← All legal documents

Acceptable Use Policy

Effective: 2026-04-19

Last updated: 2026-04-19

This Acceptable Use Policy (“AUP”) governs your use of all Mataki Labs LLC (“ToasterDB”) services, products, websites, and APIs (the “Services”), including the toasterdb.com website, the ToasterDB Cloud platform at app.toasterdb.com, the documentation at docs.toasterdb.com, and the self-hosted ToasterDB distribution. This AUP is incorporated by reference into the Terms of Service and any Master Services Agreement between you and ToasterDB.

Violation of this AUP may result in suspension or termination of your access to the Services.

1. Prohibited Activities

You may not use the Services to:

1.1 Illegal Activity

  • Violate any applicable law, regulation, or governmental order.
  • Facilitate, promote, or engage in illegal activities, including money laundering, terrorism financing, or trafficking.

1.2 Harmful Content

  • Store or transmit content that is defamatory, libelous, obscene, or that promotes violence or discrimination.
  • Store or transmit material that infringes or misappropriates third-party intellectual property rights.
  • Distribute, host, or transmit malware, viruses, worms, ransomware, spyware, or other malicious code.
  • Store or transmit child sexual abuse material (CSAM). ToasterDB will report any discovered CSAM to the National Center for Missing and Exploited Children (NCMEC) and to law enforcement.

1.3 Abuse and Exploitation

  • Send unsolicited bulk messages (spam), including email, SMS, push notifications, or webhooks originating through the ToasterDB app runtime or forms features.
  • Engage in phishing, social engineering, or any deceptive practice intended to obtain credentials, personal information, or financial information — including publishing ToasterDB-hosted forms that impersonate third parties to harvest data.
  • Harvest, scrape, or collect information about other users without their consent.
  • Interfere with or disrupt the integrity, performance, or availability of the Services, including denial-of-service attacks, resource exhaustion, or intentional overloading.

1.4 Unauthorized Access

  • Access or attempt to access accounts, workspaces, databases, or data that you are not authorized to access.
  • Circumvent, disable, or interfere with any security, authentication, rate-limiting, policy enforcement, or access-control mechanisms of the Services — including field-level security, validation, and privacy policies enforced by the ToasterDB data layer.
  • Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the Services, except to the extent expressly permitted by applicable law notwithstanding this restriction, or as permitted under the license for open source ToasterDB components.
  • Use the Services to probe, scan, or test the vulnerability of any system or network, except with ToasterDB’s prior written authorization for legitimate security testing of your own account.

1.5 Data Layer and Policy Misuse

  • Use the Services to store or govern data that is unrelated to operating an application data layer over a PostgreSQL Database.
  • Attempt to extract, decrypt, export, or reverse-engineer audit records, policy definitions, encrypted fields, or other secrets from ToasterDB storage outside of the documented API and console interfaces.
  • Share, resell, sublicense, or otherwise redistribute access to Workspaces, policy definitions, app runtime deployments, or forms hosted in the Services to any third party not authorized under your account.
  • Use the Services to broker access to unaffiliated third parties’ PostgreSQL databases or to circumvent those third parties’ own access controls.
  • Configure policies, validation rules, or privacy rules with the intent of producing misleading audit records or concealing unauthorized access.

1.6 Resource Abuse

  • Use the Services for cryptocurrency mining, distributed computing, or workloads unrelated to the intended use of the Services.
  • Attempt to exceed or circumvent usage limits, rate limits, or quota restrictions associated with your service tier.
  • Create multiple accounts to circumvent free-tier limits or to evade enforcement actions.
  • Use automated tools to create accounts, submit data, or make API calls in a manner that is inconsistent with the Documentation or intended use of the Services.

1.7 Competitive Misuse

  • Use the Services to develop, train, or improve a product or service that competes with the Services, except to the extent your use is limited to the open source components under their applicable licenses.
  • Conduct benchmarking or performance testing of the Services for publication without ToasterDB’s prior written consent.
  • Resell, sublicense, or redistribute access to the Services except as expressly permitted in your agreement with ToasterDB.

1.8 High-Risk Use

  • Use the Services in any application where failure could lead to death, personal injury, or environmental damage (e.g., medical life-support systems, nuclear facilities, air traffic control) without ToasterDB’s prior written authorization and appropriate contractual safeguards.

2. Your Responsibilities

2.1 Content Responsibility

You are solely responsible for all data, content, and material you submit to, store in, or transmit through the Services (“Customer Data”), including any schemas, policies, validation rules, forms, application code, database connection credentials, and any end-user data that flows through the ToasterDB data layer. You represent and warrant that you have all necessary rights, licenses, and permissions to submit Customer Data to the Services and to govern the underlying PostgreSQL Database through ToasterDB.

2.2 End User Compliance

If you permit third parties (including your end users, customers, or Authorized Users) to access the Services through your account, you are responsible for ensuring that their use complies with this AUP. You will establish and enforce an acceptable use policy for your end users that is no less restrictive than this AUP.

2.3 Security

You are responsible for maintaining the security of your account credentials, API keys, database connection credentials, and signing keys. You will not share credentials or embed API keys in publicly accessible code unless the Documentation expressly permits it. You will promptly notify ToasterDB at support@toasterdb.com if you become aware of any unauthorized access to your account or any credentials managed through the Services.

3. Enforcement

3.1 Monitoring

ToasterDB does not proactively monitor Customer Data for violations of this AUP. However, ToasterDB may investigate violations that come to its attention through automated systems (e.g., abuse detection, rate limiting), third-party reports, or law enforcement requests.

3.2 Actions

If ToasterDB reasonably determines that a violation of this AUP has occurred or is occurring, ToasterDB may, in its sole discretion:

  • Issue a warning and request that you cease the violating activity.
  • Suspend access to the affected Services or account, in whole or in part.
  • Remove or disable access to offending content.
  • Terminate your account.
  • Report the violation to law enforcement or other appropriate authorities.

3.3 Notice

Except where immediate action is reasonably necessary to protect the Services, other users, or third parties, ToasterDB will provide you with reasonable notice and an opportunity to cure before taking enforcement action. Where immediate action is taken, ToasterDB will notify you as soon as practicable thereafter.

3.4 No Obligation

ToasterDB has no obligation to enforce this AUP against other users on your behalf. This AUP does not create any obligation for ToasterDB to monitor or police your use of the Services.

4. Reporting Violations

If you become aware of a violation of this AUP, please report it to support@toasterdb.com. Reports should include: the nature of the violation, the account or resource involved (if known), and any supporting evidence.

5. Changes to This Policy

ToasterDB may update this AUP from time to time. We will notify you of material changes at least thirty (30) days in advance. Your continued use of the Services after the effective date constitutes acceptance of the updated AUP.

6. Contact

Questions about this AUP should be directed to support@toasterdb.com or legal@toasterdb.com.