Acceptable Use Policy.
Last updated 20 May 2026
This Acceptable Use Policy ("AUP") forms part of the Terms of Service. It explains how customers and users are expected to use roc.up. Where these rules are breached, we may suspend or terminate access under clause 11 of the Terms.
1. The general rule
Use roc.up to run your NDIS provider business and deliver care. Don't use it to do anything illegal, harmful, deceptive, or that misuses the trust participants and workers place in your provider.
2. What you must not do
2.1 Unlawful or harmful content
- Upload content that breaches Australian law, infringes intellectual-property rights, defames anyone, or constitutes harassment, hate speech, or threats.
- Upload participant information you do not have lawful authority to hold (e.g., without consent from the participant or their nominee).
- Use roc.up to facilitate restrictive practices on participants outside the lawful authorisation framework under the NDIS (Restrictive Practices and Behaviour Support) Rules 2018.
- Falsify records in roc.up — including back-dating shifts that didn't happen, fabricating shift notes, or misrepresenting care that was delivered.
2.2 Service abuse
- Probe, scan, penetration-test, or attack roc.up or its infrastructure without our written permission.
- Attempt to gain unauthorised access to another customer's workspace, or to any account or data not belonging to you.
- Bypass rate limits, plan caps, or usage controls.
- Use the service to send spam, malware, phishing, or other malicious content.
- Scrape, mirror, or reverse-engineer roc.up except as expressly permitted by law.
- Resell, sublicense, white-label, or otherwise commercialise roc.up without our written permission.
2.3 Account security
- Don't share login credentials. Each user who needs access must have their own account.
- Keep passwords confidential. Where multi-factor authentication is offered, use it.
- Tell us promptly at security@caringabode.com.au if you suspect unauthorised access.
2.4 AI feature misuse
- Don't submit content to AI features (Pattern Watch, AI incident drafting) that you are not entitled to share, or that you know would lead the model to produce harmful output.
- Don't represent AI-drafted text as if it were authored independently by a human professional without the appropriate review and sign-off — under clause 8 of the Terms, AI outputs are suggestions you must review before treating as official records.
3. Fair use
Plan tiers carry caps on active participants and active workers. Within those caps:
- Storage, shift-notes, training documents, and inbound emails-to-documents are not metered with per-unit charges.
- We do not impose hard request limits on normal in-application use.
- If automated or non-human-driven traffic from your workspace impairs the service for others, we may apply rate limits or work with you on a fair-use plan.
- API access (when available) may be subject to separate rate limits, documented in the API terms.
4. NDIS provider obligations are yours
roc.up is a tool that supports your compliance obligations as an NDIS provider — it does not discharge them. You remain responsible for:
- Your NDIS registration and compliance with the NDIS Quality and Safeguards Commission Rules.
- Your compliance with the NDIS Code of Conduct.
- Reportable incidents — including initial 24-hour notifications to the Commission where required, regardless of any AI flag or roc.up workflow.
- Obtaining and recording consents from participants (or nominees) before entering their information.
- Worker screening and clearance checks before granting them access to participant data inside roc.up.
- Storing the records that the Commission requires you to keep — roc.up provides export tools, but the duty to retain belongs to you.
5. Consequences of breach
If we reasonably believe a breach of this AUP has occurred, we may:
- Investigate by reviewing relevant account activity and content.
- Ask you to remediate within a defined period.
- Suspend the offending user account or your entire workspace, particularly for ongoing or serious breaches.
- Terminate your account under clause 11 of the Terms of Service.
- Report the matter to law enforcement or to the NDIS Commission where required.
6. Reporting an AUP breach
If you believe another roc.up user is breaching this AUP — for example, accessing your workspace without authorisation, or misusing participant data — please tell us at security@caringabode.com.au with as much detail as you can. We will investigate.
7. Changes to this policy
We may update this AUP from time to time. Material changes are notified to the account holder at least 30 days before they take effect. The current version is always at rocup.com.au/aup.html.
8. Contact
Questions about this AUP — legal@caringabode.com.au