Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.spitshake.io/llms.txt

Use this file to discover all available pages before exploring further.

Draft pending counsel review. Not legal advice. Do not rely on as a final policy until this banner is removed.
This Acceptable Use Policy (“AUP”) applies to everyone who uses SpitShake — Tenants (the organizations that subscribe), Tenant Authorized Users (individual users within a Tenant), and Signers (individuals invited by a Tenant to execute a document). It is referenced by our Terms of Service § 2 and forms part of your agreement with us.

Prohibited uses

You may not use SpitShake:

Content + legality

  • To transmit content that is unlawful, defamatory, obscene, harassing, or that infringes anyone’s intellectual property, privacy, or publicity rights.
  • To send documents that contain malware, ransomware, or other harmful code.
  • To send documents in connection with illegal gambling, prohibited controlled substances, human trafficking, child exploitation, or other conduct that is illegal in any jurisdiction where the document will be delivered or executed.

PHI (protected health information)

  • To upload, transmit, or store Protected Health Information (PHI) as defined under HIPAA unless a Business Associate Agreement is already in force between you and us. PHI upload without a BAA is a material breach of this AUP and we may suspend the Tenant immediately. See our BAA page.

Identity-bound signing

  • To issue identity-handoff JWT tokens from a signing key that has been compromised or may have been compromised. If a key is or might be compromised, rotate it immediately via the handoff-secret rotation endpoint and notify us.
  • To present false “verified_name” claims in identity-handoff tokens — that is, to assert an identity verification that did not occur or that was materially different from what is represented.
  • To use identity-bound signing links for phishing, spear-phishing, or any social-engineering attack.

Abuse + integrity

  • To attempt to access accounts, data, or systems you are not authorized to access.
  • To probe, scan, or test the vulnerability of the system without advance written authorization.
  • To circumvent rate limits, seat counts, tier limits, or technical protections.
  • To resell, sublicense, or provide white-label access to the service to third parties without a written agreement permitting it.

Sanctions + export

  • To use the service for the benefit of any person on a U.S. government sanctions list (OFAC SDN, NS-PLC, or equivalent), or in a jurisdiction subject to comprehensive U.S. embargoes.
  • To re-export the service in violation of U.S. Export Administration Regulations.

Document types not suitable for SpitShake

Federal and state law exclude certain record types from electronic-signature enforceability, or require a higher signature tier (like eIDAS Qualified Electronic Signature) that our current product does not issue. You must not use SpitShake for the following record types — use wet-ink signature or a qualified signature service instead:

United States

  • Wills, codicils, and testamentary trusts (ESIGN Act § 103(a)(1))
  • Adoption, divorce, and other family-law court orders
  • Notices of the cancellation or termination of utility services
  • Notices of default, acceleration, repossession, foreclosure, eviction, or the right to cure
  • Notices of the cancellation or termination of health insurance or life insurance benefits
  • Product recall notices that affect health or safety
  • Documents required to accompany the transportation of hazardous materials
  • Documents governed by Uniform Commercial Code Articles 3, 4, or 4A (with narrow exceptions — consult counsel)

United Kingdom

  • Deeds requiring a witnessed signature under the Law of Property (Miscellaneous Provisions) Act 1989.

European Union

  • Documents that EU Member State law requires to be signed with a Qualified Electronic Signature under eIDAS — for example, Italian notarized instruments or certain Member-State employment contracts. If in doubt, consult local counsel or use a Qualified Trust Service Provider directly.

How to report abuse

Email abuse@spitshake.io with details. We will acknowledge within a reasonable period, investigate, and take appropriate action — which may include warning the sender, suspending the Tenant, and in severe cases terminating the account.

How we respond to AUP violations

Depending on severity and history, our response may be:
  • Warning — written notice to the Tenant admin requiring remediation within a stated window.
  • Suspension — temporary block on the ability to send new documents; signed documents remain executable.
  • Termination — full account closure per the Terms of Service termination section, with a 60-day data-export window.
Severe violations — PHI upload without BAA, active phishing campaigns, illegal content — may trigger immediate suspension without the warning stage.
Service provided by IVERIFI, LLC d/b/a SpitShake (a Connecticut limited liability company wholly owned by ADS CORP). Last updated: 2026-04-19.