This Acceptable Use Policy (“Use Policy”) governs the use of the Services and is incorporated into the Terms and Conditions between QualGent, Inc. (“QualGent”) and Customer (the “Agreement”). Capitalized terms not defined here have the meanings set forth in the Agreement.
QualGent provides autonomous AI-powered mobile application testing to identify bugs and quality issues. Customer is solely responsible for ensuring its use of the Services complies with this Use Policy, the Agreement, and all applicable laws.
Prohibited Testing Targets
Prohibited Testing Targets
Prohibited Testing Targets
Prohibited Testing Targets
Customer must not upload, submit, or test the following types of applications:
Malicious Applications:
Applications containing malware, spyware, ransomware, viruses, or code designed to harm, exploit, or compromise systems or data.
Unauthorized Applications:
Applications Customer does not own or have explicit written authorization to test. Agencies must obtain written authorization from each of their clients.
Illegal Applications:
Applications that violate laws, regulations, third-party rights, or platform policies (App Store/Google Play).
Production Applications with Live Data:
Applications with production user data, unless Customer has implemented appropriate safeguards, backups, and obtained written approvals from appropriate officers within Customer’s organization.
Harmful Applications:
Applications designed for surveillance, harassment, exploitation, or to cause physical, psychological, or financial harm.
The Services must be used solely for legitimate mobile application quality assurance and testing. Prohibited uses include:
Non-Testing Commercial Activities:
Cryptocurrency mining, contests, advertising schemes, or any commercial purpose unrelated to testing.
App Store Manipulation:
Manipulating rankings, generating fake reviews or ratings, or engaging in app store fraud.
Circumventing Access Controls:
Bypassing corporate restrictions, content filters, or geographic restrictions for purposes other than testing Customer’s own applications.
Unauthorized Competitive Analysis:
Testing competitor applications without authorization or using the Services for reverse engineering or competitive intelligence.
Security Testing Restrictions
Security Testing Restrictions
Security Testing Restrictions
Security Testing Restrictions
Customer must not use the Services for unauthorized security testing, penetration testing, or security attacks. Prohibited activities include:
Unauthorized Penetration Testing:
Performing penetration testing, vulnerability scanning, or security assessments without explicit written authorization.
Security Attacks:
Launching DoS/DDoS attacks, brute force attacks, password cracking, or any security attacks.
Bypassing Security Controls:
Intentionally circumventing, disabling, or bypassing authentication, authorization, or security features.
Exploiting Vulnerabilities:
Using discovered vulnerabilities for unauthorized access, data extraction, or system compromise.
AI Agent Testing Guidelines
AI Agent Testing Guidelines
AI Agent Testing Guidelines
AI Agent Testing Guidelines
AI agents must operate within authorized application scopes and test parameters. Customer is responsible for:
Defining Test Scope:
Configuring boundaries and exclusions to prevent agents from accessing unauthorized features or triggering unintended actions.
Preventing Destructive Actions:
Excluding high-risk functionality (data deletion, financial transactions, external notifications) unless in isolated test environments.
Respecting Resource Limits:
Ensuring agents respect rate limits, API quotas, and do not overwhelm infrastructure or interfere with operations.
Environment Isolation:
Ensuring separation between test and production systems. Agents must not interact with production databases or APIs without comprehensive safeguards.
Customer must implement appropriate controls and ensure test environments are isolated to prevent unintended consequences from autonomous agent actions.
Test Data and Privacy Protection
Test Data and Privacy Protection
Test Data and Privacy Protection
Test Data and Privacy Protection
Customer must only process data for which it has explicit legal rights. Test data must comply with applicable privacy laws. QualGent highly recommend using only anonymized or synthetic data. Customer must not include production credentials, API keys, passwords, or secrets in applications submitted for testing.
Prohibited Commercial Activities and Fraud
Prohibited Commercial Activities and Fraud
Prohibited Commercial Activities and Fraud
Prohibited Commercial Activities and Fraud
Customer must not use the Services for fraudulent activities or commercial purposes unrelated to testing, including cryptocurrency mining, advertising or click fraud, data extraction or scraping, app store fraud (rating manipulation, fake reviews, download inflation), or testing applications designed for fraudulent financial schemes or scams.
Platform Integrity and Account Security
Platform Integrity and Account Security
Platform Integrity and Account Security
Platform Integrity and Account Security
Customer must maintain account security and not compromise platform security or circumvent usage restrictions:
Account Restrictions:
Customer must not create multiple accounts to evade usage limits, credit restrictions, or access controls.
Credential Security:
Customer must maintain credential confidentiality, implement strong password practices, and immediately revoke credentials upon security concerns.
No Circumventing Restrictions:
Customer must not bypass test scope limitations, credit systems, usage quotas, rate limits, or security controls.
No Impersonation:
Customer must not impersonate other users, organizations, or QualGent personnel.
Customer must report suspected security vulnerabilities, unauthorized access, or platform integrity issues immediately.
Regulated and High-Risk Applications
Regulated and High-Risk Applications
Regulated and High-Risk Applications
Regulated and High-Risk Applications
Applications operating in regulated industries or processing sensitive data require additional safeguards beyond standard testing practices. This includes healthcare applications (HIPAA/HITECH), financial services applications (PCI-DSS, FINRA), government applications (FedRAMP, FISMA), and applications processing children’s data (COPPA/GDPR). Customer is responsible for identifying when applications fall into regulated categories and implementing appropriate risk assessments, compliance measures, security controls, and documentation to meet applicable regulatory standards.
Enforcement, Reporting, and Updates
Enforcement, Reporting, and Updates
Enforcement, Reporting, and Updates
Enforcement, Reporting, and Updates
QualGent may monitor usage patterns and analyze testing activities to detect violations of this Use Policy, to the extent permitted by law and consistent with our privacy commitments. Monitoring will be conducted in a manner consistent with applicable privacy laws and the terms of the Agreement.
To report suspected violations, security incidents, or request clarification, contact us at support@qualgent.ai.
This Use Policy may be updated periodically to address emerging technologies, new threat patterns, evolving regulatory requirements, and feedback from the QualGent community. QualGent will use commercially reasonable efforts to provide notice of material changes when feasible, in accordance with the amendment provisions of the Agreement.