WRKROOT Acceptable Use Policy

Last updated: May 3, 2026

1. Core Rule

You may use WRKROOT only for lawful, authorized, professional, and legitimate business purposes.

You must not use WRKROOT for any activity that is illegal, deceptive, harmful, fraudulent, abusive, harassing, discriminatory, exploitative, unsafe, infringing, invasive, misleading, unethical, or inconsistent with WRKROOT's role as a talent, client, placement, staffing, outsourcing, and engagement operations platform.

If you are unsure whether a use is allowed, ask WRKROOT before proceeding.

2. False Information, Impersonation, And Misrepresentation

You must not submit, upload, display, send, or rely on false, misleading, incomplete, forged, manipulated, or deceptive information.

Prohibited conduct includes:

• Creating a fake account or using a false identity.
• Impersonating a person, company, client, talent, WRKROOT representative, government agency, credentialing body, school, employer, regulator, payment provider, or third party.
• Using lookalike names, emails, domains, documents, logos, seals, signatures, certificates, or branding to mislead others.
• Misrepresenting your authority to act for a company, client, talent, or other party.
• Submitting fake or altered credentials, certificates, licenses, degrees, transcripts, work proof, references, portfolio materials, identity information, billing information, or company information.
• Misstating experience, education, work history, skills, availability, location, work authorization, professional status, industry qualifications, or compliance status.
• Submitting another person's assessment work, interview responses, KPI submissions, attendance records, proof files, credentials, documents, or signature.
• Manipulating assessment, attendance, contract, billing, review, marketplace, support, or KPI workflows.

WRKROOT may reject, remove, delist, suspend, blacklist, terminate, preserve, or disclose records relating to suspected false information, fraud, impersonation, or misrepresentation.

3. Illegal, Harmful, Or Abusive Activity

You must not use WRKROOT to engage in, facilitate, promote, recruit for, coordinate, conceal, or support:

• Illegal activity.
• Fraud, scams, deceptive schemes, or misrepresentation.
• Harassment, threats, intimidation, stalking, bullying, doxxing, extortion, blackmail, coercion, or abuse.
• Unlawful discrimination or exclusion based on protected characteristics.
• Exploitation, forced labor, human trafficking, child exploitation, or unsafe work.
• Violence, threats of violence, self-harm encouragement, or instructions for physical harm.
• Hate, extremist, terrorist, or violent ideological activity.
• Sanctions violations, export-control violations, money laundering, bribery, corruption, tax evasion, or unlawful cross-border activity.
• Surveillance abuse, unauthorized monitoring, spyware use, credential theft, social engineering, or privacy-invasive activity.
• Any role, engagement, client request, talent activity, or workflow that WRKROOT determines creates unacceptable legal, safety, operational, payment, regulatory, or reputational risk.

4. Security Abuse And Platform Interference

You must not attack, disrupt, misuse, or attempt to gain unauthorized access to WRKROOT, user accounts, client systems, talent data, platform data, infrastructure, vendors, integrations, or networks.

Prohibited conduct includes:

• Scraping, crawling, data mining, harvesting, indexing, or bulk exporting data without WRKROOT's written permission.
• Automated account creation, bot activity, credential stuffing, password spraying, phishing, or social engineering.
• Scanning, probing, testing, exploiting, or attempting to bypass vulnerabilities, access controls, authentication, permissions, rate limits, billing controls, marketplace rules, assessment safeguards, attendance verification, or security features.
• Reverse engineering, decompiling, copying, cloning, or attempting to derive source code, non-public APIs, platform architecture, models, logic, or proprietary workflows.
• Uploading or transmitting malware, ransomware, spyware, viruses, worms, trojans, malicious scripts, corrupted files, or harmful code.
• Interfering with platform performance, availability, logging, monitoring, billing, support, email, notifications, contracts, assessments, or integrations.
• Using unauthorized APIs, scripts, browser automation, plug-ins, extensions, or integrations.
• Attempting to access data or records outside your authorized role or engagement.
• Concealing your identity, location, device, traffic source, or automation in a way that creates risk or violates WRKROOT instructions.

WRKROOT may treat any attempted violation as a completed violation.

5. Data, Privacy, And Confidentiality Misuse

You must not access, upload, disclose, copy, export, sell, share, or misuse data unless you have all required rights, authority, notices, consents, and legal permissions.

Prohibited conduct includes unauthorized use or disclosure of:

• Client data.
• Talent data.
• Platform data.
• Marketplace data.
• Billing data.
• Contract data.
• Support records.
• Assessment content or answers.
• Attendance, KPI, credential, or engagement records.
• Confidential information.
• Trade secrets.
• Copyrighted, trademarked, proprietary, or third-party materials.
• Customer, patient, employee, contractor, applicant, or user records.

You must not use information obtained through WRKROOT to harass, solicit, poach, bypass, compete unfairly, discriminate, profile unlawfully, spam, scrape, resell, broker, or create unauthorized databases.

6. Sensitive And Regulated Data

You must not upload, submit, transmit, request, store, or process sensitive or regulated data through WRKROOT unless WRKROOT has expressly requested or authorized it through an approved workflow.

Sensitive or regulated data includes:

• Protected health information, patient data, clinical records, medical records, insurance records, or healthcare treatment/payment/operations information.
• Government identification documents or identification numbers.
• Full financial account numbers, full bank account numbers, full card numbers, CVV codes, payment credentials, or raw payment secrets.
• Background-check reports or regulated screening records.
• Biometric data.
• Precise geolocation data.
• Children's data.
• Criminal history data.
• Immigration, visa, or work authorization records.
• Highly sensitive personal, family, health, financial, or legal information.
• Any data subject to HIPAA, GLBA, FCRA, FERPA, COPPA, biometric privacy laws, financial privacy laws, export-control rules, sanctions rules, or other special legal requirements.

WRKROOT may request or permit certain sensitive documents or information in specific workflows, such as credential review, billing, contracts, support, assessments, attendance proof, KPI proof, or approved healthcare customer workflows. When WRKROOT requests or authorizes such information, you must provide only what is necessary and only through the approved process.

You must not upload PHI into WRKROOT unless a valid Business Associate Agreement or other required written authorization is in place and WRKROOT has approved the workflow.

7. Prohibited Businesses, Industries, And Content

You must not use WRKROOT to promote, provide, recruit for, support, process payment for, or facilitate:

• Adult sexual content, pornography, sexually explicit services, escort services, prostitution, or sexual exploitation.
• Gambling, betting, lotteries, sweepstakes, games of chance, or casino-related activity unless expressly approved in writing by WRKROOT and lawful in all applicable jurisdictions.
• Weapons, firearms, ammunition, explosives, weapon accessories, or instructions for weapon manufacturing or misuse.
• Illegal drugs, controlled substances, counterfeit drugs, drug paraphernalia, or products intended to mimic or evade drug laws.
• High-risk financial products, unlawful lending, credit repair scams, debt relief scams, investment schemes, securities offerings, money transmission, unlicensed financial services, or predatory financial activity.
• Cryptocurrency schemes, token offerings, investment pools, mining schemes, wallet/custody services, or high-risk crypto activity unless expressly approved in writing by WRKROOT.
• Pyramid schemes, Ponzi schemes, MLM abuse, get-rich-quick schemes, deceptive business opportunities, or fraudulent lead-generation schemes.
• Counterfeit goods, stolen goods, infringing goods, unauthorized resale, piracy, or intellectual property violations.
• Hate, extremist, terrorist, violent, exploitative, or human-trafficking-related content or activity.
• Products, services, or activities prohibited or restricted by WRKROOT's payment providers, banking partners, hosting providers, infrastructure providers, vendors, or applicable law.

WRKROOT may reject or terminate any client, talent, account, request, engagement, or workflow connected to a prohibited or high-risk business or activity.

8. No Circumvention Or Bypass

Users must not use WRKROOT introductions, marketplace information, talent profiles, client information, interviews, recommendations, support communications, or engagement workflows to bypass WRKROOT's commercial relationship, fees, contracts, or platform processes.

Prohibited circumvention may include:

• Directly hiring, paying, contracting with, or engaging introduced talent outside WRKROOT without WRKROOT's written permission.
• Talent accepting direct work, payment, side arrangements, or employment from introduced clients outside WRKROOT without WRKROOT's written permission.
• Using WRKROOT to identify clients or talent and then moving the relationship off-platform to avoid fees, obligations, audit records, contracts, billing, or compliance workflows.
• Encouraging another user to violate WRKROOT agreements or avoid WRKROOT payments.

Detailed non-circumvention obligations may also appear in client contracts, talent contracts, order forms, engagement agreements, or other written agreements. Those agreements may impose additional restrictions, fees, remedies, and enforcement rights.

9. Communications And Professional Conduct

You must communicate professionally and honestly through WRKROOT.

You must not:

• Send spam, phishing, scams, deceptive messages, unsolicited marketing, or abusive communications.
• Harass, threaten, pressure, insult, exploit, or discriminate against any user, client, talent, WRKROOT representative, or third party.
• Request or share passwords, OTP codes, payment credentials, unnecessary sensitive data, or unauthorized client/talent information.
• Misrepresent WRKROOT's involvement, approval, guarantees, pricing, contracts, hiring decisions, or relationship to another party.
• Interfere with support, billing, contract, assessment, interview, attendance, KPI, or review workflows.
• Use WRKROOT communications to evade documentation, billing, compliance, or dispute records.

10. Payment And Billing Abuse

You must not engage in payment, billing, invoice, or transaction abuse.

Prohibited conduct includes:

• Using stolen, unauthorized, false, or misleading payment information.
• Making bad-faith chargebacks or payment disputes.
• Avoiding fees, subscriptions, invoices, retainers, deposits, placement fees, engagement fees, or other amounts owed to WRKROOT.
• Manipulating billing records, invoice details, payment method metadata, provider tokens, or transaction records.
• Using WRKROOT for money laundering, sanctions evasion, tax evasion, fraud, or unlawful financial activity.
• Attempting to use WRKROOT for restricted businesses or payment-provider-prohibited activity.

WRKROOT may suspend services, retain fees already paid, require payment assurances, pursue collections, recover legal fees, and seek any available remedies.

11. Healthcare Customer And PHI Rules

Where WRKROOT supports a healthcare customer, users must comply with applicable healthcare privacy, security, confidentiality, client, and BAA requirements.

Users must not:

• Upload PHI unless the workflow is approved by WRKROOT and the applicable customer.
• Access PHI unless authorized by the customer and legally permitted.
• Remove PHI from approved customer systems without authorization.
• Copy PHI into support tickets, assessment files, KPI proof, attendance proof, profile fields, or other WRKROOT fields unless expressly approved.
• Use PHI for unauthorized purposes.
• Disclose PHI to unauthorized persons.
• Ignore customer access controls, minimum necessary rules, training, supervision, or security requirements.

Clients are responsible for determining whether HIPAA, a BAA, customer-specific training, access limits, supervision, auditing, or other controls apply. Talent are responsible for following authorized client instructions and applicable healthcare requirements.

12. Enforcement Rights

WRKROOT may enforce this Policy in its sole discretion.

WRKROOT may:

• Monitor platform use and activity.
• Investigate suspected violations.
• Request information, documents, explanations, or verification.
• Remove, restrict, quarantine, preserve, or disable content.
• Lock, suspend, terminate, block, blacklist, or restrict accounts.
• Delist, reject, hide, or remove talent profiles.
• Reject, pause, or terminate client requests, engagements, interviews, contracts, billing workflows, or support workflows.
• Disable features, integrations, uploads, messages, or access.
• Preserve logs, files, communications, billing records, contracts, audit records, and evidence.
• Notify affected clients, talent, users, vendors, payment providers, hosting providers, or other affected parties.
• Cooperate with law enforcement, regulators, courts, payment providers, hosting providers, legal counsel, auditors, insurers, or other authorities.
• Report suspected illegal activity, fraud, security incidents, abuse, or misconduct.
• Seek damages, indemnity, collections, legal fees, injunctive relief, or other remedies.

WRKROOT is not required to provide advance notice before taking enforcement action.

WRKROOT may retain fees already paid where permitted by law and applicable agreements, especially where services have been delivered, platform resources have been used, violations occurred, or WRKROOT incurred costs, risk, damages, or losses.

13. Your Responsibility For Violations

You are responsible for your own actions and omissions and for activity under your account.

If you are a client, you are also responsible for your representatives, authorized users, employees, contractors, agents, systems, data, hiring requests, client-side instructions, and customer-specific compliance obligations.

If you are talent, you are responsible for your profile, credentials, uploaded files, assessment conduct, attendance records, KPI submissions, communications, client system access, work conduct, confidentiality, and compliance with authorized client instructions.

You agree to defend, indemnify, and hold WRKROOT harmless as stated in the Terms of Service for claims, losses, liabilities, costs, damages, penalties, and attorneys' fees arising from your violation of this Policy.

14. Reporting Abuse

To report suspected abuse, fraud, security misuse, impersonation, unlawful content, policy violations, or urgent platform risk, contact:

Abuse: info@wrkroothr.com Support: info@wrkroothr.com Legal: info@wrkroothr.com

Legal notices may also be sent to:

WRKROOT HR SOLUTIONS LLC, 30 N Gould St Ste N, Sheridan, SHERIDAN COUNTY, WY 82801 USA

Please include enough detail for WRKROOT to investigate, such as account names, URLs, dates, screenshots, documents, message IDs, invoice numbers, ticket IDs, or other relevant context.

15. Changes To This Policy

WRKROOT may update this Policy from time to time. The updated version will be indicated by the "Last updated" date above. WRKROOT may provide notice through the website, platform, email, in-app notification, or other reasonable method.

Your continued access to or use of WRKROOT after an updated Policy becomes effective means you accept the updated Policy.