1. Purpose and scope
This Acceptable Use Policy (AUP) protects end-recipients, you, other Customers, and the platform itself. It applies in addition to the Terms of Service, the Privacy Policy, and (for paid Customers) the Data Processing Agreement, and forms part of the binding contract between you and Cualify Technologies LLP. It governs every dial placed through Cualify — through the dashboard, the REST API, an integration, or an agent acting on your behalf.
Capitalised terms not defined here have the meaning given in the Terms of Service.
2. Definitions
- "End-recipient" — any natural person who receives or initiates a call through your Cualify account.
- "Calling window" — 09:00 to 21:00 Indian Standard Time, the outbound window mandated by TRAI TCCCPR 2018 for commercial communication, unless the recipient has signed an explicit out-of-window consent.
- "DLT" — the Distributed Ledger Technology platform operated by Indian access providers (Vodafone Idea, Jio, Airtel, BSNL) on which every commercial sender must register its entity, header, and message/voice templates.
- "AI disclosure" — the verbal statement, played within five seconds of the recipient picking up, that identifies the call as being conducted by an AI agent on behalf of a named human business.
- "Opt-out" — any clear signal from a recipient that they do not wish to receive further calls, including verbal "stop / unsubscribe / no", a DTMF press of the documented opt-out digit, or a request relayed through the National Customer Preference Register (NCPR/DND).
3. Consent — the cornerstone
Before any dispatch, you must hold one of the following lawful bases for the end-recipient's number:
- Explicit prior consent from the end-recipient to be contacted by your business, for the specific purpose of the call (sales, support, appointment booking, collections, survey, KYC), captured with date, channel, and the exact consent text shown.
- An existing contractual relationship in which the call is necessary to perform the contract (e.g. delivery reminders to a customer who placed an order with you, or KYC follow-ups for a borrower).
- A statutory authorisation — e.g. RBI-permitted collection calls within the FPC window, IRDAI-permitted policy-renewal calls, statutory notice calls under court order.
- Verified opt-in via a confirmed double-opt-in link (preferred for marketing).
Consent must be specific (one product / one purpose), informed (recipient knew what they were agreeing to), and revocable (you act on opt-out within 24 hours, platform-wide). Bundled consent collected at the bottom of an unrelated form does NOT meet this bar.
4. Prohibited content and use cases
You may not use Cualify for calls that promote, facilitate, threaten, or otherwise relate to:
- Scams, financial fraud, identity theft, phishing, vishing, OTP-extraction calls, fake KYC re-verification, or impersonation of any individual, business, government department, or law-enforcement body.
- Gambling, betting, fantasy gaming, or lotteries that lack a valid state licence or central registration under the Lotteries (Regulation) Act 1998 — including offshore real-money gaming brands.
- Adult, sexually explicit, or pornographic content, or any content that sexualises a minor.
- Political content — campaigns, voter outreach, party messaging, polls — unless the sender is registered as Political category on DLT and the calls run strictly outside the Election Commission of India's silence period.
- Healthcare claims, drug promotion, or medical advice from any party that lacks the regulatory clearance applicable to that claim (CDSCO, NMC/MCI, ASCI guidelines). Calls implying diagnosis or treatment are prohibited unless conducted by or on behalf of a registered medical practitioner.
- Multi-level marketing, chain-recruitment, money circulation, Ponzi or pyramid schemes, prohibited under the Prize Chits and Money Circulation Schemes (Banning) Act 1978.
- Illegal drugs, controlled substances, narcotics, weapons, ammunition, explosives, counterfeit goods, ivory, or human trafficking.
- Predatory lending, unregistered digital-lending applications, unsecured credit offers that violate RBI Digital Lending Guidelines, or harassment-style debt-collection calls that violate the RBI Fair Practices Code for Lenders.
- Hate speech, content that incites violence or discrimination, defamation, threats of physical harm, harassment, stalking, or doxxing.
- Misrepresentation of identity — including calling under a false business name, spoofing caller ID outside of approved DLT headers, or impersonating a person who has not authorised the impersonation.
- Distribution of malware, spyware, or any payload designed to compromise the recipient's device or accounts.
- Mass appeals for donations without a valid 12A/80G registration where one is required, or by entities not registered under the FCRA when foreign-funded.
5. Required practices
On every call dispatched through Cualify you must:
- Honour DND/NCPR registrations. Cualify automatically scrubs uploaded contact lists against the latest TRAI DND feed; you must not bypass the scrub, re-upload scrubbed numbers, or call from a parallel system to evade it.
- Respect TRAI calling-window restrictions — outbound commercial calls only between 09:00 and 21:00 IST unless the recipient has signed a documented opt-in for an alternate window.
- Maintain valid prior consent for every dial and produce it within 48 hours of a written request.
- Use the AI disclosure module on every call. The disclosure plays within the first five seconds and identifies the agent as AI acting on behalf of your named business. Do not disable, shorten, mask, or contradict it.
- Provide a working opt-out mechanism in every call — DTMF (key press) AND voice command ("stop", "unsubscribe", "do not call"). Act on opt-outs within 24 hours across your entire account, not just the specific campaign.
- Register every outbound use case under your DLT entity. Use the correct template category: Promotional, Service, or Transactional. Promotional calls must run outside DND-suppressed hours and may not be sent to recipients registered with NCPR.
- Maintain accurate sender / caller-id identification. Your DLT header must match your registered legal name; Cualify will not transmit a header that doesn't reconcile.
- Truthfully describe pricing, fees, terms, and timelines whenever a financial product is offered. RBI and IRDAI templates apply.
6. Sectoral specifics
Additional rules apply by sector. These are illustrative, not exhaustive — your domain's regulator may impose further requirements.
- Lending and NBFC — Comply with the RBI Fair Practices Code (FPC). Collection calls only between 08:00 and 19:00 unless the borrower agreed otherwise in writing; no threats, abuse, or contact with third parties beyond what is permitted; every digital-lending app must be registered with RBI and must use only approved RBI-regulated entities (REs) as the lender of record.
- Insurance — IRDAI requires disclosure of the agent / intermediary, the company on whose behalf the call is made, the product name, the IRDAI registration number, and a clear statement that the call is for sale/servicing. Mis-selling or buying-pressure language is prohibited.
- Healthcare — No diagnosis, no prescription, no claim of cure on a call placed through Cualify. Calls may reschedule appointments, deliver lab-result notifications, or remind of follow-ups, but cannot offer or imply medical advice unless conducted by or on behalf of a registered medical practitioner.
- Education and EdTech — No misrepresentation of placement statistics, scholarships, accreditations, or career outcomes. No calls to minors without a verified parent-or-guardian opt-in. No pressure or scarcity tactics aimed at parents of minors.
- Government and political — Political category DLT registration is mandatory. No calls during the Election Commission's 48-hour silence period. No impersonation of government officials, schemes, or departments.
- Real estate and brokerage — RERA registration of the broker/developer must be cited on request. No misrepresentation of approvals, possession dates, or carpet area.
- Real-money gaming and gambling — Permitted only with a valid state licence and only into the states where the licence applies. Geofencing checks are the Customer's responsibility.
7. Rate limits and platform integrity
- Concurrent call ceilings are set per plan (see /pricing). The platform rate-limits at the edge — automating around the limit by spinning up multiple accounts is a Section 9 (Enforcement) issue.
- Automated traffic that bypasses the dashboard or APIs (scraping, headless control of the web UI) is not permitted.
- Do not attempt to reverse-engineer Cualify's voice models, extract training data, or probe other tenants' data.
- Do not run your own load tests against production. If you need to validate at scale, coordinate with [email protected] 7 days in advance; we will provision a sandboxed limit raise.
- Penetration testing of your own account is welcomed; coordinate with [email protected] 7 days in advance with target scope and timing.
- Do not call numbers belonging to telecom regulators (TRAI, DoT, the access providers) or to Cualify itself except in good-faith use of the platform.
8. Intellectual property and content
- You are responsible for the rights to the scripts, voice clones, brand assets, and customer-list copy you upload. You represent that they are lawfully obtained and that you may use them for the calls you instruct.
- Custom voice cloning requires the speaker's written consent (we ask for it during onboarding) and a recording of the consent statement.
- Do not impersonate real public figures, government officials, business leaders, or other companies — even where the speaker has nominally consented but the use causes confusion in the recipient's mind.
- Do not upload copyrighted music, audio clips, or third-party voice models you don't have a licence for.
9. Enforcement
Cualify operates a tiered enforcement workflow. Where we have evidence (a complaint, a TRAI / DoT notice, a regulator query, an internal automated signal from our abuse-detect cron, or your own self-report) that this AUP has been violated, we follow this ladder unless the severity demands a faster response:
- First confirmed violation — we email the SPOC and the workspace owner with the specific concern. We pause the offending campaign. You have 24 hours to remediate (stop the offending calls, replace the script, withdraw the contact list, etc.).
- Unremediated or repeated violation — we suspend the account workspace-wide. Read-only access to billing, audit log, and exports remains for 30 days for record-keeping. The associated DLT header may be temporarily flagged.
- Severe violations — confirmed fraud, illegal content, impersonation of authorities, content directed at minors, threats of harm, or any case that has caused material recipient harm — result in immediate termination, forfeiture of unused credits, and a report to the relevant authority (TRAI / DoT / DPB / law enforcement).
- Patterned abuse across multiple workspaces — when we identify that a single beneficial owner is operating multiple workspaces to evade a suspension, all linked workspaces are terminated and the beneficial owner is barred from future use.
We may, at our discretion, accept a remediation plan in lieu of immediate suspension when the customer cooperates promptly. We may also escalate from step 1 directly to step 3 where the violation is severe.
10. Reporting abuse — for end-recipients
If you believe a call placed through Cualify violated this AUP — for example you received a suspicious call from a Cualify-powered number, or someone impersonated your business through our platform — please write to [email protected] with as much of the following as you have:
- Date, time, and time zone of the call
- Calling number (the number on your caller ID)
- Your number that received the call (if you wish to confirm a takedown)
- Any audio recording or transcript
- The script content or any URL the agent referenced
- Whether you had ever given consent to the sender
We do not require a registered account to file an abuse report. We do not share your identity with the sender. Where the report identifies criminal conduct we cooperate with law-enforcement under valid process.
11. Takedown SLA and regulator co-operation
Where a regulator (TRAI, DoT, DPB), an access provider, or a court issues a notice to take down a specific campaign or to suspend a sender, we act on the notice within four working hours of valid receipt. We preserve associated audit logs and recordings for the duration of any investigation and produce them under valid legal process.
Where we receive a private abuse report that meets a clear threshold (fraud, content directed at minors, active threats), we may suspend the offending campaign or workspace without prior notice and inform the Customer simultaneously with the action.
12. Operational monitoring
Cualify runs automated abuse-detection signals to keep the platform healthy. These look at, among other things: anomalous call volume relative to your historical baseline, sub-five-second call durations (a hang-up pattern that often indicates a spam-prober), DND-block rates, opt-out spike rates, recipient-complaint clusters tied to specific scripts or numbers, and TRAI / access-provider feedback.
Flagged accounts are reviewed by a human reviewer before any enforcement action. Where the signal is strong we may pause the offending campaign pending the review. The signal logic is not customer-tunable — disabling it would defeat its purpose — but you are welcome to request a copy of your own flags through [email protected].
13. Changes to this AUP
We may update this AUP to address new abuse vectors, regulatory changes, or platform features. Material changes are emailed to the workspace owner and the SPOC at least 14 days before the effective date. Continued use of the Services after the effective date constitutes acceptance.
Related documents
Have a question?
General queries — [email protected]. Privacy and DPDP rights — [email protected]. Abuse reports — [email protected].