Acceptable Use Policy
Last updated: 9 June 2026
This policy is short because the principle is simple: use BlueWave for running your water-hygiene operation, and don't use it to harm the platform, other customers, or anyone else. It forms part of our platform terms and binds everyone with an account. (Rules for browsing the public website live in the terms themselves.)
Use it lawfully
Don't use BlueWave to break the law — any law that applies to you, anywhere you operate. That includes using it to store or distribute unlawful material, infringe anyone's rights, or evade a legal obligation.
Don't attack it
No probing, scanning or penetrating the platform's security. No malware. No attempting to get past authentication, reach another customer's data, or escalate your access. Every customer's data is isolated from every other's — testing that boundary without written permission is the fastest way to lose your account.
Found a vulnerability in good faith? Tell us at security@usebluewave.com [pending mailbox] and give us a reasonable chance to fix it before disclosing. The fuller responsible-disclosure picture lives on our security page.
Don't abuse the service
No deliberately overloading the platform, no scraping it at scale, no automated bulk access outside any interfaces we provide for it, and no reselling or sub-licensing access unless we've agreed that in writing.
Upload only what you should
Upload only content your business has the right to upload, and only the personal data the service needs — names, contact details, job and site records, field evidence. Don't put medical or other special-category data into BlueWave; it isn't built or contracted to hold it. Keep credentials, your own or anyone else's, out of form answers and notes.
⚠ For review: The special-category prohibition matches the privacy policy's "we don't seek special-category data" stance and limits our processor exposure. DPO to confirm the wording and whether any customer workflow legitimately needs an exception (none known today).
What happens if this is broken
Proportionate response: usually a warning first, suspension where the platform or another customer is at risk, termination for serious or repeated breach — as set out in the platform terms. Where the law requires it, we preserve evidence and report to authorities.
Changes
When this policy changes, we'll update it here and change the date at the top. Material changes get flagged to account holders by email.