Acceptable Use Policy
The rules that keep OpsIQ safe, lawful and reliable for everyone. This policy applies to all use of OpsIQ — Cloud and Self-Hosted — and to every channel the platform powers: AI chat, tickets, CRM, promotions, email, webhooks and APIs.
Stay lawful
Use OpsIQ only for legal, consented, honest purposes across every channel it powers.
No abuse
No spam, attacks, scraping, malware, harassment, or limit-circumvention — ever.
Fair use
Stay within rate limits and plan allowances so the platform stays fast for everyone.
Report & review
Flag abuse to [email protected], and always review AI output before you act on it.
OpsIQ powers conversations, automations and AI across many businesses on shared infrastructure. This Acceptable Use Policy explains what you can and can’t do so the platform stays safe, lawful and reliable for every tenant. It applies equally to OpsIQ Cloud and to Self-Hosted installations licensed by Nabtech.
1Purpose & scope
This Acceptable Use Policy (the "AUP") forms part of the OpsIQ Terms of Service and governs how you, your users, and your end-users may use the OpsIQ platform ("OpsIQ", the "Service"). It applies whether you use OpsIQ Cloud (SaaS) or the Self-Hosted licensed software, and to every channel the Service powers — including the AI chat widget, native ticketing, CRM, promotions studio, surveys, email/messaging, webhooks and APIs.
OpsIQ is owned and operated by Nabtech Digitalnet Limited ("Nabtech", "we", "us"). Capitalised terms not defined here have the meaning given in the Terms of Service. By accessing or using the Service, you agree to this AUP on behalf of yourself and everyone using the Service through your account, workspace, or installation. We may update this AUP as described in the Changes section.
2Who this applies to
This AUP applies to every person and system that touches the Service through you, including:
- your account owners, admins, agents, and other authorised users;
- your end-users and visitors who interact with channels you operate (chat widgets, promotions, surveys, ticket forms);
- your developers and any third-party integrations, scripts, or services you connect via our APIs and webhooks;
- anyone operating a Self-Hosted OpsIQ installation under a valid Nabtech licence.
You are responsible for the conduct of all of the above and for ensuring they comply with this AUP. A violation by any of them is treated as a violation by you.
3Prohibited content
You must not use the Service to create, upload, store, transmit, display, or distribute content that:
- is illegal, or promotes, facilitates, or encourages illegal activity;
- infringes any intellectual-property, publicity, or privacy right, including unlicensed copyrighted works and counterfeit goods;
- contains or distributes malware, viruses, ransomware, worms, or other malicious code;
- is sexually explicit or pornographic, or that sexualises minors in any way — child sexual abuse material (CSAM) is strictly prohibited and will be reported to authorities;
- is hateful, that incites violence, or that harasses, threatens, defames, or bullies any person or group on any basis;
- depicts or promotes self-harm, terrorism, violent extremism, or weapons of mass destruction;
- is fraudulent, deceptive, or designed to mislead, including fake reviews, deepfakes intended to deceive, and scams.
4Prohibited activities
You must not, and must not allow anyone to:
- send spam, unsolicited bulk messages, or chain communications through any OpsIQ channel;
- conduct phishing, social engineering, credential harvesting, or other deceptive attempts to obtain sensitive information;
- scrape, harvest, or collect data from the Service or third parties in violation of law, terms, or technical controls;
- resell, sublicense, white-label, or operate the Service for third parties without our written authorisation;
- circumvent or attempt to bypass licence keys, usage limits, rate limits, metering, or any technical protection;
- use the Service for cryptocurrency mining or other resource-abusing workloads it is not intended for;
- interfere with, degrade, or attempt to access the data, workspace, or experience of any other tenant.
5Security & integrity
To protect the Service and everyone on it, you must not:
- gain or attempt to gain unauthorised access to any account, workspace, system, network, or data;
- probe, scan, or test the vulnerability of OpsIQ systems, or breach any security or authentication measure, without our prior written permission;
- bypass, disable, or tamper with licence keys, API keys, webhook secrets, or any technical protection mechanism;
- launch denial-of-service (DoS/DDoS) attacks, flood traffic, or otherwise disrupt the Service or its infrastructure.
You are responsible for the security of your own use. Protect account credentials, API keys, licence keys and webhook secrets; use strong, unique passwords and enable multi-factor authentication where available; rotate keys when staff change or compromise is suspected; and, for Self-Hosted, keep your installation, host, and dependencies patched and securely configured. Report suspected vulnerabilities responsibly to [email protected] and allow reasonable time to remediate before any disclosure.
6Messaging & anti-spam
Across all OpsIQ messaging channels — email, chat, promotions, surveys, announcements, and webhook-driven notifications — you must:
- have a lawful basis and, where required, valid consent before contacting any individual;
- comply with all applicable anti-spam and electronic-communications laws, including CAN-SPAM, GDPR/ePrivacy, CASL and local equivalents;
- accurately identify yourself as the sender and never use false or misleading headers, subject lines, or sender identities;
- provide a clear, functioning opt-out / unsubscribe mechanism in marketing communications and honour opt-outs promptly;
- not purchase, rent, or use lists of contacts who have not consented to be contacted by you;
- not use chat or promotional surfaces to deliver deceptive, intrusive, or non-consensual marketing;
- not send unsolicited bulk messages or abuse webhooks to relay spam to third-party endpoints.
7AI-specific acceptable use
The Service includes AI features. You must not use them to:
- attempt prompt-injection, jailbreaking, or other attacks intended to subvert safety controls, extract system prompts, or push the AI outside its configured purpose;
- generate or amplify disinformation, deceptive political content, or content designed to manipulate elections or public opinion;
- impersonate any person, brand, or organisation without authorisation, or pass off AI-generated content as human-authored where disclosure is required;
- generate unlawful, infringing, or harmful content described in Prohibited content;
- produce automated decisions with legal or similarly significant effects on individuals without appropriate human oversight and any required disclosures;
- misuse personal data — for example, profiling, scoring, or targeting individuals without a lawful basis;
- circumvent provider safety measures or use AI output in ways that violate the chosen model provider’s terms.
You are the human in the loop. You remain responsible for reviewing AI Output before relying on, publishing, or acting on it.
8Rate limits & fair use
The Service is shared infrastructure with published rate limits and plan allowances. To keep it fast and reliable for everyone, you must:
- stay within published rate limits and your plan’s usage allowances; we may throttle, queue, or block traffic that exceeds them or degrades the Service for others;
- not use automation, scripts, or integrations to overload, probe, or abuse endpoints, or to evade rate limits;
- validate webhook signatures (HMAC) and secure your receiving endpoints against spoofing and replay;
- keep API keys and webhook secrets confidential, and rotate them if compromised;
- not use the API to replicate, mirror, or build a competing service, or to bypass plan limits.
Excessive or abusive load may be rate-limited or suspended to protect platform stability.
9Third-party & end-user responsibility
When you push end-user or third-party data into OpsIQ (for example, visitors, contacts, tickets, or CRM records), you are the controller of that data and you must:
- have a valid lawful basis and, where required, consent to collect and process that data through the Service;
- provide your end-users with required privacy notices, including any AI-disclosure and cookie/consent notices;
- only submit data you are entitled to submit, and not submit special-category or highly sensitive data unless your configuration and lawful basis support it;
- honour end-user rights (access, deletion, objection) and configure retention appropriately in your workspace;
- ensure third-party integrations you connect are themselves used lawfully and within their own terms.
Your use of personal data through the Service is also governed by the Privacy Policy and, where applicable, the Data Processing Addendum.
10Self-hosted use
If you operate OpsIQ as Self-Hosted software under a valid Nabtech licence, this AUP applies to that installation in full. In addition, you must:
- use the software only within the scope of your licence and not exceed its seat, workspace, or usage entitlements;
- not tamper with, remove, or circumvent licence keys, licence checks, or copyright/ownership notices;
- keep your host, operating system, and dependencies patched, hardened, and securely configured;
- not resell, sublicense, white-label, or provide the software as a service to third parties without written authorisation;
- remain responsible, as operator, for all content and activity on your installation — including your end-users and connected integrations.
We may not have visibility into a Self-Hosted environment; that does not relieve you of responsibility for compliant, lawful operation.
11Monitoring & enforcement
We may monitor use of the Service for security, abuse, and policy compliance, and we may investigate suspected violations of this AUP and cooperate with law enforcement where appropriate. Depending on severity, we may, with or without notice:
- issue a warning and request remediation;
- remove or disable offending content or configurations;
- rate-limit, throttle, or restrict all or part of your access;
- report unlawful content or activity to the relevant authorities.
Serious violations — such as CSAM, attacks on the Service, or unlawful use — may result in immediate action without prior notice. We are not liable for action taken in good faith to enforce this AUP.
12Suspension & termination
Where a violation warrants it, we may suspend or terminate your account, workspace, or licence in accordance with the Terms of Service. We will generally aim to give notice and an opportunity to remediate for non-severe issues, but we may suspend immediately where:
- there is an active security threat, attack, or risk to other tenants or the platform;
- the content or activity is plainly unlawful (including CSAM);
- continued use would expose us or others to legal, regulatory, or reputational harm.
Suspension or termination for cause does not entitle you to a refund of prepaid fees, except as required by your agreement or applicable law.
13Reporting abuse
If you become aware of any content or activity that violates this AUP, please report it to [email protected]. Include enough detail — URLs, workspace, timestamps, and a description — for us to investigate efficiently.
Security vulnerabilities should be reported separately to [email protected]. For general help, contact [email protected].
14Changes
We may update this AUP from time to time to address new risks, features, or legal requirements. The Effective date above reflects the current version. Material changes will be communicated by reasonable means (such as email to account admins or by posting on this page). Your continued use of the Service after changes take effect constitutes acceptance.
15Contact
This AUP is published by Nabtech Digitalnet Limited, the owner and operator of OpsIQ (https://www.nabtech.co).
- Report abuse —
[email protected] - Security & vulnerabilities —
[email protected] - General support —
[email protected]
This document is provided for transparency and does not constitute legal advice; the definitive terms are those in your signed order/agreement.