The core principle
FUNEL gives you powerful contact data and outreach capabilities, and you must use them lawfully and respectfully. Every record you access, every message you send, and every export you make must comply with applicable law, honor the rights of the people in the data, and serve a legitimate business purpose.
FUNEL finds verified business contact records from publicly available professional and business information, enriches them with AI, runs email outreach, and syncs to your CRM. These are capabilities built for legitimate B2B sales and marketing — not for spam, harassment, deception, or any use that harms the individuals represented in the data.
This policy works alongside our Terms of Service and Privacy Policy. Where this AUP imposes a stricter standard on your conduct, the stricter standard applies.
Who this policy applies to
This policy applies to everyone who uses FUNEL — account owners, administrators, individual seat users, teammates, agents acting on your behalf, and anyone accessing the platform through your credentials or API keys. You are responsible for ensuring all users under your account follow it.
It covers every part of the service: searching and viewing contact and company records, AI enrichment, building and running outreach campaigns, exporting data, CRM sync, and use of the API or any integration.
- You are accountable for activity that occurs under your account, including the actions of teammates and automated processes you configure.
- If you use FUNEL on behalf of an organization, you confirm you are authorized to bind that organization to this policy.
- Violations by any user of your account may affect the entire account.
Lawful outreach
You must run all outreach in compliance with the anti-spam and data-protection laws that apply to you and your recipients, including CAN-SPAM, CASL, and the GDPR/UK GDPR and PECR. Contact people only for legitimate B2B purposes, identify yourself accurately, and always offer and honor a clear opt-out.
Comply with anti-spam and privacy laws
Different jurisdictions impose different obligations — consent requirements, sender-identification rules, and unsubscribe timelines among them. It is your responsibility to know which laws apply to each recipient and to meet them. FUNEL processes B2B contact data about third parties on the basis of legitimate interest, with a clear right to object; your outreach must respect that same standard.
Contact people for legitimate B2B purposes only
Use FUNEL to reach businesses and professionals about genuinely relevant products, services, or opportunities. Do not use it to contact people about matters unrelated to their professional role, and do not target individuals in their purely private capacity.
Always offer and honor opt-out
- Include a clear, working unsubscribe mechanism in every outreach message where the law requires one.
- Process opt-out and unsubscribe requests promptly and stop contacting anyone who has opted out.
- Maintain accurate suppression lists so a person who objects is not re-contacted.
- Never make unsubscribing conditional on payment, login, or providing additional information beyond what is necessary.
Use accurate sender identity
Your sender name, email address, subject lines, and message content must be truthful and not misleading. Do not disguise who you are, spoof a domain, falsify headers, or impersonate another person or organization.
Prohibited content and conduct
You may not use FUNEL to send spam, harass people, deceive recipients, or use contact data in illegal or discriminatory ways. The list below is illustrative, not exhaustive — anything that is unlawful, abusive, or that undermines the trust of the people in the data is prohibited.
Spam and unsolicited bulk messaging
- Sending unsolicited bulk or commercial messages in violation of applicable anti-spam law.
- Messaging recipients who have opted out, or who you have no lawful basis to contact.
- Importing or using externally sourced lists in ways that breach the rights of the people on them.
Harassment and abuse
- Threatening, harassing, stalking, intimidating, or repeatedly contacting someone who has asked you to stop.
- Sending content that is hateful, defamatory, obscene, or that incites violence.
Deceptive or misleading messages
- Falsifying sender identity, headers, or routing information.
- Using deceptive subject lines, phishing, fraud, or any attempt to trick recipients into taking an action.
- Misrepresenting your affiliation, endorsement, or the nature of your offer.
Illegal, discriminatory, or sensitive-category misuse
- Using contact or company data to discriminate against people on the basis of a protected characteristic.
- Targeting or profiling individuals based on sensitive categories — such as health, race or ethnicity, religion, sexual orientation, political opinions, or trade-union membership.
- Any use of the data that violates applicable law, regulation, or the rights of third parties, including the promotion of illegal goods or services.
Data-handling rules
Data you access through FUNEL is licensed for your own legitimate business outreach — not for resale, redistribution, or building a competing product. You must respect the rights of the people in the data, secure anything you export, and delete records when someone validly requests it.
Do not resell, redistribute, or build a competing database
- Do not sell, sublicense, syndicate, or otherwise redistribute FUNEL data to third parties.
- Do not use FUNEL data, in whole or in part, to create, train, or populate a competing contact database or data product.
- Do not pool exported data into a shared resource for use beyond your own authorized business purpose.
Respect the rights of people in the data
The records you work with represent real people and organizations. Handle them with the same care the law requires of a data controller: limit your use to legitimate purposes, keep records accurate, honor objections and data-subject rights, and do not combine FUNEL data with other sources in ways that would surprise or harm the individual.
Secure exported data and delete on request
- Protect any data you export with appropriate security controls and restrict access to those who need it.
- Do not store exported data longer than your legitimate purpose requires.
- When a person validly exercises a right to erasure or objection, suppress and delete their data promptly across your systems.
Platform integrity
You must use FUNEL only through the features we provide and within the limits we set. Do not scrape or extract data outside provided features, circumvent rate or credit limits, reverse engineer the service, introduce malware, or attempt unauthorized access or security testing without our written permission.
- No automated extraction, scraping, crawling, or harvesting of the platform or its data beyond the features and APIs we make available.
- No circumventing, disabling, or interfering with rate limits, credit limits, quotas, usage caps, or access controls.
- No reverse engineering, decompiling, or attempting to derive the source code, models, or underlying methods of the service, except where that restriction is prohibited by law.
- No uploading or transmitting malware, viruses, or any code intended to disrupt, damage, or gain unauthorized access to systems or data.
- No unauthorized access to accounts, data, or infrastructure, and no penetration testing, vulnerability scanning, or other security testing without our prior written authorization.
- No use of the service to build a product or service that competes with FUNEL, or to benchmark it for that purpose without our consent.
How we protect the platform and data
FUNEL is built to be secure and compliant by design: data is encrypted in transit with TLS and at rest with AES-256, and it is GDPR-compliant by design and CCPA-aligned, following recognized information-security practices. These protections support — but do not replace — your own obligation to use the service responsibly.
- Encryption in transit (TLS) and at rest (AES-256).
- An information-security program with controls covering security and availability.
- GDPR and UK GDPR compliant by design, CCPA/CPRA-aligned, with a signed Data Processing Addendum available on request.
- FUNEL does not sell personal information for money; B2B contact data about third parties is processed on the basis of legitimate interest with a clear right to object.
- Sub-processors are engaged by category only — such as a cloud hosting provider, email delivery provider, payment processor, and analytics provider — with a current list available on request.
- Right-to-be-forgotten requests are honored promptly, typically within 30 days, and we notify of security incidents without undue delay.
Consequences of violations
If you violate this policy, FUNEL may take action ranging from a warning to suspension or termination of your account, and may refer serious or unlawful conduct to the appropriate authorities. We choose the response based on the severity, intent, and impact of the violation, and we may act immediately where harm is ongoing.
- Warning and a request to remediate the violating activity.
- Throttling, suspension, or restriction of specific features or your account.
- Termination of your account and access to the service.
- Removal or quarantine of offending content or data.
- Referral to law enforcement or regulators, and cooperation with legal process, where appropriate.
We may suspend access without prior notice where we reasonably believe doing so is necessary to protect FUNEL, its users, the people in the data, or third parties. Suspension or termination for a policy violation does not entitle you to a refund.
Reporting abuse
If you become aware of any use of FUNEL that violates this policy — spam, harassment, deceptive messaging, data misuse, or a security concern — report it to us so we can investigate and act. Include as much detail as you safely can, such as the messages, accounts, or data involved.
Changes to this policy
FUNEL may update this Acceptable Use Policy from time to time to reflect changes in the law, our services, or how the platform is used. When we make material changes, we will update the effective date and take reasonable steps to notify account holders. Your continued use of FUNEL after a change takes effect means you accept the updated policy.
Governing law
This policy is governed by the laws of the jurisdiction in which FUNEL is established, without regard to conflict-of-law principles. It applies in addition to our Terms of Service and Privacy Policy, which set out the broader terms governing your use of the service.
Contact us
Questions about this Acceptable Use Policy, requests for our current sub-processor list or signed DPA, and reports of abuse can all be directed to our team at abuse@funel.to. We aim to respond to every request promptly.
- Email: abuse@funel.to
- Web: https://funel.to
- Effective date: June 17, 2026