Privy Acceptable Use Policy
LAST UPDATED: April 7th, 2022
PRIVY, LLC. (HEREIN REFERRED TO AS “PRIVY”, “WE”, “US” AND/OR “OUR”) PROVIDES A PLATFORM FOR ANY BUSINESS TO USE TO GROW ITS EMAIL LIST AND OFFERS A VARIETY OF SERVICES IN CONNECTION WITH THE PLATFORM, INCLUDING SUBSCRIBER MARKETING AND FORM COMPLETION SERVICES (THE “PRIVY SERVICE”). THIS ACCEPTABLE USE POLICY IS INCORPORATED INTO, IS PART OF, AND IS GOVERNED BY THE PRIVY TERMS AND CONDITIONS (THE “PRIVY TERMS”) AND SETS FORTH THE TERMS OF PERMISSIBLE ACCESS AND USE OF THE SERVICES. CAPITALIZED TERMS USED AND NOT OTHERWISE DEFINED HEREIN HAVE THE MEANINGS ASCRIBED TO THEM IN THE PRIVY TERMS.
1. Prohibition on Spam; Permission Practices; Message Requirements.
(a) General. The Privy Service may not be used for the sending of unsolicited messages (e.g. email, text, SMS, MMS, chat) (sometimes called "spam"). All messages sent by means of the Privy Service shall be in compliance with this Acceptable Use Policy.
You are responsible for ensuring that your use of the Privy Service does not generate a number of spam or other complaints in excess of industry norms. We may terminate your access to or use of the Privy Service if we determine that your level of spam or other complaints is higher than industry norms, as determined by us in our sole discretion. As a matter of privacy, we will not share with you information about those recipients who complain about your use of the Privy Service or file a spam report against you.
You agree to import, access or otherwise use only contact lists in connection with the Privy Service for which all listed parties have consented to receive communications from you. It is not sufficient consent to receive communications from you if a person or organization participates in a survey or registers for an event, clicks "Like" on your Facebook® page, or "follows" you on Twitter®. You agree not to send messages through the Privy Service to distribution lists, newsgroups, publicly available press or media addresses or purchased email addresses.
We reserve the right without notice to take all measures of any nature (whether legal, technical or otherwise) to prevent unsolicited bulk email and/or other unauthorized email, messages or campaigns from entering, utilizing or remaining within our network.
(b) Messages. In your use of the Privy Service, you shall represent yourself or your organization accurately and will not impersonate any other person, whether actual or fictitious.
You agree that you are the sole or designated "sender" (as such term is defined in the CAN-SPAM Act of 2003 and any rules or regulations adopted under such act (the "CAN-SPAM Act")) of any message sent by you using the Privy Service.
For the purposes of this policy, spam, as applied to email, means "Unsolicited Bulk Email". “Unsolicited” means that the recipient has not granted the sender affirmative consent (permission) to email them. “Bulk” means that the message is sent as part of a larger collection of messages, all having materially similar content.
You agree that for any email message sent by you using the Privy Service, (i) the "from" line of any email message sent by you using the Privy Service will accurately and in a non-deceptive manner identify your organization, your product or your service, (ii) the "subject" line of any email message sent by you using the Privy Service will not contain any deceptive or misleading content regarding the overall subject matter of the email message, and (iii) you will include your valid physical address, which, if you are located in the United States, may be a valid post office box meeting the registration requirements established by the United States Postal Service.
(c) Unsubscribe. Every email message sent in connection with the Privy Service must contain an "unsubscribe" link that allows subscribers to remove themselves from your mailing list. You shall monitor and process unsubscribe requests received by you directly within 10 days of submission and update the email addresses to which messages are sent through your Privy account. You cannot charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an unsubscribe request. As required under the CAN-SPAM Act and other applicable laws, you acknowledge that you are responsible for maintaining and honoring the list of unsubscribe requests following termination of your Privy account.
You agree that you shall not utilize the Privy Service to send any message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose) (a "commercial electronic mail message" as defined in the CAN-SPAM Act) to any person who has opted out or otherwise objected to receiving such messages from you or another sender on whose behalf you may be acting.
2. Additional Text Message Requirements.
(a) Consent. Prior to sending the first message (SMS, MMS, or chat), you must obtain agreement from the message recipient to communicate with them. This is referred to as "consent". You must make clear to the individual that they are agreeing to receive messages of the type you're going to send. You must to keep a record of the consent, such as a copy of the document or form that the message recipient signed, or a timestamp of when the customer completed a sign-up flow. For the avoidance of doubt, consent can't be bought, sold, or exchanged. For example, you can't obtain the consent of message recipients by purchasing a phone list from another party.
If you do not send an initial message to that individual within 30 days of receiving consent, then you will need to reconfirm consent (see “Double Opt-in” below).
The consent applies only to you, and to the specific use or campaign that the recipient has consented to. You can't treat it as blanket consent allowing you to send messages from other brands or companies you may have, or additional messages about other uses or campaigns.
(b) Double Opt-In Consent. Privy Service users must obtain double opt-in consent.
Double opt-in two step process
- First, the message recipient must knowingly provide consent to you prior to receiving any text message. That consent must be provided through an electronic signature or some other online sign-up form that makes clear to the individual they are agreeing to receive messages of this type.
- Second, in your first text message to that individual, you must identify yourself and prompt the individual to confirm their consent.
For example, your first outbound message would be compliant if it included text similar to, “This is Company X. You recently signed up to receive text messages from us. Please reply YES to confirm or STOP to unsubscribe.” Only after you receive the confirmation “YES” may you send a follow-up message with information related to a topic listed above.
(c) Identifying Yourself as Sender. Every message you send must clearly identify you as the sender, except in follow-up messages of an ongoing conversation.
(d) Message Recipient Opt-Out. The initial message you send to an individual must include the following language: “Reply STOP to unsubscribe,” or the equivalent using another standard opt-out keyword, such as STOPALL, UNSUBSCRIBE, CANCEL, END, and QUIT.
Individuals must also have the ability to revoke consent at any time by replying with a standard opt-out keyword. When an individual opts out, you may deliver one final message to confirm that the opt-out has been processed, but any subsequent messages are not allowed. An individual must once again provide consent before you can send any additional messages.
(e) Periodic Messages and Ongoing Consent. In some cases, you may want to periodically send messages to an individual who earlier provided proper consent. This practice is allowed, provided that your message includes a reminder to the individual about how to unsubscribe. If you send more than one message in a given month, you need to include the reminder in just one of those messages--not in all of the messages that you send in that month.
You must respect the message recipient’s preferences in terms of frequency of contact. You also need to proactively ask individuals to reconfirm their consent no less often than once every 18 months.
3. Compliance with Laws.
The Privy Service shall only be used for lawful purposes and you shall use the Privy Service only in compliance with this Agreement and all other applicable U.S., state, local and international laws in your jurisdiction and the jurisdiction in which the message is received, including:
- Anti-spam laws or regulations such as the CAN-SPAM Act, the Telephone Consumer Protection Act, and the Do-Not-Call Implementation Act;
- any policies and laws related to unsolicited messages (e.g. email, text, SMS, MMS, chat), spamming, privacy, obscenity, or defamation, copyright and trademark infringement and child protective email address registry laws;
- applicable laws and regulations related to the transmission of data and recording or monitoring of phone calls and other forms of communication;
- laws relating to advertising, sales or promotional efforts or practices, redemption, refunds and provision of your products or services;
- laws that govern false, unfair and deceptive practices, coupons, gift cards/certificates, defective products or services, unclaimed property, alcohol or tobacco, health and safety, fire, and hygiene standards;
- laws that govern lotteries, sweepstakes, contests and promotions; and
- laws that govern the collection of donations and charitable giving.
You further agree to refrain from unethical, false or misleading advertising, promotions or sales efforts and practices in connection with your use of the Privy Service.
You may not use the Privy Service for any unlawful or discriminatory activities, including acts prohibited by the Federal Trade Commission Act, Fair Credit Reporting Act, Equal Credit Opportunity Act, or other laws that apply to commerce.
You are responsible for determining whether the Privy Service is suitable for you to use in light of any regulations, such as the Health Insurance Portability and Accountability Act ("HIPAA"), the Gramm-Leach-Bliley Act ("GLBA"), European data privacy laws, or other laws. If you are subject to a particular regulation and you use the Privy Service, we will not be liable if the Privy Service does not meet those requirements.
4. Restrictions on Use.
As a condition of your use of and access to the Privy Service, you agree to comply with any application-, tool-, or content-specific rules published within the Privy Service as well as the following usage rules, which Privy may modify or supplement in its discretion from time to time. You agree that you will not, in regard to the Privy Service (as determined by Privy in its discretion):
(a) copy, adapt, reverse engineer, decompile, reverse assemble, modify or attempt to discover any software (source code or object code) that the Privy Service creates to generate web pages or any software or other products or processes accessible through the Privy Service;
(b) access or use the Privy Service in a way that uses technology or other means to access, index, re-render, frame, mirror, truncate, add to, inject, filter or link to the Privy Service that is not authorized by us (including by removing, disabling, bypassing, or circumventing any content protection or access control mechanisms intended to prevent the unauthorized use, download, linking, framing, reproduction, access to, or distribution of the Privy Service);
(c) use any deep-link, page-scrape, robot, crawl, index, spider, offline reader, click spam, macro programs, internet agent, or other automatic device, program, algorithm or methodology which does the same things, to use, access, copy, index, acquire information, generate impressions or clicks, input information, store information, search, generate searches, or monitor any portion of the Privy Service for any unauthorized purpose or distribute any virus, time bomb, trap door, Trojan horse, worm, malware, ransomware or other harmful, malicious or disruptive computer code, mechanism, software, script, agent or program;
(d) remove, modify, disable, block, obscure or otherwise impair any notice, legend, warning, banner or advertisement contained on the Privy Service;
(e) interfere with or circumvent any security feature of the Privy Service or any feature that restricts or enforces limitations on use of or access to the Privy Service;
(f) sell the Privy Service or any part thereof in exchange for real currency or items of value;
(g) use the Privy Service for timesharing or service-bureau purposes or otherwise for the benefit of a third party;
(h) use the Privy Service in a manner that damages, disables, overburdens, impairs, or gains unauthorized access to the Privy Service, including Privy’s servers, computer network, or user accounts;
(i) violate any applicable law in your jurisdiction or the jurisdiction in which the message is received, including without limitation any applicable export laws, or third-party rights (including third party terms of service);
(j) harvest or otherwise collect information about others, including email addresses or phone numbers, without their permission or under false pretenses;
(k) use the Privy Service in connection with unsolicited, unwanted, or harassing communications (commercial or otherwise), including, but not limited to, phone calls, SMS or MMS messages, chat, voicemail, video, email, or faxes;
(l) use the Privy Service to record or monitor a phone call or other communication without securing consent from the participants to the phone call or other communication as required under applicable law (including, as applicable, California’s Invasion of Privacy Act and similar laws in other jurisdictions);
(m) use the Privy Service for hosting, transmitting or making available content (for example, images and documents) that infringe or violate the rights of any other party, including without limitation any intellectual property rights or rights of privacy or publicity;
(n) engage in conduct that is obscene, offensive, pornographic, fraudulent, deceptive, defamatory, threatening, harassing, abusive, slanderous, hateful, or causes embarrassment to any other person;
(o) repeatedly upload and remove unique email addresses or otherwise try to manipulate data in an attempt to circumvent Privy’s applicable fees or other billing procedures;
(p) set up multiple accounts for any individual or organization in order to send substantially similar content unless you are part of a franchise;
(q) further any chain letters or pyramid schemes, transmit unsolicited messages, or engage in “spam;”
(r) deliberately mislead anyone as to your identity, impersonate another, forge an email address or header, or phone number or otherwise attempt to mislead others as to the identity of the sender or the origin of a message, email or phone call, or falsely identify the source of any submissions, or allow another person or entity to use your identity in order to access the Privy Service or post or view submissions;
(s) copy, display, distribute, download, license, modify, publish, re-post, reproduce, reuse, sell, transmit, use to create a derivative work, or otherwise use the content of the Privy Service for public or commercial purposes without our express written permission;
(t) engage in conduct that conflicts with the spirit or intent of the Privy Service, including without limitation, by disrupting the flow of dialogue in a Public Area (as defined in the Privy Privacy Policy), restricting any other user from using or enjoying the Service, or exposing Privy or another to any liability or detriment of any kind;
(u) use the Privy Service in any manner that causes a telecommunications provider to complain about such use to Privy or its service providers or materially violates the following: (a) industry standards, policies and applicable guidelines published by (i) the CTIA (Cellular Telecommunications Industry Association), (ii) the Mobile Marketing Association, or (iii) any other generally recognized industry associations; (b) telecommunications provider guidelines and usage requirements as communicated in writing by Privy to you;
(v) include any incentives (for example, coupons, discounts or awards) in any messages you send by means of the Privy Service that encourage a recipient to forward the message to another recipient, other than as expressly permitted within the Privy Service; or
(w) for the avoidance of doubt and without limitation of any other provision contained herein, use the Privy Service in a way that violates generally recognized industry guidelines, including, without limitation, (a) using non-permission based email lists (i.e., lists in which each recipient has not explicitly granted permission to receive emails from a customer by affirmatively opting-in to receive those emails); (b) using purchased or rented email lists; (c) using third-party email addresses, domain names, or mail servers without proper permission; (d) sending emails to non-specific addresses (e.g., webmaster@domain.com or info@domain.com); (e) sending emails that result in an unacceptable number of spam or unsolicited commercial email complaints (even if the emails themselves are not actually spam or unsolicited commercial email); (f) failing to include a working “unsubscribe” link in each email that allows the recipient to remove themselves from a your mailing list; (g) failing to comply with any request from a recipient to be removed from your mailing list within 10 days of receipt of the request; (h) failing to include in each email a link to the then-current privacy policy applicable to that email; (i) disguising the origin or subject matter of any email or falsifying or manipulating the originating email address, subject line, headers, or transmission path information for any email; (j) failing to include in each email your valid physical mailing address or a link to that information; and (k) including “junk mail,” “chain letters,” “pyramid schemes,” incentives (e.g., coupons, discounts, awards, or other incentives) or other material in any email that encourages a recipient to forward the email to another recipient.
5. Further Restrictions regarding Content.
(a) All Content (SMS, MMS, email, etc.)
This Section 5(a) of the Acceptable Use Policy applies to the use of any product or service, including but not limited to SMS, MMS, and email, whether provided directly or indirectly by Privy. By using any product or service provided by Privy, you agree to this Acceptable Use Policy.
The messaging, creatives, calls-to-action, and all other content of any Privy program, as well as website of a Privy prospect or client may not contain or promote the following content:
Pornographic or obscene content
Hate; Violence
- Content that incites hatred against, promotes discrimination of, or disparages individuals or groups based on any of the following attributes: Age, Disability, Ethnicity, Gender Identity and Expression, Nationality, Race, Immigration Status, Religion, Sex/Gender, Sexual Orientation, Victims of a major violent event and their kin, Veteran Status
- Depictions of violence or endorsements of violence against individuals or groups based on the attributes noted above, including threats of death or physical harm and also content that harms minors in any way.
- Harassment, or any communications from groups deemed to be spreading hate or misinformation.
- Libelous, defamatory, profane, or otherwise malicious or harmful speech.
Illegal Content
IP Infringement; Violation of Third-Party Rights
- Content that infringes, violates, or misappropriates any third-party right, including any copyright, trademark, patent, trade secret, moral right, privacy right, right of publicity, or any other intellectual property or proprietary right.
- Content that slanders, defames or libels.
- Content that you do not have a right to make available under law, contract, or fiduciary relationship (such as inside information, proprietary, and confidential information).
- The export, re-export, or transfer of restricted software, algorithms, or other data in violation of export control laws.
Protected Health Information:
- Any Protected Health Information as defined by HIPAA (Health Insurance Portability and Accountability Act of 1996). This is information that “relates to the past, present, or future physical or mental health condition of an individual; the provision of health care to an individual; or the past, present or future payment for the provision of health care to an individual.”
Sensitive Data
- “Sensitive Data” means: (a) social security number, passport number, driver’s license number, or similar identifier (or any portion thereof); (b) credit or debit card number (other than the truncated (last four digits) of a credit or debit card), financial information, banking account numbers or passwords; (c) employment, financial, genetic, biometric or health information; (d) racial, ethnic, political or religious affiliation, trade union membership, or information about sexual life or sexual orientation; (e) account passwords, mother’s maiden name, or date of birth; (f) criminal history; or (g) any other information or combinations of information that falls within the definition of “special categories of data” under GDPR or any other applicable law relating to privacy and data protection.
Fraudulent messages, deceptive marketing, malicious content (such as malware, viruses, or downloads from non-secure locations) or any content that is designated to intentionally evade filters.
- Impersonation of any person or entity, or falsely stating or otherwise misrepresenting affiliation with a person or entity.
- Posing as another service, including for the purpose of phishing or pharming.
Political campaigns or websites whose primary purpose is promoting or endorsing a political candidate.
(b) SMS- and MMS-Only Prohibited Content
To stay in compliance with carrier guidelines and the law, users of the Privy SMS- and MMS-specific services must follow certain rules with respect to messaging content, in addition to the content prohibited across all products and services above. Privy will not provide its service to any client that violates the below content prohibitions.
The messaging, creatives, and calls-to-action content of any Privy SMS- and/or MMS-programs, as well as website of a Privy SMS- and/or MMS-program prospect or client may not contain or promote the following content:
- SHAFT Content (sex, hate, alcohol, firearms, tobacco):
Sex
- Adult or otherwise offensive, inappropriate, pornographic, or obscene content.
Hate
- As described above.
Alcohol
- Alcohol restriction does not apply where client has implemented an age gate in accordance with carrier guidelines.
Firearms
- Includes knives and other weapons, tasers, and stun guns.
Tobacco
- Includes vaping products.
Gambling: The gambling category is prohibited.
Illegal Content
- Any content related to anything that is illegal in any state or federally.
- Endorsement of illegal or illicit drugs, including cannabis and CBD (including hemp seed oil and hemp powder).
Donations (political or charitable).
Sweepstakes: sites that primarily run or aggregate sweepstakes or contests.
Marketing/lead/commission generation services and affiliate marketing programs, including multi-level marketing.
Aggregation services that don't actually sell a product but link to external services, including job boards and job alerts from third-party recruiting firms, work-from-home opportunities, and secret shopper services.
Direct carrier competition messaging about phone plans.
High Risk Financial Services
- Payday lending
- Debt collection
- Loan services not from direct lenders
- Risk Investment Opportunities
- Short term-high interest loans
- Lead generation for any of these high-risk financial programs
Debt Forgiveness
- Debt Consolidation
- Debt Reduction
- Credit Repair
Content from any company whose privacy policy indicates that it sells personal information, including any lead generation that indicates the sharing of collected information with third parties.
6. Limitations on Use.
You understand that not all messages or campaigns sent through use of the Privy Service will be received by or will be capable of being viewed by their intended recipients or will be viewable by your recipients in the same way they appear in our product environment. You further understand that delivery of messages by means of the Privy Service may involve transmissions over various networks, and that the messages (including images and text contained therein) could be reformatted or otherwise revised to conform to the formatting or technical requirements of such networks. You also understand and agree that messages exceeding maximum character limitations may be truncated, abbreviated, reduced or otherwise abruptly cut short.
You agree that we may establish general practices and limits concerning use of the Privy Service, including the maximum number of messages or campaigns that may be distributed by you and/or the maximum size of any messages or campaigns that may be transmitted by means of the Privy Service.
7. Subscriber Privacy.
(a) Customer Privacy Notice. You shall adopt and comply with your own “customer privacy policy.” Your privacy policy will be posted so that your subscribers have notice of your data collection and use practices, including your practices with respect to subscriber data that you obtain from us, and will otherwise comply with applicable law. Without limitation of the foregoing, to the extent required by applicable law, you will include a link to your privacy policy in each email you send through the Privy Service.
(b) Sensitive Information. You will not import or incorporate into any contact lists or other content you make available through the Privy Service any of the following information: social security numbers, national insurance numbers, credit cards, passwords, security credentials, or sensitive personal or health information of any kind. Notwithstanding the foregoing, if you are a covered entity under HIPAA, you agree to contact us at privacy@privy.com in order to request a business associate agreement prior to using the Privy Service with your subscribers. If we agree to enter into a business associate agreement with you, you may include protected health information, subject to this Agreement and the terms of the business associate agreement (additional fees may apply).
8. Your Products and Services.
Among other things, the Privy Service may permit you to (i) communicate about or administer contests, competitions, sweepstakes, or other similar promotional events ("Promotions"); (ii) sell your products and services and tickets to your events to your subscribers and others in the form of various promotional deals, coupons, tickets, vouchers, passes or cards (each, a "Deal"); and (iv) collect donations (each, a "Donation Campaign").
You are solely responsible for your products and services, events, Promotions, Deals and Donation Campaigns, including any and all injuries, illnesses, damages, claims, liabilities and costs suffered in respect thereto. You shall bear all costs of procuring and delivering your products and services, Promotions (including any prizes offered), Deals, running your events and Donation Campaigns, including any associated shipping, taxes and any other fees associated therewith. You hold all necessary governmental and third-party licenses, approvals, authorizations and registrations necessary to offer your products and services, Promotions, Deals and run your events and Donation Campaigns, if any.
You agree to provide your products and services, Promotions, Deals, and run your events and Donation Campaigns in a safe and professional manner, consistent with industry best practices, including keeping reliable records.
You will be solely responsible for any and all statements and promises you make and for all user assistance, warranty and support of your products and services, Promotions, Deals, events and Donation Campaigns and to comply with any promises you make to your customers, users, donors and donees. You further agree to provide contact information for any end-user questions, complaints or claims. You agree that your Promotions and Deals will prominently include any applicable rules, restrictions or limitations necessary to comply with applicable law, this Agreement and your own requirements (the "Offer Terms") and you agree to comply with the same. Any such Offer Terms must be presented to prospective purchasers before they commit to make a payment or take any other action and must include any terms provided by us. If you use the Privy Service to offer a Promotion, you are further responsible for ensuring that you comply with applicable law relating to eligibility requirements (for example, age and residency restrictions), the selection of winners and all prizes offered in connection with the Promotion (for example, registration and obtaining necessary regulatory approvals) and that your Offer Terms include the foregoing to the extent applicable. You shall ensure that the rules for each Promotion (i) state that each entrant or participant unconditionally releases us of any liability arising from the Promotion, and (ii) inform each entrant or participant that the Promotion is in no way sponsored, endorsed or administered by, or associated with, us.
9. Footers.
For each listing, message or campaign sent or distributed through the Privy Service, you agree that we may add a link to our website, our logo, and/or a statement to the effect of "Powered by Privy" in the footer or other similar location that does not unreasonably obscure the message or campaign.