Product Policy
DD Auth
Product-Specific Policy
1.0
DD Auth Acceptable Use Policy
Last Updated: January 1, 2026
Important Notice
This is a product-specific policy. In case of any conflict between this policy and our Common Policies, this product-specific policy shall prevail for the applicable product.
Found matches
No matches found for ""
Table of Contents
1. Introduction
This Acceptable Use Policy ("AUP") governs your use of DD Auth services, including DD Auth Web Application (auth.duodev.in), DD Auth Mobile Application (in.duodev.auth), DD Accounts (accounts.duodev.in), and related APIs and integrations. By using our Services, you agree to comply with this policy. Violation may result in suspension or termination of your account.
2. General Principles
Lawful Use - You agree to use our Services only for:
• Legal purposes - Compliant with all applicable laws
• Authorized activities - Only for credentials you own or are authorized to manage
• Personal or business use - As intended for password management and authentication
Good Faith - You agree to:
• Use Services in good faith
• Not abuse features or exploit vulnerabilities
• Respect other users and our infrastructure
• Cooperate with our security measures
• Legal purposes - Compliant with all applicable laws
• Authorized activities - Only for credentials you own or are authorized to manage
• Personal or business use - As intended for password management and authentication
Good Faith - You agree to:
• Use Services in good faith
• Not abuse features or exploit vulnerabilities
• Respect other users and our infrastructure
• Cooperate with our security measures
3. Permitted Uses
Password Management - You MAY:
✅ Store passwords for accounts you own
✅ Manage credentials for services you use
✅ Share credentials within your organization (where authorized)
✅ Generate strong, unique passwords
✅ Store recovery codes and backup keys
Two-Factor Authentication - You MAY:
✅ Store TOTP secrets for your accounts
✅ Generate one-time passwords
✅ Manage 2FA for multiple services
✅ Back up authenticator codes
✅ Migrate from other authenticator apps
Secure Notes - You MAY:
✅ Store sensitive personal information
✅ Keep confidential business notes
✅ Store software licenses and keys
✅ Keep encrypted personal documents
✅ Store secure reference information
Data Import/Export - You MAY:
✅ Import data from other password managers
✅ Export your own data for backup
✅ Migrate to other services
✅ Create encrypted backups
✅ Store passwords for accounts you own
✅ Manage credentials for services you use
✅ Share credentials within your organization (where authorized)
✅ Generate strong, unique passwords
✅ Store recovery codes and backup keys
Two-Factor Authentication - You MAY:
✅ Store TOTP secrets for your accounts
✅ Generate one-time passwords
✅ Manage 2FA for multiple services
✅ Back up authenticator codes
✅ Migrate from other authenticator apps
Secure Notes - You MAY:
✅ Store sensitive personal information
✅ Keep confidential business notes
✅ Store software licenses and keys
✅ Keep encrypted personal documents
✅ Store secure reference information
Data Import/Export - You MAY:
✅ Import data from other password managers
✅ Export your own data for backup
✅ Migrate to other services
✅ Create encrypted backups
4. Prohibited Uses
Illegal Activities - You may NOT:
❌ Store credentials for accounts you don't own
❌ Facilitate unauthorized access to systems
❌ Engage in identity theft or fraud
❌ Store stolen credentials or data
❌ Conduct phishing or social engineering
❌ Support any criminal activity
Unauthorized Access - You may NOT:
❌ Attempt to access other users' accounts
❌ Bypass security or authentication measures
❌ Exploit vulnerabilities without authorization
❌ Use brute force attacks against our systems
❌ Intercept or monitor network traffic
❌ Access admin-only features without permission
System Abuse - You may NOT:
❌ Overload our systems with excessive requests
❌ Use automated tools to scrape or harvest data
❌ Interfere with service availability
❌ Distribute malware through our platform
❌ Conduct denial-of-service attacks
❌ Probe for security weaknesses without authorization
Reverse Engineering - You may NOT:
❌ Decompile or reverse engineer our software
❌ Extract source code or algorithms
❌ Create derivative works without permission
❌ Remove copyright notices or watermarks
❌ Circumvent license restrictions
Harmful Content - You may NOT store:
❌ Malware, viruses, or malicious code
❌ Illegal content (child exploitation, etc.)
❌ Content that infringes intellectual property
❌ Content that violates privacy rights
❌ Hate speech or content promoting violence
Competitive Activities - You may NOT:
❌ Use our Services to develop competing products
❌ Benchmark our services for competitive analysis
❌ Resell access without authorization
❌ White-label our services without agreement
❌ Store credentials for accounts you don't own
❌ Facilitate unauthorized access to systems
❌ Engage in identity theft or fraud
❌ Store stolen credentials or data
❌ Conduct phishing or social engineering
❌ Support any criminal activity
Unauthorized Access - You may NOT:
❌ Attempt to access other users' accounts
❌ Bypass security or authentication measures
❌ Exploit vulnerabilities without authorization
❌ Use brute force attacks against our systems
❌ Intercept or monitor network traffic
❌ Access admin-only features without permission
System Abuse - You may NOT:
❌ Overload our systems with excessive requests
❌ Use automated tools to scrape or harvest data
❌ Interfere with service availability
❌ Distribute malware through our platform
❌ Conduct denial-of-service attacks
❌ Probe for security weaknesses without authorization
Reverse Engineering - You may NOT:
❌ Decompile or reverse engineer our software
❌ Extract source code or algorithms
❌ Create derivative works without permission
❌ Remove copyright notices or watermarks
❌ Circumvent license restrictions
Harmful Content - You may NOT store:
❌ Malware, viruses, or malicious code
❌ Illegal content (child exploitation, etc.)
❌ Content that infringes intellectual property
❌ Content that violates privacy rights
❌ Hate speech or content promoting violence
Competitive Activities - You may NOT:
❌ Use our Services to develop competing products
❌ Benchmark our services for competitive analysis
❌ Resell access without authorization
❌ White-label our services without agreement
5. API Usage
Rate Limits:
• Authentication: 10 requests per 1 minute
• Vault Operations: 100 requests per 1 minute
• Sync Operations: 30 requests per 1 minute
• Export: 3 requests per 1 hour
• Search: 60 requests per 1 minute
API Guidelines - You must:
✅ Respect rate limits
✅ Use appropriate authentication
✅ Handle errors gracefully
✅ Cache responses when appropriate
✅ Use official SDKs when available
You may NOT:
❌ Exceed rate limits intentionally
❌ Share API credentials
❌ Access deprecated endpoints
❌ Scrape data through the API
Integration Requirements:
• Identify your application in User-Agent
• Implement exponential backoff for retries
• Respect Retry-After headers
• Report bugs through proper channels
• Authentication: 10 requests per 1 minute
• Vault Operations: 100 requests per 1 minute
• Sync Operations: 30 requests per 1 minute
• Export: 3 requests per 1 hour
• Search: 60 requests per 1 minute
API Guidelines - You must:
✅ Respect rate limits
✅ Use appropriate authentication
✅ Handle errors gracefully
✅ Cache responses when appropriate
✅ Use official SDKs when available
You may NOT:
❌ Exceed rate limits intentionally
❌ Share API credentials
❌ Access deprecated endpoints
❌ Scrape data through the API
Integration Requirements:
• Identify your application in User-Agent
• Implement exponential backoff for retries
• Respect Retry-After headers
• Report bugs through proper channels
6. Account Usage
Account Ownership:
• One person per personal account
• Accounts are non-transferable
• Organization accounts have designated admins
• Account sharing is not permitted
Account Security - You are responsible for:
✅ Keeping login credentials secure
✅ Using a strong master password
✅ Enabling additional security features
✅ Logging out on shared devices
✅ Reporting unauthorized access
Multiple Accounts:
• Personal use: One account per person
• One person per personal account
• Accounts are non-transferable
• Organization accounts have designated admins
• Account sharing is not permitted
Account Security - You are responsible for:
✅ Keeping login credentials secure
✅ Using a strong master password
✅ Enabling additional security features
✅ Logging out on shared devices
✅ Reporting unauthorized access
Multiple Accounts:
• Personal use: One account per person
7. Consequences of Violation
Violations of this Acceptable Use Policy may result in:
• Warning notification
• Temporary suspension of access
• Permanent account termination
• Legal action if warranted
We reserve the right to investigate violations and take appropriate action at our sole discretion.
• Warning notification
• Temporary suspension of access
• Permanent account termination
• Legal action if warranted
We reserve the right to investigate violations and take appropriate action at our sole discretion.