VyperBots
Legal

ACCEPTABLE USE POLICY

VyperLabs Ltd. · VyperBots Platform

Version 2.0 · June 2026 · Hong Kong Special Administrative Region

1. Introduction

This Acceptable Use Policy (the "AUP" or "Policy") governs your use of the vyper.bot website (the "Site") and the VyperBots platform and any related software, APIs, dashboards, and tools (together, the "Platform"), each operated by VyperLabs Ltd. (the "Company", "we", "us" or "our"). This Policy is incorporated by reference into, and forms part of, our Website Terms of Use and our Platform Terms and Conditions (the "Service Agreement"). Capitalised terms used but not defined here have the meaning given in the Service Agreement.

The Company is a software vendor. The Platform is licensed infrastructure that enables Customers to configure and operate their own automated trading bots — including for the Customer's own market-making purposes — on third-party Exchanges, using API Credentials issued by the Customer to the Platform. The Company does not take custody of the Customer's assets, does not operate the Customer's trading strategy, and does not act as the Customer's broker, dealer, market maker, liquidity provider, designated market maker, investment adviser, or fiduciary. Where the Customer uses the Platform for market-making purposes, the Customer is the market maker, and the Customer is at all times the principal in respect of any trades executed via the Platform.

The Site and Platform are provided to business and professional users only and are not directed at consumers. By using the Site or the Platform, you agree to comply with this Policy. Breach of this Policy is a material breach of the Service Agreement and may result in immediate suspension or termination of your access, with no refund, in addition to any other remedy available to us at law or under the Service Agreement.

2. General obligations

You must use the Site and the Platform only for lawful purposes, in accordance with the Service Agreement and all applicable laws, regulations, and the rules, terms, and policies of any Exchange or other third party you connect to. You are responsible for all activity conducted through your account and through any bot, agent, or API Credential you configure.

3. Prohibited conduct — unlawful activity and market abuse

You must not use, and must not permit any third party to use, the Site or the Platform to:

  • engage in any unlawful, fraudulent, or deceptive activity, or any activity that breaches any applicable law, regulation, or licensing requirement that applies to you;
  • engage in market abuse on any Exchange or venue, including market manipulation, wash trading, spoofing, layering, quote stuffing, momentum ignition, ramping, painting the tape, or the entry of orders without bona fide intent to trade;
  • create a false or misleading impression of the market, price, supply, demand, or liquidity of any asset, token, or instrument;
  • trade, or facilitate trading, on the basis of material non-public information, or otherwise engage in insider dealing;
  • operate any scheme that depends on artificially inflating volume, depth, or activity, including for the purpose of meeting a listing, market-making, or designated-market-maker obligation owed to any Exchange or third party by deceptive means;
  • evade, or attempt to evade, any sanctions regime, anti-money-laundering, counter-terrorist-financing, or know-your-customer control, or transact with any sanctioned person or jurisdiction.

4. Prohibited conduct — security and platform integrity

You must not, and must not permit any third party to:

  • access, or attempt to access, any system, account, data, or part of the Platform that you are not authorised to access, or use any API Credential you are not authorised to use;
  • upload, deploy, or transmit any malware, worm, trojan, ransomware, or other malicious or harmful code, or any bot or agent designed to disrupt, degrade, damage, or gain unauthorised access to any system, network, or data;
  • circumvent, disable, or interfere with any security, authentication, access control, rate limit, usage limit, or feature gating of the Site, the Platform, or any Exchange;
  • conduct any denial-of-service attack, or impose an unreasonable or disproportionately large load on the Platform or on any Exchange or third-party API;
  • probe, scan, or test the vulnerability of any system or network, or breach any security or authentication measure, without our prior written consent;
  • reverse-engineer, decompile, disassemble, scrape, or otherwise attempt to derive the source code, structure, or underlying data of the Site or Platform, except to the extent this restriction is prohibited by mandatory law; or
  • use the Site or Platform to build or train a competing product or service.

5. Accounts, API Credentials, and assets

You must safeguard your account credentials and enable available security controls (including two-factor authentication). You must scope any API Credential you provide to the minimum permissions required to operate your bots — read and trade only; never withdrawal or transfer — and revoke credentials promptly where appropriate. You must not use the Platform in any way that requires the Company to take custody of, hold, or control your funds, digital assets, or private keys; the Company never takes such custody. You must maintain one Platform account per beneficial owner, must not share access with persons who are not authorised users of your account, and must not operate multiple accounts to evade tier limits, sanctions, attribution, or other policy controls.

6. Third-party rights and acceptable content

You must not, and must not permit any third party to:

  • infringe the intellectual property, privacy, confidentiality, contractual, or other rights of the Company or any third party;
  • breach the terms, policies, or rate limits of any Exchange or other Third-Party Provider, or use the Platform in any way that causes the Company to breach its obligations to any third party; or
  • submit to the Platform any data you are not entitled to provide, or any data that is unlawful, infringing, or harmful.

7. Customer responsibilities

In addition to the prohibitions above, you are responsible at all times for:

  • Lawful conduct. Operating bots and strategies that comply with all applicable laws and the rules of every venue on which your trades execute.
  • Custody and credentials. Maintaining custody of your own assets on third-party Exchanges; issuing API Credentials scoped to the minimum permissions required (read and trade only; never transfer; never withdrawal); and promptly revoking any credential believed to be compromised.
  • Strategy and risk. Configuring, monitoring, and managing your own trading strategy, including risk parameters, exposure limits, and kill switches; understanding and accepting the financial risks of automated trading; and not relying on the Company to operate, optimise, or supervise your strategy.
  • Identity and KYC. Cooperating in good faith with the Company's onboarding and ongoing know-your-customer, beneficial-ownership, and sanctions-screening procedures, and updating the Company promptly if any information provided becomes inaccurate or out of date.
  • Reporting. Notifying the Company without undue delay if you become aware of any suspected misuse of the Platform, suspected compromise of your credentials, or any regulatory inquiry into your use of the Platform.

8. Monitoring, rights, and remedies of the Company

8.1 Investigation

We do not routinely monitor activity on the Platform, but we may investigate suspected breaches of this Policy and may access, preserve, and disclose information where we reasonably believe it is necessary to investigate or enforce this Policy, to protect the Platform or any third party, or to comply with law or the request of a competent authority.

Where we detect, or reasonably suspect, a breach of this Policy, we may take any or all of the following actions — without prior notice where we consider that prior notice would prejudice an investigation or expose the Company or any third party to legal, reputational, or operational risk:

  • suspend your access to the Site or Platform, in whole or in part, for such period as we consider necessary;
  • disable specific bots, strategies, or API connections without disabling your account in full;
  • terminate the Service Agreement with cause and without refund of fees already paid, in accordance with the no-refund regime in the Service Agreement;
  • notify the relevant Exchange, partner-exchange compliance teams, and other affected third parties of the suspected breach to the extent necessary to mitigate ongoing harm;
  • preserve and disclose to law enforcement, regulators, and other competent authorities any records, logs, communications, and data relating to the suspected breach, as required by law or as we consider appropriate in the circumstances; and
  • recover from you any losses, costs, fines, or claims suffered by the Company or any third party as a result of the breach, including reasonable legal and investigation costs.

Our rights under this Policy are in addition to, and not in substitution for, any other rights we have at law or under the Service Agreement. Our failure to exercise any right under this Policy at any time does not constitute a waiver of that right at any future time. The consequences of suspension and termination, including the no-refund regime, are set out in the Service Agreement.

9. Reporting suspected misuse

Customers, partner Exchanges, regulators, and other third parties may report suspected misuse of the Site or Platform by email to abuse@vyper.bot, with a copy to contact@vyper.bot for general matters. Reports may be made anonymously. We will acknowledge receipt of credible reports within two (2) business days and will investigate in good faith. We do not retaliate against good-faith reporters.

10. Changes to this Policy and contact

10.1 Changes

We may amend this Policy from time to time. Material changes will be notified to Customers by email or by in-platform notification at least fourteen (14) days before they take effect, save where a more immediate change is required by law or in response to a material risk to the Platform, in which case we will notify Customers as promptly as is reasonably practicable. Your continued use of the Site or Platform after a change takes effect constitutes acceptance of the updated Policy. The most current version of this Policy is published at vyper.bot/use-policy.

10.2 Contact

For questions about this Policy, contact legal@vyper.bot. For acceptable-use reports, contact support@vyper.bot.

VyperLabs Ltd. · Hong Kong SAR · vyper.bot · legal@vyper.bot