Start for free
Pricing
Visual Debt
BlogDocs visuals notes.Visual DebtWhy stale screenshots hurt.DocsCLI and platform documentation.ContactTalk to the Reshot team.
Start for freeSign in

Legal

Acceptable Use Policy

Rules for safe and lawful use of Reshot.

Effective: May 10, 2026

Summary

Do not use Reshot to break the law, infringe rights, expose sensitive data without authority, attack systems, bypass limits, or publish unlawful content. This Acceptable Use Policy ("AUP") applies to all accounts, workspaces, plans, APIs, CLI usage, integrations, and published assets.

This summary is for convenience only. The full policy below controls.

1. Scope

This AUP supplements the Terms of Service. If this AUP conflicts with the Terms, the Terms control unless this AUP provides more specific operational rules.

This AUP applies to anyone using Reshot, including visitors, account users, workspace members, reviewers, API users, CLI users, and anyone who publishes or accesses assets through Reshot.

2. Do not break the law

You may not use Reshot to violate applicable law or regulation, including laws related to privacy, intellectual property, confidentiality, export controls, sanctions, consumer protection, cybersecurity, or illegal content.

You may not use Reshot from or for the benefit of a country, region, person, or entity subject to comprehensive sanctions under applicable U.S., EU, UK, UN, or Korean sanctions laws.

3. Do not capture or publish sensitive data without authority

Screenshots can expose more than expected. You must not intentionally capture, upload, store, or publish the following through Reshot unless you have a lawful basis, appropriate safeguards, and any required written agreement with us:

  • government identifiers, passport numbers, driver’s license numbers, tax IDs, or national IDs;
  • payment card numbers, bank account numbers, routing numbers, or financial account credentials;
  • passwords, API keys, access tokens, session cookies, private keys, or recovery codes;
  • protected health information or health data;
  • biometric, genetic, precise-location, or children’s data;
  • GDPR Article 9 special-category data;
  • confidential customer data, employee data, or internal records you are not authorized to process; or
  • regulated or export-controlled technical information.

Use test environments, mock data, fixture data, redaction, access controls, or bring-your-own-storage controls where appropriate.

4. Do not misuse published assets

If you publish screenshots or visual assets through stable URLs, you are responsible for the content you publish. Do not publish assets that:

  • infringe copyright, trademark, trade secret, privacy, publicity, or other rights;
  • expose confidential information without authorization;
  • contain personal data without a lawful basis;
  • are defamatory, fraudulent, deceptive, or impersonating another person or organization;
  • contain malware or links to malware; or
  • are unlawful in the places where you or the intended audience operate.

Reports about published assets may be submitted under the Content Reporting and Takedown Policy.

5. Do not attack the Service

You may not:

  • probe, scan, fuzz, or test the Service except as allowed by a written security policy or authorization;
  • access or attempt to access another customer’s workspace, data, assets, tokens, or integrations;
  • bypass authentication, authorization, rate limits, plan limits, billing controls, or security controls;
  • interfere with, degrade, overload, or disrupt the Service;
  • upload malware or destructive code;
  • use automated account creation or artificial usage generation;
  • scrape, crawl, harvest, or extract data from the Service except as permitted by product functionality; or
  • conduct denial-of-service attacks or similar abuse.

Good-faith vulnerability reports should be sent to security@reshot.dev and must not involve data exfiltration, persistence, extortion, public disclosure before remediation, or disruption of the Service.

6. Do not misuse the CLI, API, or integrations

You may not:

  • share API keys, CLI tokens, or workspace credentials outside authorized users or systems;
  • embed server-side credentials in public client-side code;
  • use a single workspace, account, or token to provide services to unrelated third parties in a way that bypasses plan limits;
  • replay, fabricate, or manipulate events or API calls to bypass limits or billing;
  • use webhooks to spam, phish, or attack recipients;
  • connect third-party accounts you are not authorized to use; or
  • use Reshot to monitor, capture, or publish applications you are not authorized to access.

7. Do not infringe or misappropriate rights

You may not use Reshot to copy, publish, or distribute content you do not have rights to use. This includes screenshots containing copyrighted UI, proprietary dashboards, trade secrets, customer data, unreleased product plans, licensed fonts, logos, or brand assets where your use is not authorized.

You are responsible for obtaining rights to all content in your screenshots, documents, and published assets.

8. Do not build a competing service from inside Reshot

You may not use the Service, documentation, API behavior, screenshot comparison outputs, or operational data to reverse engineer, clone, benchmark for competitive publication, train, or build a substantially similar or competing screenshot automation, visual asset management, or hosted documentation-visual service without our written permission.

This restriction does not limit rights that cannot be restricted under applicable law.

9. Respect plan limits and fair use

You may not use automation, multiple accounts, token rotation, workspace sharding, or other methods to avoid plan limits, storage limits, capture limits, rate limits, retention limits, or billing controls.

We may rate-limit, queue, restrict, suspend, or require an upgrade for usage that creates disproportionate load, security risk, or cost, even if a specific numeric limit is not published.

10. Reporting violations

To report abuse, unlawful published assets, or AUP violations, email support@reshot.dev and include:

  • the URL, workspace, asset, or account involved;
  • a description of the issue;
  • why you believe it violates this AUP or the law;
  • your contact information; and
  • any supporting evidence.

Copyright and illegal-content notices should follow the Content Reporting and Takedown Policy.

11. Enforcement

If we believe this AUP has been violated, we may take action with or without notice depending on severity, including:

  • warning the workspace owner;
  • requiring remediation;
  • disabling an API key, token, webhook, integration, or published asset;
  • removing or restricting access to content;
  • rate-limiting or suspending a workspace;
  • terminating an account or subscription;
  • preserving evidence; or
  • cooperating with law enforcement, regulators, or affected third parties where legally appropriate.

We usually try to provide notice and a chance to cure where the issue is curable and not urgent. We may act immediately for security threats, active abuse, illegal content, payment fraud, rights violations, or risk to other customers.

12. Changes

We may update this AUP. We will post the updated version and give at least 30 days’ notice of material changes, unless legal, security, or abuse-prevention urgency requires faster action.

13. Contact

Abuse and AUP reports: support@reshot.dev Security reports: security@reshot.dev Privacy inquiries: privacy@reshot.dev