LEGAL

Acceptable Use Policy

KairosAI Technologies Private Limited · Last updated 30 June 2026 · Effective date: 30 June 2026

This Acceptable Use Policy (the “Policy”) governs your use of the KairosAI platform and the AI-powered customer-service agents we provide across voice (including PSTN telephony), WhatsApp, email, and web chat. It is operated by KairosAI Technologies Private Limited, a company incorporated under the Companies Act, 2013, with its registered office at Flat No. E-506, Pristine Allure, S.No. 20/2A, Vadgaon Sheri, Pune City, Pune – 411014, Maharashtra, India (“KairosAI”, “we”, “us”, or “our”). This Policy forms part of, and is incorporated by reference into, our Terms & Conditions. Capitalised terms not defined here have the meaning given in the Terms. By accessing or using the platform — whether through our deployed AI agents, dashboard, or APIs — you and your authorised users agree to comply with this Policy. If you do not agree, you must not use the platform.

1. Scope and Your Responsibility

KairosAI is a multi-tenant software-as-a-service platform. You are responsible for all activity conducted under your account, including the conduct of your end users and any third parties you authorise. You must ensure that the conversations, campaigns, prompts, knowledge bases, integrations, and automations you configure comply with this Policy and with all applicable laws of India, including the Information Technology Act, 2000 (and the rules framed thereunder), the Digital Personal Data Protection Act, 2023 (“DPDP Act”), the Telecom Regulatory Authority of India (“TRAI”) regulations, and the Consumer Protection Act, 2019. This Policy applies in addition to any platform-specific terms imposed by underlying providers (for example, the WhatsApp Business Messaging Policy or your telecom operator’s terms), which you must also follow.

2. Prohibited Content and Conduct

You must not use the platform, or permit anyone to use it, to create, transmit, store, request, or otherwise make available any content or conduct that is unlawful or harmful. Without limiting the generality of the foregoing, you must not use the AI agents or platform to:

  • engage in any activity that is illegal, fraudulent, deceptive, or misleading under Indian law, or that promotes, facilitates, or instructs others in such activity;
  • create or distribute content that is defamatory, libellous, obscene, pornographic, paedophilic, invasive of another’s privacy, hateful, or racially or ethnically objectionable, or that is otherwise unlawful under Section 67, 67A, or 67B of the IT Act, 2000;
  • harass, threaten, abuse, stalk, intimidate, or incite violence or self-harm against any person or group;
  • impersonate any person, business, or entity, or misrepresent your affiliation with any person or entity, or spoof caller identity, sender IDs, headers, or origin in any communication;
  • publish or transmit content that threatens the unity, integrity, defence, security, or sovereignty of India, friendly relations with foreign States, or public order, or that incites the commission of any cognisable offence;
  • generate content intended to manipulate, defraud, or financially harm recipients, including phishing, “smishing”, vishing, advance-fee schemes, or fake offers and lotteries.

3. Messaging, Spam, and TRAI / DLT Compliance

Because the platform sends communications over telecom and messaging channels, you must strictly observe Indian commercial-communication law. You must not use the platform to:

  • send unsolicited bulk or spam messages, calls, or emails, or any commercial communication, in violation of the TRAI Telecom Commercial Communications Customer Preference Regulations (TCCCPR) and the associated Distributed Ledger Technology (“DLT”) framework;
  • send promotional, transactional, or service messages over SMS, WhatsApp, or voice without valid, demonstrable, and current consent from each recipient, and without honouring opt-outs, do-not-disturb (DND) preferences, and revocation of consent;
  • transmit SMS or WhatsApp content using unregistered headers, sender IDs, or templates, or content that does not match templates registered and approved on the relevant DLT platform;
  • place automated, pre-recorded, or AI-driven voice calls (including over PSTN) outside permitted hours, to numbers on the DND registry, or otherwise in breach of TRAI calling regulations;
  • harvest, scrape, purchase, or use phone numbers, email addresses, or contact lists obtained without a lawful basis or the recipient’s consent.

You are solely responsible for maintaining records of consent, principal-entity and telemarketer registrations, and template approvals, and for producing them on request from us or a competent authority.

4. Disclosure of AI and Automated Interactions

You must not use the platform to deceive recipients about the nature of the interaction. Where required by law or by the reasonable expectations of the recipient, you must clearly disclose that the recipient is communicating with an AI or automated agent and not a human. You must not configure the AI agents to falsely claim to be a specific human, to deny being automated when asked, or to impersonate a regulated professional (such as a doctor, lawyer, or financial adviser) in a manner that misleads the recipient.

5. Data Protection, Privacy, and Lawful Basis

The platform processes personal data on your behalf, and you act as the Data Fiduciary (or its equivalent) for the personal data you submit or collect. You must not use the platform to:

  • collect, process, or store personal data without a lawful basis, valid consent, or notice as required under the DPDP Act, 2023;
  • process the personal data of children or persons with disabilities in breach of the additional protections under the DPDP Act, 2023;
  • collect sensitive financial, health, biometric, or government-identifier information through the AI agents unless you have implemented appropriate safeguards and a lawful basis to do so;
  • infringe the intellectual-property rights, trade secrets, confidentiality, or privacy rights of any person, including by uploading content you are not authorised to use;
  • use the platform in any way that would cause us to breach our own obligations as a Data Processor under the DPDP Act, 2023.

For details on how we handle personal data, see our Privacy Policy.

6. Security, Integrity, and Technical Restrictions

You must not, and must not attempt to:

  • introduce, transmit, or store any virus, worm, trojan, ransomware, malicious code, or other harmful component into or through the platform;
  • probe, scan, or test the vulnerability of the platform or any associated system or network, or breach or circumvent any security, authentication, multi-tenant isolation, or access-control measure (including our PostgreSQL row-level security, encryption, or secrets management in AWS SSM);
  • reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, models, or underlying structure of the platform, except to the limited extent permitted by applicable law;
  • scrape, crawl, or use bots, spiders, or automated means to extract data from the platform other than through interfaces we expressly provide;
  • circumvent, disable, or interfere with rate limits, usage metering, billing controls, or any feature intended to restrict or measure use of the platform;
  • impose an unreasonable or disproportionately large load on our infrastructure, or take any action that disrupts the integrity or performance of the platform for other tenants.

7. High-Risk Use and Human Oversight

The AI agents may produce inaccurate, incomplete, or unexpected outputs (“hallucinations”). You must not rely on AI-generated outputs as the sole basis for decisions that have legal, financial, medical, safety, or otherwise significant effects on an individual without meaningful human review. You must not deploy the AI agents to provide regulated advice (medical, legal, financial, or similar) or to make high-risk or fully automated decisions without appropriate qualified human oversight, safeguards, and disclosures. You are responsible for validating outputs before acting on them or presenting them to your end users as authoritative.

8. Account, Billing, and Resale Restrictions

The platform uses a prepaid wallet in Indian Rupees (INR), from which metered usage — such as voice minutes and messages — is debited; payments are processed through Razorpay. You must not use the platform to:

  • engage in fraudulent, abusive, or manipulative billing activity, including initiating chargebacks in bad faith, exploiting metering, or generating artificial traffic to inflate or distort usage;
  • resell, sublicense, rent, lease, or otherwise make the platform available to third parties as a service without our prior written authorisation;
  • share, transfer, or sell account credentials, API keys, or wallet balances except as expressly permitted under the Terms.

Fees are exclusive of applicable taxes. We are not currently registered for Goods and Services Tax (GST). If and when we become GST-registered, GST will be charged at the applicable rate and valid tax invoices will be issued.

9. Monitoring

We do not routinely monitor the content you transmit through the platform, and we are not obliged to do so. However, we reserve the right (but assume no obligation) to review, investigate, and take action in respect of any use we reasonably believe violates this Policy, the Terms, or applicable law, or that is the subject of a complaint or a lawful request from a competent authority. We may preserve and disclose information where required to comply with applicable law, including the IT Act, 2000, and the DPDP Act, 2023.

10. Enforcement

Violations of this Policy are violations of the Terms & Conditions. Where we determine, in our reasonable discretion, that you have breached this Policy, we may take any one or more of the following actions, with or without prior notice depending on the severity of the breach:

  • issue a warning and require you to remediate the offending activity within a specified time;
  • remove, disable, or restrict access to specific content, campaigns, agents, or features;
  • throttle, suspend, or limit your account, channels, or usage, including pausing wallet-funded activity;
  • terminate your account and access to the platform in accordance with the Terms, including for severe, repeated, or unlawful violations;
  • report the activity to telecom operators, messaging providers, payment partners, or law-enforcement and regulatory authorities where we are required or permitted to do so.

Where a breach poses an immediate risk of harm, legal liability, or damage to the platform, our partners, or third parties, we may suspend access immediately and investigate thereafter. Suspension or termination for a breach of this Policy does not entitle you to a refund of prepaid wallet balances consumed or forfeited in accordance with the Terms, and does not limit any other remedy available to us at law or in equity.

11. Reporting Violations

If you become aware of any use of the platform that violates this Policy — including abusive messaging, fraudulent or impersonating agents, security issues, or misuse of personal data — please report it promptly to us at hello@trykairos.in with sufficient detail for us to investigate. Security vulnerabilities may be reported to the same address. We take all reports seriously and will respond in accordance with our internal procedures and applicable law.

12. Governing Law and Jurisdiction

This Policy is governed by and construed in accordance with the laws of India. Subject to the dispute-resolution provisions of the Terms & Conditions, the courts at Pune, Maharashtra shall have exclusive jurisdiction, and any arbitration shall be seated at Pune, Maharashtra, conducted in English, under the Arbitration and Conciliation Act, 1996.

13. Changes to this Policy

We may update this Policy from time to time to reflect changes in our services, applicable law, or regulatory requirements. We will revise the “Last updated” date above and, where the changes are material, take reasonable steps to notify you. Your continued use of the platform after such changes take effect constitutes your acceptance of the revised Policy.

14. Contact

For any questions about this Policy, to report a violation, or to raise a grievance, please contact our Grievance / Contact Officer, Vishal Khandelwal (Founder), at hello@trykairos.in. You may also write to us at our registered office: KairosAI Technologies Private Limited, Flat No. E-506, Pristine Allure, S.No. 20/2A, Vadgaon Sheri, Pune City, Pune – 411014, Maharashtra, India.