Skip to content
Central Uplift

// LEGAL

Acceptable Use Policy

Effective: April 25, 2026 · Last updated: April 25, 2026

Acceptable Use Policy

Effective: April 25, 2026 Last updated: April 25, 2026 Entity: Central Uplift LLC Contact for abuse reports: abuse@centraluplift.com

This Acceptable Use Policy (“AUP”) describes how Central Uplift LLC (“Central Uplift”, “we”, “us”, “our”) customers must use CU Command. It is part of our Terms of Service. Violating this AUP is a material breach of those Terms and grounds for suspension or termination of your account.

The short version: don’t use CU Command to break the law, don’t use it to message people who haven’t agreed to be messaged, don’t use it for the categories of business that telecom carriers and payment processors won’t carry, and assume that “I didn’t know that was illegal” is not a defense.

1. Communications law — read this section twice

CU Command includes voice, SMS, and email tools. Sending messages with these tools is regulated by federal and state law in the United States, and equivalent laws elsewhere. You are responsible for complying with those laws. We provide tools; you operate them.

The laws that apply most often:

TCPA — Telephone Consumer Protection Act (US, 47 U.S.C. § 227). Governs autodialed calls and texts to mobile numbers. Penalties of $500 to $1,500 per call or text. The 2024 FCC Declaratory Ruling 24-17 confirms that AI-generated voices are “artificial” under TCPA and require prior express written consent before any AI voice may dial.

A2P 10DLC. US carriers require business SMS senders to register a brand and a campaign before any messages will deliver. Unregistered traffic is blocked at the carrier level. Starting June 30, 2026, campaign registrations must include a public Privacy Policy URL and Terms & Conditions URL.

CAN-SPAM Act (US, 15 U.S.C. § 7701). Governs commercial email. Requires accurate sender identification, accurate subject lines, a physical postal address, a working unsubscribe mechanism, and 10-day opt-out honor.

State laws. Several US states (Florida, Oklahoma, Washington and others) have stricter “mini-TCPA” laws with their own penalties.

International. GDPR (EU/UK), CASL (Canada), the Privacy Act (Australia), and other regimes apply to messages sent into those jurisdictions.

You agree that, when using CU Command to send messages of any kind:

  • You will obtain prior express written consent before sending any marketing SMS or any AI-generated voice call to a US mobile number.
  • You will register your A2P 10DLC brand and campaign before sending business SMS in the US.
  • You will honor opt-out requests immediately. CU Command auto-processes the keywords STOP, QUIT, END, REVOKE, OPT OUT, CANCEL, UNSUBSCRIBE; you may not override or work around this.
  • You will not send marketing messages to any number on a Do Not Call registry where consent has not been independently obtained.
  • You will identify yourself accurately in every message — your real business name in SMS, your real “from” name in email, and a verifiable callback number on voice.
  • You will keep records of consent for at least 4 years from the most recent communication, and you will produce them to us within 5 business days if we ask.

If you are not certain whether what you’re about to send is legal, do not send it.

2. Specifically prohibited uses

You may not use CU Command:

For unconsented outreach. No cold SMS to non-opted-in numbers. No cold AI voice calls (live human cold-calling within TCPA-permitted hours and channels is allowed where lawful, but AI voice cold-calling is not). No automated email blasts to scraped or purchased lists where the recipients have not given consent under CAN-SPAM and any applicable state law.

To impersonate or mislead. You may not pretend to be someone you’re not. You may not use sender names or caller IDs that misrepresent who you are. You may not use deceptive subject lines or pretexts.

For the following business categories, which are categorically restricted by carriers and payment processors:

  • High-risk financial services that have not been independently approved by the relevant regulator (payday lending, bail bonds, debt-collection-on-purchased-paper outside of FDCPA-licensed operations, cryptocurrency promotions to retail consumers).
  • Cannabis, kratom, kava, CBD over the legal threshold, and equivalent products in jurisdictions where they’re restricted.
  • Adult content, escort services, dating services targeting minors, or anything sexually explicit.
  • Online gambling and sweepstakes outside of states where licensed.
  • Firearms, ammunition, fireworks, or other regulated weapons.
  • Multi-level marketing or other compensation structures classified as pyramid schemes.
  • Pharmaceutical sales to consumers without a verified prescription workflow.
  • “Get rich quick”, “guaranteed income”, “no-risk investment”, and similar inherently misleading marketing claims.
  • Political campaigning, fundraising, or polling without specific written approval from us.

To harvest data or scrape platforms. You may not use CU Command to scrape Google, Meta, LinkedIn, or any other platform in violation of their Terms of Service. You may use Central Uplift’s prospect-data integrations (Apollo, Clay, others) only as their own terms permit.

To send malware, phishing, or fraud. Self-explanatory.

To violate intellectual property. Don’t use CU Command to send copyrighted material without rights, or to operate trademark-infringing campaigns.

To harass or threaten. Don’t use CU Command to send threatening, harassing, defamatory, or hate-speech content. We will suspend an account immediately for credible reports of this kind of misuse.

To circumvent technical protections. No reverse-engineering, no rate-limit-evading scripts, no scraping CU Command’s own UI to build a parallel system, no using one CU Command tenant to access another’s data.

For competitive benchmarking against us. Don’t open a CU Command account to build a competing product. (This is also covered under our Terms of Service IP section.)

3. Carrier and processor requirements pass through to you

Twilio (our SMS/voice carrier), Stripe (our payment processor), Resend (our email service), and Cloudflare (our CDN) each have their own acceptable use rules. If they tell us your activity violates their rules, we have to act. That usually means asking you to stop the activity immediately and, if you don’t, suspending or terminating your account. We don’t have discretion here — these vendors can shut us off if we don’t enforce.

You agree to abide by:

  • Twilio’s Acceptable Use Policy at twilio.com/legal/aup
  • Twilio’s Messaging Policy at twilio.com/legal/messaging-policy
  • Stripe Restricted Businesses list at stripe.com/legal/restricted-businesses
  • Resend’s Acceptable Use Policy at resend.com/legal/acceptable-use
  • The CTIA Short Code Monitoring Handbook for any short-code SMS

Where any vendor’s policy is more restrictive than this AUP, the more restrictive policy applies.

4. Volume, content, and rate limits

We may set limits on:

  • Messages per second, per day, or per month
  • Number of contacts in a database
  • Storage of call recordings or attached files
  • API request rate

These limits are part of your subscription plan and exist to keep CU Command stable for everyone. You may not engineer around them.

We may also rate-limit or temporarily pause sending if we observe one of these signals — known to us as the “circuit breaker”:

  • Inbound complaint rate above 0.1% (immediate stop)
  • Carrier filtering rate above 1.5% (alert to you)
  • Carrier filtering rate above 2.0% (automatic pause)
  • Carrier filtering rate above 3.0% (automatic stop, manual review required to resume)

These thresholds protect your sender reputation as much as ours. If they trip, we’ll work with you on what changed and how to fix it before we re-enable sending.

5. Reporting and enforcement

Reporting abuse. If you believe a CU Command customer is misusing the platform, email abuse@centraluplift.com with as much detail as possible — including any messages, numbers, or identifiers you can share. We acknowledge abuse reports within 1 business day and investigate every credible report.

Reporting security issues. Email security@centraluplift.com. We follow coordinated-disclosure best practice and don’t pursue researchers acting in good faith.

Reporting copyright / DMCA infringement. Email abuse@centraluplift.com with the elements required by 17 U.S.C. § 512(c)(3): identification of the work, identification of the infringing material, your contact information, a good-faith statement, an accuracy statement under penalty of perjury, and your physical or electronic signature.

Our enforcement options. When a violation is reported or detected, we may:

  • Warn you and require remediation within a stated timeframe
  • Suspend specific features (sending, AI calls) while we investigate
  • Suspend your account
  • Terminate your account
  • Cooperate with law enforcement
  • Disclose information about the violation to relevant authorities, vendors, or affected parties as the law requires

We don’t enjoy doing any of this. We do it because the alternative is that one customer’s bad behavior shuts down the platform for every customer.

6. Customer obligations (specific affirmative duties)

You agree to:

  1. Maintain a public privacy policy and terms of service on your business’s website that accurately describe your data practices.
  2. Maintain accurate sender registration with Twilio (10DLC), with your email-sending domains (SPF, DKIM, DMARC), and with any other authentication system the channel requires.
  3. Process opt-outs across channels. A recipient who opts out of one channel is presumed to have opted out of all marketing channels with you, unless they’ve separately opted into another.
  4. Provide a working unsubscribe link in every commercial email and a working STOP keyword in every marketing SMS.
  5. Identify yourself in every message with the actual business name shown on your CU Command account.
  6. Honor your jurisdiction’s quiet hours for SMS and voice (typically 8:00 AM to 9:00 PM in the recipient’s local time, US default; stricter in some states and countries).
  7. Cooperate with our investigations. If we ask for consent records, contact-acquisition documentation, or message logs, you’ll provide them within 5 business days.
  8. Notify us within 24 hours of becoming aware of any data breach, regulatory inquiry, lawsuit, or carrier complaint involving your CU Command activity.

7. Changes to this AUP

We update this AUP when laws change, when carrier or processor policies change, or when we observe new abuse patterns we need to address. The “Last updated” date at the top tracks these changes. For material changes, we notify customers by email at least 14 days in advance.

8. How to reach us