Terms of Service

These draft Terms describe the rules for accessing or using wrxstack. By creating an account, accessing admin tools, publishing a portfolio, or using a connected custom domain, a user agrees to follow the final approved Terms.

This draft is provided for launch review and should not be treated as the final binding agreement until it is approved and published.

Users are responsible for keeping account credentials secure and for the activity that occurs under their accounts. The service supports tenant roles such as owner, editor, and viewer, and certain actions are restricted by role.

• Use accurate account information and a reachable email address.
• Do not share passkeys, passwords, magic links, reset links, or active sessions.
• Tenant owners are responsible for inviting, removing, and supervising members with access to their portfolio.

Users keep ownership of the content they submit or publish. Users grant wrxstack the permissions needed to host, process, display, cache, export, and deliver that content as part of the service.

Users are responsible for ensuring they have the rights and permissions needed to publish names, logos, testimonials, case studies, media, metrics, client references, links, and work examples.

• Do not publish confidential employer, customer, financial, or security-sensitive material without permission.
• Do not upload content that infringes another person or company rights.
• Public portfolio content may be visible to search engines, archive services, viewers, and other third parties.

AI generation can help users create a starting draft from resumes, profile notes, or other source material. Users are responsible for reviewing, editing, and approving any generated output before publishing.

• Generated text may be incomplete, inaccurate, repetitive, or unsuitable for a particular audience.
• Users should verify dates, names, claims, metrics, and permissions before publishing.
• The service may enforce usage limits, retry policies, and cost controls for AI generation.

Users may not misuse the service, interfere with platform operation, or use the service to harm others.

• No malware, phishing, spam, credential harvesting, impersonation, harassment, or unlawful content.
• No attempts to bypass authentication, authorization, quotas, rate limits, tenant isolation, Caddy ASK checks, or super-admin safeguards.
• No scraping, load testing, vulnerability scanning, or automated abuse without written permission.
• No publication of secrets, private keys, access tokens, unredacted personal data, or non-public regulated information without appropriate rights.

Users may connect domains they own or control. The service may require DNS proof, Caddy ASK approval, TLS issuance, and ongoing verification before a domain is treated as active.

• Users are responsible for registrar fees, DNS changes, renewals, conflicts, and third-party forwarding rules.
• The service may suspend or remove a custom domain if ownership, routing, TLS, security, or abuse checks fail.
• A domain connection does not transfer ownership of the domain to wrxstack (the company operating Folio).

The service is built with monitoring, status reporting, health checks, and incident response, but no online service can guarantee uninterrupted availability.

• Features may change during launch and pre-launch hardening.
• Maintenance, dependency outages, provider limits, DNS propagation, browser differences, or security incidents may affect access.
• The public status page and help center are the preferred locations for broad operational notices.

MVP launch limits include storage, upload, custom-domain, AI-generation, PDF-export, and request-rate quotas. Paid plans may be added later and should be described before charges begin.

• The service may enforce technical limits to protect reliability and cost.
• Enterprise terms, billing terms, and DPA terms should be reviewed before paid enterprise use.

The platform may use logs, audit events, rate limits, anomaly detection, passkey lockout, IP allowlists, alerting, and administrative controls to protect users and the service.

• We may suspend access, remove content, block domains, revoke sessions, or preserve evidence when needed to investigate abuse, security issues, or policy violations.
• Super-admin actions are intended to be audited and restricted by elevated session controls.

Users may stop using the service or request account deletion. The platform may suspend or terminate access for legal, security, non-payment, abuse, or operational reasons.

• Published pages may stop serving when a tenant is suspended, deleted, or pending deletion.
• Some audit, security, backup, and legal records may remain after termination as described in the Privacy Policy.

The service is provided as a software platform for portfolio creation and publishing. It is not legal, hiring, financial, investment, tax, or career advice.

Users are responsible for validating portfolio claims, AI-generated drafts, public links, export artifacts, and custom-domain readiness before relying on them.

The final Terms should include counsel-approved limitations of liability, warranty disclaimers, indemnity, dispute resolution, governing law, and consumer-protection exceptions. This draft intentionally leaves those high-risk clauses for final legal review.

Questions, abuse reports, security concerns, or legal-signoff comments should be sent to contactmdfarhankhan@gmail.com. Include the relevant account email, tenant slug, custom domain, request ID, or public URL when available.