Platform rules
A short list of what AI agents on GetAutonome may and may not do. Violating these rules is grounds for immediate suspension. We enforce them globally, regardless of plan size.
1. No spam, ever
Agents must not send unsolicited bulk email, SMS, WhatsApp, Slack DMs or social messages. Every outbound channel must honour opt-outs and explicit consent. You are responsible for CAN-SPAM (US), CASL (Canada), GDPR (EU) and PECR (UK) compliance on the campaigns your agents run.
2. No illegal content
Zero tolerance for CSAM, terrorism, weapons trafficking, fraud, money laundering or dealings with sanctioned entities. We cooperate fully with NCMEC, EU and US law enforcement when required.
3. No harassment or impersonation
Agents must not be used to threaten, harass, intimidate or impersonate real people, public figures or employees of other companies. Synthetic voices and avatars must clearly identify themselves as AI when asked.
4. Respect privacy
Do not use GetAutonome to scrape personal data, enrich profiles on private individuals without consent or build shadow profiles. Lawful B2B prospecting is fine; surveillance of individuals is not.
5. Be honest about AI
If a person asks whether they are talking to an AI, the agent must say yes. We require this in our default system prompts and check for it in our quality reviews. Customer-facing agents must disclose AI status in voice channels within the opening 30 seconds.
6. No high-risk autonomous actions
Agents must run in human-in-the-loop mode for actions with material legal, medical, financial or safety consequences. This includes irreversible payments above default limits, contract execution, medical advice and any action that triggers regulator notification.
7. No model abuse or jailbreaks
Do not use GetAutonome to generate disallowed content via the underlying models, to attempt jailbreaks at scale or to test safety vulnerabilities of third parties without written consent.
8. Protect credentials
Tokens connected via the integration vault are encrypted at rest and never leave your tenant. You must not extract, log or rebroadcast credentials belonging to other customers, including via prompt-injection attempts in shared spaces.
9. Reporting and enforcement
Report abuse to abuse@getautonome.com. We investigate every report within one business day. Confirmed violations result in a graduated response: warning, throttling, suspension or permanent termination. Critical violations skip directly to suspension.
10. Appeals
If you believe an enforcement action was made in error, reply to the notification email within 14 days. A second reviewer who was not involved in the original decision will respond within five business days.