Terms of Service

As of January 1, 2026. Terms of Service & Acceptable Use Policy is subject to change at anytime to maintain compliance with applicable laws.

1. Prohibited Activities

Users are strictly prohibited from using the service to:

Send Spam: Distribute unsolicited mass email, commercial advertising, or promotional solicitations.
Illegal Use: Engage in fraudulent activities, violate the rights of others, or promote illegal content.
Deceptive Practices: Alter or obscure mail headers or assume a sender's identity without explicit permission.
System Abuse: Attempt to breach security, probe vulnerabilities, or interfere with the service's integrity.

Explicit Consent: Commercial and bulk emails may only be sent to recipients who have explicitly "opted-in" to receive them.
Clear Instructions: Users must provide clear instructions on how to opt-in, what is being opted into, and how to opt-out.
Purchased Lists Banned: The use of harvested, rented, or purchased email lists is strictly prohibited.
US CAN-SPAM Compliance: All outbound communications must comply with the US CAN-SPAM Act, including truthful header information, clear identification as an advertisement, and non-deceptive subject lines.

Double Opt-In Requirements: For electronic messages targeting recipients in the European Economic Area (EEA), UK, and Switzerland, Tenant must utilize a double opt-in mechanism for all subscription lists.
Sender Identification: All outbound marketing communications must explicitly display the Tenant's legal entity name, physical postal address, and a functional, single-click electronic unsubscribe mechanism valid for at least 30 days post-transmission under CASL and the Australian Spam Act.
Hard Enforcement Thresholds: B2B ERP reserves the right to immediately throttle or suspend Sales and Marketing modules if Tenant's email campaign bounce rates exceed ≥ 4%, or if spam complaint rates exceed ≥ 0.1% (1 complaint per 1,000 sent emails).

Data Processing Addendum: Tenants executing this Agreement must concurrently execute B2B ERP's Data Processing Addendum ("DPA"), which governs the processing of all personal data under the EU/UK GDPR, Brazil's LGPD, and California's CCPA/CPRA. To obtain the DPA, contact us.
Role of Parties: The Tenant acknowledges that it acts as the Data Controller (or Business) and B2B ERP acts as the Data Processor (or Service Provider) regarding all customer, employee, and lead data ingested into the CRM, HR, and Sales modules.
Cross-Border Transfers: Tenant warrants that it has secured all necessary explicit consents and legal mechanisms required to transfer personal data across international borders into B2B ERP's cloud hosting regions.

Investigation: B2B ERP reserves the right to investigate suspected violations and may remove or disable access to violating content.
Immediate Suspension for Spam: To protect shared infrastructure and IP reputation, B2B ERP reserves the right to immediately suspend email-sending capabilities or terminate accounts for sending spam or violating opt-in thresholds without prior notice.
Service Termination: Disciplinary action or account termination may result from any misuse, such as sending offensive content or spam.

Content Accuracy: Users are solely responsible for the content of their transmissions and must abide by all local and international laws.
Account Security: Users must maintain the security of their login credentials and are responsible for all activity under their account.

Automated HR Decision-Making: Tenant is strictly prohibited from using the HR or CRM modules to conduct automated profiling, hiring, or firing decisions that produce legal effects under the EU AI Act, unless human-in-the-loop oversight is documented.
Fiscal and Tax Compliance: Tenant is solely responsible for verifying the accuracy of tax rates, electronic invoicing templates, and financial ledger data. B2B ERP does not guarantee compliance with localized tax clearing authorities (e.g., SAT, SEFAZ) unless a specific local localization addendum is purchased.
Controlled Inventory: Tenant shall not use the Inventory Management module to track, manage, or facilitate the sale of illegal goods, regulated narcotics, weapons, or items subject to strict international trade embargoes.

Tenant Isolation: Any attempt to access, probe, or modify data belonging to another tenant hosted on the same infrastructure constitutes a material breach and will result in immediate permanent account termination without refund.
API Rate Limits: Tenants must adhere to the standard API consumption thresholds specified in their service plan. Excessive or abusive calls designed to degrade system performance for other tenants will trigger automated throttling or temporary access suspension.

Healthcare and HIPAA Prohibitions: Tenant acknowledges that the standard Service environment is not configured to securely process or store Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). Tenant is strictly prohibited from entering, uploading, or storing PHI within the CRM, HR, or Marketing modules unless both parties have executed a separate, written Business Associate Agreement (BAA).
Financial Recordkeeping Disclaimer: The Service is not intended to serve as a primary repository for financial "books and records" subject to U.S. Securities and Exchange Commission (SEC) Rule 17a-4 or FINRA record-retention mandates. Tenant certifies that it will not rely on the Accounting or Sales modules to meet specialized financial sector audit trails or Write-Once-Read-Many (WORM) immutable data storage regulations.
Government Contracting & FedRAMP Boundary: The Service is hosted on standard commercial cloud infrastructure and is not certified under FedRAMP, CMMC, or similar federal government security frameworks. If Tenant utilizes the Service to fulfill or support a government contract or subcontract, Tenant assumes all liability for ensuring compliance with federal data protection standards.

Downstream Customer Compliance: If Tenant resells goods or services using data managed by the platform (including inventory, accounting ledger data, or sales funnels) to end-users in the healthcare, banking, or defense sectors, Tenant is solely responsible for ensuring that its downstream contracts reflect these architecture boundaries.
Regulatory Indemnification: Tenant agrees to defend, indemnify, and hold harmless B2B ERP from any third-party claims, regulatory fines, penalties, or data breach investigation costs arising out of Tenant's unapproved deployment of the Service to host regulated healthcare, financial, or government-grade datasets.

Proactive System Suspension: If B2B ERP detects or reasonably suspects that Tenant has ingested unauthorized healthcare records, classified government material, or regulated financial transaction logs that jeopardize the multi-tenant database's compliance status, B2B ERP reserves the right to immediately isolate and freeze the Tenant's account without liability or penalty, pending data remediation.