Acceptable Use Policy
- Effective
- May 31, 2026
- Last revised
- May 31, 2026
- Version
- 2026.05.31
- Issued by
- RAgencyOS, ragencyos.com
Donāt use RAgencyOS to do anything thatās illegal, abusive, or jeopardizes other customers. Insurance-industry rules apply: be licensed where you sell, get your agentsā consent before adding them, and donāt use the Service for unsolicited consumer marketing. We can suspend or terminate accounts that break these rules.
1.Purpose and scope
This Acceptable Use Policy (āAUPā) sets out the rules for using the RAgencyOS Service. It applies to every owner, admin, agent, and other user with access to a RAgencyOS account, and it forms part of the Terms of Service. If you have signed a separate written agreement with us, that agreement may include additional restrictions; the strictest applicable rule governs.
Violation of this AUP is a material breach of the Terms of Service and can result in suspension or termination of your account, removal of offending content, and (where appropriate) reporting to law enforcement or to regulators.
2.Account integrity
- One human per account login. Do not share a magic-link sign-in with anyone else.
- Keep access to the email address on your account secure. Treat it like a key to the building, anyone who controls that inbox can sign in as you.
- If an account is compromised, notify us at support@ragencyos.com immediately so we can suspend it pending investigation.
- Owners and admins are responsible for the actions of users they invite. Off-boarding an employee or contractor means removing their account.
3.Data integrity
- Donāt falsify carrier statements, deal trackers, reconciliation outputs, audit log entries, or any other data you upload to or generate through the Service.
- Donāt alter pay periods after they have been published to misrepresent what was paid.
- Donāt upload data you donāt have the legal right to share with us (including carrier statements you are not authorized to receive, agent personal information you did not collect with consent, or content that infringes someone elseās intellectual property).
- Donāt upload Protected Health Information (PHI) as defined under HIPAA, end-customer medical records, or end-customer financial account numbers. The Service is not designed for these data categories. (See Privacy Policy §14.)
- Donāt upload classified, export-controlled, or sanctioned-jurisdiction data.
4.Insurance-industry conduct
Because the Service is designed for licensed insurance agencies, the following industry-specific rules apply:
- You must hold all producer licenses, appointments, and carrier authorizations required to conduct the business you are conducting through the Service.
- You must not use the Service to operate in a state or for a product line where you are not properly licensed and appointed.
- You must not use the Service to facilitate misrepresentation of an insurance product, churning, twisting, rebating, or any other deceptive sales practice prohibited by your state insurance code.
- You must not use the Service to submit fraudulent enrollment data to any carrier, FMO, marketplace, or government program (including the federal Marketplace and state-based exchanges).
- You must comply with your state insurance departmentās rules on producer compensation, agent classification (W-2 vs 1099), and recordkeeping. The Service generates records for your convenience; it does not satisfy your own recordkeeping obligations on its own.
- You must not use the Service to engage in agent-poaching practices that violate your carrier contracts or non-solicitation agreements.
5.Communications and consumer outreach
The Service can route communications to your agents through email, Telegram, Slack, and other channels. To use those features lawfully:
- You must obtain any consent required by law (including CAN-SPAM, TCPA, and equivalent state law) from each recipient before adding them to the Service.
- You must not use the Service to send unsolicited consumer marketing (cold-call lists, prospect leads, etc.), the Service is designed for internal agency communications, not consumer outreach.
- You must not use the Service to send communications that are harassing, discriminatory, threatening, defamatory, or otherwise unlawful.
- You must honor opt-out and unsubscribe requests promptly. Where the Service provides an unsubscribe mechanism, you must not circumvent it.
6.System integrity
- Donāt attempt to access another agencyās data, bypass row-level security, or circumvent any access control built into the Service.
- Donāt probe, scan, or test the vulnerability of the Service without our prior written consent. Coordinated disclosure to support@ragencyos.com is welcomed.
- Donāt introduce malware, viruses, worms, trojans, ransomware, or any other malicious code into the Service.
- Donāt conduct denial-of-service attacks, send disproportionate request volume, scrape at high volume, or otherwise impair the availability of the Service for other customers.
- Donāt reverse-engineer, decompile, disassemble, or attempt to derive the source code of the Service.
- Donāt frame, mirror, or republish the Service or any part of it without our prior written consent.
7.Commercial restrictions
- Donāt resell, sublicense, or rent the Service without our prior written consent.
- Donāt use the Service to build, train, or improve a competing product or service.
- Donāt split a single agency into multiple RAgencyOS accounts to circumvent per-user pricing.
- Donāt create or maintain accounts using false, misleading, or stolen credentials.
8.Sanctions and export control
You may not use the Service if you are located in, ordinarily resident in, organized under the laws of, or owned or controlled by a person located in, a country or territory subject to comprehensive U.S. sanctions (currently Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions of Ukraine), or if you are identified on any U.S. government list of restricted parties (including OFACās Specially Designated Nationals and Blocked Persons List). You must not export, re-export, or transfer the Service or your Customer Data to any such country, territory, or person.
9.Reporting violations
If you see something that violates this AUP, whether itās an account inside your agency or a separate agency you happen to learn about, please report it to support@ragencyos.com. Include as much detail as you can. We will investigate every credible report and respond with the appropriate action.
Suspected security vulnerabilities should also be reported to the same address. We do not currently operate a bug-bounty program, but we recognize and thank responsible researchers.
10.Enforcement
When we find or are notified of a violation of this AUP, we will take whatever action we believe is proportionate to the violation. Options include:
- Warning the account owner and requesting remediation;
- Removing or quarantining the offending content;
- Suspending some or all access to the Service while we investigate;
- Terminating the account, with or without notice depending on severity;
- Reporting the conduct to law enforcement, regulators, or affected third parties.
We aim to give warning and a chance to cure where the violation is non-malicious and curable. Some violations, including upload of CSAM, fraud against carriers, abuse of our infrastructure, or violations that endanger other customers, will result in immediate termination without notice.
11.Changes to this AUP
We may update this AUP as the Service evolves and as new abuse patterns emerge. We will post the updated version at this URL with a revised ālast revisedā date and version. Continued use of the Service after the effective date means you accept the changes.
12.Contact
Violations, abuse reports, and security disclosures:
This document is provided in good faith and reflects RAgencyOSās current practices as of the effective date shown above. It does not constitute legal advice. For questions, please contact support@ragencyos.com.
ā RAgencyOS