FUNEL Acceptable Use Policy

FUNEL gives you powerful contact data and outreach tools — and with that power comes responsibility to use them lawfully and respectfully. This Acceptable Use Policy ("AUP") sets the rules for everyone who uses FUNEL: how to run compliant outreach, what content and conduct are prohibited, how to handle the data you access, and how we keep the platform secure. By using FUNEL you agree to these terms. This policy is in force as of June 17, 2026.

Effective date:

The core principle

FUNEL gives you powerful contact data and outreach capabilities, and you must use them lawfully and respectfully. Every record you access, every message you send, and every export you make must comply with applicable law, honor the rights of the people in the data, and serve a legitimate business purpose.

FUNEL finds verified business contact records from publicly available professional and business information, enriches them with AI, runs email outreach, and syncs to your CRM. These are capabilities built for legitimate B2B sales and marketing — not for spam, harassment, deception, or any use that harms the individuals represented in the data.

This policy works alongside our Terms of Service and Privacy Policy. Where this AUP imposes a stricter standard on your conduct, the stricter standard applies.

Who this policy applies to

This policy applies to everyone who uses FUNEL — account owners, administrators, individual seat users, teammates, agents acting on your behalf, and anyone accessing the platform through your credentials or API keys. You are responsible for ensuring all users under your account follow it.

It covers every part of the service: searching and viewing contact and company records, AI enrichment, building and running outreach campaigns, exporting data, CRM sync, and use of the API or any integration.

  • You are accountable for activity that occurs under your account, including the actions of teammates and automated processes you configure.
  • If you use FUNEL on behalf of an organization, you confirm you are authorized to bind that organization to this policy.
  • Violations by any user of your account may affect the entire account.

Lawful outreach

You must run all outreach in compliance with the anti-spam and data-protection laws that apply to you and your recipients, including CAN-SPAM, CASL, and the GDPR/UK GDPR and PECR. Contact people only for legitimate B2B purposes, identify yourself accurately, and always offer and honor a clear opt-out.

Comply with anti-spam and privacy laws

Different jurisdictions impose different obligations — consent requirements, sender-identification rules, and unsubscribe timelines among them. It is your responsibility to know which laws apply to each recipient and to meet them. FUNEL processes B2B contact data about third parties on the basis of legitimate interest, with a clear right to object; your outreach must respect that same standard.

Contact people for legitimate B2B purposes only

Use FUNEL to reach businesses and professionals about genuinely relevant products, services, or opportunities. Do not use it to contact people about matters unrelated to their professional role, and do not target individuals in their purely private capacity.

Always offer and honor opt-out

  • Include a clear, working unsubscribe mechanism in every outreach message where the law requires one.
  • Process opt-out and unsubscribe requests promptly and stop contacting anyone who has opted out.
  • Maintain accurate suppression lists so a person who objects is not re-contacted.
  • Never make unsubscribing conditional on payment, login, or providing additional information beyond what is necessary.

Use accurate sender identity

Your sender name, email address, subject lines, and message content must be truthful and not misleading. Do not disguise who you are, spoof a domain, falsify headers, or impersonate another person or organization.

Prohibited content and conduct

You may not use FUNEL to send spam, harass people, deceive recipients, or use contact data in illegal or discriminatory ways. The list below is illustrative, not exhaustive — anything that is unlawful, abusive, or that undermines the trust of the people in the data is prohibited.

Spam and unsolicited bulk messaging

  • Sending unsolicited bulk or commercial messages in violation of applicable anti-spam law.
  • Messaging recipients who have opted out, or who you have no lawful basis to contact.
  • Importing or using externally sourced lists in ways that breach the rights of the people on them.

Harassment and abuse

  • Threatening, harassing, stalking, intimidating, or repeatedly contacting someone who has asked you to stop.
  • Sending content that is hateful, defamatory, obscene, or that incites violence.

Deceptive or misleading messages

  • Falsifying sender identity, headers, or routing information.
  • Using deceptive subject lines, phishing, fraud, or any attempt to trick recipients into taking an action.
  • Misrepresenting your affiliation, endorsement, or the nature of your offer.

Illegal, discriminatory, or sensitive-category misuse

  • Using contact or company data to discriminate against people on the basis of a protected characteristic.
  • Targeting or profiling individuals based on sensitive categories — such as health, race or ethnicity, religion, sexual orientation, political opinions, or trade-union membership.
  • Any use of the data that violates applicable law, regulation, or the rights of third parties, including the promotion of illegal goods or services.

Data-handling rules

Data you access through FUNEL is licensed for your own legitimate business outreach — not for resale, redistribution, or building a competing product. You must respect the rights of the people in the data, secure anything you export, and delete records when someone validly requests it.

Do not resell, redistribute, or build a competing database

  • Do not sell, sublicense, syndicate, or otherwise redistribute FUNEL data to third parties.
  • Do not use FUNEL data, in whole or in part, to create, train, or populate a competing contact database or data product.
  • Do not pool exported data into a shared resource for use beyond your own authorized business purpose.

Respect the rights of people in the data

The records you work with represent real people and organizations. Handle them with the same care the law requires of a data controller: limit your use to legitimate purposes, keep records accurate, honor objections and data-subject rights, and do not combine FUNEL data with other sources in ways that would surprise or harm the individual.

Secure exported data and delete on request

  • Protect any data you export with appropriate security controls and restrict access to those who need it.
  • Do not store exported data longer than your legitimate purpose requires.
  • When a person validly exercises a right to erasure or objection, suppress and delete their data promptly across your systems.

Platform integrity

You must use FUNEL only through the features we provide and within the limits we set. Do not scrape or extract data outside provided features, circumvent rate or credit limits, reverse engineer the service, introduce malware, or attempt unauthorized access or security testing without our written permission.

  • No automated extraction, scraping, crawling, or harvesting of the platform or its data beyond the features and APIs we make available.
  • No circumventing, disabling, or interfering with rate limits, credit limits, quotas, usage caps, or access controls.
  • No reverse engineering, decompiling, or attempting to derive the source code, models, or underlying methods of the service, except where that restriction is prohibited by law.
  • No uploading or transmitting malware, viruses, or any code intended to disrupt, damage, or gain unauthorized access to systems or data.
  • No unauthorized access to accounts, data, or infrastructure, and no penetration testing, vulnerability scanning, or other security testing without our prior written authorization.
  • No use of the service to build a product or service that competes with FUNEL, or to benchmark it for that purpose without our consent.

How we protect the platform and data

FUNEL is built to be secure and compliant by design: data is encrypted in transit with TLS and at rest with AES-256, and it is GDPR-compliant by design and CCPA-aligned, following recognized information-security practices. These protections support — but do not replace — your own obligation to use the service responsibly.

  • Encryption in transit (TLS) and at rest (AES-256).
  • An information-security program with controls covering security and availability.
  • GDPR and UK GDPR compliant by design, CCPA/CPRA-aligned, with a signed Data Processing Addendum available on request.
  • FUNEL does not sell personal information for money; B2B contact data about third parties is processed on the basis of legitimate interest with a clear right to object.
  • Sub-processors are engaged by category only — such as a cloud hosting provider, email delivery provider, payment processor, and analytics provider — with a current list available on request.
  • Right-to-be-forgotten requests are honored promptly, typically within 30 days, and we notify of security incidents without undue delay.

Consequences of violations

If you violate this policy, FUNEL may take action ranging from a warning to suspension or termination of your account, and may refer serious or unlawful conduct to the appropriate authorities. We choose the response based on the severity, intent, and impact of the violation, and we may act immediately where harm is ongoing.

  • Warning and a request to remediate the violating activity.
  • Throttling, suspension, or restriction of specific features or your account.
  • Termination of your account and access to the service.
  • Removal or quarantine of offending content or data.
  • Referral to law enforcement or regulators, and cooperation with legal process, where appropriate.

We may suspend access without prior notice where we reasonably believe doing so is necessary to protect FUNEL, its users, the people in the data, or third parties. Suspension or termination for a policy violation does not entitle you to a refund.

Reporting abuse

If you become aware of any use of FUNEL that violates this policy — spam, harassment, deceptive messaging, data misuse, or a security concern — report it to us so we can investigate and act. Include as much detail as you safely can, such as the messages, accounts, or data involved.

Report suspected abuse, policy violations, or security concerns to abuse@funel.to. Please include relevant details so we can investigate quickly.

Changes to this policy

FUNEL may update this Acceptable Use Policy from time to time to reflect changes in the law, our services, or how the platform is used. When we make material changes, we will update the effective date and take reasonable steps to notify account holders. Your continued use of FUNEL after a change takes effect means you accept the updated policy.

Governing law

This policy is governed by the laws of the jurisdiction in which FUNEL is established, without regard to conflict-of-law principles. It applies in addition to our Terms of Service and Privacy Policy, which set out the broader terms governing your use of the service.

Contact us

Questions about this Acceptable Use Policy, requests for our current sub-processor list or signed DPA, and reports of abuse can all be directed to our team at abuse@funel.to. We aim to respond to every request promptly.