your subscription plan. Automated retries must use exponential backoff.
  • Storage limits: Use storage within the limits of your subscription plan. Exceeding storage limits may result in restricted upload capabilities until you upgrade or reduce usage.
  • Deliberate overload: Do not intentionally stress-test, benchmark, or perform load testing against the Service without prior written approval from us.

5. Security Research

We value security research conducted in good faith. If you discover a vulnerability in the Service:

  • Report it to security@risadocs.ca before disclosing it publicly or to any third party.
  • Do not access, modify, or delete data belonging to other users or organizations.
  • Do not perform denial-of-service testing or any action that degrades the Service for other users.
  • We will acknowledge receipt of your report within 3 business days and work with you to understand and resolve the issue.

Security researchers acting in good faith and in accordance with this policy will not face legal action from RISA Capital Inc.

6. Enforcement

Violations of this AUP are handled through a graduated response:

  1. Warning: For first-time or minor violations, we will notify the organization administrator and request corrective action within a specified timeframe.
  2. Suspension: For repeated violations, serious violations, or failure to correct after a warning, we may suspend access to the Service. During suspension, your data remains intact and accessible for export.
  3. Termination: For severe violations (e.g., deliberate security bypass, illegal activity, or actions that threaten other users' data), we may terminate your account immediately. See the Terms of Service for data export timelines after termination.

We reserve the right to skip steps in the enforcement process for severe violations that pose an immediate risk to the Service, other users, or data security. We will always provide an explanation of the violation and an opportunity to appeal.

7. Reporting Violations

If you become aware of any violation of this AUP, please report it to:
Email: security@risadocs.ca

Reports will be reviewed within 2 business days. We may contact you for additional information. Reporter identity will be kept confidential to the extent permitted by law.

8. Changes to This Policy

We may update this AUP from time to time. Material changes will be communicated via email or the platform dashboard at least 30 days before they take effect. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

9. Contact

For questions about this Acceptable Use Policy:
RISA Capital Inc.
Email: support@risadocs.ca
Website: risadocs.ca

Terms of Service Privacy Policy Back to RISA Docs