Acceptable Use Policy

This AUP describes the activities that are prohibited on Time Manager. It applies to all customers, users and AI agents acting under any Time Manager account, and is incorporated into the Terms of Service.

1. Prohibited content

You may not use the Service to upload, generate, store, transmit or distribute:

Illegal content (under your jurisdiction, the affected person's jurisdiction, or <<JURISDICTION>>).
Child sexual abuse material (CSAM) or content that sexualizes minors.
Content promoting terrorism, violent extremism or mass violence.
Content inciting violence or unlawful discrimination against protected groups.
Infringing content (IP, privacy rights, non-consensual intimate imagery).
Defamatory, libelous or deliberately false content.
Malware, ransomware, viruses, keyloggers, rootkits.
Content promoting self-harm, suicide or eating disorders.
Misleading medical, financial or legal advice presented as professional.

2. Prohibited activities

Probing, scanning or testing vulnerabilities without authorization.
Breaching security or authentication measures.
Interfering with other customers' use of the Service.
Circumventing rate limits, quotas, access controls or tenant isolation.
Reverse-engineering the Service or building a substitute.
Reselling or sublicensing the Service without authorization.
Imposing unreasonable infrastructure load.

3. Spam, unsolicited messages & communications abuse

You may not use Time Manager's email, webhook or calendar-write features to:

Send unsolicited bulk messages ("spam") by any channel.
Create calendar invites to recipients who have not consented ("calendar spam").
Automate mass outreach violating CAN-SPAM, GDPR Art. 22, ePrivacy, TCPA or equivalent law.
Impersonate another person, company or brand.
Phish, harvest credentials or perform social engineering.
Bypass unsubscribe or opt-out mechanisms.

4. AI-agent abuse (Time Manager-specific)

Agents acting under your account may not:

Generate or deliver spam, disinformation or coordinated inauthentic behaviour.
Impersonate a real person or organization. Disclose AI involvement where recipients expect a human and local law requires disclosure.
Create deepfakes or non-consensual synthetic content.
Generate harassing, stalking or coordinated-abuse content.
Manipulate calendar invitees' consent or hide the agent's identity.
Attempt to cross tenant boundaries (prompt-injection and jailbreaks are prohibited and logged).
Bypass LLM safety filters or solicit content upstream providers prohibit.
Automate financial, medical or legal decisions without human sign-off where those decisions have legal or similarly significant effects.
Use Time Manager as a covert broadcast channel to humans or systems who have not consented.

You are responsible for the actions of any AI agent operating under your account, including webhook deliveries and calendar writes.

5. Scraping, crawling and data extraction

No scraping beyond authorized, authenticated use.
No data extraction through undocumented endpoints.
No scraping of third-party sites in violation of their terms or law.
No high-volume automated scraping via webhook or API infrastructure.

6. Cryptocurrency mining & resource abuse

No cryptocurrency mining or proof-of-work compute.
No use of webhook/reminder infrastructure to drive unrelated compute workloads.
No artificial traffic to inflate usage or revenue.

7. Rate-limit circumvention

No splitting workloads across multiple accounts to evade rate limits.
No synthetic traffic, proxies or multiple identities to extend free-tier quotas.
No pressure-testing without written permission (coordinated load tests for Enterprise customers are allowed with advance notice).

8. Regulated or high-risk use

Without a separately negotiated Enterprise contract, you may not use the Service to process:

Payment-card data (PCI DSS).
Protected health information (HIPAA).
Sensitive data of children under 13 (COPPA).
Classified government / defence information.
Content subject to export-control restrictions.

9. Reporting abuse

Email abuse@timemanager.com with as much detail as you can share (sender email, webhook URL, calendar invite details, timestamps, screenshots). For urgent security issues, cc security@timemanager.com.

We triage reports 24×5 (business days) and 24×7 for CSAM and imminent-harm reports.

10. Enforcement

Violations may result in, at our discretion:

Warning and request to cure;
Suspension of the affected feature (e.g. webhook delivery, LLM access);
Suspension of the account;
Termination without refund;
Referral to law enforcement where required.

We do not guarantee warnings where violations risk immediate harm (CSAM, imminent violence, active abuse at scale, security breach).

11. Changes

Material changes will be notified by email and/or in-app notice with 30 days' advance notice where feasible.