Hobb Acceptable Use Policy
Last updated / Effective date: July 11, 2026
Draft for counsel review. Incorporated by reference into the Terms of Service. This is the operational rulebook that pushes messaging, calling, and recording compliance onto users — important because Hobb's features (SMS/WhatsApp, call recording, mailbox access) carry per-violation statutory-damages exposure (TCPA, CIPA/state recording laws, CAN-SPAM). Not legal advice.
This Acceptable Use Policy ("AUP") governs your use of the Hobb Service provided by Redo AI, Inc. ("Redo AI," "we," "us"). It is part of, and incorporated by reference into, the Terms of Service. Capitalized terms have the meanings given there. Violating this AUP is a material breach of the Terms and may result in immediate suspension or termination and reporting to relevant authorities or providers.
You are responsible for your own use of the Service and for anyone you allow to use your account. You must comply with all applicable laws and with the policies of the underlying providers (Google, Microsoft, Telnyx, Meta/WhatsApp, and the mobile carriers).
1. General prohibited uses
You may not use the Service to:
- Violate any law or regulation, or infringe or misappropriate any third party's intellectual-property, privacy, publicity, or other rights.
- Transmit malware or engage in phishing, spoofing, fraud, or deceptive or misleading practices.
- Harass, threaten, defame, or harm others; distribute hate speech or content that is unlawful, obscene, or exploitative (including any content that sexualizes or endangers minors).
- Attempt to gain unauthorized access to, disrupt, overload, reverse-engineer, or probe the Service or its infrastructure, or circumvent usage limits, security, or authentication.
- Resell, sublicense, or provide the Service to third parties except as expressly permitted, or use it to build a competing product.
- Process the personal data of others without a lawful basis and any required notice or consent.
2. Messaging (SMS, WhatsApp) — consent and content rules
Because you are the sender of messages you transmit through the Service, you must comply with the TCPA, CAN-SPAM, the CTIA Messaging Principles, 10DLC/The Campaign Registry requirements, state mini-TCPA laws, and (for WhatsApp) Meta's Business and Commerce policies. Specifically, you must:
- Obtain and document prior express consent (prior express written consent for marketing/promotional messages) from each recipient before messaging them. Do not use purchased, rented, scraped, or shared contact lists.
- Provide a clear opt-in call-to-action that identifies your business, the purpose of messages, that "message frequency varies," that "message and data rates may apply," and links to applicable terms and privacy notices.
- Honor opt-outs immediately — support STOP / UNSUBSCRIBE / CANCEL / QUIT / END to opt out, and reply to HELP / INFO with your business name and support contact. Do not message a recipient who has opted out.
- Match your actual message volume and content to what you disclosed at opt-in. No "snowshoeing," number rotation to evade filtering, or spam.
- Send no SHAFT content (Sex, Hate, Alcohol, Firearms, Tobacco) and no illegal, deceptive, or prohibited high-risk content (e.g., unlawful lending, "get-rich-quick," controlled substances).
- Respect timing and do-not-call rules — no marketing messages during prohibited quiet hours, and honor the National Do Not Call Registry and state lists where applicable.
- Register accurately for 10DLC brand/campaign vetting and WhatsApp sender/display-name and template approval; keep your business identity information accurate and current.
- Comply with WhatsApp opt-in rules — obtain opt-in that names your business before sending business-initiated template messages, and respect the customer-service-window rules.
3. Calls and call recording — consent rules
- You are responsible for the legality of recording your calls. Many U.S. states (including California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Montana, Nevada, New Hampshire, Oregon, Pennsylvania, and Washington) require the consent of all parties to record a call. When any party may be in an all-party-consent jurisdiction, obtain all-party consent.
- Keep the recording/consent announcement enabled where you record, and do not disable or circumvent it in a way that records without lawful consent.
- Do not record where prohibited, and stop recording if a party withdraws consent.
- Do not use the recording or transcription features to capture communications you are not a party to, or for surveillance, stalking, or other unlawful purposes.
- Emergency calling. Do not rely on the Service for emergency (911/999/112) calls unless expressly provisioned; maintain an alternative.
4. Email — CAN-SPAM and mailbox use
For commercial email you send, you must use accurate header and "from" information and non-deceptive subject lines, identify advertising where required, include a valid physical postal address, provide a working opt-out, and honor opt-outs promptly (within 10 business days). Do not use connected-mailbox access to send bulk unsolicited email or to violate Google's or Microsoft's terms.
5. Data you load into Hobb
You must have all rights, consents, and lawful bases needed to load third-party personal information (your contacts, leads, and clients) into the Service and to have Hobb process, record, and communicate with those individuals. You must provide any privacy notices those individuals are entitled to, and honor their privacy rights (see Section 9 of the Privacy Policy). You must keep, and produce to us on reasonable request, evidence that your contacts were collected and consented in compliance with applicable law.
Prohibited data. Do not upload to or process through the Service any of the following, unless expressly permitted in writing by Redo AI: government-issued identification numbers (e.g., Social Security, passport, driver's license numbers); full financial account, credit-, or debit-card numbers; protected health information or other medical data; biometric identifiers; precise geolocation of another person collected without consent; information about children under 18; or any special-category / sensitive data whose processing you are not authorized to perform. You are responsible for keeping such data out of the mailbox content, calls, and messages you route through the Service where you are able to control it.
6. Enforcement
We may investigate suspected violations and may suspend or terminate access, remove content, throttle or block messaging, and cooperate with law enforcement and providers. We may act immediately where we believe there is risk of harm, legal exposure, or provider-policy violation. We are not obligated to monitor use but may do so to protect the Service and its users.
7. Reporting
Report suspected abuse or violations to [abuse@joinredo.com — TO CONFIRM] or legal@joinredo.com.
This document is a draft prepared for Redo AI, Inc. and must be reviewed by qualified legal counsel before publication. See README.md for outstanding legal items.