SalesQL Acceptable Use Policy

v1.3Updated 24 May 2026Effective 24 May 2026

This Acceptable Use Policy (the "AUP") sets out the rules that apply to the use of the SalesQL services and products provided by SALESQL LTD, a private limited company registered in England and Wales under company number 11982774 ("SalesQL", "we", "us" or "our").

The AUP supplements the Terms of Service, the Privacy Policy and the Data Processing Addendum. Capitalised terms used in this AUP have the meanings set out in those documents.

By accessing or using the Services, the Customer and its End Users agree to comply with this AUP. Failure to comply with this AUP is a material breach of the Terms of Service and may result in suspension or termination of the Account, in addition to SalesQL's other remedies.

#1. Responsibility

The Customer is responsible for the acts and omissions of its End Users and for the use of the Services through any account or credentials issued to or used by the Customer. The Customer must ensure that its End Users understand and comply with this AUP, the Terms of Service, the Privacy Policy and applicable law.

#2. General prohibitions

The Customer must not, and must not permit any End User or third party to, use the Services to:

(a) violate any applicable law or regulation, including data-protection, privacy, ePrivacy, anti-spam, telecommunications, consumer-protection, employment, competition, sanctions, export-control, anti-money-laundering, anti-corruption, securities, tax, or intellectual-property laws;

(b) infringe any third-party right, including intellectual property, privacy, publicity, contractual, confidentiality or moral rights;

(c) harass, threaten, defame, abuse, stalk, intimidate, bully or otherwise harm any individual or organisation, or facilitate any of the foregoing;

(d) discriminate against, or facilitate discrimination against, any individual or group on the basis of any protected characteristic under applicable law;

(e) target individuals on the basis of, or send communications relating to, special categories of personal data (including health, religion, political opinions, sexual orientation, racial or ethnic origin, trade-union membership), other than where the Customer has obtained explicit consent or has another valid lawful basis;

(f) target minors or process the personal data of individuals known or reasonably suspected to be under the age of 18;

(g) introduce, distribute or facilitate any malicious code (including viruses, worms, ransomware, spyware, trojans, droppers, or backdoors), or otherwise compromise the integrity, security or availability of the Services or of any third-party system;

(h) circumvent, attempt to circumvent or interfere with any security, authentication, access-control, rate-limit, throttling, monitoring, or audit-logging mechanism of the Services;

(i) scrape, copy, mirror or republish the Services or the Profiles Database in bulk, including by means of automated tools, other than through the SalesQL REST API or MCP Server in accordance with the Documentation and the applicable rate limits;

(j) resell, sublicense, distribute, lease or otherwise transfer access to the Services or the Profiles Database to third parties, or operate the Services on a service-bureau, white-label, hosted, managed-services or co-managed basis;

(k) use the Services to develop, train, build, replicate, test or benchmark a competing product, contact database, sales-intelligence platform or data broker, or to extract Profile Data into datasets that would have that effect;

(l) combine Profile Data with consumer-grade data sets to build profiles of individuals for non-business purposes;

(m) make consequential decisions about an individual (including credit, employment, hiring, housing, insurance, eligibility for public benefits, immigration, or law-enforcement decisions) on the basis of Profile Data or any output of the Services;

(n) sell, license, monetise or otherwise commercialise Profile Data, AI-Assistant outputs or any other output of the Services to third parties;

(o) misrepresent the nature, source or accuracy of any data obtained through the Services, including by removing or altering provenance or confidence indicators displayed by the Services.

#3. Outbound communications (Campaigns and equivalent uses)

When the Customer uses Campaigns, or otherwise uses contact information obtained through the Services to send communications to Recipients, the Customer must not:

(a) send unsolicited commercial communications without a valid lawful basis under applicable law (including UK GDPR, EU GDPR, the UK Privacy and Electronic Communications Regulations (PECR), the EU ePrivacy Directive and its national implementations, the US CAN-SPAM Act, the Canadian Anti-Spam Legislation (CASL), the Brazilian LGPD, and any other applicable anti-spam, marketing or telemarketing laws);

(b) fail to honour, in a timely manner and in any event within the periods required by applicable law, opt-out, unsubscribe, do-not-contact or suppression requests received from Recipients;

(c) continue to contact Recipients who have unsubscribed, objected, opted out or otherwise indicated that they do not wish to receive further communications;

(d) send communications without a clear, accurate and conspicuous identification of the sender, a valid postal address (where required), or a working unsubscribe / opt-out mechanism;

(e) use false, misleading, or deceptive subject lines, headers, sender names, "From" addresses, "Reply-To" addresses, or other identifiers; obscure the routing of messages; or deploy techniques designed to evade spam filters;

(f) target consumer recipients (i.e., individuals contacted in their personal, family or household capacity) for marketing purposes, except with documented prior consent under applicable consumer-marketing laws;

(g) send communications relating to: gambling; adult content; tobacco, alcohol or controlled substances; weapons or munitions; debt collection; consumer financial products or services; multi-level marketing; binary options or cryptocurrency speculation; "get-rich-quick" or pyramid schemes; or any deceptive, misleading or fraudulent scheme;

(h) send communications relating to political campaigns or elections, except where the Customer is registered with the applicable electoral or campaign-finance authorities and complies with all applicable election laws;

(i) send communications targeting individuals identified as employed by, or affiliated with, government, judicial, military, intelligence or law-enforcement institutions in their capacity as such, where such targeting would interfere with public functions or breach applicable law;

(j) use the Services for personal-injury solicitation, ambulance-chasing, regulated debt collection, or unlicensed financial-services solicitation;

(k) disable, override, or fail to comply with the consent and tracking-disclosure requirements applicable in jurisdictions where the use of tracking pixels and click-tracking requires informed consent (including the EEA, the UK and Switzerland);

(l) import suppression-list data from another provider or from the Customer's own previous communications without verifying that the suppression entries continue to apply, or fail to merge the SalesQL suppression list with the Customer's own suppression list;

(m) "warm up" sending domains or mailboxes through SalesQL using artificial or automated reply-and-engagement traffic;

(n) send communications at a volume or velocity calibrated to evade rate limits, anti-spam controls or deliverability protections.

(o) where the Customer uses Profile Data (including telephone numbers obtained through the Services) to place voice calls, leave voicemails, or send SMS or other electronic communications to Recipients, the Customer must comply with all applicable telecommunications, telemarketing, call-recording and consumer-protection laws — including the U.S. Telephone Consumer Protection Act (TCPA), the U.S. Telemarketing Sales Rule, U.S. state mini-TCPA / “do not call” laws (including but not limited to Florida’s FTSA, Oklahoma TCPA, Washington’s CEMA), the U.S. Do-Not-Call Registry, the UK Privacy and Electronic Communications Regulations (PECR), the EU ePrivacy Directive and its national implementations, the Canadian Anti-Spam Legislation (CASL) where it applies to telecommunications, the Brazilian LGPD in the telecommunications context, and equivalent laws in other jurisdictions. The Customer must not use Profile Data for: (i) autodialed, prerecorded or artificial-voice calls or SMS without all legally required prior express consents; (ii) calls or messages to numbers on applicable Do-Not-Call lists or to numbers from which the Recipient has previously opted out; (iii) call-recording without the consents required in the applicable jurisdiction(s) for both parties; (iv) calls or messages outside permissible time-of-day windows under applicable law;

(p) transmit false or misleading caller-ID or sender information, fail to accurately identify the calling or sending party as required by applicable law, or omit a clear and accurate opt-out mechanism in voice or SMS communications.

The Customer remains the controller of all communications sent through Campaigns and is solely responsible for compliance with applicable law in respect of those communications.

#4. Profiles Database, scraping and data extraction

In addition to the restrictions in Section 6.3 of the Terms of Service, the Customer must not:

  • attempt to bypass rate limits, deduplication controls, suppression lists or any other technical measure designed to prevent bulk extraction of the Profiles Database;
  • combine, correlate, or cross-reference Profile Data with the personal information of other individuals (consumer-grade data, public-record databases, or aggregated identifiers) for the purpose of re-identifying individuals or building consumer profiles;
  • use Profile Data to construct, train or fine-tune machine-learning models that are designed to replace the SalesQL Profiles Database, that are licensed to third parties, or that are intended for general-purpose data-broker functions;
  • access or attempt to access the Profiles Database from sanctioned jurisdictions or in violation of applicable export-control or sanctions laws;
  • create multiple accounts (including under different identities or organisations) to evade rate limits, free-tier credit limits, suppressions, or restrictions imposed under the Terms of Service or this AUP.
  • use Profile Data — including telephone numbers — for voice, SMS or other electronic outreach without complying with the obligations in Section 3 above.

#5. Browser extension

When using the SalesQL browser extension, the Customer and its End Users must:

  • comply with the terms of service of the third-party websites and platforms accessed (including any restrictions on automated access, bulk extraction, or scraping);
  • not use the extension to access third-party content under accounts that the End User is not authorised to access;
  • not use the extension to bypass authentication, rate limits, anti-bot or other technical access controls of any third-party site;
  • not use the extension to build a parallel index of any third-party platform.

The browser extension is documented in further detail in the Browser Extension Notice.

#6. MCP Server, External LLM Clients, and AI features

The MCP Server allows External LLM Clients to invoke SalesQL functionality on the Customer's behalf. The Customer must not, and must not allow any End User to:

(a) use an External LLM Client (or any agent, automation or pipeline) to perform actions through the MCP Server that would, if performed directly through the Services or the REST API, breach the Terms of Service, the AUP, the Privacy Policy or applicable law;

(b) use an External LLM Client to extract Profile Data into a third-party model's training corpus, fine-tuning dataset, embedding store or knowledge base, where such extraction would otherwise breach Section 4 of this AUP;

(c) route SalesQL data through an External LLM Client whose terms or technical configuration allow the LLM provider to use that data to train its foundation models, except where the Customer has independently negotiated and confirmed an opt-out;

(d) present the AI Assistant's outputs (or outputs derived from the MCP Server) to Recipients or to data subjects as a fully-vetted, controller-approved decision; outputs are assistive content for the End User to review;

(e) use the AI Assistant or the MCP Server to generate communications that breach Section 3 of this AUP.

The Customer is solely responsible for the External LLM Client it chooses to connect, for the data it instructs that External LLM Client to send to or receive from the MCP Server, and for the actions taken by the AI Assistant on the End User's instruction.

#6A. Customer-Authorized Third-Party Tools

Section 5.7 of the Terms of Service permits the Customer to connect its own SalesQL API credentials to a Customer-Authorized Tool (such as a workflow platform, automation tool, sales-engagement tool, productivity tool or data-orchestration tool) for orchestration of the Customer's internal use of the Services. The Customer must not, and must not permit any End User to:

(a) connect SalesQL API credentials to a Customer-Authorized Tool in order to cause that tool, or any third party using that tool, to perform actions that would, if performed directly through the Services or the REST API, breach the Terms of Service, this AUP, the Privacy Policy or applicable law;

(b) use a Customer-Authorized Tool to extract Profile Data into a third-party dataset, training corpus, fine-tuning dataset, embedding store or knowledge base where such extraction would otherwise breach Section 4 of this AUP;

(c) use a Customer-Authorized Tool as the front-end of a service-bureau, white-label, hosted, managed-services or co-managed offering, regardless of how that offering is branded by the operator of the Customer-Authorized Tool;

(d) enable, request or otherwise participate in any "managed", "marketplace", "data-credits" or equivalent mode of a Customer-Authorized Tool in which SalesQL appears as a pre-configured data source available to that tool's end users, unless a separately signed partnership agreement exists between SalesQL and the operator of that tool.

The Customer is solely responsible for the Customer-Authorized Tools it chooses to connect, for the data it instructs those tools to send to or receive from the Services, and for the actions taken by those tools on the Customer's instruction.

#7. Contributor Program

Use of the SalesQL browser extension and use of Campaigns constitute participation in the SalesQL Contributor Program (Privacy Policy Section 3.4.1(vi)). Customers and End Users must not:

  • attempt to evade, intercept, manipulate or falsify the signals generated through the Contributor Program;
  • inject synthetic, fabricated or fraudulent data into the Profiles Database, including by automating fake browsing of profile pages, by sending automated test traffic from connected mailboxes, or by spoofing email signatures;
  • represent to data subjects that the Customer is not contributing signals to SalesQL when the Customer is in fact using the browser extension or Campaigns.

A Customer or End User who does not wish to contribute should not install or use the browser extension and should not use Campaigns.

#8. Sensitive sectors and data categories

Without prejudice to the general prohibitions in Section 2, the Customer acknowledges that the Services are not designed for, and must not be used in connection with, the following sensitive contexts:

  • processing of children's personal data (the Services are not intended for individuals under the age of 18);
  • targeting individuals on the basis of suspected or known health conditions, mental-health status, addiction, pregnancy, or fertility;
  • targeting individuals on the basis of suspected or known financial distress, insolvency, or bankruptcy;
  • targeting individuals on the basis of suspected or known immigration status;
  • targeting individuals on the basis of vulnerability characteristics that would render unsolicited contact harmful or unfair;
  • profiling that would qualify as "automated individual decision-making" under Article 22 UK/EU GDPR.

If the Customer's intended use case involves any of the above, the Customer must contact privacy@salesql.com before deployment to discuss whether the Services may be used for that purpose.

#9. Security and integrity

The Customer must not:

  • attempt to gain unauthorised access to the Services, to other users' accounts, to other Customers' data, or to underlying infrastructure;
  • probe, scan or test the vulnerability of the Services without prior written authorisation, except through SalesQL's security disclosure programme (security@salesql.com);
  • conduct denial-of-service attacks, distributed denial-of-service attacks, traffic floods, or any activity that disrupts or interferes with the Services;
  • use the Services to host, distribute, command or control malicious software;
  • export, re-export, transfer or make available the Services to any individual or entity subject to comprehensive sanctions administered by the United Kingdom, the European Union, the United States or the United Nations.

#10. Reporting abuse

If you believe that the Services, or a Recipient's use of the Services, breaches this AUP, you may report it to abuse@salesql.com. SalesQL will review reports promptly and may take action, including suspension or termination of the Account, in accordance with the Terms of Service.

#11. Enforcement

SalesQL may, at its discretion and in accordance with the Terms of Service:

  • investigate suspected breaches of this AUP;
  • request additional information from the Customer about the Customer's use case;
  • restrict, throttle or suspend access to the Services pending investigation;
  • terminate the Account or any Subscription for breach of this AUP;
  • cooperate with law-enforcement authorities and respond to lawful requests for information;
  • exercise any other remedy available under the Terms of Service or applicable law.

SalesQL's failure to enforce a provision of this AUP in any instance is not a waiver of the right to enforce it on any other occasion.

#12. Updates to this AUP

SalesQL may update this AUP from time to time. Material updates will be communicated through the Services or by email. Continued use of the Services after the effective date of an update constitutes acceptance of the updated AUP.

#13. Contact

For questions about this AUP:

Questions?

Other legal documents