Acceptable Use Policy

Last updated: November 2025

Applies to: All customers, users, staff, contractors, and third parties accessing or using the Yepyet POS and Online Ordering Platform (the “Service”).

Purpose

This AUP sets out acceptable and unacceptable use of the Service to protect our customers, end‑users, and Yepyet. It forms part of the contractual terms with you and should be read alongside the Terms & Conditions, Privacy Policy, DPA, and SLA.

Your Responsibilities

You must use the Service lawfully, responsibly, and in accordance with this AUP and all applicable laws in Ireland and any jurisdictions in which you operate, including consumer, e‑commerce, VAT/tax, food safety, allergens, advertising, data protection (GDPR), and payment regulations.

Account Security & Access

Keep login credentials confidential; enable MFA where available.
Limit access to authorised personnel and apply role‑based permissions.
Notify Yepyet immediately of any suspected unauthorised access or compromise.
Do not share API keys or tokens publicly or with unauthorised parties.

Content & Conduct Standards

You must not use the Service to:

Upload/store/transmit unlawful, defamatory, fraudulent, misleading, harassing, hateful, or otherwise objectionable content.
Infringe intellectual property, privacy, or publicity rights.
Distribute malware, spyware, ransomware, or other malicious code.
Phish, spoof, or misrepresent your identity or affiliation.
Facilitate or advertise illegal goods/services or unlawful promotions.
Collect personal data without a lawful basis or required notices/consents.

Restaurant/Takeaway Specific Obligations

Menu Accuracy: Items, prices, taxes/fees, availability, portion sizes, and allergens must be accurate and kept up to date.
Allergen & Dietary Info: Provide clear, prominent allergen declarations and ingredient information where required by law; respond to customer queries promptly.
Alcohol/Restricted Items: Enforce age verification and local licensing rules; refuse unlawful sales.
Delivery & Surcharges: Display delivery areas, times, and total fees (including service or packaging charges) transparently before checkout.
Cancellations/Refunds: Honour your published policies and consumer rights.
Fair Marketing: No fake reviews, undisclosed paid endorsements, or misleading claims.

Payments & PCI

Cardholder data is processed by third‑party payment processors; do not store PAN, CVV, or track‑2 data on the Service.
You are responsible for the secure use of any payment terminals and for compliance with your processor’s PCI requirements and offline‑mode policies.
Do not attempt to bypass or tamper with payment flows or settlement processes.

Platform Integrity & Security

You must not:

Probe, scan, or test the vulnerability of the Service without written permission.
Circumvent security controls, rate limits, or access restrictions.
Interfere with or disrupt the Service or other users (including DDoS, excessive load, or abusive scripts).
Reverse engineer, decompile, or create derivative works from the Service except to the extent permitted by law.
Use the Service for crypto‑mining, command‑and‑control, or similar resource‑abusive activities.

Fair Use, APIs & Automation

Respect published API limits (default 600 requests/minute per tenant, adjustable by agreement).
Implement efficient polling/webhooks; avoid excessive or redundant requests.
Do not scrape the Service or circumvent the API to access data.
Use sandbox/test environments for development where available.

Data Protection & Privacy

Comply with GDPR and your DPA with Yepyet.
Collect only the data you need; configure retention appropriately.
Honour data subject rights (access, rectification, deletion, objection).
Do not export or share personal data with third parties without a lawful basis and appropriate safeguards.

Network & Hardware

Maintain stable internet and a backup connection (e.g., alternative ISP/4G).
Keep devices patched and supported; secure local networks and POS peripherals (printers, cash drawers).
Do not jailbreak/root devices used to access the Service.
Report suspected malware or compromise immediately.

Prohibited Transactions & Content (Examples)

Illegal drugs, weapons, counterfeit goods, stolen property.
Incitement to violence; extremist content; exploitation or abuse.
Unlicensed gambling/lotteries; pyramid schemes.
Sanctioned countries/parties or export‑controlled items in breach of applicable law.
Any activity that breaches food, alcohol, or health & safety regulations.

User‑Generated Content (UGC)

If you enable reviews/comments/UGC:

Provide clear house rules; moderate for unlawful or abusive content.
Remove content on valid legal notice (e.g., defamation, IP infringement).
Preserve evidence for reasonable time when investigating.

Intellectual Property & Data Ownership

You retain ownership of your content and customer data; you grant Yepyet the rights necessary to operate the Service.
Do not upload content you do not have permission to use.
Respect Yepyet’s IP; do not use our trademarks without permission.

Breach, Suspension & Termination

Yepyet may investigate suspected AUP breaches.
We may suspend or restrict access immediately where necessary to protect the Service, other users, or comply with law.
Repeated or serious violations may lead to termination under the Terms & Conditions.
Where lawful, we will notify you with reasons and steps to remedy.

Reporting Abuse

Report violations, security issues, or illegal content to abuse@Yepyet.com (emergencies: phone [(01) 905 9353]). Provide detailed logs, times, and examples where possible.

Changes to this AUP

We may update this AUP from time to time. Material changes will be notified in advance where practicable. Continued use of the Service constitutes acceptance of the updated AUP.

Governing Law

This AUP is governed by the laws of Ireland, with disputes subject to the exclusive jurisdiction of the Irish courts.

Acknowledgement

By using the Service, you confirm you have read, understood, and agree to comply with this Acceptable Use Policy.