SuperYears - Acceptable Use Policy (AUP)

Effective date: 01 March 2026
Applies to: the public website & calculators/tools and the subscription app/service (together, Services).
Order of precedence: If this AUP conflicts with our Website Terms or Subscriber/App Terms, the Terms prevail. This AUP sits alongside our Privacy Policy, Cookie Policy, Accessibility & Data‑Use Statement, and Responsible Disclosure/Security Policy.

Plain‑English explainer (read this first)

This policy explains what’s okay and what’s not when you use SuperYears. It protects you, other users, and our systems. We ban unlawful, harmful, and abusive behaviour; we set reasonable technical limits; and we explain what happens if something goes wrong. If you see abuse or a security issue, tell us at abuse@superyears.com.au or security@superyears.com.au.

AUP‑1. Scope & changes

• This AUP applies whenever you access the Services. Using the Services means you agree to follow it.
• We may update this AUP; material changes will be posted here with a new effective date and noted in our changelog.
• Age: the Services are intended for adults; under‑18s may browse public pages in a read‑only manner (see Website Terms T‑3). We do not allow Marketing profiling of self‑declared under‑18s.

AUP‑2. Prohibited uses (examples, not exhaustive)

• Unlawful/abusive content or conduct: breaking the law or facilitating it (fraud, stalking, harassment, hateful conduct, discrimination, defamation, doxxing, threats).
• Financial advice misrepresentation: presenting SuperYears content as licensed personal financial advice, holding yourself out as licensed when you are not, or instructing others to act on Site outputs as advice.
• Sensitive/high‑risk data uploads: tax file numbers, full card numbers, unmasked bank credentials, health/biometric data, special category data, or others’ personal information without permission.
• Security interference: probing, scanning, bypassing access controls, injecting code, uploading malware, or testing availability without written permission. For good‑faith research, see Responsible Disclosure.
• Automated access & scraping: scraping/harvesting at scale, or bots accessing areas not meant for automation, beyond what’s allowed by robots.txt or published API limits.
• Reverse engineering: decompiling or attempting to derive source code, except as permitted by law.
• Spam & deceptive practices: unsolicited promotions, list harvesting, cloaking, or misleading marketing.
• Impersonation & misrepresentation: pretending to be someone else or to be affiliated with SuperYears without permission.
• Service abuse: overloading the Services (excessive requests, denial‑of‑service, abusive patterns), circumventing rate limits, or reselling/loaning access without consent.
• IP infringement: unauthorised copying or distribution of protected content or marks; misuse of confidential information.
• Circumventing consent or preferences: interfering with or bypassing cookie/consent banners, privacy settings, or user opt‑outs (including attempts to re‑enable disabled categories without fresh consent).
• Evasion tactics: attempting to evade authentication, geo‑blocking, rate‑limits, or other technical safeguards (e.g., rotating identities/addresses, headless evasion tools).

AUP‑3. Fair use & technical limits We set reasonable limits to keep the Services reliable. Current indicative limits:

• Request rate: max 30 calculator runs/min per IP (may vary by endpoint and may change).

• Concurrent sessions: 1 active session per account (additional sessions may be logged out).

• API access (if any): No public API at this time. If offered, endpoints and limits will be documented separately.

• Robots & caching: automated access must follow robots.txt; any cached copies must be refreshed per cache headers and not republished.

• Machine/bot accounts: automation is only permitted via approved API keys or documented integration methods; browser automation of the UI is not allowed. See: https://superyears.com.au/security.

• Need higher limits? Contact support@superyears.com.au.

• We may monitor, throttle, suspend, or block traffic that risks service reliability or security.

AUP‑4. Data handling boundaries

• Don’t upload other people’s personal information without permission and a lawful basis.
• Don’t upload payment card primary account numbers, TFNs, or biometric identifiers.
• Do not attempt to re‑identify de‑identified or aggregated data, or combine data to profile individuals without a lawful basis and consent.
• Do not scrape personal information from the Services for marketing/profiling without express written permission from SuperYears and valid consent from the individuals concerned.
• Public calculators are illustrative and not advice; do not rely on them as official assessments.
• See our Privacy Policy and Accessibility & Data‑Use Statement for details on retention, de‑identification, and your choices.

AUP‑5. Third‑party rights & IP

• Respect third‑party platforms, APIs, SDKs, and embeddings connected to the Services. Their terms and privacy notices apply to their components.
• Do not disable or interfere with third‑party consent mechanisms or attributions.

AUP‑6. Reporting & enforcement

• Report abuse/security: abuse@superyears.com.au or security@superyears.com.au. Provide URLs, timestamps, and a description.
• Preservation: we may preserve relevant logs and content while we investigate.
• Process: we may ask for more information, restrict features during investigation, and where required involve law enforcement or affected parties.
• Appeals: if you believe we made a mistake, you can appeal an action via legal@superyears.com.au and we will review within 10 business days.
• Good-faith security research: we encourage responsible disclosure via our Responsible Disclosure and Security Policy. https://superyears.com.au/security.

AUP‑7. Consequences (proportionate to risk)

• Content actions: warning, label, edit, or removal.
• Technical actions: rate‑limit, throttle, sandbox, feature restrictions, temporary or permanent suspension.
• Account actions: require re‑verification, password reset, or account closure.
• Legal: notify affected parties, law enforcement, or pursue remedies where permitted by law.
• We’ll notify you of actions where reasonable; immediate action may occur without notice if safety/security/legal risks require it.
• On suspension/termination, we may retain minimal records for security, fraud prevention, and legal compliance in line with our Privacy Policy.

AUP‑8. Contact

• Abuse: abuse@superyears.com.au
• Security: security@superyears.com.au
• Legal: legal@superyears.com.au

Important notice: Information on the Site is general in nature and does not constitute personal financial advice.