Acceptable Use Policy (AUP)

1. Purpose and relationship to other terms

This Acceptable Use Policy (AUP) sets out the rules governing use of RingRing AI’s products, websites, artificial intelligence systems, APIs, phone numbers, integrations, and related services (collectively, the Services).

This AUP forms part of your agreement with RingRing AI (the Agreement), which includes the Terms Of Service Agreement and the Privacy Policy. In the event of any inconsistency, the Agreement prevails, except that this AUP specifically governs how the Services may be used.

2. Who this policy applies to

This AUP applies to:

* Customers (the legal entity that has contracted with RingRing AI);

* The Customer’s employees, contractors, agents, and representatives; and

* End Users who interact with the Customer through the Services (including via calls, emails, SMS, forms, or chat handled by RingRing AI).

Customers are responsible for ensuring that their personnel and End Users comply with this AUP.

3. Key definitions

* Customer Data means any data provided by you or your users to or through the Services, including contact details, call recordings, transcripts, CRM data, and content.

* Service Data means telemetry, logs, diagnostics, performance metrics, and derived analytics generated by the Services.

* Input means prompts, instructions, documents, audio, or other materials submitted to the Services.

* Output means content generated by the Services in response to Input.

* Feedback means suggestions, ideas, or comments provided about the Services.

* Relevant Laws include (without limitation) the Privacy Act 1988 (Cth) and Australian Privacy Principles, Spam Act 2003 (Cth), Do Not Call Register Act 2006 (Cth), Telecommunications (Interception and Access) Act 1979 (Cth), applicable state and territory surveillance and listening devices legislation, the Australian Consumer Law, and any equivalent laws applicable in the jurisdictions where you or your End Users are located.

4. Your responsibilities

You must:

* Use the Services lawfully and in compliance with this AUP, all Relevant Laws, and applicable industry codes and regulatory guidance;

* Provide all required notices and obtain all necessary consents from End Users, including for call recording and the use of AI where required by law;

* Maintain appropriate security controls, including unique named accounts, strong passwords, multi-factor authentication where available, least-privilege access, and timely removal of access when users leave;

* Ensure Customer Data is accurate, free from malware, and that you hold all necessary rights, permissions, and consents to use it with RingRing AI; and

* Promptly cooperate with RingRing AI in connection with any investigation or remediation relating to abuse, security incidents, or privacy matters.

5. Prohibited conduct

5.1 Unlawful, harmful, or abusive activities

You must not use the Services to engage in or facilitate any unlawful activity, including harassment, threats, defamation, discrimination, or incitement of violence. You must not disseminate hateful or extremist material, sexually exploitative content, or child sexual abuse material.

5.2 Privacy, recording, and AI transparency

You must not record or monitor communications without providing required notices and obtaining consents under applicable surveillance and listening devices laws, which vary by jurisdiction.

You must not engage in misleading or deceptive conduct, including making false or misleading representations (by act or omission) in connection with your use of the Services.

You must not upload, process, or otherwise handle Personal Information without a lawful basis or in a manner that breaches the Privacy Act or RingRing AI’s Privacy Policy.

5.3 Messaging, calling, and outreach

You must comply with the Spam Act 2003 (Cth), including requirements relating to consent, sender identification, and functional unsubscribe mechanisms, and with the Do Not Call Register Act 2006 (Cth). Opt-outs and suppression lists must be honoured.

You must not engage in number spoofing, identity misrepresentation, or deceptive calling or messaging practices.

You must not conduct robocalling or large-scale automated dialling without a lawful basis and appropriate consents.

5.4 Sensitive and regulated data

Unless both (A) you have a lawful basis and (B) RingRing AI has provided prior written approval (or the Service expressly enables an approved capture flow), you must not input, upload, transmit, store, record, or otherwise process through the Services—or provide to RingRing AI or its subprocessors—any of the following:

* Full payment card numbers (PAN) or CVV data

* Tax File Numbers (TFNs)

* Medicare numbers

* Passport or driver licence numbers

* Health, biometric, or other special-category or sensitive data

This restriction applies across all channels, including call recordings, voicemail, messaging, email, chat, file uploads, APIs, webhooks, CRM integrations, and support requests.

Where RingRing AI expressly approves a compliant capture flow, you remain fully responsible for complying with all applicable standards (including PCI DSS where relevant), implementing tokenisation, DTMF masking or redaction as required, minimising data collection, and obtaining all required notices and consents.

RingRing AI may automatically block, redact, filter, or delete restricted data and has no obligation to store, process, recover, or restore such data.

5.5 Synthetic media and voice

You must not use the Services to create voice cloning, synthetic voices, or deepfakes depicting a real person without informed and verifiable consent, or in any way that deceives, harms, or misleads others.

5.6 Security and network integrity

You must not probe, scan, or test vulnerabilities; reverse engineer; scrape at scale; bypass access controls or rate limits; conduct denial-of-service attacks; flood systems; or introduce malware.

Security research is permitted only where expressly authorised in writing by RingRing AI under an approved Vulnerability Disclosure Program.

5.7 Intellectual property, model misuse, and competition

You must not upload or use content for which you lack sufficient rights. You must not remove proprietary notices or rebrand, resell, sublicense, or otherwise commercially exploit the Services or Outputs except as expressly permitted.

You must not use the Services to train or fine-tune competing models, attempt model extraction, or conduct deceptive, abusive, or harmful benchmarking activities.

5.8 High-risk and regulated uses

You must not rely solely on Outputs for life-critical or safety-critical decisions without appropriate human review. Where Outputs relate to legal, medical, financial, or other regulated advice, appropriate professional oversight and clear disclaimers must be in place.

5.9 Numbers, carriers, and third-party platforms

You must comply with all applicable carrier and third-party platform terms (including telephony, CPaaS, email, and SMS providers). RingRing AI may take reasonable action in response to carrier or platform abuse notices, including rate-limiting, traffic blocking, or suspension of features, to maintain compliance and network integrity.

5.10 Sanctions and export controls

You must comply with the Australian Sanctions Regime administered by DFAT and any applicable foreign export control or sanctions laws. The Services must not be used by, for, or on behalf of sanctioned parties or in prohibited jurisdictions.

6. Fair use, throttling, and plan alignment

To protect service quality and system stability, RingRing AI may apply concurrency limits, rate limits, fair-use thresholds, and storage caps across calls, messages, recordings, and API requests. Where usage materially exceeds reasonable business patterns or poses operational or cost risks, RingRing AI may (acting reasonably) throttle usage, require plan changes or additional fees, or suspend abusive workloads, with notice where practicable.

7. Emergency services

The Services are not a substitute for emergency services (000) and must not be relied upon to place, route, or handle emergency calls.

8. Data handling and roles

You remain the data controller of Customer Data you introduce into the Services. RingRing AI processes such data solely to provide, secure, and improve the Services, as described in the Privacy Policy.

You are responsible for fulfilling applicable data subject rights, including access, correction, and deletion requests. Both parties must comply with Notifiable Data Breaches obligations where applicable.

9. Monitoring, investigations, and enforcement

RingRing AI may monitor use of the Services (via automated and manual means) to operate, secure, and improve the Services and to investigate suspected breaches of this AUP.

Where necessary to protect users, data, networks, or to comply with legal, regulatory, or carrier requirements, RingRing AI may remove content, restrict traffic, disable credentials, limit features, or suspend accounts immediately. For non-urgent matters, RingRing AI will act reasonably and may provide remediation steps and timeframes.

10. Notice, takedown, and appeal

Where action is taken under this AUP, RingRing AI will, where lawful and practicable, notify the Customer with a brief explanation and any remediation steps.

Customers may submit an appeal in good faith by emailing us with relevant context and supporting information. Appeals will be reviewed promptly.

11. Requests from authorities

RingRing AI responds to valid legal process and regulatory requests. If you receive a notice or request that may affect the Services or Customer Data held by RingRing AI, you must notify us promptly (unless legally prohibited) so we can assess and respond appropriately.

12. Changes to this AUP

RingRing AI may update this AUP from time to time. Material changes will be notified at least 30 days before taking effect, unless a shorter period is required by law or to address urgent risk. Continued use of the Services after the effective date constitutes acceptance.

13. Governing law

This AUP is governed by the laws of New South Wales, Australia. The parties submit to the exclusive jurisdiction of the courts of New South Wales and their appellate courts, subject to any mandatory consumer protections.

14. Contact

General and privacy enquiries:

support (@) ringringai.com.au