Acceptable Use Policy

LAST UPDATED: April 28, 2026

Privy Operations, LLC ("Privy," "we," "us," or "our") provides a platform for businesses to grow their contact lists and market to their subscribers via email, SMS, and form completion services (the "Services"). This Acceptable Use Policy ("AUP") forms part of the Privy Terms of Service and describes the acceptable and unacceptable use of the Services. Capitalized terms not defined here are defined in the Terms of Service. The prohibited conduct in this AUP is not exhaustive. Customer is responsible for its authorized users' compliance with this AUP. Violations may result in suspension or termination of Customer's access to the Services, at Privy's sole discretion.

Spam Policy

Privy has a no-tolerance spam policy. You may not use the Services to send unsolicited messaging or spam, whether in bulk or not. "Spam" means unsolicited messaging through any channel, including email, SMS, and MMS.

You may only send messages to recipients who have explicitly opted in to receive content related to your brand. Opt-ins must be express and specific to your brand, and are non-transferable across brands, companies, or campaigns. You may not contact recipients whose information was harvested or scraped from websites, originates from purchased or rented lists (regardless of opt-in status), was obtained from partners or third-party organizations, or was obtained from voter registration, survey, or event-registration lists.

Please report any suspected abuse to abuse@privy.com. ISPs and blacklist administrators may also reach us at that address.

Compliance with Laws

You must use the Services only for lawful purposes and in compliance with all applicable U.S., state, local, and international laws in your jurisdiction and the jurisdiction in which the message is received, including the CAN-SPAM Act, the Telephone Consumer Protection Act (TCPA), and all applicable guidelines published by the CTIA and wireless carriers. You are responsible for determining whether the Services are suitable for your use in light of any regulations that apply to you, and Privy will not be liable if the Services do not meet those requirements.

Prohibited Activities

You may not use the Services to:

Evade, or attempt to evade, spam filtering or detection mechanisms, including through "snowshoeing," waterfalling or list cleaning across providers, or nonstandard opt-out phrases;
Misrepresent your sender information or identity, or impersonate another person or entity;
Prevent or obfuscate unsubscribe functionality;
Harvest or collect information about individuals without their consent;
Infringe on the intellectual property or other rights of others;
Engage in hate, violence, or discrimination against individuals or groups based on any protected characteristic;
Engage in or facilitate any unlawful activity, including fraud, data theft, child exploitation, or dealing in controlled or illegal substances;
Promote obscene, sexually explicit, pornographic, or otherwise inappropriate content; or
Interact with or target children under the age of 13 (or under 16 in the EEA).

Prohibited Products and Services

You may not use the Services to promote or offer:

Illegal or restricted activities, such as escort services or similar;
Multi-level, network, or referral marketing schemes, or recruiting/prospecting schemes;
Get-rich-quick, work-from-home, or make-money-online offers;
Sale of social media engagement (e.g., likes or followers);
Data or list brokers, list rental services, or the sale or transfer of contact lists;
Lead generation services that involve sharing or selling consumer opt-in information;
Affiliate marketing as the primary purpose of the message, including communications where you have no direct relationship to the promoted product or service other than affiliate commissions or links;
High-risk financial services, including debt relief, credit repair, debt collection or forgiveness, payday loans, short-term high-interest loans, and third-party loans;
Cryptocurrencies and related services;
Stocks/Trading, including message boards;
Gambling services or products; or
Prescription medications, pharmaceutical products, medical therapies, telehealth, and related services.

Privy reserves the right to evaluate and restrict any use cases related to illegal or controlled substances in accordance with the policies of our downstream providers.

SMS and Mobile Messaging

You must comply with all applicable legal and industry regulations concerning SMS, MMS, and other mobile marketing, including restrictions on unsolicited communications, appropriate message content, opt-out mechanisms, and all guidelines published by the CTIA and wireless carriers.

Prior to sending any message, you must obtain the recipient's consent to receive messages of the type you intend to send, and keep a record of that consent. Consent is specific to your brand and the campaign to which the recipient consented, and is not transferable. The initial message you send must identify you as the sender and include standard opt-out language (e.g., "Reply STOP to unsubscribe"). You must honor opt-out requests immediately; you may send one confirmation of the opt-out but no further messages thereafter.

For SMS and MMS, the following content is prohibited in addition to the restrictions above, to comply with carrier guidelines: SHAFT content (sex, hate, alcohol, firearms, tobacco); CBD, cannabis, hemp, THC, Kratom, vaping/e-cigarettes, and related paraphernalia; direct carrier competition messaging; and any content that is illegal federally, in any state, or in the recipient's jurisdiction. Alcohol-related messaging is permitted only where the customer has implemented an age gate in accordance with carrier guidelines.

Spam Complaint Rates

Your account may be subject to suspension, termination, or other remediation measures if your user-generated spam complaint rate meets or exceeds 0.3% over any 30-day period. If your rate reaches this threshold, we will notify the admin email address(es) on your account and provide reasonable guidance. We may allow 30 to 60 days to reduce the rate depending on the circumstances.

Prohibited Data

You may not upload, transmit, or otherwise make available through the Services any of the following: (a) special category data as defined under the GDPR or UK GDPR; (b) medical records or health information, including Protected Health Information as defined by HIPAA (Privy does not offer a Business Associate Agreement and is not liable for any HIPAA compliance failures arising from your use of the Services); (c) non-public government identifiers such as Social Security numbers, passport numbers, or driver's license numbers, or financial account information such as credit or debit card numbers; or (d) information about children under the age of 13 (or under 16 in the EEA).

Promotions, Contests, and Sweepstakes

If you use the Services to administer promotions, contests, sweepstakes, or similar events, you are solely responsible for compliance with all applicable laws and regulations — including eligibility requirements, prize fulfillment, winner selection, and any required registrations or approvals — and for ensuring that the rules of each promotion release Privy from any associated liability.

Enforcement

Privy may monitor or investigate use of the Services at any time for compliance with this AUP. Privy may immediately suspend, terminate, or limit your access to the Services if we determine, in our sole discretion, that you have violated this AUP. We reserve the right to report illegal activity to the relevant authorities. Platform-level restrictions, including prohibitions on reverse engineering and unauthorized access, are set forth in the Privy Terms of Service.

We may update this AUP from time to time by posting an updated version at www.privy.com/acceptable-use-policy. Your continued use of the Services constitutes acceptance of the modified AUP.

Acceptable Use Policy for Privy