1. Scope
This Acceptable Use Policy ("AUP") governs the use of the Surveyz platform, the Surveyz API, webhooks, and any related services (collectively, the "Services") provided by FusionSys Technologies (Pty) Ltd (trading as Surveyz). It applies to all users, including those accessing the Services via the API or as members of an Enterprise organisation.
This AUP supplements the Terms of Service and the API Developer Agreement. Capitalised terms used here have the meaning given in those documents.
Compliance with this AUP is a condition of your access to and use of the Services. You are responsible for your use of the Services and for ensuring that your employees, contractors, agents, and any other users you authorise (including members of your Enterprise organisation) comply with this AUP, and you will be liable for their acts and omissions as if they were your own.
2. Prohibited Content
You may not use the Services to publish, distribute, store, or transmit content that:
- is illegal under South African law or the law of any jurisdiction relevant to the data subjects;
- infringes intellectual-property rights, privacy rights, or any other rights of any person;
- is defamatory, harassing, threatening, or hateful;
- depicts or facilitates child sexual exploitation;
- incites violence, terrorism, or illegal activity;
- contains malware, viruses, or other malicious code;
- is fraudulent, deceptive, or designed to phish credentials; or
- contains Special Personal Information (as defined by POPIA) collected without the lawful basis required by sections 27–33 of POPIA; or
- contains payment-card data, bank-account details, or other highly sensitive financial information (unless expressly permitted in writing by Surveyz and collected, transmitted, and stored in compliance with applicable law and industry standards).
3. Prohibited Conduct
You may not, in connection with the Services:
- impersonate any person or entity, or misrepresent your affiliation with any person or entity;
- send unsolicited bulk communications (spam) or use the Services as a channel to drive recipients to such content, including by distributing surveys via email, SMS, WhatsApp, or similar messaging channels without the required consent or other lawful basis, without a clear and accurate sender identity, or without a functional opt-out/unsubscribe mechanism, and you must honour opt-out/unsubscribe requests without undue delay;
- collect Personal Information from data subjects without a lawful basis under POPIA or other applicable law, or without providing the notices required by section 18 of POPIA;
- resell, sublicense, lease, or otherwise commercially exploit the Services or any output of the Services, except as expressly permitted by your subscription or written reseller agreement;
- use the Services to develop or train any product or model that competes with Surveyz;
- scrape, harvest, or extract data from the platform or other customers' surveys other than through documented endpoints;
- import, upload, or otherwise bring into the Platform any survey, form, or other content for which you do not have all necessary rights, licences, and permissions (see the "Importing Surveys and Forms" section of the Terms of Service);
- frame, mirror, or otherwise reproduce the user-facing Surveyz interface as your own product; or
- reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, underlying algorithms, or underlying models of the Services (except to the extent such restriction is prohibited by applicable law).
4. Security & Integrity
You may not, and may not attempt to:
- probe, scan, or test the vulnerability of the Services or related infrastructure other than via Surveyz's published responsible-disclosure programme;
- breach, circumvent, or interfere with any security or authentication measure;
- access any account, endpoint, or data other than your own without authorisation;
- interfere with the proper functioning of the Services, including by overloading, flooding, mail-bombing, or denial-of-service attacks;
- introduce malicious software or use the Services to distribute it;
- forge headers, falsify origin information, or otherwise manipulate identifiers in a manner intended to deceive;
- use any automated means (including bots) to access the Services in a manner that circumvents security controls, including by credential stuffing, brute-force attempts, or similar attacks; or
- circumvent rate limits, scope restrictions, or other technical limitations of the API.
If you believe you have discovered a security vulnerability, please email [email protected] rather than testing it against production. Please provide details sufficient for us to reproduce and resolve the issue, and avoid accessing or downloading data beyond what is necessary to demonstrate the vulnerability until we have had a reasonable opportunity to investigate and address it.
5. Fair Use of API
Documented rate limits represent fair-use thresholds for typical integrations. Bursts beyond these limits may result in HTTP 429 responses, throttling, or temporary suspension. Sustained or coordinated load that significantly exceeds documented limits without prior notice may be treated as a violation of this AUP, and Surveyz may implement additional technical controls (including reducing throughput, limiting concurrent requests, restricting endpoints, rotating or revoking API Credentials, or requiring you to migrate to a higher-capacity plan) to protect the Services.
If your integration legitimately requires capacity above documented limits, contact [email protected] to discuss an appropriate plan.
6. Respondent Privacy
You are the Responsible Party in respect of survey respondents and other end users. You must:
- provide respondents with a POPIA-compliant privacy notice (section 18 of POPIA) that identifies you (not Surveyz) as the Responsible Party, and that clearly describes the purpose for which data is collected;
- obtain valid, freely given, specific, informed, and revocable consent where consent is your lawful basis for Processing;
- respect respondent requests to access, correct, or delete their Personal Information;
- not use Personal Information collected via the Services for purposes incompatible with the purpose disclosed at collection; and
- not re-identify or attempt to re-identify Personal Information that has been anonymised or aggregated; and
- implement and maintain appropriate technical and organisational measures to secure Personal Information against loss, unauthorised access, destruction, use, modification, or disclosure, and to ensure that any Operator you use applies equivalent safeguards.
Special Personal Information
You may not use the Services to collect Special Personal Information (as defined in POPIA section 26, including information about health, biometrics, racial or ethnic origin, religious or philosophical beliefs, trade union membership, political opinion, sex life, or criminal behaviour) unless:
- you have a lawful basis under sections 27–33 of POPIA;
- you provide respondents with a specific, prominent disclosure identifying the Special Personal Information being collected and its purpose; and
- you have notified Surveyz in writing at [email protected] before deploying the relevant survey; and
- you implement appropriate technical and organisational measures to safeguard such Special Personal Information, including limiting access to authorised personnel on a need-to-know basis.
Children's Data
You may not use the Services to collect personal information from persons under the age of 18 unless:
- you have obtained verifiable consent from a parent or legal guardian before collection;
- you have implemented age verification mechanisms appropriate to the context and risk; and
- you have notified Surveyz in writing at [email protected] before deploying the relevant survey; and
- you only collect and Process the minimum Personal Information necessary for the stated purpose, apply appropriate technical and organisational safeguards, and retain such Personal Information only for as long as necessary for that purpose or as required by applicable law.
Failure to comply with the Special Personal Information and Children's Data requirements above may result in immediate suspension of the relevant survey or API access pending your compliance, or termination of the underlying subscription with us.
7. Enforcement
Surveyz may investigate suspected violations of this AUP. Without limiting our other rights or remedies, we may, in our reasonable discretion, take any of the following steps, and we will use commercially reasonable efforts to tailor any action to the nature and severity of the violation:
- request additional information from you;
- remove or disable specific content, surveys, or webhooks;
- suspend or revoke API Credentials;
- suspend access to the Services in whole or in part;
- terminate the underlying subscription; and
- cooperate with law-enforcement authorities and disclose information where required by law or where necessary to protect the rights of Surveyz, its customers, or third parties.
We will, where reasonably possible, give you notice and an opportunity to remediate before suspending services, but we may act immediately and without notice in response to material harm, security incidents, or legal obligations.
8. Reporting Violations
To report a suspected violation of this AUP — including spam, abusive surveys, security concerns, or content that should not be on the platform — please contact (and include any relevant URLs, survey IDs, timestamps, and a brief description of the issue):
Incident Notification: You must promptly notify Surveyz at [email protected] of any actual or suspected security incident affecting the Services, your API Credentials, or any Personal Information collected or Processed through the Services, including any unauthorised access to, acquisition of, loss of, or disclosure of such Personal Information, and you remain responsible for any notifications required by applicable law.