Acceptable Use Policy

Effective January 24, 2022


The purpose of this Acceptable Use Policy (“Policy”) is to describe actions that Zus prohibits when any person uses the Zus Platform (including the Builder Services). This Policy applies to all Zus Platform services, including the Builder Services, and to all Builders who use them, and to any and all users of Zus Platform, whether they use the Zus Platform directly or indirectly through a Builder’s Application.

This Policy is incorporated into the Builder Terms and may be updated or amended from time to time in accordance with provisions of the Builder Terms.



  1. References to “You”. In this Policy, the terms “you”, “your” or “Builder” refer to you in your individual capacity if you are a user of the Builder Services or a Builder’s Application user and they otherwise refer to the legal entity associated with a Builder’s account.
  2. Capitalized Terms. Capitalized terms used but not defined in this Policy or the Builder Terms will have the meanings set forth in HIPAA or other Applicable Law.


  1. General. You are responsible for using the Zus Platform in compliance with all Applicable Law, the Builder Terms, the Zus BAA, and this Policy.
  2. Authorized Activities. You may only use the Zus Platform for Authorized Activities (such as HIPAA Activities or Consumer Health Activities) as defined in the Zus Privacy Policy.
  3. Permitted Access. You may only use the Zus Platform to access Patient Data if you have a relationship with the Patient which satisfies the Permitted Access Requirements described in the Zus Privacy Policy.
  4. Minimum Necessary. You may only use or access Patient Data (both PHI protected by HIPAA and PII which is protected under other Applicable Law) through the Zus Platform to the minimum extent necessary to perform the Authorized Activities consistent with the Minimum Necessary Standard described in 45 CFR 164.502(b) and 164.514(d).


  1. Prohibited Content. You may not use the Zus Platform to upload, transmit, host or execute or store any of the following content or communications that is:

    a. False, inaccurate or intentionally deceptive, including content which is likely to adversely affect the public interest (such as public health or safety);

    b. Intellectual property infringement, including content that infringes a third party’s proprietary or intellectual property rights (e.g., patent, copyright, trademark, trade secret, right of publicity) according to Applicable Law;

    c. Libelous, defamatory, fraudulent, or inappropriate, including content which is sexually obscene, discriminatory or abusive to any individual or group or which promotes or glorifies violence; or

    d. Unlawful or illegal, including content which is or includes computer hacking, malware, phishing, illegal export of controlled substances or illegal software, or which contains any material, products or services that violate or encourage conduct that would violate, any criminal laws, any other Applicable Laws, or any third party rights.

  2. Prohibited Activities. You may not use the Zus Platform to:

    a. Falsify your identity or origin, including creating a false identity or attempting to mislead others as to the identity of the sender or the origin of any data or communications;

    b. Interfere with or otherwise negatively impact Zus or others, including any aspect of the Builder Services, Zus Platform, or any third-party networks that are connected to the Zus Platform;

    c. Reverse engineer, including copying, disassembling, or decompiling the Builder Services or Zus Platform, or reformatting or framing any portion of the web pages or content that are part of the Builder Services in a manner inconsistent with our Documentation;

    d. Bypass security or system limits, including finding, exploiting or attempting to bypass and security mechanisms or filtering capabilities;

    e. Transmit harmful code, including files, scripts, agents or programs intended to do harm, including viruses or malware, or using automated means, such as bots, to gain access to the Builder Services or Zus Platform;

    f. Attempt to gain unauthorized access, including the Builder Services, the Zus Platform, or another connected information systems or applications;

    g. Disable the services, including any denial of service (DoS) attack on the Builder Services or Zus Platform or any other conduct that attempts to disrupt, disable or overload the system; or

    h. Removing proprietary rights notices, including copyright, trademark or other proprietary rights notices contained in the content or materials accessed through the Builder Services or Zus Platform.