Aditya CRM — Acceptable Use Policy (AUP)

1. Overview & Scope

The Acceptable Use Policy (“AUP”) sets clear, business-grade rules for using Aditya CRM across every environment—demo and sandbox during evaluation, staging during rollout, and production once live. It applies to all users who access Aditya CRM under your account, including employees, founders, contractors, channel partners, consultants, and any third parties you authorize. By signing in or connecting any integration, you agree to follow this AUP.

This AUP exists to protect your data, your brand, and platform stability. It defines what’s permitted and what’s not, covering day-to-day CRM usage (leads, deals, tasks, invoices), outbound communications (email/SMS/WhatsApp), integrations (payment gateways, telephony, accounting, cloud storage), API and webhook activity, and general security hygiene. The goal is simple: keep Aditya CRM fast, reliable, and compliant for every team while preventing abuse, spam, and risky behavior.

Relationship with other terms. If there’s ever a conflict between this AUP and a signed Proposal, SOW, MSA, or Enterprise Agreement for your Aditya CRM deployment, the signed document governs for that engagement. Where terms are undefined, use the meanings in our Terms & Conditions and any referenced policies (Privacy, Data Processing, Security). This layered approach ensures legal clarity without slowing down your operations.

Who should read this. Admins, team leads, and anyone configuring modules, roles, or integrations should review this section before enabling production access. If you manage outreach (campaigns, templates, senders), or connect third-party services (DLT/WhatsApp API, Razorpay/Stripe, Tally/Zoho Books/QuickBooks, IVR/telephony, cloud email/SMS), this AUP sets the baseline for compliant, high-deliverability use of Aditya CRM.

What’s in scope. All features and surfaces of Aditya CRM are covered—web app, mobile experience, background jobs (imports/exports, automations), reports and dashboards, APIs, webhooks, and custom modules built by Devolyt Technologies Pvt. Ltd. or by you/your vendors. It also covers data you upload or generate, user credentials and permissions, audit trails, and content sent via connected channels.

Geographies & compliance. Aditya CRM is used across multiple jurisdictions. You are responsible for using the platform in a lawful manner under applicable regulations (for example: Indian IT Act, DPI rules, TRAI/DLT for messaging, GST invoicing norms, GDPR/e-privacy where relevant, sector rules like HIPAA when applicable). This AUP does not replace legal advice—it guides practical, compliant use of the CRM in real-world operations.

Why it matters. Following the AUP helps you: (i) protect customer trust and data privacy, (ii) maintain sender reputation and deliverability for email/SMS/WhatsApp, (iii) avoid service disruption from abusive traffic or misconfigured automations, and (iv) ensure predictable performance as your team and data scale on Aditya CRM.

Updates to this AUP. We may refine wording or add examples to reflect product changes, regulatory updates, or new integrations. The “Last Updated” date on this page shows the current version. We favor practical language and real cases so your teams can adopt the policy quickly without legalese.

In short, this AUP is the common-sense rulebook for using Aditya CRM safely and effectively. Keep it handy when you configure roles and automations, launch campaigns, or connect third-party tools—it’s the fastest way to keep your CRM fast, compliant, and customer-friendly.

2. Permitted Use

Aditya CRM is designed to empower businesses with secure, compliant, and efficient operations. This section clarifies what counts as acceptable and permitted usage under the Acceptable Use Policy (AUP). By following these guidelines, you not only protect your organization but also ensure stable performance and compliance across the Aditya CRM ecosystem.

• Legitimate business use only: Use Aditya CRM exclusively for your organization’s authorized, legitimate business operations as defined in your signed Proposal, Quotation, or Statement of Work (SOW). Activities outside the agreed business scope, such as personal projects or unrelated ventures, are not considered acceptable use.
• Controlled access: Provide CRM access only to verified and authorized employees, team members, or contractors working under your policies. Every user must adhere to this AUP, your internal compliance rules, and applicable data protection laws.
• Ethical data handling: Configure modules, fields, workflows, and automation strictly for lawful and ethical purposes. Ensure that customer, vendor, or employee data uploaded into Aditya CRM is accurate, properly consented, and handled in line with privacy standards (e.g., GDPR, IT Act, or local regulations).
• Demo and sandbox environments: Use demo or sandbox accounts only for evaluation, internal training, or proof-of-concept. They must never be used for storing live customer data or conducting production transactions.
• Customizations within scope: Any workflows, modules, or reporting dashboards configured must align with the licensed scope of use. Experimental add-ons or unauthorized rebranding are not permitted unless separately contracted.
• Authorized integrations: Use third-party connectors (like payment gateways, telephony APIs, or accounting tools) only when they are licensed and legally compliant. Ensure your organization maintains active accounts with those providers.
• Internal operations only: Use Aditya CRM as a business productivity tool within your company. Offering it as a SaaS platform or service to external parties without a reseller or white-label license is not allowed.
• Lawful communications: Outbound emails, SMS, or WhatsApp campaigns must be sent only to opted-in recipients. Follow TRAI/DLT, GDPR, CAN-SPAM, or relevant local laws to avoid spam or misuse of Aditya CRM communication features.

By operating within these boundaries, your team ensures a smooth, lawful, and professional use of Aditya CRM, protecting both your brand and the platform’s ecosystem.

3. Prohibited Activities

To protect the integrity, security, and reputation of Aditya CRM (Devolyt Technologies Pvt. Ltd.), certain activities are strictly prohibited. Engaging in any of these actions may result in immediate suspension, termination of access, or legal action. These restrictions safeguard both Customers and the platform from misuse, data breaches, and reputational harm.

• Illegal activity: Using Aditya CRM to engage in or facilitate any unlawful activity, including but not limited to violations of the IT Act, GDPR, HIPAA, AML/KYC laws, spam regulations, data protection, or intellectual property laws. All usage must remain compliant with international, national, and regional legal frameworks.
• Infringement of rights: Uploading, storing, or distributing content that violates intellectual property rights, trademarks, copyrights, patents, trade secrets, privacy rights, or publicity rights of any individual or organization.
• Security abuse: Any attempt to compromise CRM security, including brute-force attacks, port scanning, reverse engineering, credential harvesting, bypassing authentication, denial-of-service (DoS/DDoS) attacks, or exploiting system vulnerabilities.
• Data misuse: Collecting, scraping, tracking, selling, or exporting personal or sensitive data without valid consent. Using CRM data for unlawful surveillance, unauthorized analytics, or resale to third parties is strictly forbidden.
• Malware, spam & harmful content: Distributing viruses, worms, spyware, bots, ransomware, or any malicious code. Sending unsolicited bulk emails, SMS, robocalls, spam campaigns, deceptive communications, or phishing content is not allowed.
• Impersonation & misrepresentation: Misusing the CRM to impersonate individuals or businesses, spoofing communication headers, falsifying sender identities, or concealing the origin of messages for fraudulent purposes.
• Unauthorized resale: Repackaging, sublicensing, or offering Aditya CRM as a software-as-a-service (SaaS) without a valid reseller agreement or white-label license. This includes attempting to rebrand the CRM and resell it to third parties without authorization.
• Prohibited content: Uploading, storing, or distributing unlawful, offensive, or harmful material, including hate speech, extremist propaganda, sexually explicit content, harassment, defamation, discriminatory content, or violent material.
• Excessive resource abuse: Activities that place undue strain on system performance, such as creating fake accounts, running bots, or generating abnormal traffic, which disrupts service availability for other users.
• Third-party violations: Using Aditya CRM in ways that breach the terms of service of integrated partners, such as payment gateways, SMS/email providers, cloud hosting platforms, or telephony APIs.

By avoiding these prohibited activities, Customers ensure smooth and secure operations of Aditya CRM, while maintaining compliance with industry standards and legal obligations. Any violation may lead to immediate account suspension, permanent termination, and/or escalation to legal authorities.

4. Security Obligations

Security on Aditya CRM follows a shared-responsibility model between your organization and Devolyt Technologies Pvt. Ltd.. The controls below apply to all environments (demo, sandbox, staging, production), users, API consumers, and third-party integrations connected to your account. Where your contract specifies stricter controls, those prevail.

4.1 Access Control & Identity

• Enforce MFA for all admins and finance/data roles; require SSO/SAML/OIDC where available.
• Use unique accounts per user; sharing credentials is prohibited.
• Apply least-privilege roles; review user access quarterly and on role change.
• De-provision departing users within 24 hours (immediately for sensitive roles).
• Session security: enable auto-logout (15–30 min idle), device sign-out, and IP allow-listing if used.

4.2 Credential Hygiene & Secrets

• Rotate API keys, webhook tokens, and service passwords at least every 90 days.
• Store secrets only in approved secret managers (never in code, emails, or public repos).
• Use strong passphrases (12+ chars) and disable legacy auth where possible.

4.3 Device & Network Safeguards

• Access Aditya CRM only from devices with disk encryption, OS patching, and EDR/antivirus enabled.
• Use HTTPS/TLS 1.2+ end-to-end; avoid open/public Wi-Fi or tunnel via a company VPN.
• Block clipboard sync and screen recording for sensitive workflows where feasible.

4.4 Data Protection

• Classify data (public/internal/confidential) and restrict exports for confidential fields.
• Encrypt sensitive files at rest on your systems; use field-level masking where offered.
• Apply data minimisation: collect only what you need; set retention and deletion policies.
• Use anonymised/sample data in demos unless you have written consent to use real data.

4.5 Environment & Change Management

• Separate staging from production; never test risky automations in prod first.
• Promote changes via documented change control; keep rollback plans for critical flows.
• Version and review automation scripts, templates, and custom code before release.

4.6 Monitoring, Logging & Backups

• Enable audit logs for logins, permission changes, exports, and API activity; retain per policy.
• Monitor anomaly signals (spikes in exports/API calls, unusual IPs, failed MFA).
• Schedule backups and test restore drills periodically; protect backups with access controls.

4.7 Vulnerability & Patch Management

• Keep browsers, OS, plugins, and integration adapters patched and supported.
• Remediate high-risk findings promptly; remove unused integrations and stale tokens.

4.8 Third-Party & Integration Security

• Connect only authorized providers; review their security/DPAs and adhere to their AUPs.
• Scope tokens to the minimum required; rotate credentials on staff or vendor changes.

4.9 Incident Response & Notifications

• Suspected compromise (accounts, tokens, data) must be reported to security@adityacrm.com without undue delay.
• Preserve relevant logs/evidence; change credentials; disable risky automations until resolved.
• Where law requires, you are responsible for notifying your end-customers/regulators.

4.10 On-Premise / Customer-Hosted Deployments (if applicable)

• Harden servers (CIS-aligned), restrict inbound ports, and use WAF/IPS where appropriate.
• Isolate databases; restrict direct internet access; apply principle of least network access.
• Document and test BCP/DR for your hosting; maintain uptime and physical security controls.

Aditya CRM aligns its platform with industry best practices and continually improves security controls. Specific certifications, audit reports, or control mappings (e.g., ISO/SOC) may be shared under NDA where applicable. Your adherence to the obligations above is mandatory under this AUP and helps protect every customer on the platform.

5. Data & Privacy

Protecting customer data and maintaining privacy is a core responsibility of Aditya CRM (Devolyt Technologies Pvt. Ltd.). This Acceptable Use Policy (AUP) outlines the standards for handling personal, business, and sensitive information inside the CRM. All customers are expected to manage their CRM environments in strict compliance with global data protection laws (such as GDPR, IT Act, HIPAA, and other regional privacy regulations).

• Data ownership: Customers remain the sole owners and controllers of all data they store in Aditya CRM. Our role is limited to acting as a secure data processor when CRM services are hosted with us. We do not claim ownership of your customer lists, business records, or operational information.
• Lawful collection: All personal data uploaded into Aditya CRM must be collected and processed only with a valid legal basis, such as explicit customer consent, contractual necessity, or compliance with applicable law. Storing or processing data without proper consent is strictly prohibited.
• Special category data: Sensitive information such as health records, biometrics, financial identifiers, or government-issued documents must not be uploaded into Aditya CRM unless contractually agreed upon and secured using advanced encryption and access controls.
• Right to privacy: Customers must respect data subject rights, including opt-outs, erasure requests, data portability, and access rights. Aditya CRM provides tools to help comply, but the responsibility for honoring these requests rests with the Customer.
• Accuracy & integrity: Customers must ensure that all personal data stored in the CRM is accurate, relevant, and up-to-date. Inaccurate or outdated records must be corrected or deleted promptly to avoid legal or compliance risks.
• Demo & sample data: Demo environments, sandbox instances, or training sessions should use anonymized or synthetic sample data. Real customer data may only be used in demos with prior written consent and with necessary confidentiality safeguards in place.
• Cross-border compliance: If CRM data is transferred across borders, Customers are responsible for ensuring compliance with local data residency and transfer laws, including executing Standard Contractual Clauses (SCCs) where required.
• No unauthorized sharing: CRM data must never be sold, leased, or shared with third parties without the explicit consent of the data subjects and adherence to applicable laws.
• Security responsibility: While Aditya CRM provides encryption, access logs, and monitoring tools, Customers must implement strong password policies, role-based access controls, and internal data governance rules.

By following these principles, Customers ensure that Aditya CRM remains a trusted, compliant, and secure platform for managing sensitive business data. Violations of data protection obligations may result in account suspension, termination, or legal action under applicable privacy laws.

6. Email/SMS/WhatsApp Policy

Aditya CRM provides integrated communication tools for email campaigns, SMS notifications, and WhatsApp Business API messaging. These features are powerful but must be used responsibly to protect your brand reputation, comply with global anti-spam regulations, and maintain trust with your customers. This policy explains the acceptable practices for sending outbound communications through Aditya CRM.

• Compliance with laws: All campaigns must follow relevant anti-spam and data privacy laws, including CAN-SPAM, GDPR e-Privacy, TRAI/NDNC rules, and country-specific telecom guidelines. Consent must be obtained from recipients before sending marketing or transactional messages.
• Clear sender identity: Every outbound message must include accurate sender information. This means your business or brand name, valid contact details, and a reply-to or support address that customers can use to reach you. Concealing or spoofing sender details is strictly prohibited.
• Opt-out and unsubscribe: Every campaign must include a simple and functional opt-out link or keyword (e.g., “STOP” for SMS, unsubscribe link for emails, WhatsApp opt-out confirmation). Customers who unsubscribe must be honored immediately, and their preferences updated in Aditya CRM.
• List hygiene: Purchased or rented contact lists are not allowed. You must use first-party, permission-based lists built through legitimate opt-ins. Contacts should be validated and cleaned regularly to minimize bounce rates, complaints, and risk of blacklisting.
• No deceptive content: Campaigns must not include phishing links, misleading subject lines, false promises, or manipulative templates. Messages must reflect honest, accurate, and non-deceptive business communication.
• Channel-specific rules: WhatsApp campaigns must comply with the WhatsApp Business API policy, which requires pre-approved templates and explicit user opt-ins. In India, SMS campaigns must follow TRAI DLT registration requirements. Email campaigns must include DKIM/SPF authentication to improve deliverability and reduce spam risk.
• Fair usage: Do not overwhelm recipients with excessive or irrelevant messages. Communication frequency should be aligned with industry best practices to preserve sender reputation.
• Prohibited content: Outbound communications cannot include unlawful, offensive, or harmful material (e.g., hate speech, scams, adult content, or extremist propaganda). Campaigns must reflect the professionalism of your brand.
• Deliverability responsibility: While Aditya CRM provides integration tools and compliance checks, the ultimate responsibility for list quality, consent tracking, and message content lies with the Customer.

By following these guidelines, businesses using Aditya CRM can achieve better deliverability, maintain compliance with global regulations, and build long-term trust with their customers across email, SMS, and WhatsApp channels.

7. Integrations & Third-Party Tools

Aditya CRM allows you to connect with a wide range of third-party applications, APIs, and service providers to extend functionality and improve business workflows. These integrations may include payment gateways, SMS/email service providers, telephony/IVR platforms, accounting tools, cloud storage, marketing automation platforms, and analytics software. To keep your system secure, compliant, and reliable, all customers must follow the rules below when using integrations with Aditya CRM.

• Authorized use only: Always use officially supported or contractually approved integrations. Accessing APIs with valid API keys, credentials, or tokens tied to your own account is mandatory. Sharing or misusing another party’s credentials is not permitted.
• Compliance with partner terms: When connecting to third-party tools, you are bound by the terms of service, pricing policies, and privacy regulations of those providers. This includes WhatsApp Business API providers, SMS gateways, cloud hosting platforms, payment processors, and accounting apps.
• Respect for quotas & limits: Every provider enforces rate limits, quotas, and fair usage rules. Attempting to bypass restrictions, flood systems, or artificially extend usage beyond your subscription plan is prohibited and may result in blocked access or penalties.
• Customer responsibility: Any charges incurred from integrated services—such as SMS/email credits, payment gateway transaction fees, cloud hosting bills, or plugin licensing—are the responsibility of the Customer, not Aditya CRM. We facilitate the integration but do not absorb third-party costs.
• Data protection obligations: When sharing customer data with third-party tools via Aditya CRM, you must ensure that lawful consent, data processing agreements, and security safeguards are in place. Sensitive or personal data should only be transmitted to vendors who comply with privacy regulations like GDPR, HIPAA, or local equivalents.
• Stable and secure configuration: Only enable integrations that are properly tested, secure, and relevant to your business. Misconfigured or unauthorized plugins can lead to data leaks, downtime, or performance issues.
• No reverse engineering: Attempting to hack, modify, or reverse-engineer third-party APIs or bypass authentication layers is strictly prohibited. Use only documented, permitted methods for connection.
• Shared liability: If you violate a third-party provider’s policies while using Aditya CRM, you may be held responsible for any penalties, suspensions, or account terminations that occur as a result.

By following these integration rules, businesses ensure that Aditya CRM remains a secure and reliable hub while benefiting from the flexibility of third-party tools. Properly managed integrations help you scale operations, automate workflows, and deliver seamless customer experiences without compromising compliance or performance.

8. Fair Usage & Rate Limits

To ensure Aditya CRM remains fast, reliable, and scalable for all customers, fair usage policies and technical safeguards are applied. These rules protect overall platform performance, prevent abuse, and maintain consistent service levels even as your team grows or automations expand. Fair usage controls are standard practice across enterprise SaaS platforms and are designed to keep operations predictable.

• Platform stability controls: We may enforce API rate limits, file upload size restrictions, concurrent job thresholds, and session caps to prevent overloading. These limits are dynamic and may adjust based on infrastructure usage, active workloads, and real-time performance demands.
• Efficient automations: All workflows, triggers, and webhooks must be built for efficiency and must remain idempotent (executing once per intended event). Configurations that cause circular dependencies or infinite trigger loops are strictly prohibited, as they risk database overload and performance degradation.
• Scheduled heavy jobs: Intensive tasks such as bulk data imports, heavy exports, mass updates, or high-frequency API polling should be executed during off-peak hours or routed through asynchronous background jobs. This approach prevents delays in live user sessions and reporting dashboards.
• API and integration discipline: Third-party integrations must respect provider rate limits and not send excessive requests that could block services. Polling intervals should follow recommended best practices rather than aggressive cycles that strain system resources.
• Monitoring & enforcement: Aditya CRM actively monitors usage patterns to detect spikes, abusive traffic, or misconfigured automations. In cases where usage threatens stability, we may temporarily throttle requests, queue jobs, or notify admins to optimize configurations.
• Scaling responsibly: As your user base or transaction volume grows, we recommend upgrading infrastructure (dedicated hosting, custom SLAs, optimized database tiers) rather than pushing beyond shared fair-use limits. This ensures consistent performance and long-term sustainability.

Fair usage is not a restriction but a shared responsibility. By keeping workflows efficient and resource-aware, your organization helps maintain high performance for every customer on Aditya CRM. These policies also reduce operational risks, improve automation reliability, and support compliance with service-level commitments.

9. Content Standards

To maintain a professional, safe, and legally compliant environment across Aditya CRM, all content stored, shared, transmitted, or published through the platform must meet strict standards of accuracy, legality, and business appropriateness. These content rules apply to data entered by your team, uploaded files, campaign material, customer communications, and any integrations connected to the CRM.

• Accuracy & integrity: Content must be factually accurate, not misleading, and suitable for professional business use. False claims, deceptive statements, or fabricated records are prohibited as they undermine trust and may create compliance liabilities.
• Unlawful or harmful material: You may not upload or circulate content that violates any applicable law, regulation, or industry code of practice. Prohibited material includes harassment, hate speech, threats, doxxing, child sexual abuse material (CSAM), extremist propaganda, terrorism-related content, incitement of violence, or discriminatory content targeting protected classes.
• Intellectual property & rights of others: Do not upload, share, or distribute materials that infringe on copyright, trademark, trade secrets, privacy rights, or publicity rights. All assets (images, videos, logos, text, databases) must be properly licensed or owned by you.
• Business-appropriate use: Content must align with legitimate professional purposes. Sexually explicit content, obscene material, gambling-related assets, or deceptive marketing campaigns are not permitted unless expressly allowed by law and authorized under contract.
• Takedown & cooperation: Upon receipt of a valid notice of infringement, abuse, or illegality, you must promptly remove the identified content. Aditya CRM will cooperate with regulators, ISPs, or lawful authorities to process verified takedown requests in compliance with applicable law.
• Accountability: Customers remain fully responsible for the data and communications shared through their accounts. Violations of these content standards may result in content removal, account suspension, or termination of services under the Acceptable Use Policy.

By adhering to these Content Standards, your organization ensures that Aditya CRM continues to provide a secure, professional, and trustworthy ecosystem for customer engagement, sales operations, and long-term business growth.

10. API & Webhooks

Aditya CRM offers robust API and webhook capabilities to help businesses integrate external systems, automate workflows, and extend CRM functionality. To protect the stability of our platform and ensure secure, compliant usage, the following guidelines define how APIs and webhooks must be implemented and managed.

• Secure authentication: Always use officially issued API keys, OAuth tokens, or other secure credentials. Secrets must be stored in encrypted environments, rotated periodically, and never exposed in public clients, code repositories, or browser-side applications.
• Compliance with documentation: Integrators must follow the official API documentation including versioning, pagination, error handling, and retry/backoff strategies. Using deprecated or undocumented endpoints is not permitted and may result in throttling or termination.
• Fair usage of endpoints: Do not engage in scraping, brute forcing, or generating excessive concurrent requests that exceed documented access patterns. Rate limits are enforced to protect platform stability; abuse may trigger automated blocking or IP blacklisting.
• Webhook security: All webhook receivers must implement TLS (HTTPS), signature verification tokens, replay attack protection, and input validation. Weak or misconfigured endpoints that pose a risk to data integrity may be disabled without prior notice.
• Data protection & privacy: API and webhook integrations must comply with data protection laws such as GDPR, IT Act, HIPAA where applicable. Sensitive personal data should be encrypted in transit and stored only when necessary, with clear consent and retention controls.
• Monitoring & audits: Aditya CRM reserves the right to monitor API activity and audit webhook integrations for security, performance, and compliance. Customers are expected to maintain proper logs and audit trails of API usage within their own environments.
• Liability & responsibility: Customers are fully responsible for charges incurred through API-driven services (SMS, email, telephony, cloud hosting). Any misuse of integrations that causes financial, reputational, or legal impact will be attributable to the account holder.
• Termination of access: Repeated violations, unauthorized exploitation of APIs, or unsafe webhook practices may lead to temporary suspension, permanent revocation of keys, or termination of the CRM license under the Acceptable Use Policy.

Following these API & Webhook usage standards ensures seamless integrations, protects sensitive customer data, and helps maintain the long-term performance and trustworthiness of the Aditya CRM platform.

11. System Abuse & Security Testing

At Aditya CRM, protecting customer data and platform stability is our highest priority. We encourage responsible security practices, but we strictly prohibit any unauthorized testing or abuse of the CRM environment. The following guidelines define acceptable and prohibited behaviors regarding penetration testing, vulnerability assessments, and system security validation.

• No unapproved penetration testing: Customers, partners, or third parties may not conduct penetration tests, vulnerability scans, or stress tests on production systems without prior written approval from Devolyt Technologies Pvt. Ltd. Unauthorized testing can disrupt services and may be treated as a security incident.
• Responsible disclosure: If you identify a potential security weakness, you must report it immediately through our official security contact or support channels. Public disclosure, sharing exploit details, or publishing vulnerabilities before remediation is strictly prohibited. We may provide recognition for responsibly reported issues under our disclosure policy.
• Data integrity and privacy: Under no circumstances should testers attempt to access, copy, or interfere with other customers’ data. Privilege escalation attempts, unauthorized data scraping, or bypassing access controls are violations of both this AUP and applicable laws (including the IT Act, GDPR, and global data protection frameworks).
• Use of authorized environments only: Customers who wish to test custom modules or integrations should request a dedicated sandbox or staging environment. All testing must be confined to approved environments to protect production systems and customer data.
• No exploitation or weaponization: Vulnerabilities, even if identified accidentally, must never be exploited for personal gain, competitive advantage, or malicious activity. Attempting to introduce malware, denial-of-service scripts, or brute-force attacks is strictly prohibited.
• Cooperation with investigations: If suspicious activity is detected, customers are expected to cooperate fully with Aditya CRM’s security and compliance teams. This may include providing logs, details of test scripts, or other technical evidence for analysis.
• Consequences of violations: Engaging in unauthorized security testing, abusing platform resources, or attempting to compromise system integrity may result in immediate account suspension, termination of license, legal action, and financial liability for damages.

By following these System Abuse & Security Testing policies, customers help maintain the trust, performance, and resilience of the Aditya CRM ecosystem. We value collaboration with ethical security researchers and partners who report vulnerabilities responsibly.

12. Enforcement & Remedies

Aditya CRM, powered by Devolyt Technologies Pvt. Ltd., takes violations of this Acceptable Use Policy (AUP) seriously. To maintain the security, stability, and trust of our platform, we reserve the right to apply a wide range of enforcement measures when misuse or non-compliance is detected. The remedies outlined below ensure fairness while protecting our infrastructure and all customers who rely on Aditya CRM.

• Investigations & audits: We may initiate investigations into alleged AUP violations at any time. This can include requesting system logs, usage reports, explanations from administrators, or technical details of suspicious activities. Customers are expected to fully cooperate with our compliance and security teams during such reviews.
• Corrective actions: In some cases, we may require customers to take immediate corrective steps (e.g., disabling an integration, updating security settings, or removing unlawful content) within a defined timeframe. Failure to comply may escalate enforcement measures.
• Service throttling: If platform stability is threatened, we may temporarily apply rate limits, bandwidth caps, or feature restrictions to contain the impact until the issue is resolved. These measures are applied at our discretion to protect all customers.
• Suspension of access: We reserve the right to suspend CRM accounts, modules, or integrations (without prior notice or liability) if we detect security threats, abusive traffic, data misuse, or unlawful activity. Suspensions may be partial (affecting only specific services) or complete.
• Termination of license: Repeated, intentional, or severe violations may result in permanent termination of access and revocation of licenses. In such cases, Aditya CRM will notify the customer and may assist in data export if contractually permitted.
• Legal escalation: Where violations involve fraud, hacking, intellectual property infringement, or regulatory breaches, we reserve the right to pursue civil claims, criminal complaints, and compensation for damages, losses, or legal costs.
• Payment obligations: All fees remain payable during any suspension or service restriction caused by the customer’s breach of this AUP. Prepaid amounts are non-refundable unless otherwise stated in the signed contract.
• Reservation of rights: Enforcement measures are not exclusive; Aditya CRM may combine multiple remedies or pursue additional actions as necessary to protect platform security, compliance, and reputation.

By using Aditya CRM, customers acknowledge and accept these Enforcement & Remedies policies. They are designed to safeguard our ecosystem, protect compliant users, and ensure that all businesses can rely on the long-term stability of Aditya CRM.

13. Reporting Abuse

At Aditya CRM, we take abuse reports, spam complaints, and security issues very seriously. Protecting customer trust, ensuring compliance, and maintaining the stability of our platform are core priorities for Devolyt Technologies Pvt. Ltd.. To help us act quickly, we ask that all customers, partners, and third parties report suspected misuse or violations in a structured and responsible manner.

If you encounter spam, phishing, data misuse, suspicious API/webhook traffic, or potential violations of our Acceptable Use Policy, please provide as much detail as possible. Helpful information includes account identifiers, timestamps, log files, screenshots, sample payloads, message headers, and any additional context that can assist our security and compliance teams in investigating the issue effectively.

Every credible report submitted to Aditya CRM is reviewed on a priority basis. Depending on the nature of the complaint, our team may investigate activity logs, throttle accounts, suspend suspicious services, or escalate matters to legal or regulatory authorities. We strictly prohibit retaliation against any individual or organization that reports abuse in good faith.

By promptly reporting suspicious or unlawful activity, you help protect the wider Aditya CRM ecosystem, safeguard customer data, and ensure our platform remains reliable for businesses worldwide. We appreciate the cooperation of all users, security researchers, and compliance officers in maintaining the highest standards of trust, security, and transparency.

14. Changes to this AUP

Aditya CRM (Devolyt Technologies Pvt. Ltd.) reserves the right to revise, amend, or update this Acceptable Use Policy (“AUP”) from time to time in order to reflect changes in laws, industry standards, security practices, and business operations. These updates ensure that the policy remains transparent, enforceable, and aligned with evolving technology and compliance obligations across different jurisdictions.

Whenever we make changes to this AUP, an updated version will be published on this page, along with a clearly visible “Last Updated” date. Customers and partners are encouraged to review this page regularly so that they remain informed about the most current standards of permitted use, security obligations, and compliance requirements.

In some cases, we may also notify users directly through email, in-app messages, or official announcements if the changes are material or if they significantly affect your rights or responsibilities. However, it remains the customer’s responsibility to stay updated by periodically reviewing this AUP.

Continued access or use of Aditya CRM software, demos, APIs, or related services after an updated version of the AUP has been posted will be considered as your acceptance of the revised policy. If you do not agree with the modifications, you must discontinue use of the platform and contact us for clarification or termination options where applicable.

All updates to this AUP are forward-looking and will not retroactively alter or cancel rights, obligations, or agreements that have already been executed under a previously signed contract or Statement of Work (SOW). In case of conflict between this AUP and a signed agreement, the signed agreement will always take precedence.

By staying informed and compliant with the latest version of this AUP, you help maintain the integrity, security, and reliability of the Aditya CRM ecosystem for all users.

15. Contact

We encourage all customers, partners, and third parties to reach out with any questions, clarifications, or concerns regarding this Acceptable Use Policy (AUP). Open communication is essential to maintaining trust, compliance, and long-term success with Aditya CRM. Whether you need guidance on permitted usage, security practices, data handling, or contract alignment, our team is ready to assist you.

You may contact us using the details below. Please include as much context as possible (e.g., account details, relevant modules, or reference IDs) to help us respond quickly and effectively.

This AUP is part of the overall legal and compliance framework of Aditya CRM. In case of any conflict between this policy and a signed Proposal, Statement of Work (SOW), or Master Services Agreement (MSA), the signed contractual document will take precedence for that specific engagement.

By contacting us through the above channels, you help us strengthen the security, transparency, and reliability of the Aditya CRM ecosystem. We value every inquiry and treat all communications with professionalism and confidentiality.