68 lines
2.7 KiB
Markdown
Executable File
68 lines
2.7 KiB
Markdown
Executable File
# Legal FAQ — Free-Tier Quota & BUSL-1.1 Additional Use Grant
|
|
|
|
> **Operational behaviour (limits, counters, delays) is documented in**
|
|
> [`30_QUOTA_ENFORCEMENT_FLOW1.md`](30_QUOTA_ENFORCEMENT_FLOW1.md).
|
|
> This page covers only the legal aspects of offering Stella Ops as a
|
|
> service or embedding it into another product while the free-tier limits are
|
|
> in place.
|
|
|
|
---
|
|
|
|
## 1 ? Does enforcing a quota violate BUSL-1.1?
|
|
|
|
**No.**
|
|
BUSL-1.1 permits usage controls and requires production use to remain within the
|
|
Additional Use Grant (3 environments, 999 new hash scans per 24 hours, and no
|
|
SaaS/hosted third-party service). Quota enforcement documents compliance.
|
|
|
|
The Stella Ops quota:
|
|
|
|
* Is enforced **solely at the service layer** (Valkey counters, Redis-compatible).
|
|
* Never disables functionality; it introduces *time delays* only after the
|
|
free allocation is exhausted.
|
|
* Can be bypassed by rebuilding from source, but production use outside the
|
|
Additional Use Grant requires a commercial license.
|
|
|
|
## 2 ? Can I redistribute Stella Ops with the quota removed?
|
|
|
|
Yes, provided you:
|
|
|
|
1. **Include the LICENSE and NOTICE files** with your distribution, and
|
|
2. **Mark modified files** with prominent change notices.
|
|
|
|
Recipients are still bound by BUSL-1.1 and the Additional Use Grant; production
|
|
use outside the grant requires a commercial license.
|
|
|
|
## 3 ? Embedding in a proprietary appliance
|
|
|
|
You may ship Stella Ops inside a hardware or virtual appliance under BUSL-1.1.
|
|
You must include LICENSE and NOTICE and preserve attribution notices. Production
|
|
use must remain within the Additional Use Grant unless a commercial license is
|
|
obtained. Proprietary integration code does not have to be disclosed.
|
|
|
|
## 4 ? SaaS redistribution
|
|
|
|
The BUSL-1.1 Additional Use Grant prohibits providing Stella Ops as a hosted or
|
|
managed service to third parties. SaaS/hosted use requires a commercial license.
|
|
|
|
## 5 · Is e-mail collection for the JWT legal?
|
|
|
|
* **Purpose limitation (GDPR Art. 5-1 b):** address is used only to deliver the
|
|
JWT or optional release notes.
|
|
* **Data minimisation (Art. 5-1 c):** no name, IP or marketing preferences are
|
|
required; a blank e-mail body suffices.
|
|
* **Storage limitation (Art. 5-1 e):** addresses are deleted or hashed after
|
|
<= 7 days unless the sender opts into updates.
|
|
|
|
Hence the token workflow adheres to GDPR principles.
|
|
|
|
---
|
|
|
|
## 6 · Change-log
|
|
|
|
| Version | Date | Notes |
|
|
|---------|------|-------|
|
|
| **3.0** | 2026-01-20 | Updated for BUSL-1.1 Additional Use Grant. |
|
|
| **2.1** | 2026-01-20 | Updated for Apache-2.0 licensing (superseded by BUSL-1.1 in v3.0). |
|
|
| **2.0** | 2025-07-16 | Removed runtime quota details; linked to new authoritative overview. |
|
|
| 1.0 | 2024-12-20 | Initial legal FAQ. | |