Fair Use and Usage Policy
Effective February 2026 · Applies to all DigitalStakeout XTI subscriptions
Why This Policy Exists
DigitalStakeout XTI is a shared platform. Every feed, parameter, and event you configure consumes compute, storage, and collection resources that affect the experience for all customers. This policy exists to keep the platform fast, reliable, and fairly priced — not to nickel-and-dime you.
If you’re using XTI the way it’s designed to be used — focused feeds, well-scoped parameters, and monitoring aligned to your subscription tier — you’ll never run into these limits. This policy addresses the edge cases where configurations drift outside of what a subscription tier is built to support.
How Your Subscription Works
Every XTI subscription includes two things:
A monthly event allowance — the volume of content the platform will collect, process, and deliver to you each month.
An object capacity — the number of distinct things you can monitor, scaled to your subscription tier.
Object capacity increases with your plan, and higher tiers receive proportionally more capacity per event. This rewards customers who grow with the platform and reflects the operational efficiency of monitoring at scale.
| Plan | Entities | Mentions/mo | Object Capacity | Avg. Params/Entity |
|---|---|---|---|---|
| XTI 20 Starter | 20 | 100K | 100 | ~5 |
| XTI 50 Professional | 50 | 250K | 312 | ~6 |
| XTI 100 Business | 100 | 500K | 750 | ~7 |
| XTI 200 Enterprise | 200 | 1.25M | 2,187 | ~10 |
The “Avg. Parameters per Entity” column is illustrative, not a per-feed cap. You can distribute parameters across feeds however you choose. Individual feeds support up to 50 parameters, but in practice there are diminishing returns well before that limit. Feeds with excessive parameters tend to produce lower-quality results and are often a sign of misconfigured collection scope. When we see this pattern, we’ll work with you to optimize your collection plan — not to restrict you, but because tighter feeds deliver better intelligence.
If you need more objects, you need a larger plan. Object capacity is not a separate limit you can negotiate within a tier.
What Counts as an Object
An object is any distinct thing you’re asking the platform to monitor:
People
Names, aliases, handles, and associated identifiers
Organizations
Companies, agencies, institutions, and variants
Brands & Products
Brand names, tickers, product names, domains
Locations
Facilities, addresses, geographic points of interest
Credentials
Emails, domains, or IDs monitored for exposure
Topics
Keyword-based monitoring subjects
Objects are counted across all of your feeds. If the same person appears in two feeds, they are still one object. Two different people in the same feed are two objects.
Parameters — the actual search terms, URLs, and rules you configure — are how you define objects. Parameters that represent distinct monitoring targets count toward your object capacity. Filtering parameters (positive and negative keywords used to narrow results) also consume platform resources and count toward capacity.
Adding more parameters does not increase your object capacity. It only increases the load on the platform for the same subscription tier.
Enterprise and Custom Contracts
Customers on custom contracts, Statements of Work, or government procurement vehicles (e.g., RFP awards, IDIQ task orders, blanket purchase agreements) may have object capacity, feed counts, and parameter limits defined directly in their contract. Those contract-specific terms govern capacity and supersede the standard tier table above.
The behavioral provisions of this policy still apply to all subscriptions regardless of tier or contract type. Parameter stuffing, feed packing, capacity circumvention, and system abuse are not permitted under any subscription. The difference is where your capacity ceiling comes from: for standard plans, it’s the tier table; for custom contracts, it’s your SOW.
If you’re on a custom contract and unsure of your capacity terms, contact your account executive.
Unmetered Platform Features
Not everything in XTI is metered. We draw a clear line between capacity (what you monitor) and workflow (how you work with what you’ve collected). Capacity is metered. Workflow is not.
Once content is collected into the platform, we don’t limit how your team searches, filters, views, organizes, or acts on it. These features exist to help analysts operationalize their monitoring, and putting a meter on them would force your team to ration the very tools they need to find signal in noise.
The following features are unmetered across all subscription tiers:
Search Within Search
After content is collected into your feeds, you can run unlimited secondary searches across that data using Boolean operators, keyword filters, entity pivots, and text search. There is no per-search fee or monthly search cap on collected data.
Example: An analyst monitoring brand feeds notices a spike in negative sentiment. They run a secondary search for "breach" AND "customer data" filtered to the last 4 hours, then pivot on source to see which platforms are driving the conversation. That's three searches in two minutes. None of them count against any limit.
Saved Views and Filters
Create as many saved views, custom filters, and filter combinations as you need. Share them across your team. There is no cap on the number of views or filters per user or per workspace.
Example: A security team creates separate saved views for "Active Threats," "Reputation Mentions," "Executive Mentions," and "Infrastructure Alerts." Each view applies different filter combinations to the same underlying feed data. An analyst on the night shift creates a personal view for their priority feeds. None of these count against capacity.
Alerts and Alert Rules
Configure as many alert rules as your monitoring requires. Alert rules can trigger on keywords, tags, sentiment thresholds, threat classifications, geographic boundaries, or any combination. There is no per-alert fee.
Example: A corporate security team configures 50 alert rules: threat language alerts for each facility, credential exposure alerts for key domains, and executive-name alerts for reputation monitoring. Each rule fires independently whenever matching content arrives. The alert volume is a function of what's happening in the data, not an artificial cap.
Dashboards and Widgets
Build as many dashboards as you need using the 80+ pre-configured analytic widgets. Customize layouts by role, use case, or mission. Schedule automated email delivery of any dashboard.
Example: The security operations team builds a command center dashboard with threat heat maps, sentiment trends, and mention velocity. A separate analyst dashboard focuses on person-of-interest tracking. A weekly executive summary dashboard is scheduled for automated delivery every Monday at 7 AM. No limits on the number of dashboards, widgets per dashboard, or scheduled reports.
Folders and Workspace Organization
Organize feeds, views, and dashboards into folders and workspaces without restriction. Restructure as your operations evolve.
Example: An organization starts with workspaces organized by business unit. Six months later, they reorganize by threat type (Physical Security, Cyber, Reputation). The platform supports both without any migration cost or capacity penalty.
Export and Forwarding
Forward individual posts to third parties via email, export filtered result sets, and share content with stakeholders outside the platform. Export quotas apply to bulk data extraction to protect system resources, but day-to-day sharing and forwarding for operational workflows is unmetered.
Example: An analyst identifies a credible threat post and forwards it to law enforcement via email with full content and source link. Later, they export a filtered set of 200 posts related to an incident for inclusion in a case file. Both actions are standard workflow, not metered usage.
The intent is simple: we want your analysts spending their time on analysis, not on counting how many searches they have left. The things we meter (objects and events) are the inputs that drive platform cost. The things we don’t meter are the tools that drive platform value.
What We Consider Fair Use
Fair use means using the platform within the scope of your subscription:
Configuring feeds that align with your object capacity
Building focused feeds around single entities (one person per feed, one brand per feed)
Using filtering parameters to improve signal quality, not to expand monitoring scope
Scaling your subscription when your monitoring needs grow
What falls outside of fair use:
Parameter stuffing — Loading feeds with large volumes of broad, low-quality, or duplicative parameters to expand effective monitoring coverage beyond your object capacity.
Feed packing — Combining many unrelated entities into a single feed to work around feed or object limits.
Capacity circumvention — Any configuration pattern designed to get more monitoring coverage than your subscription tier supports, rather than upgrading to an appropriate tier.
System abuse — Configurations that generate excessive event volume, degrade collection performance, or interfere with platform operations for other customers.
These aren’t theoretical concerns. Overloaded configurations produce worse results for you (more noise, less precision) and consume resources that affect other customers. The limits exist to protect both.
How We Enforce This Policy
We don’t enforce this policy punitively. The goal is to get your configuration right, not to catch you doing something wrong.
Visibility first
Your account dashboard shows your current object count, object capacity, and a breakdown by feed. You always know where you stand.
Grace margin
We allow up to 10% overage above your object capacity before any action is taken. If you're within 90–110% of your capacity, you won't hear from us.
Soft warnings
If your configuration exceeds your object capacity beyond the grace margin, you'll see a compliance notice with a clear explanation of the overage and what to do about it.
Conversation before action
If your account is significantly over capacity, we'll reach out to help you right-size — either by optimizing your feed configuration or by recommending a tier that fits your actual needs.
Throttling or restriction
In cases where a configuration is generating excessive load or is clearly designed to circumvent plan limits, we may throttle event delivery or disable specific feeds until the configuration is brought into compliance. We'll notify you before or at the time any restriction is applied.
Suspension
Suspension is a last resort, reserved for cases where a customer has been notified and has not taken corrective action within a reasonable timeframe, or where a configuration poses an immediate risk to platform stability.
Feed Design Guidance
Your results are only as good as your feed design. Staying within your object capacity isn’t just a compliance requirement — it’s how you get the best results from the platform.
Recommended Feed Structures
Person Feed
One individual per feed. Include full name, name variants, email addresses, phone numbers, and known online handles.
Brand Feed
One brand per feed. Include brand name, variants, ticker symbols, domain names, and key product names.
Organization Feed
One organization per feed. Include organization name, known abbreviations, and key identifiers.
Location Feed
One facility or site per feed. Include facility name, address variants, and relevant nearby landmarks.
Topic Feed
One monitoring subject per feed. Include the core topic term and closely related synonyms or phrases.
What to Avoid
Putting all executives into a single feed — each person is a separate object and deserves a separate feed for precision.
Mixing unrelated entities in one feed — a brand and an unrelated topic in the same feed will produce noisy, low-value results.
Using overly broad keywords as entity parameters — terms like "cybersecurity" or "fraud" as standalone subjects will generate high volume with low signal.
Each feed’s filtering parameters should be tailored to the entity in that feed. Generic filters applied across unrelated entities reduce precision for all of them.
Key Definitions
Object
A distinct monitored target — a person, organization, brand, location, credential, topic, or other subject.
Object Capacity
The maximum number of objects your subscription supports, as defined by your plan tier or custom contract.
Parameter
A raw input configured in a feed — a search term, URL, keyword, or rule. Each distinct parameter counts as an object.
Entity Parameter
A parameter that represents a distinct monitoring target (a person, company, domain, etc.).
Filtering Parameter
A generic keyword or URL rule used to narrow results within a feed. Counts toward object capacity.
Monthly Event Allowance
The total volume of events your subscription will collect and process per month.
Deduplication
The identification of duplicate or variant parameters across feeds that refer to the same real-world entity. Informational only — does not reduce your object count.
Questions
If you’re unsure whether your configuration is within fair use, or if you need help optimizing your feeds, contact us. We’d rather help you get it right than enforce a policy after the fact.
Email: support[at]digitalstakeout.com
Usage is subject to the terms, usage limits, and usage restrictions outlined in your DigitalStakeout Master Subscription Agreement and applicable Documentation. This policy supplements but does not replace your contractual obligations. See MSA Sections 4.2, 4.4(e), 4.4(g), and 4.4(h) for governing terms.