CIRA — ACCEPTABLE USE POLICY (AUP)

Last Updated: January 21, 2026

Website: https://hicira.com

Service Provider: Crafted Labs Holdings Inc. ("Cira," "we," "us")

1. Purpose

This Acceptable Use Policy ("AUP") outlines the rules and restrictions for using the Cira Service. Its purpose is to protect our platform, our customers, callers, and the underlying providers (Twilio, Azure, OpenAI, etc.) from misuse.

By using Cira, you agree to comply with this AUP. Violations may result in suspension or termination.

This AUP applies to:

  • You (the Customer)
  • Your employees, agents, and contractors
  • Anyone who interacts with Cira on your behalf

2. Prohibited Industries

Cira may not be used by businesses that operate in or support the following industries:

2.1 Federally or State-Prohibited Industries

  • Illegal drugs, controlled substances
  • Cannabis/marijuana businesses (including dispensaries, delivery, accessories, or promotion)
  • Schedule I and II substance-related services
  • Illegal firearms or weapons
  • Human trafficking or labor exploitation

2.2 Adult Content & Services

  • Pornography or explicit sexual content
  • Escort services
  • Adult chat or fantasy services
  • Sex work of any form
  • Adult entertainment venues or performers

2.3 Gambling & Gaming

  • Casinos (online or physical)
  • Sports betting
  • Lotteries (non-government)
  • Online gambling platforms
  • Skill-based wagering services

2.4 High-Risk & Unethical Industries

  • Multi-level marketing (MLM), pyramid schemes
  • Payday or predatory lending
  • "Lead buyer" call centers
  • High-volume commercial telemarketing
  • Debt collection agencies
  • High-risk investment schemes (crypto pumps, forex trading rooms, etc.)

2.5 Deceptive or Misuse-Prone Businesses

  • Fake job postings
  • Fake contests or sweepstakes
  • Businesses that misrepresent identity
  • Fraudulent or deceptive enterprises

Cira reserves the right to reject businesses that pose reputational or compliance risks.

3. Telephony & Calling Restrictions

Cira uses Twilio and must comply with carrier rules, FCC regulations, and TCPA/TSR requirements.

You may NOT use Cira for:

3.1 Outbound Calling Restrictions

  • Automated outbound calling campaigns
  • Outbound sales or marketing calls without proper legal consent
  • Cold outbound dialing in high volumes
  • Prerecorded or artificial voice calls to consumers without express written consent
  • Any call to numbers on the National Do-Not-Call Registry
  • Telemarketing without full TCPA compliance

3.2 Caller ID Restrictions

You may NOT:

  • Spoof or falsify caller ID
  • Use a phone number you do not own
  • Misrepresent the identity of your business

3.3 Emergency or Sensitive Services

Cira may not be used for:

  • 911 or emergency response lines
  • Crisis hotlines
  • Suicide prevention or medical triage services
  • Situations where human oversight is legally required

3.4 High-Risk Call Patterns

Forbidden patterns include:

  • Rapid, repeated short-duration calls
  • High simultaneous call volumes
  • Patterns resembling robocall or scam activity
  • Attempts to bypass call caps or usage limits

4. AI Use Restrictions

Cira uses AI models and must comply with provider requirements.

You may NOT use Cira to:

  • Generate illegal, harmful, or abusive content
  • Provide medical, legal, or financial advice as a licensed professional
  • Impersonate government agencies
  • Impersonate another person, business, or public figure
  • Attempt to manipulate, jailbreak, or bypass AI safety systems
  • Feed the system sensitive data you do not have rights to
  • Upload third-party confidential data without permission
  • Upload malicious code, viruses, or payloads

5. SMS Messaging Restrictions

Cira enables SMS communication between businesses and their customers. All SMS usage must comply with the following restrictions:

5.1 Prohibited SMS Content

You may NOT use Cira's SMS features to send:

  • Marketing or promotional messages - including sales, discounts, special offers, promotions, or advertisements
  • Unsolicited messages - to customers who have not initiated contact or explicitly opted in
  • Bulk messaging campaigns - mass messages to customer lists
  • Third-party messages - on behalf of other businesses or affiliates
  • Political campaign messages - without proper FEC/FCC compliance
  • Affiliate marketing messages - promoting third-party products or services
  • Phishing or scam messages - deceptive, fraudulent, or misleading content
  • Spam or junk messages - irrelevant or excessive communications

5.2 Permitted SMS Usage

SMS through Cira may ONLY be used for:

  • Transactional messages - appointment confirmations, booking receipts, order status, payment confirmations
  • Customer service responses - answering customer questions, providing requested information
  • Customer-initiated conversations - responding to customers who text your business
  • Account notifications - service updates, account alerts, system notifications
  • Appointment reminders - for scheduled appointments the customer has booked
  • One-to-one communications - direct responses to individual customer requests

5.3 Consent Requirements

All SMS recipients must have:

  • Initiated contact with your business (by calling or texting first), OR
  • Explicitly opted in to receive SMS from your business
  • Not opted out by texting STOP

You must maintain records of consent for all SMS recipients.

5.4 Opt-Out Compliance

  • All SMS must include opt-out instructions (Reply STOP)
  • Opt-out requests must be honored immediately
  • You may not contact customers who have opted out
  • Opt-out lists must be maintained permanently

5.5 Content Monitoring & Enforcement

Cira employs automated and manual review of SMS content to ensure compliance with this policy and applicable regulations. We may:

  • Flag messages containing marketing keywords for review
  • Suspend accounts sending prohibited content
  • Limit messaging capabilities for high-risk patterns
  • Report violations to carriers and regulatory authorities
  • Terminate accounts for repeated violations

Business owners are solely responsible for ensuring their SMS communications comply with:

  • TCPA (Telephone Consumer Protection Act)
  • TSR (Telemarketing Sales Rule)
  • CAN-SPAM Act
  • State and local messaging laws
  • Carrier guidelines and A2P 10DLC regulations

5.6 High-Volume Restrictions

SMS through Cira is designed for low-to-moderate volume customer service communications. You may NOT:

  • Send excessive messages per day (reasonable limits apply based on business type)
  • Use purchased, rented, or third-party contact lists
  • Import bulk contact lists for messaging campaigns
  • Use automated blast messaging tools
  • Circumvent rate limits or monitoring systems

5.7 Customer-Submitted Images (Inbound MMS)

Customers may send images via MMS to request quotes, show service needs, or provide documentation. However, the following restrictions apply:

Prohibited Customer Content

Customers may NOT send:

Explicit Content:

  • Nudity or sexually explicit images
  • Pornographic content
  • Sexual solicitation

Illegal Content:

  • Child sexual abuse material (CSAM)
  • Images of illegal drugs or controlled substances
  • Content depicting illegal activities
  • Stolen or pirated content

Harmful Content:

  • Extreme violence or gore
  • Content promoting self-harm
  • Hate symbols or discriminatory imagery
  • Harassing or abusive imagery

What Happens When Inappropriate Content Is Detected

  • Automated filtering: Incoming images are scanned for prohibited content
  • Blocked content: Inappropriate images are blocked before delivery to business owners
  • Customer notification: Customers are informed their image violated policies
  • Severe violations: CSAM and illegal content is immediately reported to authorities
  • Account protection: Business owners are never exposed to illegal content

Legitimate Business Use

Images should be related to legitimate business requests:

  • Property damage or repair needs
  • Equipment requiring service
  • Project sites for quotes
  • Products for identification or ordering
  • Documentation for service requests

Business owners must immediately report any inappropriate customer content to Cira support at support@hicira.com.

6. Data & Content Restrictions

You may NOT upload, store, or transmit:

  • Social Security numbers
  • Bank account or credit card numbers (full PAN)
  • Government ID numbers
  • Protected Health Information (PHI) without proper compliance
  • Biometric identifiers
  • Personal data of minors
  • Unauthorized copyrighted materials
  • Malware, scripts, or harmful files

Cira is not a HIPAA-compliant platform.

7. Harassment, Abuse, and Harmful Activity

You may NOT use Cira for:

  • Harassment or abusive conduct
  • Hate speech or discriminatory content
  • Stalking, threats, or violence
  • Coercive or manipulative communication
  • Any activity intended to cause harm

If callers harass or abuse Cira, the system may warn them or terminate the call.

8. Security Restrictions

You may not:

  • Attempt to hack, probe, or test the platform
  • Access data not belonging to you
  • Modify or interfere with system operations
  • Bulk scrape or harvest system data
  • Reverse engineer any part of Cira
  • Attempt to degrade service performance

9. Enforcement & Penalties

If Cira suspects or detects AUP violations, we may:

  • Immediately suspend the account
  • Block calls, SMS, or integrations
  • Report usage to Twilio or carriers
  • Notify law enforcement if required
  • Terminate the account without refund

We determine violations at our sole discretion.

10. Changes to This AUP

We may update this AUP at any time.

Material updates will be communicated via email or dashboard notification.

11. Contact

Crafted Labs Holdings Inc.

Attn: Cira Compliance

Email: support@hicira.com

Website: https://hicira.com