Tierlane

Tierlane Acceptable Use Policy

Effective Date: 2026-06-01 Last Updated: 2026-06-01 Version: 1.0

1. Introduction

This Acceptable Use Policy ("AUP") describes how Merchants and any users authorised by a Merchant may and may not use the Tierlane Service. It is incorporated by reference into Tierlane's Terms of Service at tierlane.app/legal/terms and forms part of the agreement between you and Tierlane.

"Tierlane", "we", "us", and "our" refer to Tierlane, a business based in Toronto, Ontario, Canada. "Service", "Merchant", "Buyer", "Customer Data", and "Sub-processor" have the meanings given in Section 2 of the Terms of Service.

We keep this AUP short and plain-English on purpose. If you are doing something that a reasonable, sensible operator of a Shopify B2B store would not do, you are probably violating it. When in doubt, ask: legal@tierlane.app.

This AUP applies in addition to Shopify's own Acceptable Use Policy and Merchant Terms of Service. Conduct that violates Shopify's policies also violates this AUP.

2. Prohibited Content

You must not use the Service in connection with content, products, or transactions that involve:

  • Illegal goods or services in the jurisdiction(s) where the Merchant or the Buyer is located.
  • Weapons, weapon parts, ammunition, explosives, or items designed primarily for the unauthorised infliction of harm.
  • Controlled substances, narcotics, drug paraphernalia, or any product prohibited or restricted by applicable controlled-substances law (for example, US DEA-scheduled substances, Canadian Controlled Drugs and Substances Act schedules, EU controlled substances).
  • Tobacco, nicotine vaping products, alcohol, cannabis, or psychoactive substances sold in a manner that violates applicable age-verification, licensing, or distribution rules.
  • Content that exploits, harms, or sexualises children, including any form of child sexual abuse material ("CSAM"). We will report suspected CSAM to the National Center for Missing and Exploited Children (NCMEC), the Canadian Centre for Child Protection (Cybertip.ca), or the equivalent authority in the relevant jurisdiction, as required by law.
  • Sexually explicit material that is illegal in the jurisdiction where the Merchant or Buyer is located.
  • Fraudulent or counterfeit goods, knockoffs that infringe trademarks, or goods sold with intent to deceive.
  • Stolen goods, goods obtained by theft or trafficking, or goods subject to sanctions.
  • Hate speech, incitement to violence, terrorism, or violent extremism as defined under applicable law.
  • Malware, ransomware, phishing kits, credential-harvesting tools, or any product intended to facilitate unauthorised access to computer systems.
  • Personal data sets sold as a product (data brokers).
  • Health products that require a prescription or claims that violate the rules of Health Canada, the US FDA, the UK MHRA, the EU EMA, the TGA (Australia), or other competent regulator.
  • Financial services or investment products sold without the licences required by the relevant securities regulator.

Tierlane is a B2B wholesale order processor. We are not designed to handle protected health information (PHI) under HIPAA. Do not transmit PHI to Tierlane.

3. Prohibited Conduct

You must not, and must not permit any third party to:

  • Submit content you are not authorised to process. You must own or be authorised to access the inboxes you connect to Tierlane, and you must be entitled to process the personal information of the Buyers whose communications you forward, route, or expose to the Service.
  • Use the Service to process inboxes belonging to others without their lawful consent or authority, including the email accounts of former employees, third parties, or competitors.
  • Reverse engineer, decompile, or attempt to extract the model weights, training data, prompt structure, or other internal details of any AI system used by the Service, except to the extent this restriction is expressly prohibited by mandatory law (for example, EU interoperability rights).
  • Circumvent usage caps, rate limits, or billing. Examples include: creating multiple Shopify shops or Accounts to split a single business's traffic across plans; using a Starter plan for a business whose volume requires Growth or Pro; sharing one paid account across legally distinct businesses.
  • Submit deliberately malicious content designed to manipulate, mislead, or attack the AI parser, the Service, or other Tierlane Merchants. This includes prompt-injection content, attempts to exfiltrate other Merchants' data, attempts to cause the parser to produce harmful output, and content designed to inflate parsing token usage maliciously.
  • Scrape, harvest, or systematically extract data from the Service except through documented APIs and only for your own Account.
  • Probe, scan, or test the security or availability of the Service except through Tierlane's published security disclosure process at security@tierlane.app. Coordinated, good-faith security research is welcome under that process.
  • Interfere with or disrupt the Service, the Service's networks, or other Merchants' use of the Service, including by denial-of-service attacks, traffic flooding, or attempting to overload Sub-processors.
  • Bypass, disable, or circumvent any access controls, rate limits, or usage measurement.
  • Use the Service to send unsolicited commercial email in violation of CAN-SPAM (US), CASL (Canada), the UK PECR, the EU ePrivacy Directive, the Australian Spam Act 2003, or any comparable law.
  • Impersonate another person or entity, or misrepresent your affiliation with a person or entity.
  • Use the Service to violate privacy laws (GDPR, UK GDPR, PIPEDA, Quebec Law 25, CCPA, LGPD, PDPA, APPs, or others), anti-discrimination law, consumer protection law, or any other applicable law.
  • Use the Service to harass, threaten, or stalk any person.
  • Use the Service to develop, train, or evaluate a competing product, or to provide services that compete with Tierlane to third parties.
  • Resell, sublicense, or provide Service access to third parties other than your own authorised users.

4. Authorisation Requirements (Inbox and Buyer Data)

By connecting an inbox to the Service and by processing Buyer communications through Tierlane, you represent and warrant that:

  • You own the inbox or have express authorisation from the inbox owner to grant read access to the Service.
  • You are acting as the controller of the Buyer personal information processed by the Service on your behalf, and you have a lawful basis for that processing (typically contract performance with the Buyer, your legitimate interest in processing inbound order requests, or the Buyer's consent).
  • You have provided your Buyers with a privacy notice that complies with the applicable privacy law and that adequately discloses that you use a third-party automated parsing service to process their communications.
  • You will respond to Buyer data subject rights requests as the controller, with Tierlane's reasonable assistance as processor under the DPA.
  • You will not knowingly forward, route, or otherwise cause Tierlane to process the personal information of individuals under the age of 16 (or the applicable local children's privacy threshold), or sensitive categories of personal data such as health, biometric, or government-issued identifiers, except where doing so is incidental to a legitimate B2B wholesale order and lawful in your jurisdiction.

5. Reporting Violations

If you become aware of a violation of this AUP — by another Merchant, by a third party, or by anyone using the Service — please report it:

  • Email: legal@tierlane.app for general AUP concerns and abuse@tierlane.app for suspected abuse, spam, or malicious content.
  • Security incidents: security@tierlane.app.
  • CSAM reports: abuse@tierlane.app, marked URGENT. We will report to law enforcement and to the relevant clearinghouse as required by law.

Provide enough information for us to investigate: a description of the conduct, dates and times where possible, the affected account (if known), and any supporting material. We will not disclose your identity to the reported party except where required by law.

6. Enforcement

Tierlane investigates suspected violations of this AUP. When we conclude that a violation has occurred, we may take one or more of the following actions, proportionate to the severity and the harm:

  • Informal warning by email or in-app message, with instructions to bring the Account into compliance.
  • Formal notice of breach under Section 15.3 of the Terms of Service with a 30-day cure period for material breaches that are capable of cure.
  • Temporary suspension of the Service or of specific features (such as a paused integration) while we investigate.
  • Immediate suspension or termination without a cure period for:
    • Violations that pose a security risk to Tierlane or to other Merchants.
    • Conduct that is clearly illegal under applicable law.
    • CSAM, terrorism, sanctions violations, or large-scale fraud.
    • Repeat violations after a prior warning.
    • Conduct that violates Shopify's own AUP, where Shopify has notified Tierlane.
  • Removal of specific content from the Service.
  • Forfeiture of unused subscription fees for the period of suspension or termination, subject to applicable consumer-protection law.
  • Notification to Shopify, where the conduct also violates Shopify's policies.
  • Notification to law enforcement and regulators, where required by law or in good faith to protect Tierlane, other Merchants, Buyers, or the public.

A decision to suspend or terminate under this AUP is in addition to, and not in lieu of, any other rights Tierlane has under the Terms of Service or applicable law, including the right to claim damages and indemnification under Section 13 of the Terms of Service.

7. Tierlane's Right to Investigate

Tierlane reserves the right (but does not assume the obligation) to investigate suspected violations of this AUP. In an investigation, we may:

  • Access metadata about Service usage (login records, audit logs, billing records, request logs).
  • Access content only to the extent necessary to investigate a credible report and only with appropriate safeguards (least-privilege access, logging, and dual-control approval for sensitive accesses).
  • Engage professional advisors (legal, forensic, cybersecurity) under duties of confidentiality.
  • Cooperate with law enforcement in response to a valid legal process (warrant, court order, regulatory production order). Where legally permitted and consistent with public safety, we will notify the affected Merchant before disclosing.
  • Preserve evidence, including overriding the standard 90-day retention window where a legal hold applies.

Tierlane is not a law enforcement agency and we do not undertake to detect or report violations except where legally required or where the violation comes to our attention through a credible report.

8. Changes to This AUP

We may update this AUP from time to time, on the same notice schedule as the Terms of Service (Section 16). Material changes will be notified by email and in-app at least 30 days in advance.

9. Contact

  • Privacy inquiries: privacy@tierlane.app
  • Legal inquiries: legal@tierlane.app
  • Security incidents: security@tierlane.app
  • General contact: support@tierlane.app