Last updated: October 1, 2025

Applies to: all use of QuantKey products and services, including partner-provided modules, APIs, telephony, email, hosting, and any AI‑powered features (collectively, the “Services”).

Contractual status: This AUP is incorporated by reference into our Terms of Service. Violations may lead to warning, throttling, suspension, or termination; we may also pass through carrier/inbox provider fines or surcharges and remove offending content or numbers. (See Enforcement below.)

1) Scope & Responsibilities

You (Customer), your staff, contractors, and end‑users must comply with this AUP, applicable law and regulation, carrier/ESP rules, and all third‑party platform terms (e.g., telephony aggregators, inbox providers, app stores, ad networks, AI model providers).

You are responsible for the actions of anyone using your account(s) or numbers/senders, and for configuring compliance features (e.g., unsubscribe handling, STOP/HELP responses, list hygiene, domain authentication).

Carriers and inbox providers may filter or block messages they deem unwanted or non‑compliant; this is an expected part of the ecosystem and not a service defect.

2) Prohibited Conduct (All Services)

You may not, and may not allow others to:

A. Break any law/regulation; infringe IP; invade privacy; publish or transmit malware, phishing, or deceptive content; or attempt to bypass security or rate limits.

B. Interfere with the Services (e.g., scraping, abusive automation, DDoS, exploiting bugs); reverse‑engineer except as allowed by law.

C. Engage in harassment, threats, hate, incitement to violence, or exploitation of minors; publish obscene or excessively violent content.

D. Send unsolicited bulk communications or use purchased, rented, shared, or harvested lists. Maintain your own opt‑in lists and records.

E. Snowshoe (spread similar content over many numbers/senders to evade detection) or use grey routes.

F. Evade filtering by obfuscation (e.g., deceptive link cloaking); if you use a URL shortener, use a branded/dedicated domain that clearly identifies you.

Restricted/forbidden verticals and content. U.S. carriers and aggregators generally disallow messaging that promotes illegal drugs, cannabis/CBD, firearms/ammunition, and other “SHAFT” categories or high‑risk content—even where lawful in some jurisdictions. If you believe your use case falls into a permitted, age‑gated exception, obtain our written approval first; we may still be unable to support it due to carrier policy.

3) SMS/MMS/RCS (“Messaging”) Policy

3.1 Registration & Sender Identity

10DLC (U.S.): Business messaging from long codes requires brand and campaign registration via The Campaign Registry (TCR); unregistered traffic is subject to blocking. Toll‑free numbers require separate carrier verification. We or our upstream partners will facilitate registration/verification; you must provide accurate KYC/KYB details and use the approved use case.

Identify your brand clearly in the initial message (and in HELP responses). Avoid shared numbers/senders unless explicitly authorized.

3.2 Consent & Opt‑outs

Obtain valid, auditable consent before sending marketing or recurring program messages; keep timestamped records and screenshots/URLs of your opt‑in CTA. Do not use rented/sold/shared consents.

In the U.S., marketing texts generally require prior express written consent (e‑sign OK). Provide clear disclosures and an easy way to revoke consent.

Support standard opt‑out keywords (e.g., STOP, UNSUBSCRIBE, CANCEL, QUIT). Honor opt‑outs promptly and confirm via reply (e.g., “You’re opted out.”). Provide HELP to return program info and a support contact. Carriers expect these flows for short codes and long codes.

Honor Do‑Not‑Call (DNC) rules where applicable and scrub lists as required; for telemarketing, keep and honor entity‑specific DNC requests.

Note: Regulatory details evolve (e.g., FCC TCPA interpretations). We enforce a conservative standard: specific, revocable, documented consent per sender/use‑case, with robust opt‑out support.

3.3 Content Requirements

No illegal, deceptive, or abusive content; no phishing; no links that hide identity; no PII that could create security risk. If using a short URL, use a dedicated/branded domain that unambiguously identifies you.

Include brand identification and opt‑out text in the initial message and where appropriate thereafter.

Avoid sending outside reasonable local hours; U.S. telemarketing “quiet hours” are 8am–9pm local time.

3.4 Deliverability & Filtering

Carriers may block or filter unwanted or non‑compliant messages; they may require rate limiting, additional vetting, or campaign changes. Using snowshoe or grey routes is prohibited.

4) Email Policy

4.1 Authentication & Security

Configure SPF, DKIM, and DMARC for your sending domains. Major inbox providers now require authentication for bulk senders and encourage DMARC alignment.

4.2 Unsubscribe & Complaints

Implement a one‑click List‑Unsubscribe (RFC 8058 style) and process within 2 days. Gmail and Yahoo require this for bulk.

Keep spam complaint rates well below thresholds (e.g., Gmail flags ≥0.3% as problematic); monitor and remediate.

4.3 CAN‑SPAM & List Integrity

Follow CAN‑SPAM: truthful headers, clear identification, postal address, and prompt honoring of opt‑outs; no purchased lists or deceptive subject lines.

5) Voice/Telephony Policy

Consent: For telemarketing/prerecorded/artificial voice calls, obtain required consent and honor DNC. Maintain internal DNC lists and respect quiet hours.

Recording: If you record calls, comply with state and federal laws; some states require all‑party consent. Post notices and secure storage as appropriate.

Caller ID: Do not spoof or misrepresent caller identity; comply with applicable robocall and STIR/SHAKEN frameworks.

6) AI Features (Responsible Use)

When using AI‑powered features within the Services:

Do not deploy AI in ways that unlawfully discriminate, manipulate, or cause material harm (e.g., biometric categorization by sensitive traits; “social scoring” impacting individuals). EU rules increasingly restrict such uses; we apply a conservative global standard.

Human‑in‑the‑loop: Review AI‑generated outputs before acting on them in sensitive contexts (e.g., legal, medical, financial).

Provider terms: Your use must conform to applicable AI model/provider policies in our stack (pass‑through terms).

No high‑risk misuse: No attempts to circumvent safety systems, generate malware/phishing, or create deceptive content that violates law or platform rules.

7) Hosting, Websites, Forms & Integrations

You must provide your own legally adequate privacy notice and cookie disclosures on sites, forms, and chat widgets you deploy, and collect consent consistent with local law (e.g., EU/UK PECR/GDPR for marketing by email/SMS; CASL in Canada).

Do not host malware, illegal content, or content that infringes IP; we may remove such content and disable related services.

8) Data Hygiene & Recordkeeping

Keep verifiable records of consent (what, when, how, from where, and for which sender/campaign) and of opt‑outs/“STOP” requests. Process number deactivations regularly to avoid messaging reassigned numbers.

For email, maintain suppression lists and apply one‑click unsub within required timelines.

9) Enforcement

We may take one or more actions, depending on severity and history:

A. Notice & cure (education, remediation plan).

B. Rate limiting or content quarantine; require campaign edits or additional vetting/registration.

C. Block specific senders/numbers/domains; place contacts on DND automatically if carriers return “undeliverable/opt‑out” codes.

D. Suspend or terminate offending Services or accounts; pass through fines/surcharges from carriers or inbox providers; preserve evidence and notify authorities where required. Carriers are permitted to filter/block unwanted traffic to protect users.

10) Reporting Problems & Appeals

To report abuse or a suspected breach of this AUP, email [email protected] with full details (sender(s), timestamps, sample content, URLs).

If you believe compliant content was mistakenly blocked/removed, contact us; we’ll review promptly.

11) Definitions

10DLC: U.S. application‑to‑person messaging over 10‑digit long code numbers; requires brand & campaign registration via TCR.

Snowshoe: Distributing similar/identical messages across many senders to evade filters—prohibited.

One‑click List‑Unsubscribe: Email header method enabling instant unsub; required by major inbox providers for bulk senders.

12) Changes

We may update this AUP to reflect legal or ecosystem changes. Material changes will be communicated via in‑app notice or email; continued use after the effective date constitutes acceptance.

13) Contact

Email:

[email protected]

US Mail:

QuantKey Solutions LLC
1930 18th St. NW
Ste B2 #1101
Washington, DC 20009