Secret Agents CRMAcceptable Use Policy
Last updated: May 28, 2026
1. Scope
This Acceptable Use Policy (“AUP”) applies to all use of the Secret Agents Client CRM (the “Service”) by Customers and their Users. The AUP is incorporated by reference into the Terms of Service. Capitalized terms not defined here have the meanings given in the Terms of Service.
2. Prohibited content
You may not use the Service to upload, store, transmit, or otherwise process content that:
- Is unlawful, defamatory, harassing, threatening, or abusive.
- Infringes any third party’s intellectual property, privacy, or publicity rights.
- Contains malware, viruses, or other harmful code.
- Constitutes special-category personal data (for example, data revealing health, biometric, or government identifiers) unless expressly agreed in advance in writing.
- Was collected, transferred, or processed without a lawful basis or required consent.
3. Prohibited activities
You may not, and may not permit any third party to:
- Use the Service to send unsolicited communications in violation of anti-spam or marketing law (including, where applicable, CAN-SPAM, CASL, TCPA, and PECR).
- Attempt to access data belonging to another Customer Organization, or to circumvent tenant-isolation, authentication, or authorization mechanisms.
- Scrape, harvest, or otherwise extract data from the Service except as expressly permitted by the Service’s features or documentation.
- Reverse-engineer, decompile, or attempt to derive the source code of the Service.
- Interfere with or disrupt the integrity or performance of the Service, including by overloading endpoints, manipulating rate limits, or sending malformed payloads.
- Use the Service to violate the rights of any individual, including data-subject rights under applicable privacy law.
- Use the Service for any purpose that is unlawful in any applicable jurisdiction.
4. Lead-source obligations
You represent that any lead data ingested into or uploaded to the Service was collected with appropriate notice and, where required, consent. You will not direct the Service to ingest data acquired in violation of applicable privacy or marketing law. You are responsible for honoring opt-outs and other data-subject requests for data you cause to enter the Service.
5. Credential and token security
Ingest tokens, API keys, and authentication credentials must be treated as confidential. You must rotate tokens promptly if they are compromised, and you must not share credentials except with authorized personnel. You are responsible for activity performed under your credentials and tokens.
6. Notification obligations
You will promptly notify us at [security@secretagents.co] if you become aware of any unauthorized access to the Service or any material breach of this AUP.
7. Enforcement
We may investigate suspected violations. We may suspend access, remove offending content, or terminate the Customer’s account for material or repeated violations. Where reasonably possible, we will give notice before suspension, except in cases of urgent security or legal risk.
8. Reporting violations
To report a suspected violation of this AUP, contact [abuse@secretagents.co].
9. Changes
We may update this AUP from time to time. We will revise the version identifier and effective date. Continued use after the effective date constitutes acceptance.