Acceptable Use Policy

Last updated: 2026-05-10

The short version. Use Playtcha to protect real services from abuse. Do not use it to run abuse infrastructure, hide abuse infrastructure, or target people unlawfully.

1. Scope

This Acceptable Use Policy applies to every Playtcha account, project, site key, secret key, API request, and embedded widget. It is incorporated into the Terms of Service.

2. Intended use

Playtcha is meant to protect legitimate user flows such as sign up, sign in, contact forms, checkout, password reset, API abuse control, and similar anti-bot checkpoints.

3. Prohibited abuse patterns

Credential stuffing, account takeover, or brute-force tooling.
Spam operations, bulk unsolicited messaging, or scam funnels.
Malware delivery, exploit kits, phishing, or command-and-control activity.
DDoS activity, traffic laundering, or resale of abusive traffic.
Attempting to bypass, probe, reverse-engineer, or degrade Playtcha itself.
Using Playtcha to gate access to unlawful scraping or bot networks.

4. Restricted customers and verticals

Without our prior written approval, you may not use Playtcha for or on behalf of:

Sanctioned entities, embargoed jurisdictions, or money-laundering tools.
Crypto mixers or similar anonymity infrastructure for regulated funds flows.
Adult-content services where age or consent obligations are not independently handled.
Government or law-enforcement surveillance workflows.
Services that ask us for raw IP disclosure, device fingerprinting, or other end-user tracking beyond our documented model.

5. Security and integration integrity

Keep secret keys server-side and rotate them if compromise is suspected.
Do not share accounts across unrelated legal entities without written approval.
Do not create multiple accounts to evade plan limits, suspensions, or reviews.
Do not abuse test-only or preview-only endpoints outside approved environments.
Do not frame Playtcha as collecting raw IPs, behavioral biometrics, or third-party ad identifiers when it does not.

6. Enforcement

We may investigate suspected violations, request clarification, suspend affected keys, throttle or block abusive traffic, or terminate accounts for serious or repeated breaches. Where a problem is curable and not safety-critical, we will normally give you a chance to fix it first.

7. Reporting and appeals

To report abuse or ask for a review of an enforcement decision, email support@playtcha.com or support@playtcha.com. Include any relevant request IDs, project IDs, and timestamps so we can investigate quickly.

3. Prohibited abuse patterns

Credential stuffing, account takeover, or brute-force tooling.
Spam operations, bulk unsolicited messaging, or scam funnels.
Malware delivery, exploit kits, phishing, or command-and-control activity.
DDoS activity, traffic laundering, or resale of abusive traffic.
Attempting to bypass, probe, reverse-engineer, or degrade Playtcha itself.
Using Playtcha to gate access to unlawful scraping or bot networks.

4. Restricted customers and verticals

Without our prior written approval, you may not use Playtcha for or on behalf of:

Sanctioned entities, embargoed jurisdictions, or money-laundering tools.
Crypto mixers or similar anonymity infrastructure for regulated funds flows.
Adult-content services where age or consent obligations are not independently handled.
Government or law-enforcement surveillance workflows.
Services that ask us for raw IP disclosure, device fingerprinting, or other end-user tracking beyond our documented model.

5. Security and integration integrity

Keep secret keys server-side and rotate them if compromise is suspected.
Do not share accounts across unrelated legal entities without written approval.
Do not create multiple accounts to evade plan limits, suspensions, or reviews.
Do not abuse test-only or preview-only endpoints outside approved environments.
Do not frame Playtcha as collecting raw IPs, behavioral biometrics, or third-party ad identifiers when it does not.