Acceptable Use Policy

1. About this policy

This Acceptable Use Policy sets out the rules for using the Kalitu website and Services (the “Services”), including AI teammates and related automations Kalitu operates on behalf of Business Clients. It forms part of, and should be read with, our Terms of Service. By using the Services you agree to this policy.

2. General rules

You must use the Services lawfully, honestly and in good faith. You must not use the Services in any way that breaks the law, infringes the rights of others, harms individuals, or could damage, disable, overload or impair the Services or anyone’s use of them.

3. Prohibited conduct

You must not:

• Provide false, misleading or impersonating information, or misrepresent your identity, qualifications or affiliation.
• Post or submit content that is unlawful, defamatory, fraudulent, harassing, hateful, obscene or otherwise objectionable.
• Submit fake, incentivised or misleading reviews, or manipulate ratings, testimonials or reviews.
• Make false or unsubstantiated claims about treatments, results, pricing or qualifications, or post content that breaches advertising, healthcare, consumer-protection or platform-policy rules.
• Upload or transmit viruses, malware or other harmful code.
• Attempt to gain unauthorised access to the Services, other accounts, or our systems or networks.
• Probe, test, scan, reverse-engineer or attempt to circumvent or interfere with APIs, automations, security controls, rate limits or system protections.
• Scrape, harvest or collect data from the Services, including personal data of other users, except as expressly permitted.
• Interfere with, overload or disrupt the Services or connected infrastructure.
• Copy, resell, sublicense or commercially exploit the Services without our written permission.
• Use the Services to infringe intellectual property or other rights of any person.

4. Prohibited AI uses

You must not use Kalitu, AI teammates or other AI features of the Services to:

• Impersonate real individuals (including clinicians, staff or public figures) without permission, or create the false impression that an AI teammate is a specific named person.
• Intentionally mislead a customer or patient into believing they are speaking with a human or with a licensed clinical or medical professional when they are not. Where required by law, the AI nature of an interaction must be disclosed.
• Provide medical diagnoses, treatment plans or clinical recommendations, except where expressly permitted and supervised by appropriately qualified professionals under the Business Client’s responsibility.
• Create or distribute misleading, deceptive or manipulated content, including fake identities, fabricated testimonials, synthetic reviews, or content designed to deceive a person into a decision they would not otherwise make.
• Generate content that harasses, threatens, intimidates, defames or unlawfully discriminates against any person or group.
• Engage in unlawful or abusive automated messaging, including unsolicited contact at scale, evasion of opt-outs, or contact in violation of telephone, email or messaging regulations.
• Conduct, facilitate or attempt fraud, identity theft, financial scams, account takeover or other unlawful activity.
• Collect, infer or process personal information without the legal right to do so, including special-category data, children’s data or biometric data outside the scope agreed with Kalitu.
• Generate content that exploits, sexualises or endangers minors.
• Attempt to manipulate AI teammates into bypassing their configured guardrails, operating outside their authorised scope, or producing content that violates this policy.

5. Healthcare-related use

Business Clients remain responsible for ensuring compliance with all healthcare, professional, advertising and consumer-protection regulations applicable to their business and the jurisdictions in which they operate.

AI teammates must not be used to provide medical diagnoses, treatment plans, dosing guidance or clinical recommendations to customers or patients unless that use is expressly permitted, properly disclosed, and supervised by appropriately qualified professionals. AI teammates handling enquiries for regulated procedures must direct any clinical decisions to qualified clinicians and must not present themselves as a substitute for a professional consultation.

Business Clients are responsible for any required notices, consents or disclosures to patients and prospective patients about the use of AI in their customer communications, including AI-disclosure requirements under applicable US state laws (for example, California) and equivalent rules in other jurisdictions.

6. Rules for Business Clients

If you are a Business Client (for example, a Med Spa, Cosmetic Dental practice or similar aesthetic business engaging Kalitu’s Services), you must additionally:

• Hold and maintain all licences, registrations, insurance and qualifications required to offer your services lawfully in each jurisdiction you operate in.
• Ensure all content, scripts, offers, pricing and claims you provide or ask us to deploy through AI teammates are accurate, current, substantiated and compliant with applicable rules.
• Only provide personal data to Kalitu where you have the legal right to do so, and ensure you have obtained any required notices, permissions or consents from the individuals concerned, including any consents required for automated decision-making, recording and AI-assisted communications.
• Supervise the operation of AI teammates within your business, including reviewing and approving treatment information, pricing, policies, workflows and customer-facing communications.
• Not use Kalitu introductions, customer data or AI outputs for any purpose beyond what was agreed with Kalitu and your customers, and not pass that data to unrelated third parties.
• Promptly inform Kalitu of any complaint, regulator contact, security incident or data-subject request relating to your use of the Services.

7. Content you submit

You are responsible for the content, prompts, instructions, configurations and materials you submit through the Services, including any content used to train, tune or instruct AI teammates. You confirm that you have the rights to submit it and that it does not breach this policy or any law. We may, but are not obliged to, review, moderate or remove content.

8. Communications

Where the Services are used to send or facilitate communications with customers, patients or third parties (including by SMS, voice, email, chat or messaging platforms), you must not use the Services to:

• Send unlawful or unsolicited automated communications, including communications in breach of CAN-SPAM, TCPA, CASL, the UK PECR, or equivalent telephone, messaging and email laws.
• Contact individuals without the permissions, opt-ins or established business relationships required by applicable law.
• Circumvent, ignore or fail to honour opt-out, unsubscribe, STOP or do-not-contact requests.
• Disguise the originating sender, business name or purpose of a communication, or send communications that conceal that an AI system is involved where disclosure is required.
• Send communications at times, frequencies or volumes that constitute harassment or that breach platform or carrier policies.

Business Clients are responsible for maintaining their own opt-out and suppression records and for honouring them across all channels they use.

9. Reporting misuse

If you become aware of content or conduct that breaches this policy, please report it to abuse@talitu.com or via our contact page. We take reports seriously and review them promptly.

10. Consequences of breach

If you breach this policy, we may take any action we consider appropriate, including removing content, issuing a warning, suspending or terminating your access or account, and reporting the matter to law enforcement, regulators or affected third parties. We may also pursue any other remedies available to us.

Immediate suspension for AI risk. We may immediately suspend AI teammates, integrations, communications channels or workflows if we reasonably believe their continued operation creates a legal, security, privacy, safety or reputational risk, including risk to customers or patients of Business Clients. We will use reasonable efforts to notify the affected Business Client and to work with them on a path to resumption where appropriate.

11. Changes to this policy

We may update this policy from time to time. The “last updated” date shows when the latest version took effect. Continuing to use the Services after changes take effect means you accept the updated policy.

12. Contact

Questions about this policy can be sent to hello@talitu.com or via our contact page. Reports of misuse should go to abuse@talitu.com.