Acceptable Use Policy

Last Updated: May 2026

This Acceptable Use Policy (“AUP”) is incorporated by reference into the Neto Software as a Service Agreement (the “Agreement”). By accessing or using the Services, Customer agrees to comply with this AUP. Capitalized terms not defined herein have the meanings given in the Agreement.

1. Permitted Use

Customer may use the Services only for lawful business purposes and in accordance with the Agreement, this AUP, and all applicable federal, state, and local laws and regulations, including but not limited to the Telephone Consumer Protection Act (TCPA), the CAN-SPAM Act, and all applicable state telemarketing and consumer protection laws.

2. Prohibited Uses

Customer shall not use the Services, and shall ensure that its Authorized Users and the Agent do not use the Services, for any of the following purposes:

(a) Illegal Activity. Any use that violates applicable federal, state, or local law or regulation, including but not limited to sending unsolicited communications in violation of the TCPA, CAN-SPAM Act, or applicable state laws.

(b) Harassment and Harmful Content. Sending communications that are harassing, abusive, threatening, defamatory, obscene, or otherwise harmful to any person or entity.

(c) Do Not Call Violations. Contacting individuals registered on the National Do Not Call Registry without a proper exemption, established business relationship, or prior express written consent as required by applicable law. Customer is solely responsible for scrubbing its lead lists against applicable Do Not Call registries prior to providing such lists to Provider.

(d) Debt Collection. Using the Services for debt collection communications subject to the Fair Debt Collection Practices Act (FDCPA) without implementing all required FDCPA disclosures and compliance measures. Customer assumes sole liability for any debt collection communications made through the Services.

(e) Political Robocalling. Using the Services for political campaign communications, robocalling, or automated political messaging without full compliance with all applicable federal and state election laws, Federal Election Commission regulations, and TCPA requirements for political communications.

(f) Deceptive Practices. Using the Services to impersonate any person or entity, misrepresent Customer’s identity or affiliation, or engage in any deceptive or fraudulent communications.

(g) Competitive Intelligence. Using the Services to analyze, reverse-engineer, benchmark, or otherwise gather information about Provider’s technology, systems, or business practices for the benefit of any competitor of Provider.

(h) Unauthorized Data Collection. Collecting or processing sensitive personal information through the Agent, including but not limited to Social Security numbers, financial account numbers, payment card information, or health information, without implementing appropriate legal and technical safeguards and obtaining all required consents.

(i) Spam and Unsolicited Communications. Sending bulk unsolicited messages, spam, or communications to individuals who have not consented to receive communications from Customer or Provider.

(j) Malicious Code. Transmitting any malware, viruses, or other malicious code through the Services.

(k) System Interference. Taking any action that interferes with, disrupts, or places an unreasonable burden on Provider’s infrastructure, systems, or networks, including but not limited to denial of service attacks or unauthorized access attempts.

3. TCPA Compliance

Customer is solely responsible for ensuring that all communications made through the Services comply with the TCPA and all applicable state telemarketing laws. Without limiting the foregoing, Customer represents and warrants that: (a) it has obtained all required prior express written consents from recipients before initiating any automated calls or text messages through the Services; (b) all lead lists provided to Provider have been properly scrubbed against applicable Do Not Call registries; and (c) Customer will promptly honor all opt-out requests and update its lead lists accordingly. Provider shall have no liability for TCPA violations arising from Customer’s failure to comply with this Section.

4. AI Output and Professional Advice

Neto is not a law firm, medical practice, financial advisory firm, or any other type of licensed professional services provider. The Agent is an artificial intelligence-powered tool designed to assist Customer’s business operations. All outputs generated by the Agent, including but not limited to intake determinations, qualification decisions, engagement agreement drafts, and conversational responses, are for informational and operational purposes only and do not constitute legal, medical, financial, or other professional advice of any kind.

Customer shall not use or present Agent outputs as a substitute for independent professional judgment. Customer is solely responsible for supervising, reviewing, and independently verifying all Agent outputs before acting upon them or presenting them to third parties.

Regulated Industry Requirements. Customers operating in regulated industries, including but not limited to legal services and healthcare, must comply with the following additional requirements:

(i) Legal Services. Customer’s licensed attorneys remain solely responsible for all legal judgments, client acceptance decisions, intake determinations, conflict checks, and the review of any engagement agreements or legal documents generated or delivered through the Services. The Agent does not engage in the practice of law, and no Agent output shall be construed as constituting legal advice or creating an attorney-client relationship between Neto and any person. Customer is responsible for ensuring that its use of the Services complies with all applicable rules of professional conduct, state bar regulations, and unauthorized practice of law statutes in all jurisdictions where Customer operates.

(ii) Healthcare. Customers using the Services in connection with patient communications must ensure that all Agent outputs are reviewed by a licensed healthcare professional with appropriate authority before being relied upon for any clinical, diagnostic, or treatment purpose. Customer must execute a Business Associate Agreement with Provider prior to processing any Protected Health Information through the Services.

5. Healthcare Communications

Customers in the healthcare industry who use the Services to communicate with patients or individuals regarding health-related matters must: (a) execute a Business Associate Agreement with Provider prior to processing any Protected Health Information through the Services; (b) ensure all communications comply with the Health Insurance Portability and Accountability Act (HIPAA) and all applicable state health privacy laws; and (c) not use the Services to transmit Protected Health Information without an executed Business Associate Agreement in place. USE OF THE SERVICES TO PROCESS PROTECTED HEALTH INFORMATION WITHOUT AN EXECUTED BUSINESS ASSOCIATE AGREEMENT IS STRICTLY PROHIBITED.

6. Reporting Violations

If Customer becomes aware of any violation of this AUP, Customer shall promptly notify Provider at support@neto.ci. Provider reserves the right, but not the obligation, to investigate any alleged violation of this AUP.

7. Consequences of Violation

Any violation of this AUP may result in immediate suspension or termination of Customer’s access to the Services in accordance with the Agreement. Customer shall indemnify and hold harmless Provider from and against any claims, damages, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or related to Customer’s violation of this AUP.

8. Updates

Provider may update this AUP from time to time upon notice to Customer in accordance with the Agreement. Customer’s continued use of the Services after any update to this AUP constitutes acceptance of the updated terms.