Acceptable Use Policy

• Phishing, credential harvesting, or impersonation of any person, brand, or government entity.
• Malware, drive-by downloads, exploit kits, or any code intended to compromise a device.
• Child sexual abuse material (CSAM) or any sexualized content involving minors. We report violations to the appropriate authorities.
• Content that incites violence, terrorism, or unlawful harm against a person or group.
• Illegal goods or services in the destination jurisdiction (e.g. unlicensed pharmaceuticals, weapons trafficking, human trafficking).
• Content that infringes intellectual property or violates privacy rights.
• Spam, deceptive redirects, cloaking, or bait-and-switch destinations.
• Promotion of fraudulent investment schemes, pump-and-dump, or unauthorized financial advice.

• Reverse engineering, scraping, or circumventing rate limits.
• Mass-creating accounts to evade plan limits.
• Using the Service to attack third parties (DDoS, brute force, etc.).
• Probing or attempting to exploit security vulnerabilities outside our responsible disclosure process.

We may, at our sole discretion and without notice: disable a QR code, suspend an account, terminate access, and/or report violations to law enforcement. We may also cooperate with valid legal requests.

To report a QR code that violates this policy, email admin@stephenhaydesign.com with the short link and a brief description of the issue. We investigate reports promptly.

Found a security issue? Please email us privately before disclosing publicly. We appreciate good-faith research and will not pursue legal action against researchers who follow this policy.