Back to home Legal

Acceptable Use Policy

This Acceptable Use Policy ("AUP") governs your use of the services provided by Bulsu Labs ("Bulsu Labs", "we", "us"). This policy applies to all customers and is incorporated into our Terms of Service. By engaging Bulsu Labs for any service, you agree to comply with this AUP.

We take this policy seriously. Violations may result in immediate suspension or termination of services without refund, and we may be required to report certain violations to law enforcement.

1. Prohibited uses: hard no

You may not use any system, workflow, integration, or automation built or operated by Bulsu Labs, directly or indirectly, for any of the following purposes:

1.1 Unsolicited outbound communications

• Sending cold or unsolicited commercial email ("spam"), SMS, or direct messages to recipients who have not opted in or who do not have a pre-existing business relationship with you.
• Any mass outbound outreach sequence that does not include a functional unsubscribe mechanism and a valid physical postal address of the sender, as required by CAN-SPAM, GDPR/ePrivacy, CASL, and equivalent regulations.
• Scraping, harvesting, or purchasing contact data for the purpose of initiating unsolicited outreach.
• Evading rate limits, sender reputation systems, or authentication requirements of any email provider, messaging platform, or social network.

1.2 Illegal, fraudulent, or deceptive activity

• Any activity that violates applicable law in the customer's jurisdiction, Bulsu Labs' jurisdiction, or the jurisdiction of any data subject.
• Fraud, money laundering, tax evasion, sanctions evasion, or financing of terrorism.
• Misrepresentation of identity, affiliation, or endorsement; impersonation of any person or entity.
• Deceptive marketing, false advertising, fake reviews, or manipulation of public rankings.
• Phishing, credential harvesting, or any form of social engineering.

1.3 Personal data misuse

• Processing personal data without a lawful basis under GDPR or equivalent data protection law.
• Building profiles, scoring, or segmentation that would result in unlawful discrimination.
• Processing special category data (health, biometric, racial/ethnic origin, religion, political opinion, sexual orientation, trade-union membership) without explicit consent and appropriate safeguards.
• Transferring personal data to jurisdictions lacking adequate protection without a valid transfer mechanism (e.g. SCCs, adequacy decision).

1.4 Malicious technical activity

• Distribution of malware, ransomware, spyware, or any malicious code.
• Unauthorized access, testing, or probing of any system you do not own or have written permission to test.
• Denial-of-service, traffic flooding, or resource exhaustion attacks.
• Circumventing authentication, rate limiting, access controls, CAPTCHAs, or licensing restrictions of any third-party service or platform.

1.5 Harmful content generation

• Generation or dissemination of content that is harassing, threatening, defamatory, hateful, or that targets individuals or groups on the basis of protected characteristics.
• Child sexual abuse material (CSAM) or any sexual content involving minors. Suspected CSAM will be reported immediately to relevant authorities.
• Content designed to incite violence, self-harm, or suicide.
• Generation of synthetic media (deepfakes) intended to deceive or defame.
• Content that infringes intellectual property rights of any third party.

1.6 Prohibited industries and content categories

Bulsu Labs does not provide services for the following industries or content types, regardless of legality in the customer's jurisdiction:

• Adult content, pornography, or escort services.
• Gambling, betting, lottery, or gambling promotion.
• Illegal drugs, drug paraphernalia, or unregulated controlled-substance sale.
• Firearms, ammunition, or weapons retail.
• Multi-level marketing (MLM), pyramid schemes, or get-rich-quick programs.
• "Traffic arbitrage", click-farming, or engagement-manipulation services.
• Cryptocurrency speculation promotion, token launches, or unregistered investment schemes.
• Debt-collection practices involving harassment or deceptive tactics.

2. Permitted use: what our services are for

Our services are designed for, and are to be used only for:

• Internal operations automation, e.g. CRM hygiene, finance reconciliation, internal reporting, document generation, approval workflows.
• Permissioned growth workflows: inbound lead qualification, account research on opted-in contacts, customer lifecycle automations, post-meeting summaries.
• Customer support automation: ticket classification, draft-response generation with human approval, knowledge-base sync, SLA monitoring.
• Data integration between systems the customer owns or lawfully licenses.

3. Your responsibilities

As a customer of Bulsu Labs, you represent and warrant that:

• You have the legal right to process all data you provide to us or that our systems will process on your behalf.
• You have obtained all necessary consents (including, where required, explicit opt-in consent for marketing communications).
• You will not use any system we build to contact individuals who have unsubscribed, opted out, or otherwise indicated they do not wish to be contacted.
• You maintain current privacy notices, cookie disclosures, and other legally required disclosures visible to your end users.
• You will notify us within 48 hours of any actual or suspected data breach involving systems we have built or operate for you.
• You will not attempt to reverse-engineer, bypass, or misuse rate limits, content filters, or safety mechanisms built into any third-party model or API we use on your behalf.

4. Third-party platform compliance

Any system we build for you must operate in compliance with the terms of service of every third-party platform it touches, including but not limited to: email providers (Google, Microsoft, SendGrid, etc.), social platforms (LinkedIn, X, Instagram, etc.), AI model providers (OpenAI, Anthropic, etc.), CRM and SaaS vendors. You are responsible for maintaining valid authorizations and API quotas on all accounts used by the system.

We will decline to build automations that require violation of a third party's terms, for example automated scraping of LinkedIn member data, or sending email through infrastructure you do not control or have not authorized.

5. Reporting violations

If you become aware of any use of our services that violates this AUP, whether by you, your team, or a third party, you must notify us immediately at info@bulsulabs.com. Good-faith reporting is expected and protected.

6. Enforcement

We reserve the right, at our sole discretion, to investigate any suspected violation of this AUP. If we determine that a violation has occurred, we may take any of the following actions, with or without notice:

• Request remediation within a specified period.
• Suspend the specific workflow, integration, or automation involved.
• Terminate the engagement immediately, without refund of any fees paid.
• Cooperate with law enforcement investigations and preserve or disclose records as required by law.
• Seek injunctive relief, damages, and recovery of costs.

7. Changes to this policy

We may update this AUP from time to time. Material changes will be communicated by email to the primary contact on file at least 14 days before taking effect. Continued use of our services after the effective date of a change constitutes acceptance of the updated policy.

8. Contact

Questions about this policy? Contact us at info@bulsulabs.com.