Acceptable Use Policy

Last updated: June 2, 2026

Purpose of This Policy

This Acceptable Use Policy ("AUP") governs your use of Gridmock's OCPP testing platform. By using our services, you agree to comply with this policy. Violations may result in immediate suspension or termination of your account.

This policy applies to all users, including trial users, paid subscribers, and Enterprise customers.

1. Permitted Uses

Gridmock is designed for legitimate testing and development purposes. Permitted uses include:

  • CSMS Testing: Testing your own Charging Station Management System platforms
  • Firmware Validation: Testing EV charger firmware against virtual CSMS instances
  • Load Testing: Simulating high-volume scenarios for your own systems
  • Compliance Testing: Validating OCPP 1.6 and 2.0.1 protocol compliance
  • CI/CD Integration: Automated testing in development pipelines
  • Vendor Evaluation: Testing competitor CSMS platforms as part of procurement (with proper authorization)
  • Educational Use: Learning OCPP protocols and EV charging infrastructure

2. Prohibited Activities

The following activities are strictly prohibited:

2.1 Malicious or Illegal Activities

  • Denial of Service (DoS): Using Gridmock to attack, overwhelm, or disrupt third-party systems
  • Unauthorized Access: Testing systems you do not own or have explicit permission to test
  • Hacking or Exploiting: Attempting to find vulnerabilities in third-party systems without authorization
  • Malware Distribution: Using the platform to distribute viruses, trojans, or malicious code
  • Fraud: Using stolen payment methods or providing false identity information

2.2 Service Abuse

  • Exceeding Rate Limits: Deliberately bypassing or ignoring API rate limits
  • Resource Hoarding: Creating excessive virtual chargers solely to consume resources
  • Account Sharing: Sharing account credentials with unauthorized users
  • Reselling: Reselling or sublicensing access to Gridmock without written permission
  • Scraping: Automated extraction of data for competitive purposes

2.3 Intellectual Property Violations

  • Reverse Engineering: Attempting to decompile, disassemble, or reverse engineer the Gridmock platform
  • Cloning: Building a competing product by copying Gridmock's features, APIs, or functionality
  • Trademark Infringement: Using Gridmock's name, logo, or branding without permission

2.4 Inappropriate Content

  • Illegal Content: Storing or transmitting content that violates laws (e.g., CSAM, terrorism)
  • Spam: Using Gridmock to send unsolicited commercial messages
  • Harassment: Using the platform to harass, threaten, or abuse others

3. Testing Third-Party Systems

IMPORTANT: Before using Gridmock to test a third-party CSMS or system, you MUST:

  • 1.Obtain Authorization: Have explicit written permission from the system owner
  • 2.Use Test Environments: Only test against designated test/staging environments, never production
  • 3.Respect Rate Limits: Do not exceed the target system's documented limits
  • 4.Disclose Your Intent: Inform the vendor that you are using Gridmock for evaluation

Example: If you're evaluating a vendor's CSMS as part of procurement, ensure your contract or RFP includes permission to conduct automated testing.

4. Resource Limits and Fair Use

4.1 Plan Limits

Each plan has documented limits (virtual chargers, API requests, message history). You must:

  • Stay within your plan's quota or upgrade
  • Not create multiple accounts to circumvent limits ("shadow accounts")
  • Contact sales for legitimate high-volume needs

4.2 API Rate Limits

PlanRate Limit
Entry / Starter100 requests/minute
Professional500 requests/minute
Scale2,000 requests/minute
EnterpriseCustom (negotiated)

Exceeding rate limits will result in HTTP 429 errors. Persistent violations may lead to account suspension.

5. Security Responsibilities

You Are Responsible For:

  • API Key Security: Keeping API keys confidential and rotating them if compromised
  • Account Security: Using strong passwords and enabling MFA
  • Vulnerability Disclosure: Reporting security issues to security@gridmock.com (not exploiting them)
  • Data Protection: Not uploading sensitive personal data (PII) unnecessarily

Prohibited Security Actions:

  • Attempting to access other users' accounts or data
  • Port scanning or vulnerability scanning Gridmock infrastructure
  • Social engineering Gridmock support staff

6. Reporting Violations

If you become aware of a violation of this AUP, please report it immediately:

7. Enforcement and Penalties

7.1 Investigation

We reserve the right to investigate suspected violations, including reviewing account activity, API logs, and OCPP message traffic. We may cooperate with law enforcement if illegal activity is suspected.

7.2 Penalties

Depending on the severity of the violation, we may:

  • 1.Warning: Issue a written warning for first-time minor violations
  • 2.Temporary Suspension: Suspend access for 7-30 days
  • 3.Permanent Termination: Immediately terminate your account without refund
  • 4.Legal Action: Pursue civil or criminal remedies for serious violations

7.3 Appeals

If you believe your account was suspended or terminated in error, you may appeal by contacting support@gridmock.com within 14 days. We will review and respond within 7 business days.

8. Changes to This Policy

We may update this AUP at any time. We will notify users of material changes via email or platform notification. Continued use after changes take effect constitutes acceptance.

9. Contact Information

Questions about this policy or need clarification on permitted use?