WheraLegal

Acceptable Use Policy (AUP) — Beta

BETA VERSION — This document is provided for use during Whera's private beta testing period. It is substantially complete but has not yet undergone final legal review. This version is not intended for public distribution. A finalized version will be published before public launch.

Effective date: Effective upon acceptance during private beta period Entity: Whera LLC, a Wyoming limited liability company Last updated: 2026-02-07

Relationship to other agreements: This Acceptable Use Policy is incorporated by reference into the Terms of Service (Section 8) and the EULA (Section 3D). Violations of this AUP constitute violations of the Terms of Service and may result in account suspension or termination per ToS Section 15. This AUP provides detailed guidance on prohibited and expected conduct beyond the summary in ToS Section 8.

1. Purpose

Whera is a privacy-first family location sharing app designed to help families stay connected and safe. This Acceptable Use Policy exists to protect our users, maintain trust, and ensure that Whera is never used as a tool for harm.

We take this policy seriously because location data is among the most sensitive categories of personal information. Misuse of location sharing can endanger physical safety, enable abuse, and violate fundamental rights to privacy and autonomy.

2. Scope

This AUP applies to:

  • All users of the Whera mobile application (iOS and Android)
  • All users of the Whera web dashboard (when available)
  • All users of the Whera API (enterprise and developer tiers)
  • All data transmitted through, stored by, or processed by the Whera service
  • All use of Whera's off-grid features, including BLE peer-to-peer, LoRa mesh integrations, and offline modes

This AUP applies regardless of your subscription tier (free, mid, standard, premium, enterprise).

3. Foundational Principle: Informed Consent

Every person whose location is shared through Whera must have given their own informed, voluntary consent.

This is the single most important rule governing Whera's use. It is non-negotiable and applies in all contexts:

  • Every group member must have independently created or confirmed their Whera account
  • Every group member must have independently enabled location sharing for that group
  • Every group member must be able to see who else is in the group and that location sharing is active
  • No person may be added to a location sharing group without their knowledge
  • No person may be coerced, deceived, or manipulated into sharing their location

Exception for minor children: Parents and legal guardians may manage location sharing for their minor children (under 18 or the applicable age of majority). Even in this context, the child's account must be visible to the child (age-appropriate), and the child must be aware that location sharing is active. Covert installation on a minor's device without their knowledge is discouraged and may violate this AUP depending on the circumstances and applicable law.

4. Prohibited Conduct

The following uses of Whera are strictly prohibited. Engaging in any of the following may result in immediate account suspension or termination without a cure period, as described in the Terms of Service, Section 15B.

4A. Non-Consensual Tracking and Surveillance

  • Stalking. Using Whera to track, monitor, or follow any person without their informed, voluntary consent — including a current or former intimate partner, family member, coworker, or stranger
  • Covert installation. Installing Whera on another person's device without their knowledge, or configuring location sharing without the device owner's awareness
  • Consent manipulation. Coercing, deceiving, pressuring, or socially engineering another person into enabling location sharing, joining a group, or granting device permissions. This includes but is not limited to:
    • Threatening consequences for not sharing location ("If you don't share your location, I'll assume you're hiding something")
    • Framing surveillance as a condition of a relationship ("If you love me, you'll share your location")
    • Deceiving a person about who is in a group or what data is being shared
    • Using a person's unlocked device to enable permissions or join groups without their active participation
  • Post-separation surveillance. Continuing to monitor a former partner's location after the end of a relationship, particularly if the person has left the shared group, revoked permissions, or requested that monitoring stop
  • Workplace surveillance. Using Whera to monitor employees outside of working hours, or without clear disclosure and consent. Enterprise customers must comply with Section 7 (Enterprise-Specific Requirements)

4B. Harassment and Abuse

  • Using location data obtained through Whera to harass, threaten, intimidate, or harm any person
  • Appearing uninvited at another person's location based on Whera data with the intent to harass, confront, or intimidate
  • Sharing another person's location data outside of the Whera app (e.g., posting screenshots of someone's location on social media, sharing coordinates with third parties) without that person's explicit consent
  • Using the SOS or crash detection features to generate false emergency alerts, swat, or waste emergency services resources
  • Filing false or malicious abuse reports against other users

4C. Discrimination and Profiling

  • Using Whera data to infer, deduce, or attempt to determine any person's characteristics protected under applicable anti-discrimination laws — including but not limited to race, ethnicity, religion, sexual orientation, gender identity, political affiliation, health status, disability, or immigration status — from their location data, movement patterns, or other information available through the service
  • Using location data to discriminate against any person in employment, housing, credit, insurance, education, or public accommodation
  • Systematically monitoring or profiling individuals or groups based on visits to locations associated with protected characteristics (e.g., religious institutions, medical facilities, political gatherings, LGBTQ+ venues)

4D. Illegal Activity

  • Using Whera to plan, coordinate, or facilitate any criminal activity
  • Using Whera to facilitate human trafficking, smuggling, or exploitation of any kind
  • Using Whera to violate restraining orders, protective orders, or court-ordered no-contact provisions
  • Using location data obtained through Whera in violation of any applicable law, including privacy laws, data protection regulations, and anti-stalking statutes

4E. Service Integrity

  • Attempting to reverse-engineer, decompile, disassemble, or derive the source code of the App (except as permitted by applicable law — see EULA Section 3A)
  • Using automated tools, bots, scripts, or scrapers to interact with the service, extract data, or simulate user activity
  • Circumventing security controls, rate limits, access restrictions, or subscription tier limitations
  • Exploiting bugs, vulnerabilities, or unintended behavior for any purpose other than responsible disclosure to security@whera.app
  • Interfering with the service's infrastructure, performance, or availability
  • Creating multiple accounts to circumvent tier limits, evade suspensions, or manipulate the service
  • Impersonating another person, entity, or Whera employee
  • Transmitting malware, viruses, or other malicious code through the service

4F. Data Misuse

  • Scraping, bulk downloading, or systematically extracting location data or user information from the service
  • Using Whera data to build databases, data sets, or profiles for commercial purposes not authorized by your subscription tier
  • Selling, licensing, renting, or otherwise commercially distributing location data obtained through Whera to any third party
  • Using Whera data to train machine learning models, AI systems, or predictive algorithms without Whera's prior written consent
  • Aggregating location data from multiple Whera users to create movement analyses, foot traffic reports, or similar derivative products
  • Storing or archiving location data obtained through Whera beyond the retention periods established by your subscription tier, unless the data subject has given explicit consent

4G. Off-Grid Feature Misuse

  • Using Whera's LoRa mesh integration (Meshtastic, MeshCore) to transmit content that violates this AUP over radio frequencies
  • Operating LoRa radio hardware in a manner that violates local radio frequency regulations (e.g., FCC Part 15, ETSI EN 300 220)
  • Using Whera's BLE peer-to-peer features to track or locate Whera users who have not consented to peer-to-peer sharing
  • Flooding mesh networks with excessive or malicious traffic that degrades service for other users
  • Using off-grid features to circumvent Whera's online safety and abuse detection mechanisms

5. Expected Conduct

While Whera cannot monitor all user behavior — particularly in Enhanced Privacy mode where data is end-to-end encrypted — we expect all users to:

  • Respect consent. Only share location data with people who have actively and voluntarily consented
  • Respect boundaries. If someone leaves a group, revokes permissions, or asks you to stop monitoring their location, respect that decision immediately
  • Use safety features responsibly. SOS alerts, crash detection, and departure alerts are safety tools — use them for their intended purpose
  • Report misuse. If you believe Whera is being used to stalk, harass, or harm someone, report it through the in-app "Report Abuse" feature or by emailing abuse@whera.app
  • Protect your account. Use strong, unique passwords. Do not share your account credentials. Enable two-factor authentication when available
  • Keep information accurate. Maintain accurate account information and promptly update it if it changes
  • Comply with applicable law. Use Whera in compliance with all laws applicable to your jurisdiction, including privacy, data protection, anti-stalking, and telecommunications regulations

6. Reporting Abuse

6A. How to Report

If you believe Whera is being used in violation of this AUP — particularly for stalking, harassment, non-consensual surveillance, or domestic violence — please report it through any of the following channels:

  • In-app: "Report Abuse" feature (available in group settings and user profiles)
  • Email: abuse@whera.app
  • For immediate safety threats: Contact local law enforcement directly. Whera is not an emergency service.

6B. What Happens When You Report

  1. Acknowledgment. Whera will acknowledge receipt of your report within 2 business days.
  2. Investigation. A member of our Trust & Safety team will review the report and, where possible, investigate the alleged violation. Investigation may include reviewing account activity, group membership changes, and any available metadata (consistent with our Privacy Policy and the limitations of Enhanced Privacy mode).
  3. Action. If the investigation substantiates the report, Whera may take any combination of the following actions:
    • Issue a warning to the reported user
    • Temporarily suspend the reported user's account
    • Permanently terminate the reported user's account
    • Remove the reported user from groups
    • Restrict specific features (e.g., disable ability to create groups, disable invitations)
    • Preserve evidence for law enforcement if requested via valid legal process
  4. Communication. The reporter will be informed of the general outcome of the investigation where practicable, without disclosing specific details about actions taken against the reported user (for privacy and safety reasons).

6C. Limitations in Enhanced Privacy Mode

In Enhanced Privacy mode, location data is end-to-end encrypted and Whera cannot access it. This means:

  • Whera cannot verify the content of location data shared within E2E encrypted groups
  • Abuse investigations in Enhanced Privacy mode are limited to account metadata, group membership records, timestamps, and non-encrypted signals
  • Whera may still take action based on circumstantial evidence, reports from multiple parties, or patterns of behavior visible in metadata

6D. Good-Faith Reporting Protection

Users who report suspected violations of this AUP in good faith are protected from retaliation. See Terms of Service, Section 8 (Good-Faith Reporting Protection) for details.

6E. Cooperation with Law Enforcement

For matters involving criminal conduct — including stalking, domestic violence, human trafficking, or credible threats of violence — Whera will cooperate with law enforcement as described in the Terms of Service, Section 5C-2 (Law Enforcement Cooperation).

7. Enterprise-Specific Requirements

Enterprise customers using Whera for business purposes (fleet tracking, field team coordination, employee safety) are subject to additional requirements:

7A. Employee Consent and Disclosure

  • Enterprise administrators must provide clear, written disclosure to all employees or contractors whose locations will be tracked through Whera
  • Disclosure must include: what data is collected, how it is used, who can view it, retention periods, and how to opt out (where applicable)
  • Employees must provide informed consent to location tracking. Consent must be voluntary — it cannot be a non-negotiable condition of employment unless location tracking is an essential function of the role and is disclosed at the time of hiring
  • Enterprise customers are responsible for ensuring that their use of Whera complies with all applicable employment, labor, and privacy laws in their jurisdiction

7B. Off-Hours Tracking

  • Enterprise accounts must not be used to track employees or contractors outside of working hours unless the employee has explicitly consented to off-hours tracking and the employer has a documented, legitimate business justification (e.g., on-call safety personnel, emergency response teams)
  • Tracking must be limited to the minimum scope necessary for the stated business purpose
  • Employees must have a clear and accessible method to disable tracking outside of working hours

7C. Data Handling Obligations

  • Enterprise customers are responsible for ensuring that location data obtained through Whera is handled in accordance with applicable data protection laws, including GDPR, CCPA/CPRA, and applicable state and local privacy regulations
  • Enterprise customers must not use Whera location data for purposes beyond those disclosed to the tracked individuals
  • Enterprise customers who operate as data controllers (as defined under GDPR) must enter into a Data Processing Agreement with Whera LLC
  • Enterprise customers are responsible for responding to data subject access requests (DSARs) from their employees. Whera will provide reasonable assistance in fulfilling such requests as described in the Data Processing Agreement

7D. Anti-Discrimination

  • Enterprise customers must not use Whera data to make employment decisions (hiring, firing, promotion, discipline) based on inferences drawn from an employee's location data regarding protected characteristics
  • Enterprise customers must have policies in place to prevent discriminatory use of location data and must make these policies available to affected employees upon request

8. Enforcement

8A. Investigation

Whera reserves the right to investigate suspected violations of this AUP. Investigation methods may include:

  • Reviewing account metadata, group membership records, and non-encrypted signals
  • Reviewing reports from other users
  • Cooperating with law enforcement pursuant to valid legal process
  • Analyzing usage patterns that indicate automated or abusive behavior

Whera will not access end-to-end encrypted data for investigation purposes. Enhanced Privacy mode encryption cannot be bypassed by Whera, even during an investigation.

8B. Enforcement Actions

Upon determining that a violation has occurred, Whera may take one or more of the following actions, proportionate to the severity and nature of the violation:

Severity Examples Typical Action
Low Minor acceptable use violation, first offense, no harm to others Warning + education
Medium Repeated minor violations, moderate policy breach, accidental data misuse Temporary suspension (7–30 days) + cure period
High Non-consensual tracking, harassment, data scraping, security circumvention Immediate suspension pending investigation
Critical Stalking, domestic violence facilitation, human trafficking, credible threats of violence Immediate permanent termination + law enforcement referral

8C. Cure Period

For low and medium severity violations, Whera will generally provide a 14-day cure period as described in the Terms of Service, Section 15B. The cure period does not apply to high or critical severity violations, which may result in immediate action without notice.

8D. Appeals

Users who believe enforcement action was taken in error may appeal within 30 days of the action, per the Terms of Service, Section 15B. Appeals are reviewed by Whera's Trust & Safety team, and a final determination will be communicated within a reasonable time.

8E. Repeat Violations

Users with a pattern of violations — even if each individual violation is low or medium severity — may be subject to escalated enforcement action, up to and including permanent termination.

9. Domestic Violence and Abuse Resources

Whera recognizes that location sharing technology can be misused as a tool of domestic violence, intimate partner abuse, and coercive control. If you or someone you know is experiencing abuse — including technology-facilitated abuse involving location tracking — the following resources may help:

If you believe Whera is being used to track you without your consent, you may:

  1. Disable location sharing immediately in the app (Settings > Privacy > Location Sharing)
  2. Leave all groups where you suspect unauthorized monitoring
  3. Delete your account if you believe your account has been compromised
  4. Report the abuse to abuse@whera.app
  5. Contact law enforcement if you are in immediate danger

Whera will prioritize abuse reports involving domestic violence, intimate partner surveillance, and coercive control, and will cooperate with law enforcement and victim advocacy organizations as appropriate.

10. Changes to This Policy

Whera may update this AUP from time to time. Changes are communicated through the same mechanisms described in the Terms of Service, Section 1 (Acceptance of Terms). Material changes will be communicated with at least 30 days' advance notice via in-app notification and/or email.

11. Contact