You're viewing:WhatSnap LLC·BYOD self-serve
View Done-for-You equivalent →

Acceptable Use Policy

For WhatSnap LLCBYOD self-serve.

Effective May 19, 2026

This Acceptable Use Policy ("AUP") is part of and incorporated by reference into the WhatSnap LLC Terms of Service. Capitalized terms not defined here have the meanings given in the Terms.

WhatSnap is messaging infrastructure for businesses that want trust, deliverability, and control. This AUP exists to keep the platform safe for Customer Devices, for the messaging ecosystem they touch, and for the people on the other end of every message. Violating it puts not only Customer's account at risk, but also Customer's telephone numbers, SIM cards, Apple IDs, and WhatsApp accounts — which the platforms (Apple, Meta, carriers) can ban with no notice and no appeal.

The AUP is intentionally strict. We will enforce it.

1. Who this applies to

The AUP applies to Customer, every User, every Sub-Customer on an Agency or White-Label plan, and every message routed through the Services. Customer is responsible for ensuring its Users and Sub-Customers comply.

2. Required behavior

Customer must:

  1. Obtain valid prior consent from every Recipient before any non-transactional message.
  2. Honor opt-out requests (STOP, UNSUBSCRIBE, "remove me," equivalent in other languages) for the affected Recipient within ten (10) business days, and propagate the opt-out across every line, sub-account, and campaign.
  3. Identify itself accurately as the sender. No spoofed names, no impersonation, no misleading sender IDs.
  4. Include opt-out instructions in promotional messages where required by law or platform rule (TCPA, CAN-SPAM, CTIA, Apple, Meta — see Section 4).
  5. Comply with all applicable laws and Platform Requirements (see Section 4).
  6. Maintain records of consent, opt-outs, and campaign content for at least four (4) years and produce them on request from WhatSnap, a carrier, a platform, or a regulator.
  7. Use only Customer's own devices, lines, accounts, and SIMs that Customer has lawful authority to operate.
  8. Respect rate limits and ramp-up guidelines for new lines (see Section 5).
  9. Notify WhatSnap promptly at [email protected] if Customer discovers misuse of its account or detects a security incident affecting the Service.

3. Prohibited content and conduct

Customer must not, and must not permit any User or Sub-Customer to, use the Services to:

3.1 Spam and unwanted messaging

  • Send unsolicited commercial messages, "blasts," "mass texts," or "bulk SMS" to Recipients with whom Customer does not have an Established Business Relationship (defined below) or valid opt-in.
  • Message Recipients on purchased, rented, scraped, or third-party-acquired contact lists.
  • Send substantially similar messages to Recipients who are not engaged in an active, consensual conversation.
  • Continue messaging a Recipient after that Recipient has opted out.
  • Use the Services for "warming" tactics designed to evade carrier or platform spam detection while planning to scale to non-consensual messaging.

3.2 Cold outreach to non-consenting strangers

The Service is for maintaining and developing relationships with people who expect to hear from Customer. It is not a cold-outreach or lead-generation channel for Recipients who have not given consent or who do not have an Established Business Relationship with Customer.

Established Business Relationship ("EBR") means a relationship arising from:

  • a purchase, transaction, or paid engagement within the prior eighteen (18) months;
  • a written inquiry or application by the Recipient about Customer's products or services within the prior three (3) months; or
  • the Recipient's affirmative, documented opt-in to receive messages on the channel in question.

3.3 Illegal and high-risk content

  • Any content that violates applicable law (federal, state, foreign).
  • Promotion or sale of controlled substances, illegal drugs, firearms regulated under federal law without a license, counterfeit goods, stolen property, or items prohibited by the carrier or platform.
  • Content related to human trafficking, child sexual abuse material, terrorism, or violent extremism — immediate permanent termination, account preservation for law enforcement, and referral to relevant authorities.
  • Adult or sexually explicit content where prohibited by the receiving platform (notably Apple iMessage and WhatsApp commerce categories).
  • Predatory financial services (payday lending where prohibited by state law, debt-elimination scams, get-rich-quick schemes).
  • Gambling content where prohibited by the recipient jurisdiction.
  • Content related to cannabis, CBD, kratom, hemp, or similar regulated substances unless Customer has independently confirmed legality in every recipient jurisdiction (these are high-risk categories that carriers and Apple frequently block; WhatSnap accepts no liability for blocked traffic in these categories).
  • Political fundraising or campaigning that does not comply with the FCC's, FEC's, and state telephone-solicitation rules applicable to political messaging.
  • Content that violates third-party intellectual-property rights.

3.4 Fraud, deception, impersonation

  • Phishing, smishing, account-takeover attempts, credential harvesting, or fake-verification messages.
  • Impersonation of a person, business, government agency, or organization without authorization.
  • False or misleading sender identification, including spoofed names, headers, or caller-ID information.
  • Use of the Services to defraud Recipients (e.g., advance-fee scams, romance scams, fake-package-delivery scams).
  • Misuse of automation or AI to generate messages that materially misrepresent the sender's identity or relationship to the Recipient.

3.5 Harassment, threats, and harm

  • Harassment, threats, intimidation, stalking, hate speech, doxxing, or incitement to violence.
  • Use of the Services to facilitate any form of abuse against an individual or group based on protected characteristics.

3.6 Security violations

  • Probing, scanning, or testing the vulnerability of the Services, except under a written authorization signed by WhatSnap.
  • Circumventing rate limits, throttling, content filters, sender-ID enforcement, or any other compliance or safety control.
  • Using the Services to deliver malware, viruses, worms, trojans, ransomware, or other malicious code.
  • Unauthorized access to any account, system, network, or data.

3.7 Resource and platform abuse

  • Operating multiple accounts to evade volume limits, free-trial limits, or account suspensions.
  • Sharing one account with parties outside Customer's organization, except as permitted on an Agency or White-Label plan.
  • Reverse engineering, scraping, or unauthorized API access.
  • Using the Services in a way that materially impairs the experience of other customers.

3.8 Carrier, aggregator, and platform rule violations

  • Sending traffic that violates CTIA Messaging Principles and Best Practices, 10DLC registration rules, sender-ID rules, throughput rules, or content restrictions imposed by a carrier or aggregator.
  • Sending traffic that violates Apple Inc.'s iMessage / iCloud / macOS / iOS terms of service, including using Apple infrastructure to conduct mass messaging that Apple has not authorized.
  • Sending traffic that violates Meta Platforms, Inc.'s WhatsApp Business Solution Terms, consumer WhatsApp Terms of Service, or WhatsApp Commerce Policy.
  • Sending traffic that violates GoHighLevel / LeadConnector terms.
  • Sending traffic that violates the Twilio Acceptable Use Policy where Twilio is the configured backend.

This Section 4 highlights legal regimes that are particularly relevant to messaging through the Services. It is not legal advice and is not exhaustive. Customer is solely responsible for compliance with all applicable laws.

4.1 TCPA (47 U.S.C. § 227)

For SMS and voice traffic to U.S. recipients, Customer must comply with the Telephone Consumer Protection Act of 1991, including:

  • Express written consent for marketing autodialed or pre-recorded calls and texts to mobile numbers.
  • Express consent (oral or written) for non-marketing autodialed or pre-recorded calls and texts.
  • Honor revocation of consent by any reasonable means.
  • Comply with the FCC's 2024 one-to-one consent rule for lead-generation contexts (where applicable based on its current effective status).
  • Time-of-day restrictions (no calls or texts before 8:00 a.m. or after 9:00 p.m. recipient local time).
  • Internal Do-Not-Call list maintenance and honoring of the National Do-Not-Call Registry where applicable.

4.2 CAN-SPAM (15 U.S.C. § 7701 et seq.)

Although CAN-SPAM is primarily an email statute, several principles inform best practice across channels: accurate sender identification, clear opt-out, and prompt honoring of opt-out within ten (10) business days.

4.3 State telemarketing and consumer-privacy laws

Many U.S. states impose additional rules — examples include the Florida Telephone Solicitation Act, Washington's Commercial Electronic Mail Act, the Oklahoma Telephone Solicitation Act, and the Pennsylvania Telemarketer Registration Act. Customer is responsible for compliance with every state in which a Recipient is located.

4.4 CTIA, 10DLC, sender-ID, and carrier rules

Customer must register sender campaigns under the carrier-mandated 10DLC framework (or short-code, toll-free, or other applicable framework) where the channel and recipient carrier require it. WhatSnap does not auto-register Customer's campaigns; Customer is responsible.

4.5 Apple iMessage rules

Customer acknowledges that Apple's terms governing iMessage do not authorize automated, machine-generated, or mass-distribution messaging. Customer's use of WhatSnap to bridge iMessage from a Customer Device is at Customer's own risk; Apple may at any time disable an Apple ID, an iCloud account, or an iMessage account that Apple determines is being used in violation of its terms. WhatSnap accepts no liability for any such enforcement action.

4.6 Meta WhatsApp rules

Customer acknowledges that Meta's terms governing consumer WhatsApp do not authorize automated business messaging from a personal WhatsApp account. WhatsApp Business Solution Terms govern business messaging via the WhatsApp Business API and impose distinct messaging-template, opt-in, and rate-limit requirements. Customer is responsible for determining which regime applies and complying.

4.7 GDPR / UK GDPR / international rules

Where Customer messages Recipients in the EU/EEA, the UK, Switzerland, or other jurisdictions with their own privacy and electronic-marketing rules (e.g., Canada's CASL, Australia's Spam Act), Customer must comply with those rules — including lawful basis for processing, consent for electronic marketing where required, and Recipient rights.

4.8 HIPAA / PHI

Customer must not transmit Protected Health Information through the Services unless Customer has executed a written Business Associate Agreement with WhatSnap. Absent a BAA, transmission of PHI is a material breach of the AUP and the Terms.

4.9 Children (COPPA)

Customer must not knowingly send messages to children under thirteen (13) without parental consent obtained in accordance with COPPA, nor target Recipients Customer has reason to believe are under sixteen (16) in EU/UK jurisdictions where local law sets the age threshold for valid consent at sixteen.

5. Volume guidelines and line warm-up

New lines (telephone numbers, SIMs, Apple IDs, WhatsApp accounts) have no sending reputation and are the most likely to be flagged or banned by carriers and platforms. Customer is responsible for warming new lines gradually. WhatSnap publishes guidance at whatsnap.ai/help; the guidance below is mandatory, not aspirational.

5.1 Default first-fourteen-days limits

Unless WhatSnap notifies Customer otherwise in writing for Customer's account:

Channel New-line throughput (first 14 days)
iMessage Up to 50 unique Recipients per 24-hour period per Apple ID; ramp gradually
WhatsApp (consumer, where permitted) Up to 20 unique Recipients per hour per account, subject to Meta's stricter limits
SMS (10DLC / long code) Throughput as set by the carrier under 10DLC registration; new campaigns frequently start at 1 message per second or less
Twilio (where configured) Customer's Twilio account limits

5.2 Behavioral rules

  • Send to Recipients who are most likely to reply (high engagement = better reputation).
  • Avoid sending the same body text to many Recipients in a short window. Use the variant-personalization features of the Services where available.
  • Avoid sending messages that look like marketing in the first 72 hours of a new line's life.
  • Disconnect or pause lines that are flagged by the carrier or platform; do not attempt to circumvent flags by switching to another Customer Device.

5.3 Enforcement

Volume rules are monitored automatically and reviewed manually when patterns suggest abuse. Repeated or willful violations may result in immediate suspension or termination of the account and forfeiture of any prepaid Fees. A single egregious violation (e.g., a confirmed mass-blast to non-consenting Recipients) may also trigger immediate termination.

6. Reporting and investigations

Report suspected abuse, security issues, or AUP violations to [email protected]. We will investigate good-faith reports and take action under our discretion, which may include warning, suspension, or termination of the offending account. Customers are required to cooperate with our investigations and to produce consent and opt-out records on request.

7. Enforcement

WhatSnap reserves the right at its sole discretion to:

  1. Investigate any suspected violation.
  2. Throttle, restrict, suspend, or terminate access to the Services in whole or in part, with or without prior notice based on severity, under Section 11 of the Terms.
  3. Remove, block, filter, or refuse to transmit any content that we believe violates this AUP or Platform Requirements.
  4. Disclose information to carriers, aggregators, platforms, regulators, or law enforcement as we deem necessary to mitigate harm or comply with law.
  5. Refuse to onboard or reinstate a Customer or User whom we reasonably determine has previously engaged in serious or repeated AUP violations.

Suspension or termination for AUP violation does not entitle Customer to any refund.

8. Changes to this AUP

WhatSnap may update this AUP. Non-material changes are effective on posting. Material changes (changes that expand prohibited categories in a way that meaningfully affects existing customers) will be notified at least thirty (30) days in advance under Section 16 of the Terms.

Other BYOD self-serve agreements

Questions about this document? [email protected]

View all legal documents →
Acceptable Use Policy | WhatSnap LLC | WhatSnap