Acceptable Use Policy

Last updated: March 10, 2026

This Acceptable Use Policy (“Policy”) governs the use of services provided by Orchard Stack LLC (“Provider”) through the Orchard Stack platform (“Service”).

This Policy applies to all customers, administrators, users, volunteers, contractors, and other individuals who access or use the Service.

1. Purpose

The purpose of this Policy is to ensure that the Service is used responsibly, lawfully, and in a manner that protects users, recipients of communications, and the integrity of the Orchard Stack platform.

2. General Acceptable Use

Customers and Users must use the Service only for lawful and legitimate purposes.

Users may not use the Service in any way that:

• violates applicable laws or regulations
• infringes the rights of others
• interferes with the operation or security of the Service
• attempts to gain unauthorized access to systems or data
• damages the reliability, availability, or reputation of the Service

Customers are responsible for ensuring that their Users comply with this Policy.

3. Prohibited Activities

Users may not use the Service to:

• transmit unlawful, abusive, defamatory, or threatening content
• store or transmit malicious code, viruses, or harmful software
• conduct phishing, fraud, impersonation, or deceptive practices
• collect personal data without proper authorization
• interfere with or disrupt the Service or its infrastructure
• probe, scan, or test the vulnerability of the Service without authorization
• attempt to bypass security measures or access controls

Users may not use the Service in a manner that could reasonably be expected to harm the Service, its users, or third parties.

4. Protection of Personal and Sensitive Information

Customers must handle personal, confidential, or sensitive information responsibly and in accordance with applicable privacy and data protection laws.

Customers are responsible for ensuring that any personal data collected or processed using the Service is obtained and used lawfully.

5. Messaging and Communications

The Service may include functionality that enables Customers to send or receive SMS text messages, multimedia messages (MMS), or other communications (“Messaging Services”).

Messaging Services may be delivered through third-party telecommunications providers and mobile carriers.

Customers using Messaging Services must comply with all applicable laws, regulations, and telecommunications industry guidelines governing messaging communications.

These may include, but are not limited to:

• the Telephone Consumer Protection Act (TCPA)
• applicable consumer protection and privacy laws
• telecommunications carrier messaging policies
• industry registration programs such as 10DLC

Customers are solely responsible for ensuring that their use of Messaging Services complies with these requirements.

6. Consent and Opt-In Requirements

Customers must obtain appropriate recipient consent before sending messages where required by law.

Customers must:

• obtain clear and verifiable consent before sending messages
• clearly identify the sender of the message
• disclose the nature and purpose of the messaging program
• disclose message frequency where applicable
• notify recipients that message and data rates may apply
• maintain records of recipient consent where required

Customers must provide recipients with a clear method to opt out of receiving future messages.

7. Opt-Out Requirements

Recipients must be able to stop receiving messages at any time.

Customers must promptly honor all opt-out requests and must not send additional messages to recipients who have withdrawn consent.

Recipients must be able to opt out through standard mechanisms such as replying STOP, or another clearly communicated opt-out method.

8. Prohibited Messaging Practices

Messaging Services may not be used to send:

• unsolicited bulk messages or spam
• messages to purchased, rented, scraped, or otherwise acquired contact lists without direct recipient consent
• fraudulent or misleading communications
• phishing attempts or malicious links
• unlawful or deceptive offers
• messages that violate telecommunications provider or carrier policies
• messages impersonating another organization or individual

Customers must ensure that all recipients have knowingly agreed to receive messages from the Customer.

9. Messaging Content Restrictions

Messaging Services may not be used to transmit content that promotes or relates to:

• illegal products or services
• fraudulent financial schemes
• deceptive marketing practices
• malicious software distribution
• illegal drug activity
• unlawful adult content

Provider reserves the right to restrict messaging use cases that violate telecommunications provider policies.

10. Telecommunications Provider Requirements

Messaging Services may be subject to requirements imposed by telecommunications providers or mobile carriers.

These requirements may include:

• messaging campaign registration
• sender identity verification
• messaging use-case disclosures
• registration frameworks such as 10DLC

Customers must provide accurate information required to comply with these requirements.

Failure to comply with telecommunications provider requirements may result in suspension of Messaging Services.

11. Message Delivery Disclaimer

Messaging Services rely on third-party telecommunications providers and mobile carriers.

Provider does not guarantee:

• message delivery
• delivery timing
• compatibility with all mobile carriers or devices

Messages may be delayed, filtered, or blocked by telecommunications providers without notice.

12. System Integrity and Platform Protection

Customers may not use the Service in ways that interfere with the normal operation of the platform.

Examples include:

• excessive automated requests
• denial-of-service attempts
• attempts to overwhelm system resources
• exploitation of system vulnerabilities

Provider may implement rate limits or usage controls to protect the stability of the Service.

13. Enforcement

Provider reserves the right to investigate violations of this Policy.

If Provider determines that a violation has occurred, Provider may take appropriate action including:

• issuing warnings
• suspending messaging capabilities
• restricting access to the Service
• terminating Customer access

Provider may take such action without prior notice if necessary to protect the Service or comply with legal or telecommunications requirements.

14. Updates to this Policy

Provider may update this Policy from time to time to reflect changes in law, industry standards, or service functionality.

The most current version of this Policy will be available at: https://www.orchardstack.com/acceptable-use

Continued use of the Service after updates to the Policy constitutes acceptance of the updated Policy.

15. Contact

Questions regarding this Acceptable Use Policy may be directed to:

Orchard Stack LLC
812 N Duke St
Lancaster, PA 17602

Email: support@orchardstack.com