📣 Press Release: Exelon Presents on Finance Transformation Success with PowerPlan and Deloitte

📣 PowerPlan NXT is Live: A New Era for Tax and Accounting

📣 Join Us at ELEVATE 2026: Network, Learn, and Reconnect with Industry Colleagues

Book a Demo

Legal / Acceptable Use Policy

Table of Contents

  1. Definitions
  2. Your Responsibilities
  3. Prohibited Data and Activities

Summary of Changes

  1. Acceptable Use Policy – What’s Changed

Acceptable Use Policy

July 1, 2026 (previous versions available in Archives)

PowerPlan’s Acceptable Use Policy (the “Policy”) is designed to provide Clients and their Authorized Users subscribed to either PowerPlan’s SaaS, Cloud Services, or Subscription Services guidance on the appropriate uses of PowerPlan’s Software and Platform. The consistent adherence to the guidelines provided in this Policy works in conjunction with PowerPlan’s obligations in PowerPlan’s Security Policy to enable PowerPlan to  provide an environment designed to be safe and secure for all clients subscribed to PowerPlan’s SaaS, Cloud Services, or Subscription Services.

All references to “you” or “your” refer to PowerPlan clients who are accessing or using Software pursuant to an active subscription for SaaS, Cloud Services, or Subscription Services.

This Policy works in conjunction with the SaaS Standard Terms and Conditions, the API Terms of Use, the AI Addendum (when AI Features are enabled), the Security Policy, and any other documents incorporated by reference in your agreement with PowerPlan. In the event of a conflict between this Policy and any such document, the order of precedence set forth in your agreement with PowerPlan will apply.

To align with current industry standards and to align known and emerging risks, PowerPlan may update this Policy from time to time. The most current version available at https://powerplan.com/legal will apply upon next renewal to your subscription for SaaS, Cloud Services, or Subscription Services, as applicable. PowerPlan will provide a mechanism to obtain notice of updates, and You should check regularly for updates.

1. Definitions

  1. Authorized User means a named individual authorized by you to use the Software, who has been supplied with user credentials for the Software by you or by PowerPlan at your request (thus, counting against the maximum number of named users allotted in an applicable Order Form).
  2. Cloud Services means the services provided by PowerPlan to make the Software available remotely over the Internet during the Cloud Term.
  3. Hosted Data means the data that an Authorized User loads into the Software or processes or stores using the Software.
  4. Maintenance Policy refers to the applicable maintenance and support guidelines based on the PowerPlan offering procured by Client and currently posted at https://powerplan.com/legal.
  5. Maintenance Services means the support and maintenance services provided by PowerPlan per the applicable agreement between you and PowerPlan, per the Maintenance Policy.
  6. Multi-Instance refers to the Solution Platform which provides a unique database per client with a shared application instance.
  7. Multi-Tenant refers to the Solution Platform which provides a shared database and application instance.
  8. Platform means the information technology infrastructure, including computers, servers, hardware, databases, database management systems, networks, communications infrastructure, devices, websites, and third-party software used by PowerPlan to provide access to the Software pursuant to a subscription for SaaS, Cloud Services, or Subscription Services, as applicable.
  9. SaaS means Software as a Service and includes the Software, Platform, applicable documentation, and associated Maintenance Services, as indicated in the applicable agreement between you and PowerPlan.
  10. Single-Tenant refers to the Solution Platform which provides a unique database and unique application instance per client.
  11. Software means the object code version of the software module(s) identified on the Order Form, including all Modifications thereto.
  12. Solution Platform refers to the method in which a Software module is structured and operationally controlled within the hosted environment.
  13. Subscription Services means the (i) services that allow Client to access and use the Software only remotely over the Internet during the Subscription Term, and (ii) Maintenance Services; it does not include a license grant.

2. Your Responsibilities

Technical Requirements.

  • You are responsible for maintaining virus protection and reasonable security measures in place for your own workstations and all your host systems that are networked to those workstations.
  • You must use an internet browser that meets the requirements as published by PowerPlan in the Documentation.
  • You are responsible for configuration of your corporate internet firewall to allow all necessary ports to be used.
  • For purposes of clarity, any technical issues with access or use of the Software will be addressed in accordance with PowerPlan’s Maintenance Services, as applicable.

Data Security.

To enhance data security:

  • You are expected to use discretion in granting administrator privileges to any Authorized Users. You are solely responsible for granting appropriate administrator privileges to the appropriate Authorized Users, recognizing that Authorized Users with administrator privileges will have broad rights to configure and manage access and use rights of other Authorized Users.
  • Access and use of the Software by your Authorized Users is only permitted through the front-end user interface using valid access credentials, including passwords. Backend access to the Platform is strictly prohibited. Client is responsible for maintaining the confidentiality of its passwords and Authorized Users may not share their login identifier or password with other Authorized Users or third parties. You are fully liable for all use of the Software using access credentials issued to or created by your Authorized Users, including any use by a user you did not authorize who accesses the Software using your access credentials. PowerPlan may terminate access credentials and require new access credentials if it believes that the access credential is being used without authorization or contrary to the terms of this Agreement or any Order Form. You agree to promptly notify PowerPlan of any unauthorized use of your access credentials or other breach of security of which you become aware within twenty-four (24) hours.
  • PowerPlan implements a layered set of technical and operational security measures to protect the Software, Platform, and Hosted Data, including identity and access management (IAM), multi-factor authentication (MFA), encryption in transit and at rest, rate limiting and API throttling, web application firewall (WAF) protections, geo-fencing, network segmentation, monitoring and logging, and anomaly and intrusion detection. The specific measures applicable to your environment are described in the Security Policy. You agree not to bypass, breach, evade, circumvent, or attempt to bypass, breach, evade, or circumvent any such security measure, whether technical, administrative, or contractual. PowerPlan may modify, add, or update its security measures from time to time consistent with industry practice.

Data Modification.

  • For Single-Tenant Solution Platforms, you are responsible for testing, validating, and approving in writing any changes which may affect the Software’s processing of your Hosted Data (including any Updates or Upgrades of the Software as defined by the Maintenance Policy) prior to such changes being implemented into your cloud production environment. Additional details on Change Management processes are provided in the Security Policy.
  • For Multi-Instance and Multi-Tenant Solution Platforms, you are responsible for testing, validating, and approving in writing any changes to data which may affect the Software’s processing of your Hosted Data (excluding any Release adoptions as defined by the Maintenance Policy since these updates will be tested by PowerPlan) prior to such changes being implemented into your PowerPlan-hosted production environment. More details on Change Management processes are provided in the Security Policy.

    3. Prohibited Data and Activities

    Prohibited Data.

    • The Software is not designed to collect, host, store, or process:
      • critical energy infrastructure information (“CEII”) subject to the Federal Power Act*
      • sensitive personal information, sensitive data, sensitive information, sensitive personal data, or special categories of personal data as those terms are defined by laws including, but not limited to: the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Delaware Personal Data Privacy Act (DPDPA), the Indiana Consumer Data Protection Act (INCDPA), the Iowa Consumer Data Protection Act (IACDPA), the Kentucky Consumer Data Protection Act (KCDPA), the Maryland Online Data Privacy Act (MODPA), the Minnesota Consumer Data Privacy Act (MNCDPA), the Montana Consumer Data Privacy Act (MTCDPA), the Nebraska Data Privacy Act (NDPA), the New Hampshire Privacy Act (NHPA), the New Jersey Data Protection Act (NJDPA), the Oregon Consumer Privacy Act (OCPA), the Rhode Island Data Transparency and Privacy Protection Act (RIDTPPA), the Tennessee Information Protection Act (TIPA), the Texas Data Privacy and Security Act (TDPSA), the Utah Consumer Privacy Act (UCPA), the Virginia Consumer Data Protection Act (VCDPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR), or the Privacy Act of Australia
      • protected health information subject to the Health Insurance Portability and Accountability Act (HIPAA)
      • information about children under the age of 16 subject to the Children’s Online Privacy Protection Act (COPPA) or similar laws
      • payment card data subject to PCI-DSS
      • ITAR-regulated data subject to International Traffic in Arms Regulations (22 CFR 120)
      • nonpublic personal information subject to the Gramm-Leach-Bliley Act (GLBA)
      • customer proprietary network information subject to the Communications Act (47 U.S. Code § 222) and implementing rules (47 CFR § 64.2001 et seq)

    You should not enter any such information or data in any free text fields of the Software, and you are solely responsible if you input any such information or data in or through the Software or Platform.

    • You may not submit, or permit your Affiliates or Authorized Users to submit, to the Software or Platform any Hosted Data that includes information or data described above or is illegal, misleading, defamatory, indecent, obscene, in poor taste, threatening, infringing of any third-party proprietary rights, invasive of personal privacy, or otherwise objectionable (collectively, “Prohibited Data”). You are solely responsible for all Hosted Data submitted to the Software and Platform by all Authorized Users.
    • You acknowledge that PowerPlan has no control over Hosted Data and does not purport to monitor the Hosted Data. However, PowerPlan reserves the right to remove Hosted Data from the Software or Platform where it reasonably suspects such Hosted Data is Prohibited Data or otherwise violates the provisions of the Agreement or this Policy. PowerPlan will notify you if it becomes aware of any allegation that Hosted Data may be Prohibited Data or otherwise violates the provisions of the Agreement or this Policy.

    *Certain PowerPlan Software modules contemplate inclusion of mailing addresses and/or physical addresses of critical infrastructure within the Hosted Data; however, FERC Order 630, issued on February 21, 2003, and FERC Order 683, issued on September 21, 2008, state that location information which simply identifies the location of the infrastructure is excluded from the definition of CEII.

    Use Limitations and Restrictions.

    You are not permitted to, and will not permit your Affiliates, Authorized Users, or any other person to, access or use the Software except as expressly permitted under the applicable agreement between you and PowerPlan. Without limiting the generality of the foregoing, you and your Affiliates and Authorized Users are prohibited from:

    • bypassing, breaching, evading, circumventing, or attempting to bypass, breach, evade, or circumvent any security, authentication, access control, rate limiting, monitoring, audit, or usage restriction (whether technical, administrative, or contractual) used by the Software orPlatform, or accessing or using the Software other than through the front-end user interface (or, for APIs, through authorized API calls in accordance with the API Terms of Use) by an Authorized User using their own then-valid access credentials; or creating or using any false, misleading, or pretext identity, account, or entity, or using credentials issued to another person or entity, to access the Software or Platform;
    • using any bot, scraper, crawler, spider, browser automation tool, robotic process automation, AI agent, headless browser, or other automated means to access, traverse, extract data from, or perform the actions of an Authorized User within the Software, Platform, or Documentation, other than the APIs accessed in accordance with the API Terms of Use, in each case without PowerPlan’s prior written consent; or combining any Hosted Data, Content, or PowerPlan Confidential Information with data obtained through scraping, crawling, or other unauthorized access methods;
    • reverse engineering, decompiling, disassembling, or otherwise analyzing (including by means of any artificial intelligence system or other automated tool used to monitor, observe, test, or analyze the inputs and outputs of the Software, APIs, or Platform) for the purpose of extracting, mirroring, replicating, or reconstructing the functionality, algorithms, data models, schemas, or business logic of the Software, APIs, or Platform;
    • using the Software, Platform, Documentation, Hosted Data, or any data, metadata, output, analytic, or result derived from or generated through use of the foregoing to train, fine-tune, validate, benchmark, or otherwise develop or improve any machine learning model, artificial intelligence system, large language model, or automated decision-making tool, or to develop, create, or enhance any product, service, database, or model that is functionally equivalent to, or a substitute for, any PowerPlan offering. Use of AI Features (as defined in the SaaS Standard Terms) is additionally governed by the AI Addendum;
    • inputting, uploading, transmitting or otherwise providing to or through the Software or Platform any information or materials that are unlawful or injurious, or contain, transmit or activate any virus or malicious code;
    • damaging, destroying, disrupting, disabling, impairing, interfering with or otherwise impeding or harming in any manner the Software or Platform, or PowerPlan’s provision of services to any third party, in whole or in part, including the cloud infrastructure that PowerPlan uses to deliver such services;
    • removing, deleting, altering, or obscuring any trademarks, documentation, warranties or disclaimers, or any copyright, trademark, patent or other intellectual property or proprietary rights notices from the Software or Documentation;
    • accessing or using the Software, Documentation, Deliverables, Services, or Platform in any manner or for any purpose that infringes, misappropriates, or otherwise violates any Intellectual Property Rights or other right of any third party, or that violates any applicable Law; or
    • accessing or using the Software, Documentation, Deliverables, or Services, or any data or metadata obtained through or derived from the foregoing, for purposes of competitive analysis, the development, provision, or use of a substitutable software service or product, or any other purpose that is to PowerPlan’s detriment or commercial disadvantage.

    In the event you discover a violation of this Policy, you will be responsible for, and directing your Affiliates and Authorized Users to, immediately: (a) take all reasonable and lawful measures within their respective control that are necessary to stop the activity or threatened activity and to mitigate its effects (including, where applicable, by discontinuing and preventing any unauthorized access to the Software or Platform and permanently erasing from their systems and destroying any data to which any of them have gained unauthorized access); (b) notify PowerPlan of any such actual or threatened activity within twenty-four (24) hours; and (c) reasonably cooperate with PowerPlan in investigating and remediating the violation, including by providing logs, system records, and other information reasonably requested by PowerPlan.