Legal
Acceptable Use Policy
Last updated: 1 June 2025 · Applies to all customers and API users
This policy sets out what you may and may not do with the ControlTemp platform, API, and hardware. It forms part of our Terms of Service. Violations may result in immediate account suspension.
1. Permitted Use
You may use the ControlTemp platform solely for its intended purpose: monitoring the temperature of refrigeration equipment, cold rooms, vehicles, and similar installations at your own business premises or on behalf of clients where you have written authority to act.
Specifically permitted uses include:
- Posting temperature, GPS, and power status readings from registered ControlTemp Hardware devices via the API
- Viewing and exporting your own device's data through the web dashboard
- Configuring probe names, thresholds, and alert contacts for your devices
- Using the CSV and PDF export features for compliance record-keeping
- Modifying the open-source firmware supplied with your Hardware for use on hardware you own
2. Prohibited Use
The following are strictly prohibited:
✕
Unauthorised access. Attempting to access accounts, data, or server resources that do not belong to you. This includes probing, scanning, or testing our infrastructure without written permission.
✕
API abuse. Sending requests to the API at a rate that degrades service for other customers, automated scraping of the dashboard, or submitting fabricated readings from non-ControlTemp devices without prior written agreement.
✕
Credential sharing. Sharing your API key or dashboard login with third parties who are not authorised users under your account.
✕
Reselling without agreement. Reselling access to the ControlTemp dashboard or API to third parties as a white-label or sub-service without a written reseller agreement with us.
✕
Interference with service. Attempting to disrupt, overload, or interfere with our servers, database, or API endpoints. This includes denial-of-service attacks, injection attacks, and sending malformed requests intended to cause errors.
✕
Reverse engineering the server software. Decompiling, disassembling, or attempting to derive the source code of the ControlTemp dashboard, API, or backend without written consent.
✕
Illegal use. Using the Service to facilitate any activity that violates South African law, including the Electronic Communications and Transactions Act (ECTA), POPIA, or any other applicable legislation.
✕
Submitting harmful data. Sending data payloads designed to exploit vulnerabilities, inject code, or corrupt our database, including SQL injection, XSS payloads, or oversized request bodies.
✕
Misrepresenting device identity. Spoofing another customer's device ID or API key to inject false readings into their data stream.
✕
Life-critical sole reliance. Using ControlTemp as the only safety mechanism in any application where failure could result in death, serious injury, or significant regulatory liability without additional independent monitoring systems.
3. API Fair Use
Our API is designed for ControlTemp Hardware devices posting readings every 30 seconds per probe. The following limits apply per device:
- Maximum of 8 readings per 30-second window (one per probe)
- Maximum request body size of 4 KB per POST
- OTA firmware check interval: minimum 15 minutes (hardcoded in firmware)
We reserve the right to rate-limit or block devices that significantly exceed these limits, and will contact you before doing so in non-emergency situations.
4. Firmware Modification
Where we supply firmware source code, you are permitted to modify it for devices you own. You must not:
- Redistribute modified firmware commercially without a written licence agreement
- Remove or obscure attribution to ControlTemp in the source code
- Use firmware modifications to circumvent API authentication or inject false data
- Publish the ControlTemp API key or server endpoints in publicly accessible repositories
5. Reporting Violations
If you become aware of a violation of this policy by another user, or if you discover a security vulnerability in our platform, please report it responsibly to info@controltemp.co.za. We take all reports seriously and will respond within 2 business days.
We do not pursue legal action against good-faith security researchers who report vulnerabilities to us before public disclosure.
6. Consequences of Violation
Violations of this policy may result in:
- Immediate suspension of your account and API access without notice
- Permanent termination of your subscription without refund
- Legal action under South African law including the ECTA and applicable criminal statutes
- Reporting to relevant authorities where criminal activity is suspected
For minor unintentional violations we will issue a warning first and work with you to resolve the issue.
7. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated by email at least 14 days before they take effect.
8. Contact
Questions about this policy: info@controltemp.co.za.
ControlTemp · Durban, KwaZulu-Natal, South Africa · Last updated 1 June 2025