April 23, 2026
These documents are a production-ready baseline for the current application flow and should still be reviewed by counsel before a final public launch.
1. Permitted use
You may use COFI to manage finance records and related account settings in a lawful and authorized manner.
Any testing, automation, or administrative access must stay within the permissions explicitly granted to you.
2. Prohibited behavior
You must not use COFI in a way that harms the service, other users, or the operator.
The following conduct is prohibited unless separately authorized in writing.
- Attempting to break authentication, session, role, or admin boundaries.
- Uploading malicious, unlawful, deceptive, or rights-infringing content.
- Scraping, flooding, or automating requests in a way that degrades availability.
- Reverse engineering or probing the service to discover secrets or security weaknesses outside approved testing.
- Using the platform to store or distribute material that violates applicable law.
3. Responsibility for submitted content
You remain responsible for the legality, accuracy, and appropriateness of the records, notes, and attachments you submit.
If you upload receipts or financial evidence, you must have the right to process and store that material.
You must not submit third-party personal data, confidential business information, regulated financial data, or sensitive material to AI-assisted features unless you are authorized to do so and applicable law permits that use.
4. Enforcement
COFI may rate-limit, suspend, restrict, or terminate access when a user, script, or account creates reliability, security, or compliance risk.
Serious abuse may also be logged, reviewed, and escalated according to the operator's internal process.