Legal

Acceptable Use Policy

Effective: 2026-05-02 Last updated: 2026-05-02 Version: 1.0

Plain-English summary (not part of the policy): Safigo Reception is for handling inbound calls to your own business. Don’t use it to scam, harass, send unwanted SMS, or break the law — including telecom laws (TCPA, CASL), recording laws, AI-disclosure laws, privacy laws, and industry-specific rules. You are responsible for telling your callers the call may be recorded and that they’re talking to an AI. We can suspend your account immediately if you break these rules.

1. Scope

This Acceptable Use Policy (“AUP”) supplements and is incorporated into our Terms of Service. It applies to every Customer and to anyone using the Service through a Customer’s account. Capitalized terms have the meanings given in the Terms.

By using the Service you agree to comply with this AUP. Violations may result in immediate suspension or termination of your account, without refund, and may be reported to law enforcement, regulators, or third parties harmed by the violation.

2. Permitted use

The Service is permitted only for:

a. Answering inbound voice calls and SMS to your own business phone numbers, forwarded to a number we assign you; b. Responding to your callers, taking messages, booking appointments, and routing escalations within your business; c. Sending automated SMS confirmations and follow-ups directly tied to a specific inbound call you handled.

3. Prohibited use — telecommunications

You will not use the Service to:

a. Place outbound calls to consumers, prospects, or any third party (the Service is inbound-only by design; abuse will trigger immediate suspension); b. Send unsolicited SMS, “robotexts”, or marketing messages in violation of the TCPA (US), Canada’s Anti-Spam Legislation (CASL), CRTC rules, or any state or provincial telemarketing law; c. Bypass or evade Do Not Call lists, the National Do Not Call List (Canada), the National Do Not Call Registry (US), state DNC lists, or carrier filtering; d. Spoof or misrepresent caller identity, ANI, or sender identity; e. Set up call forwarding from a phone number you do not own or do not have express written authority to forward; f. Resell, sublicense, or share access to the Service with anyone outside your business without our written agreement.

4. Prohibited use — content and conduct

You will not use the Service to:

a. Engage in fraud, deception, or impersonation, including impersonating a person, business, government agency, financial institution, or any third party; b. Engage in scams, including but not limited to advance-fee fraud, “tech support” scams, fake debt collection, fake utility-disconnect scams, fake regulator/IRS/CRA calls, or romance scams; c. Harass, threaten, intimidate, defame, or abuse any caller, employee, or third party; d. Distribute malware, phishing links, or any harmful content via SMS; e. Engage in or facilitate illegal activity under applicable Canadian, US, or other relevant law; f. Circumvent legal disclosure requirements to your callers, including recording-disclosure and AI/bot-disclosure rules; g. Use the Service to compete with us or create a competing AI voice product; h. Reverse engineer, decompile, scrape, or extract the underlying models, prompts, or system behavior of the Service; i. Attempt to access another Customer’s account, data, or configuration; j. Probe, scan, test the vulnerability of, or disrupt the Service; k. Submit knowingly false information during setup, billing, or support.

5. Prohibited industries and use cases

The Service may not be used for the following without prior written agreement from us, even if otherwise legal:

a. Healthcare workflows that involve Protected Health Information (PHI) under HIPAA. The Service is not HIPAA-compliant by default and we are not a Business Associate. Healthcare providers may use the Service only for non-PHI workflows (general appointment-booking with no health information collected) unless we have a signed Business Associate Agreement; b. Cannabis sales or delivery in jurisdictions where it is illegal at any level (federal or state); c. Adult content, sex services, or escort services; d. Firearms, ammunition, and regulated weapons sales (we may permit gunsmiths and FFL holders for non-sales communications by written agreement); e. Prescription drug sales or pharmacy operations without written agreement; f. Gambling, betting, or wagering services not licensed in the caller’s jurisdiction; g. High-pressure consumer sales in industries with heightened regulatory oversight (mortgage solicitation, debt-relief services, payday lending) without written agreement; h. Political campaign or candidate advocacy (TCPA and CASL exposure); and i. Government, classified, or export-controlled functions.

We reserve the right to add to this list with reasonable notice, including via this Policy’s “Last updated” date.

6. Your compliance obligations

You are responsible for ensuring your use of the Service complies with all applicable laws, including at minimum:

6.1 Recording-disclosure laws

Several jurisdictions require all-party consent before recording. As of 2026, US states with all-party-consent rules include California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Oregon, Pennsylvania, and Washington. Other states and Canadian provinces have their own rules (Canada is generally one-party-consent at the federal level, but provincial privacy laws may impose additional disclosure obligations).

If your callers may be in any all-party-consent jurisdiction (and you cannot reliably know they will not be), your greeting must include an audible recording-disclosure statement.

We provide a default greeting that includes recording disclosure. You must keep this enabled. If you remove it, you do so at your own risk and assume sole liability.

6.2 AI / bot disclosure

California Bot Disclosure Law (Bus. & Prof. Code §§ 17940-17943, “SB 1001”) prohibits using an undisclosed bot to incentivize a sale or transaction in California. Other jurisdictions are following with similar rules.

You must keep the AI / automated-agent disclosure in your greeting enabled. We provide a default. Do not remove or weaken it without independent legal advice confirming you can.

6.3 TCPA / CASL / CRTC

You are responsible for compliance with the Telephone Consumer Protection Act (TCPA), Canada’s Anti-Spam Legislation (CASL), and CRTC rules. You will obtain any consents required from callers before sending SMS confirmations beyond a single direct response to their inbound call, and will honor any opt-out promptly.

6.4 Privacy laws

You are responsible for compliance with PIPEDA, BC PIPA, Quebec Law 25, CCPA/CPRA, and other US state privacy laws applicable to your callers. As the data controller for caller data, you must provide your callers with a reasonable privacy notice describing how their information is used, including the use of an AI service provider to process the call.

6.5 Industry-specific laws

If your business is subject to industry-specific regulation, you remain solely responsible for compliance. Examples:

  • Healthcare: HIPAA, HITECH, provincial health-information privacy laws;
  • Financial services: GLBA, FCRA, FDCPA, banking regulator rules;
  • Legal services: bar association rules of professional conduct, attorney-client privilege protocols;
  • Real estate: Real Estate Council rules, Fair Housing Act;
  • Debt collection: FDCPA (US), provincial collection-agency acts (Canada);
  • Insurance: state DOI rules and licensure.

7. Caller data

When a person calls your business and reaches our AI agent, we process their personal information on your behalf as a service provider / processor, governed by the Data Processing Addendum. You will:

a. Be transparent with your callers about the use of an AI agent and recording; b. Honor caller requests to access, delete, or correct their information that you receive (we will assist when reasonably possible); c. Not collect or retain caller information beyond what is necessary for legitimate business purposes; d. Not use caller information for any purpose unrelated to handling their call without separate consent.

8. Security

You will:

a. Maintain the confidentiality of your account credentials; b. Notify us immediately of any unauthorized access to your account; c. Not attempt to access, alter, or destroy data of other Customers; d. Cooperate with our reasonable security investigations.

9. Enforcement

If we believe you have violated this AUP, we may, in our sole discretion:

a. Investigate — including reviewing call logs, recordings, configurations, and communications; b. Warn you and request remediation; c. Suspend the Service immediately, with or without notice, for serious violations; d. Terminate your account without refund; e. Cooperate with law enforcement and regulators, including responding to lawful subpoenas, producing records, and reporting suspected criminal conduct; f. Pursue legal remedies for any harm caused.

For violations that pose imminent harm — fraud, harassment, scams, illegal activity — we may act without prior notice.

10. Reporting violations

If you believe a Customer is using the Service in violation of this AUP, contact privacy@safigo.ai with details. We investigate every credible report.

Version 1.0 · Last updated 2026-05-02 · Drafted in good faith without legal counsel; legal review scheduled at customer #3. Read together with the Terms of Service, Privacy Policy, and Data Processing Addendum.