top of page
Acceptable Use Policy

Last Updated: Dec 3, 2025

Effective Date: Dec 3, 2025

This Acceptable Use Policy ("AUP") governs your use of the Thunderhead AI platform and services (the "Service"). This AUP is incorporated by reference into our Terms of Service. Capitalized terms not defined herein have the meanings set forth in the Terms of Service.

By using the Service, you agree to comply with this AUP. We may update this AUP at any time, and your continued use of the Service constitutes acceptance of any changes.

1. Purpose and Scope

Thunderhead AI provides AI-powered lead response and communication services for trade businesses. This AUP ensures that all users utilize the Service responsibly, legally, and in a manner that does not harm others or the integrity of the Service.

This AUP applies to all communications sent through the Service, including SMS messages, emails, web form responses, and any other content transmitted via the platform.

2. Communication Compliance

 

2.1 Consent Requirements

You must obtain and maintain proper consent before sending any communications through the Service. This includes:

For SMS/Text Messages:

  • Obtaining express written consent before sending any marketing or promotional messages

  • Obtaining at least express consent for transactional or informational messages

  • Maintaining records of consent for a minimum of 5 years

  • Honoring opt-out requests within 10 business days (24 hours recommended)

For Email Communications:

  • Obtaining consent where required by applicable law

  • Including a clear and conspicuous unsubscribe mechanism in all commercial emails

  • Honoring unsubscribe requests within 10 business days

  • Including accurate sender identification and physical address

 

2.2 Telephone Consumer Protection Act (TCPA) Compliance

If you use the Service to send SMS messages to U.S. recipients, you must comply with the TCPA:

  • Prior Express Written Consent: Required for marketing/promotional messages. Consent must be clearly and conspicuously disclosed, signed (including electronic signatures), and specifically authorize the type of messages to be sent.

  • Prior Express Consent: Required for non-marketing messages related to an existing business relationship.

  • Opt-Out Honoring: You must immediately cease messaging any recipient who replies STOP, UNSUBSCRIBE, CANCEL, END, or QUIT.

  • Identification: All messages must clearly identify your business name.

  • Time Restrictions: Do not send messages before 8:00 AM or after 9:00 PM in the recipient's local time zone.

 

2.3 CAN-SPAM Act Compliance

For commercial email communications, you must:

  • Use accurate header information (From, To, Reply-To)

  • Use non-deceptive subject lines

  • Identify the message as an advertisement (where applicable)

  • Include your valid physical postal address

  • Provide a clear opt-out mechanism

  • Honor opt-out requests promptly

 

2.4 State and Local Regulations

You are responsible for compliance with all applicable state and local communication laws, which may impose additional requirements beyond federal law. This includes but is not limited to state-specific telemarketing registration, do-not-call list requirements, and consent standards.

 

3. Prohibited Content

You may not use the Service to create, store, or transmit any content that:

 

3.1 Illegal Content

  • Violates any applicable law, regulation, or legal obligation

  • Promotes or facilitates illegal activities

  • Infringes intellectual property rights (copyright, trademark, patent, trade secret)

  • Constitutes illegal gambling or promotes illegal substances

 

3.2 Harmful Content

  • Contains viruses, malware, or other malicious code

  • Is defamatory, libelous, or slanderous

  • Constitutes harassment, bullying, or threats

  • Promotes violence or harm against any person or group

  • Contains hate speech or discriminates based on protected characteristics

 

3.3 Deceptive Content

  • Misrepresents your identity or business

  • Contains false or misleading claims

  • Impersonates another person, business, or entity

  • Uses deceptive practices to obtain personal information (phishing)

  • Contains false testimonials or fabricated reviews

 

3.4 Adult and Inappropriate Content

  • Contains sexually explicit material

  • Depicts or promotes child exploitation (zero tolerance—immediate termination and law enforcement referral)

  • Contains graphic violence or gore

  • Is otherwise inappropriate for a general business audience

 

3.5 Spam and Unsolicited Communications

  • Unsolicited bulk messages (spam)

  • Messages to purchased, rented, or scraped contact lists

  • Messages to recipients who have not provided consent

  • Excessive messaging frequency that constitutes harassment

 

4. Prohibited Activities

You may not engage in any of the following activities:

 

4.1 Service Abuse

  • Circumventing usage limits, quotas, or rate limits

  • Using the Service in a manner that degrades performance for other users

  • Automated access without authorization (bots, scrapers, crawlers)

  • Stress testing or load testing without prior written approval

  • Exploiting bugs or vulnerabilities instead of reporting them

 

4.2 Security Violations

  • Attempting unauthorized access to the Service, other accounts, or systems

  • Probing, scanning, or testing system vulnerabilities

  • Interfering with security features or access controls

  • Intercepting or monitoring data without authorization

  • Introducing malicious code or conducting denial-of-service attacks

 

4.3 Account Abuse

  • Creating accounts under false pretenses

  • Sharing account credentials with unauthorized parties

  • Operating multiple accounts to evade restrictions or bans

  • Reselling or redistributing access to the Service without authorization

 

4.4 Data Misuse

  • Collecting personal information without proper consent

  • Using lead data for purposes beyond those disclosed to the lead

  • Selling, renting, or sharing lead data without authorization

  • Failing to implement reasonable data security measures

 

5. Industry-Specific Restrictions

 

5.1 Prohibited Industries

The Service may not be used by businesses in the following industries:

  • Illegal products or services

  • Adult entertainment or sexually explicit content

  • Illegal gambling or unlicensed gaming operations

  • Controlled substances (except licensed pharmacies with proper compliance)

  • Weapons and ammunition (except licensed dealers with proper compliance)

  • Multi-level marketing schemes or pyramid schemes

  • Debt collection agencies engaging in harassment

  • High-risk financial services (payday loans, cryptocurrency speculation)

  • Any business engaged in fraudulent or deceptive practices

 

5.2 Restricted Industries

The following industries may use the Service subject to additional compliance requirements and review:

  • Healthcare providers (HIPAA compliance required)

  • Financial services (industry-specific regulations apply)

  • Legal services (bar association rules apply)

  • Insurance (state licensing and regulations apply)

  • Real estate (RESPA and state regulations apply)

If you operate in a restricted industry, contact us at compliance@thunderhead.ai before using the Service.

 

6. Message Content Standards

 

6.1 Required Elements

All messages sent through the Service must:

  • Clearly identify your business name

  • Provide accurate contact information

  • Include opt-out instructions for marketing messages

  • Be truthful and not misleading

 

6.2 AI-Generated Content

When using AI-generated responses:

  • You are responsible for reviewing and approving AI-generated content

  • AI responses should be configured to align with your business practices

  • You must not configure the AI to make false claims or promises

  • You should disclose AI involvement where required by law or industry standards

 

6.3 Message Frequency

  • Do not send excessive messages that could constitute harassment

  • Respect reasonable expectations for message frequency

  • Allow adequate time between messages for the same campaign

  • Immediately reduce frequency if a recipient complains

 

7. Data Protection and Privacy

 

7.1 Lead Data Handling

You must:

  • Collect lead data only through lawful means

  • Provide clear privacy notices to leads about data collection

  • Use lead data only for purposes disclosed to the lead

  • Implement reasonable security measures to protect lead data

  • Respond to data subject requests in accordance with applicable law

  • Delete lead data when no longer needed or upon request

 

7.2 Sensitive Data

Do not use the Service to collect, store, or transmit:

  • Social Security numbers or government ID numbers

  • Full payment card numbers (use Stripe for payment processing)

  • Health information subject to HIPAA (unless you have a BAA with us)

  • Biometric data

  • Data from children under 13 (COPPA)

  • Other sensitive personal data without appropriate safeguards

 

8. Reporting Violations

 

8.1 How to Report

If you become aware of any violation of this AUP, please report it to:

Include as much detail as possible, including screenshots, message content, and recipient information.

 

8.2 Cooperation

You agree to cooperate with our investigation of any suspected AUP violation, including providing information and access to relevant records.

9. Enforcement

 

9.1 Monitoring

We reserve the right to monitor use of the Service for compliance with this AUP. We may use automated systems to detect potential violations.

 

9.2 Enforcement Actions

Violations of this AUP may result in:

 

SeverityExamplesPotential Actions

MinorFirst-time technical violation, accidental policy breachWarning, required corrective action

ModerateRepeated minor violations, consent documentation gapsTemporary suspension, mandatory compliance review

SevereSpam complaints, TCPA violations, deceptive practicesImmediate suspension, potential termination

CriticalIllegal content, fraud, child exploitationImmediate termination, law enforcement referral

 

9.3 Discretion

We reserve sole discretion to determine whether conduct violates this AUP and what enforcement action is appropriate. We are not obligated to provide warnings before taking action.

 

9.4 No Liability

Enforcement actions taken in good faith pursuant to this AUP shall not give rise to any liability to you. You remain responsible for any damages caused by your AUP violations.

 

10. Carrier and Third-Party Requirements

 

10.1 Carrier Policies

SMS messages sent through the Service are subject to wireless carrier policies and filtering. You must comply with all applicable carrier requirements, including:

  • CTIA Messaging Principles and Best Practices

  • Carrier-specific content policies

  • 10DLC (10-Digit Long Code) registration requirements

  • Campaign registration and vetting processes

 

10.2 Third-Party Terms

Your use of integrated third-party services (Twilio, Mailgun, etc.) is subject to their acceptable use policies. Violations of third-party policies may result in service disruption and constitute a violation of this AUP.

 

11. Your Responsibilities

By using the Service, you acknowledge and agree that:

  • You are solely responsible for all content transmitted through the Service

  • You will maintain accurate records of consent for all recipients

  • You will respond promptly to complaints and opt-out requests

  • You will implement reasonable compliance procedures

  • You will train your staff on applicable communication laws

  • You will not hold Thunderhead AI liable for your compliance failures

 

12. Changes to This Policy

We may modify this AUP at any time. Material changes will be communicated via:

  • Email notification to your registered address

  • Notice within the Service dashboard

  • Updated "Last Updated" date on this document

Continued use of the Service after changes take effect constitutes acceptance of the modified AUP.

 

13. Contact Information

For questions about this AUP or to report violations:

Thunderhead AI

Compliance: compliance@getthunderhead.com

Abuse Reports: legal@getthunderhead.com

General Support: support@getthunderhead.com

 

 

 

 

 

 

bottom of page