WP Media Locker
Effective date: 16 June 2026
Last updated: 16 June 2026
This Acceptable Use Policy (“AUP” or “Policy”) describes what you may and may not do when using WP Media Locker (the “Service”). It is part of, and incorporated into, our Terms of Service. By using the Service you agree to follow this Policy.
In this Policy:
- “We,” “us,” and “our” mean the sole proprietor trading as “WP Media Locker,” based in Japan, who operates the Service.
- “You,” “your,” and “Customer” mean the person or organisation that subscribes to or uses the Service.
- “Content” means any files, media, data, or other materials that you store, upload, transmit, or serve through the Service.
If anything in this Policy conflicts with the Terms of Service, the Terms of Service control, except where this Policy is more specific.
1. Purpose and scope
WP Media Locker is a WordPress plugin plus cloud API that offloads your WordPress site’s media files to cloud storage (Cloudflare R2) and serves them over a CDN.
The Service is intended for storing and serving the media of your own WordPress site(s) — for example, the images, documents, audio, and video that you upload to your WordPress Media Library. It is not a general-purpose public file-sharing, file-hosting, backup-dumping, or content-distribution service.
This Policy applies to:
- All use of the Service, by you and by anyone you allow to use your account; and
- All Content you store, upload, transmit, or serve through the Service.
You are responsible for all Content and all activity under your account, including the activity of your site’s users and anyone you give access to.
2. Prohibited content
You must not use the Service to store, upload, transmit, serve, link to, or distribute any of the following:
2.1 Illegal content
Content that is illegal, or that promotes or facilitates illegal activity, under the laws that apply to you, to us (Japan), or to the jurisdictions where the Content is stored or served.
2.2 Child sexual abuse material (CSAM) — zero tolerance
Content that sexually exploits or abuses minors, including child sexual abuse material (CSAM) in any form. We have zero tolerance for this. Where we become aware of such content, we will remove it, preserve relevant records as required by law, terminate the account, and report it to the National Center for Missing & Exploited Children (NCMEC) via the CyberTipline at report.cybertip.org [lawyer to confirm any Japanese reporting obligation]. We may do this with or without notice to you.
2.3 Infringing content (copyright, trademark, and other IP)
Content that infringes the copyright, trademark, patent, trade secret, or other intellectual property or proprietary rights of any person.
Copyright complaints and takedown requests are handled under our separate DMCA / Copyright Policy, which also describes our repeat-infringer (three-strike) policy. See Section 4.4 below.
2.4 Malware and malicious code
Viruses, worms, trojans, ransomware, spyware, or any other malicious code, and content designed to damage, disrupt, gain unauthorised access to, or interfere with any system, network, data, or device.
2.5 Fraud, phishing, and deception
Content used for fraud, phishing, identity theft, scams, or to deceive or mislead others — including fake login pages, spoofed brands, and content designed to harvest credentials or payment details.
2.6 Content facilitating illegal activity
Content that facilitates, instructs, or encourages others to commit crimes or cause serious harm.
2.7 Adult / sexually explicit content
Prohibited. Adult, sexually explicit, or pornographic content is not permitted on the Service.
2.8 Hate speech, violence, and terrorism
Content that promotes or incites hatred, discrimination, or violence against people based on protected characteristics, or that promotes, supports, or glorifies terrorism or violent extremism.
2.9 Violations of others’ privacy
Content that violates another person’s privacy rights, including publishing someone’s private or personal information without authorisation (“doxxing”), or unlawfully collected personal data.
3. Prohibited uses and conduct
Even where Content itself is lawful, you must not use the Service in the following ways:
3.1 General public file-sharing / hosting
Using the Service as a general public file-sharing, file-hosting, file-locker, or content-distribution platform beyond the normal media delivery of your own WordPress site(s). The Service is for your site’s media, not for hosting arbitrary downloads for the public.
3.2 Hotlinking abuse and CDN leeching
Using the Service’s storage or CDN to serve media for sites, applications, or services that are not your own WordPress site(s), or otherwise using our bandwidth and CDN as a free backend for third parties (“CDN leeching”). Normal media delivery for your own WordPress site(s) is fine.
3.3 Reselling or sublicensing
Reselling, sublicensing, renting, or otherwise making the Service’s storage, bandwidth, or capabilities available to third parties as if they were your own service, except as expressly permitted in the Terms of Service.
3.4 Circumventing limits or billing
Circumventing, or attempting to circumvent, storage quotas, rate limits, file-size limits, account boundaries, or billing — for example by splitting usage across accounts, falsifying usage, or manipulating the API to avoid charges.
3.5 Excessive or abusive consumption
Consuming resources in a way that is excessive or abusive, or that threatens the stability, performance, security, or availability of the Service or the experience of other customers — including sustained traffic patterns far outside normal WordPress media delivery.
3.6 Security violations
- Accessing, or attempting to access, any account, system, data, or part of the Service that you are not authorised to access.
- Probing, scanning, or testing the vulnerability of the Service, or breaching or circumventing any security or authentication measure.
- Interfering with, disrupting, or overloading the Service or its infrastructure (for example, denial-of-service activity).
- Forging headers or otherwise manipulating identifiers to disguise the origin of any Content or request.
3.7 Spam
Using the Service to send, store, or support spam, or unsolicited bulk or commercial messages, or to host content that supports such activity.
3.8 Automated abuse
Using bots, scripts, scrapers, or other automated means to abuse the Service, evade limits, or carry out any of the prohibited conduct above. Normal, documented use of our API for legitimate WordPress media offloading is permitted.
4. Enforcement and consequences
4.1 We may review, but are not obligated to
We do not routinely monitor or pre-screen Content, and we are not obligated to do so. However, we may review, investigate, and monitor Content and usage — for example in response to an abuse report, a legal request, a security or stability concern, or signs of a violation.
4.2 Actions we may take
If we believe, in our reasonable judgment, that you have violated this Policy (or the Terms of Service), we may take any action we consider appropriate, including:
- Removing, disabling, or restricting access to some or all Content;
- Throttling, suspending, or limiting your account or specific features;
- Terminating your account and subscription; and/or
- Taking any other steps reasonably necessary to protect the Service, our customers, third parties, or us.
4.3 Notice
Whether we give you notice before or after taking action depends on the severity and nature of the violation. For serious, illegal, or urgent violations (for example, CSAM, active security attacks, or content that creates legal risk or harms others), we may act immediately and without prior notice. For less severe issues, we will generally try to notify you and give you an opportunity to fix the problem, but we are not required to.
4.4 Reporting to authorities; repeat infringers
- Serious or illegal violations may be reported to law enforcement or other appropriate authorities, and we may preserve and disclose information as required or permitted by law. CSAM is always reported as described in Section 2.2.
- Copyright infringement is handled under our separate DMCA / Copyright Policy, including our repeat-infringer (three-strike) policy. Accounts that accumulate repeat infringement notices under that policy may be terminated. This AUP and the DMCA / Copyright Policy work together.
4.5 No refunds for violations
Suspension or termination for a violation of this Policy does not entitle you to a refund, except as required by law or as stated in the Terms of Service. You remain responsible for any charges incurred before suspension or termination.
5. Reporting abuse
If you believe Content or activity on the Service violates this Policy, please report it to us:
- Email: [email protected]
- For copyright / DMCA complaints: use [email protected] and follow our separate DMCA / Copyright Policy (this address and process are required for copyright takedowns).
To help us act quickly, please include where possible:
- The URL(s) or media link(s) of the Content in question;
- A description of the problem and which part of this Policy you believe it violates;
- Any evidence (for example, screenshots) that supports your report; and
- Your name and contact details so we can follow up if needed.
We review abuse reports and take the action we consider appropriate. We may not be able to update you on the outcome of every report.
6. Changes to this Policy
We may update this Policy from time to time — for example, to reflect changes in the Service, in the law, or in the kinds of abuse we see. When we make material changes, we will update the “Last updated” date above and, where appropriate, take reasonable steps to notify you (for example, by email or a notice on our website or dashboard). Your continued use of the Service after a change takes effect means you accept the updated Policy. If you do not agree, you must stop using the Service.