Acceptable Use Policy

Polynoos is a hospitality operations platform. We provide the rails; our Customers are responsible for the content they push through those rails. This AUP exists to keep the Platform safe, lawful, and trusted by recipients, regulators, and infrastructure partners (email, SMS, AI, and cloud providers).

Violations may result in immediate suspension or termination of access without refund, and we will report unlawful activity to authorities where required.

You must not use the Platform to store, send, or distribute content that:

• Is unlawful, defamatory, or infringing of third-party rights (including intellectual-property and privacy rights)
• Is harassing, hateful, threatening, or discriminatory
• Sexually exploits or endangers minors (we report such content to the relevant authorities, including CyberTipline / INHOPE partners)
• Promotes self-harm, terrorism, or organised crime
• Constitutes phishing, fraud, or deceptive impersonation
• Contains malware, viruses, or other malicious code
• Violates export controls, sanctions regimes, or anti-money-laundering law

You must not:

• Use the Platform to send unsolicited bulk or commercial messages (“spam”), regardless of channel
• Reverse engineer, decompile, or attempt to extract source code of the Platform
• Scrape, crawl, or harvest data from the Platform other than via documented APIs
• Probe, scan, or test the vulnerability of the Platform without our prior written authorisation
• Circumvent rate limits, authentication, or access controls
• Use automated systems (bots, scripts, scrapers) in a way that imposes an unreasonable load on infrastructure
• Resell, sublicense, or provide the Platform to third parties without our prior written consent
• Use the Platform to build, train, or evaluate a competing product or service

Polynoos sends communications on Customers’ behalf via third-party messaging providers (e.g. Mailgun, Amazon SES, Twilio, Meta WhatsApp Business). Those providers impose strict anti-abuse rules; violations are attributed to Polynoos as the sender of record. To stay within those rules, you must:

• Have a lawful basis for every recipient on your list (consent, contract, or legitimate interest under GDPR; express consent where required by ePrivacy or TCPA-equivalent rules)
• Document opt-in for marketing messages and retain proof of consent
• Never purchase or rent contact lists from third parties for marketing use through the Platform
• Honour unsubscribe / STOP requests immediately; the Platform’s suppression list must not be bypassed
• Include sender identification in every marketing message (company name + reply address)
• Maintain bounce / complaint rates below provider thresholds (typically <5% bounces, <0.1% complaints for email)
• Use WhatsApp templates only as approved by Meta; do not initiate outside the 24-hour customer-care window without an approved template
• Respect Do-Not-Call / Do-Not-Disturb time windows for SMS and voice in the recipient’s jurisdiction

You must not:

• Attempt to gain unauthorised access to any system, account, or data
• Interfere with or disrupt the Platform, its hosting infrastructure, or other Customers
• Use the Platform to launch denial-of-service or amplification attacks
• Distribute credentials shared with you outside your authorised User base
• Bypass technical, audit, or logging controls

Vulnerability disclosure is welcome at security@polynoos.com under good-faith research conduct (no data exfiltration, no service disruption, advance reporting before public disclosure).

If you receive an unwanted message that you believe was sent through the Polynoos Platform, or you observe content or activity that violates this AUP, report it to abuse@polynoos.com. Include relevant headers, timestamps, and URLs where possible. We investigate every report and respond to the reporter within a reasonable time.

We may, at our sole discretion and without prior notice:

• Remove or quarantine content that violates this AUP
• Suspend a User, account, or Customer pending investigation
• Terminate the Order Form for material or repeated breaches
• Cooperate with law-enforcement and regulatory authorities

Where reasonable, we will first notify the Customer and invite remedial action before taking action that materially impacts business operations.

We may update this AUP from time to time. The “Last updated” date at the top reflects the most recent revision. Material changes will be communicated to Customers by email or in-app notification.

• Abuse reports: abuse@polynoos.com
• Security: security@polynoos.com
• General: hello@polynoos.com