Effective Date: March 3, 2026
Last Updated: March 3, 2026
This Acceptable Use Policy (“AUP”) supplements the Master Subscription Agreement (“Agreement”) between Social News Desk, Inc. dba CivAll (“CivAll”) and Customer. This AUP establishes operational guidelines for use of the CivAll Platform. It is incorporated into the Agreement by reference and applies in addition to the prohibited conduct provisions in the Agreement.
Capitalized terms not defined herein have the meanings given in the Agreement.
The Platform’s notification and communication features — including email, SMS, and push notifications — are intended for legitimate civic engagement, government communication, and public administration purposes. All messages sent through the Platform must comply with applicable laws, including the CAN-SPAM Act, the Telephone Consumer Protection Act (TCPA), and state and local telemarketing regulations.
CivAll may establish reasonable volume limits for email and SMS communications based on Customer’s Subscription tier. Current limits are specified in Customer’s order form. Customers who anticipate temporary volume increases (e.g., for emergency notifications or election communications) should contact CivAll in advance to arrange capacity.
Customer is responsible for maintaining accurate and current recipient lists. Customer must:
(a) Honor all opt-out and unsubscribe requests within the timeframes required by applicable law.
(b) Remove invalid, bounced, or undeliverable addresses promptly. CivAll may automatically suppress addresses that repeatedly bounce.
(c) Not purchase, rent, or use third-party contact lists for unsolicited communications through the Platform.
(d) Provide a clear and functional unsubscribe mechanism in all non-emergency communications.
Emergency notifications (such as weather alerts, public safety warnings, and evacuation notices) are exempt from standard opt-out requirements to the extent permitted by applicable law. Customer is solely responsible for determining when a communication qualifies as an emergency notification.
CivAll monitors messaging patterns to protect deliverability for all customers. If Customer’s messaging activity results in excessive bounce rates (above 5%), spam complaint rates (above 0.1%), or patterns consistent with unsolicited bulk messaging, CivAll may throttle or temporarily suspend Customer’s messaging capabilities and will work with Customer to resolve the issue.
CivAll may provide application programming interfaces (“APIs”) to enable Customer to integrate the Platform with other systems. API access is subject to this AUP and any additional API documentation provided by CivAll.
All API access must use valid authentication credentials issued by CivAll. Customer must keep API keys and tokens confidential and must not share credentials across unrelated systems or with unauthorized third parties.
CivAll enforces rate limits on API requests to ensure Platform performance and fair access for all customers. Current rate limits are published in CivAll’s API documentation. CivAll may adjust rate limits with reasonable notice. Requests that exceed published rate limits may be throttled or rejected.
Customer shall not use the APIs to:
(a) Scrape, harvest, or bulk-extract data from the Platform for use outside the Platform.
(b) Build a competing product or service using data obtained through the APIs.
(c) Circumvent Platform access controls, authentication mechanisms, or usage limits.
(d) Perform automated load testing, stress testing, or vulnerability scanning against the APIs without CivAll’s prior written approval.
(e) Interfere with, degrade, or disrupt the APIs or the Platform’s infrastructure.
CivAll may update, modify, or deprecate APIs with at least thirty (30) days’ advance notice. CivAll will use reasonable efforts to maintain backward compatibility and will provide migration guidance when breaking changes are necessary.
Customer is responsible for all content it publishes or causes to be published through the Platform, including website pages, notification content, meeting agendas, documents, forms, and surveys. Customer content must comply with all applicable laws and the Agreement.
Where the Platform enables members of the public to submit content (such as public comments, survey responses, feedback submissions, and forum posts), Customer is responsible for establishing and enforcing content moderation policies appropriate for its community. CivAll provides moderation tools but does not monitor or moderate citizen-generated content on Customer’s behalf.
CivAll provides tools to help Customer manage citizen-generated content, which may include:
(a) Content filtering and keyword blocking.
(b) Manual review and approval queues.
(c) Reporting mechanisms for community members to flag inappropriate content.
(d) Automated detection of spam, profanity, or harmful content.
Customer is responsible for configuring these tools to meet its community standards and legal requirements, including First Amendment considerations applicable to government-operated forums.
Regardless of the source, the following content may not be published or transmitted through the Platform:
(a) Content that violates applicable law, including content that is defamatory, obscene, or that constitutes an incitement to imminent lawless action.
(b) Content that infringes a third party’s intellectual property rights.
(c) Malicious code, including viruses, trojans, ransomware, or scripts designed to disrupt the Platform.
(d) Content that impersonates a government official or agency without authorization.
(e) Spam, phishing attempts, or fraudulent content.
Customer should ensure that content published through the Platform meets accessibility standards consistent with the Platform’s WCAG 2.1 Level AA design target. This includes providing alternative text for images, captions or transcripts for media, and using clear, readable formatting. CivAll provides accessibility tools and guidance but cannot guarantee the accessibility of content authored by Customer.
Customer is responsible for the security of its accounts and credentials. Customer must:
(a) Use strong, unique passwords for all Authorized User accounts.
(b) Enable multi-factor authentication (MFA) when available.
(c) Promptly revoke access for personnel who are no longer authorized.
(d) Report suspected security incidents to CivAll immediately.
Customer shall not engage in activity that consumes unreasonable Platform resources to the detriment of other customers. This includes excessive storage usage, abnormal compute loads, or automated processes that degrade Platform performance.
Customer is responsible for ensuring that data imported into the Platform is accurate, lawfully obtained, and does not include prohibited data types as described in the Agreement.
CivAll monitors Platform usage patterns for security, abuse prevention, and deliverability protection. CivAll does not monitor the substance of Customer’s content.
If CivAll identifies a potential violation of this AUP, CivAll will notify Customer and provide a reasonable opportunity to cure, consistent with the enforcement provisions of the Agreement. For violations that pose an immediate threat to Platform security, deliverability, or other customers, CivAll may take protective measures (such as throttling messaging or rate-limiting API access) while working with Customer to resolve the issue.
Repeated or uncured violations of this AUP may constitute a material breach of the Agreement.
CivAll may update this AUP by providing Customer at least thirty (30) days’ advance written notice, in accordance with the operational policy update provisions of the Agreement. Updates will not materially diminish Customer’s rights under the Agreement.
Questions about this Acceptable Use Policy should be directed to:
Email: legal@civall.com
For support or to report a potential violation:
Email: support@civall.com