Acceptable Use Policy

Last updated: 9 April 2026

Draft document. This document is a template and should be reviewed by a qualified solicitor before use.

1. Scope

This Acceptable Use Policy ("AUP") applies to all Agent Users and Agency administrators who access the TravelpopX38 platform ("the Platform"). This AUP forms part of the Terms of Service and breach of this AUP constitutes a material breach of those Terms.

2. Authorised Use

The Platform is provided exclusively for:

Authorised Agent Users employed by or contracted to an Agency that has been granted Platform access by the Operator.
The purpose of searching for, comparing, and booking hotel accommodation in the ordinary course of the Agency's travel business.
Managing bookings, viewing financial information, and performing administrative tasks related to the Agency's use of the Platform.

3. Prohibited Conduct

You must not:

3.1 Credential and Access Misuse

Share your login credentials with any other person, including colleagues within your Agency.
Use another person's credentials to access the Platform.
Attempt to access accounts, data, or areas of the Platform for which you do not have authorisation.
Circumvent, disable, or interfere with any security features of the Platform, including IP allowlists, rate limits, or account lockouts.

3.2 Automated Access and Scraping

Use bots, scripts, scrapers, crawlers, or any automated means to access or interact with the Platform.
Extract, harvest, or collect data from the Platform by automated or systematic means.
Reverse-engineer, decompile, or attempt to derive the source code of the Platform or its APIs.

3.3 Supplier API Misuse

Make excessive or abusive requests to hotel supplier APIs through the Platform.
Attempt to access supplier APIs directly, bypassing the Platform.
Use rate or availability data obtained through the Platform for any purpose other than making genuine bookings.
Systematically search for rates without a genuine intent to book (rate shopping/scraping).

3.4 Harmful Content and Illegal Activity

Upload, transmit, or store any malicious content, including viruses, malware, or code designed to disrupt the Platform.
Use the Platform for any unlawful purpose or in violation of any applicable law or regulation.
Submit false, misleading, or fraudulent booking information.
Use the Platform to facilitate money laundering, fraud, or any other financial crime.

3.5 Platform Integrity

Attempt to disrupt, degrade, or impair the performance or availability of the Platform.
Interfere with other users' access to or use of the Platform.
Test the Platform's security without prior written authorisation from Travelpop Ltd (see Section 5).

4. Agency Responsibilities

Each Agency is responsible for:

Ensuring all its Agent Users are aware of and comply with this AUP.
Promptly deactivating accounts of staff who leave the Agency or no longer require Platform access.
Reporting any suspected breach of this AUP by its Agent Users to the Operator.
Maintaining appropriate internal controls to prevent misuse of the Platform.

5. Reporting Security Issues

If you discover a security vulnerability or suspect a security incident affecting the Platform, please report it immediately to [DPO_EMAIL].

We ask that you:

Report the issue promptly and confidentially.
Provide sufficient detail to allow us to reproduce and investigate the issue.
Do not exploit the vulnerability beyond what is necessary to demonstrate the issue.
Do not disclose the vulnerability publicly until we have had a reasonable opportunity to address it.

We will not take legal action against individuals who report security issues in good faith and in compliance with the above guidelines.

6. Monitoring

Travelpop Ltd reserves the right to monitor Platform usage for compliance with this AUP. This monitoring may include reviewing access logs, API request patterns, and account activity. Monitoring is conducted in accordance with our Privacy Policy.

7. Consequences of Violation

Breach of this AUP may result in one or more of the following actions, at Travelpop Ltd's sole discretion:

Warning: A written notice to the Agency administrator describing the breach and required corrective action.
Temporary suspension: Suspension of the offending Agent User's account or the Agency's Platform access pending investigation.
Permanent termination: Immediate and permanent revocation of the Agency's Platform access for serious or repeated breaches.
Legal action: Pursuit of legal remedies, including claims for damages, where the breach causes loss to Travelpop Ltd, the Operator, or other users.

The severity of the response will be proportionate to the nature and impact of the breach. Where possible, we will give the Agency an opportunity to remedy the breach before taking more serious action.

8. Changes to This Policy

We may update this AUP from time to time. Material changes will be communicated to Agency administrators. Continued use of the Platform after changes are communicated constitutes acceptance of the revised AUP.

9. Contact

For questions about this Acceptable Use Policy, contact:
Email: [DPO_EMAIL]
Address: [COMPANY_ADDRESS]

← Back to portal