1. About

This Acceptable Use Policy (“AUP”) sets forth how MoEngage Services must be used, and more importantly, what constitutes misuse of our Services, either because the activity violates applicable law or because it poses a risk to the MoEngage Services. Terms used herein without definition are defined in the Master Service Agreement (“MSA/Agreement”) in place between MoEngage and its customers.

2. Scope

This AUP applies universally to Customers, authorised users, end-users, and any third-party agents accessing or using MoEngage Services.

3. General Use Obligations

Users shall strictly adhere to the following:

  • Compliance: Operate the MoEngage Services lawfully, within the scope of your authorization and existing contractual agreements.
  • Security: Maintain the strict confidentiality of account credentials, mandate Multi-Factor Authentication (MFA) where available, and promptly report any security breaches or unauthorized access.
  • Regulatory Alignment: Comply with all applicable MoEngage policies and relevant legal or regulatory frameworks.

4. Prohibited Activities and Content

Users are strictly prohibited from utilizing MoEngage Services to do any of the following:

  • Illegal & Harmful Conduct: Engage in, facilitate, or promote any activity that is illegal, abusive, fraudulent, or otherwise harmful.
  • Malicious Software: Transmit or distribute malware, ransomware, viruses, or any other malicious code.
  • Rights Infringement: Violate or misappropriate the intellectual property, privacy, or confidentiality rights of any third party.
  • Misinformation & Deception: Create or spread false, misleading, or deceptive content, specifically including disinformation generated by Artificial Intelligence.
  • Spam & Phishing: Conduct spamming or phishing, send unsolicited communications, or engage in any deceptive marketing practices.
  • Input High-risk personal data: Input high-risk personal information/sensitive personal data (as defined by applicable privacy laws) into Generative AI prompts, where such data is not strictly required for the intended service output.
  • System Integrity & Security: Attempt to access MoEngage systems without authorization, circumvent security measures, or perform actions that overload, impair, or disrupt the Services.
  • Harassment: Stalk, harass, threaten, or cause distress or harm to any individual or group.
  • Impersonation: Impersonate any person or entity, or falsely state or otherwise misrepresent your affiliation with a person or entity.

5. Your Responsibilities as a Customer

To maintain a secure and compliant environment, you agree to:

  • Secure Your Accounts: Enforce Multi-Factor Authentication (MFA), regularly review user credentials, and strictly manage role-based permissions to prevent unauthorized access.
  • Ensure Lawful Data Processing: Verify that any data you process complies with applicable privacy laws and that you hold the proper consents from your users.
  • Manage Content Rights: Obtain the necessary licenses and permissions for any materials you upload, create, or process using our Services.
  • Support Audits: Keep accurate audit logs where required and cooperate with necessary compliance reviews.
  • Prompt Engineering and Brand Safety: Take responsibility for the inputs (prompts) provided to our AI services/features within MoEngage. It is a best practise to include specific brand guidelines and negative constraints (e.g., instructions to avoid specific terms or competitor mentions) within prompts to ensure that output adheres to customer brand guidelines.

6. Messaging Policy (Email, SMS/MMS, and Electronic Communications)

All communications sent through MoEngage Services must strictly comply with applicable laws, third-party provider terms of use, and established industry standards.

  • Deliverability and Impact: Customers shall not employ sending practices that negatively impact MoEngage or its ecosystem. This includes sending Messages that result in excessive complaints, bounces, spam trap hits, unsubscribes, or blocklistings, regardless of whether the content is technically defined as spam.
  • Strict Consent Requirements: Customers may not send unsolicited messages. You must obtain and maintain explicit, documented consent for all commercial or marketing communications wherever required by the laws or regulations of your applicable jurisdiction.
  • Prohibited Data Sources: Customers are strictly prohibited from sending Messages to: (i) purchased, appended, or rented lists; (ii) contact information scraped or programmatically generated from the internet; (iii) role-based or generic addresses (e.g., [email protected]); (iv) list-servers or distribution groups; or (v) lists acquired via co-registration programs.
  • Opt-Out & Transparency: All Email Messages must contain a clear, functional unsubscribe mechanism that aligns with industry best practices. Furthermore, Messages must not disguise their origin, transmission path, or subject matter, and must not utilize falsified headers or “from” addresses.
  • Prohibited Content: Messages must not contain Malicious Content, including but not limited to phishing links, pyramid schemes, multi-level marketing (MLM), or unapproved affiliate marketing (where the sender lacks explicit permission from the recipient to mail them).
  • Privacy Policy Obligations: Customers must maintain a publicly accessible privacy policy for all active sending domains. This policy must explicitly state that end-user opt-in data will not be shared with third parties.

6.1 SMS/MMS Specific Regulations

In addition to the overarching Messaging Policy, Customers utilizing SMS/MMS Services must:

  • Carrier & Provider Compliance: Comply with the acceptable use policies of applicable SMS/MMS gateway providers (e.g., Twilio, Infobip), carrier codes of conduct (e.g., AT&T, T-Mobile), and industry guidelines, including the CTIA Messaging Principles and Best Practices.
  • S.H.A.F.T. Restrictions: For the US and other applicable jurisdictions, Customers are strictly prohibited from transmitting SMS/MMS content related to Sex, Hate, Alcohol, Firearms, or Tobacco/CBD (S.H.A.F.T. regulations).

7. Working with Third Parties and Sub-Processors

  • Your Vendors: If you connect third-party tools or use your own vendors alongside our Services, you must ensure they follow this Acceptable Usage Policy and obey all relevant laws.
  • Our Sub-Processors: MoEngage may use trusted sub-processors to help deliver our Services. We hold these partners to our own high compliance standards and will always notify you if we make significant changes to who we work with.

8. SLA Integration and Enforcement

All service-level commitments—including uptime guarantees, response times, and support procedures—are governed by the Master Subscription Agreement (MSA) and its corresponding Service Level Agreements (SLAs).

If a Customer engages in prohibited activities that degrade SLA performance or platform stability, MoEngage reserves the right to take immediate enforcement actions, including service suspension or termination, as outlined in this AUP and the applicable SLA.

Customers are required to promptly report any known AUP violations. MoEngage will thoroughly investigate reported incidents and escalate remediation efforts in strict alignment with established SLA guidelines.

9. AI-Specific Prohibited Uses and Governance

Customers shall not utilize AI features for manipulative, discriminatory, or deceptive purposes.Customers must ensure that all AI-generated content is clearly and transparently disclosed to end-users where applicable. Customers are obligated to continuously monitor AI outputs for bias. For high-risk use cases, Customers must conduct formal impact assessments and maintain strict “human-in-the-loop” oversight before deployment. Tampering with, reverse-engineering, or creating unauthorized derivative works from any provided AI models is explicitly forbidden.

Customers should practise data minimization principles by ensuring that sensitive personal data/highly sensitive Personally Identifiable information (PII), such as government IDs, health records, card numbers, or fully financial account numbers, are not included in the free-text prompts sent to the Generative AI tools.

We strongly recommend that Customers maintain “Human-in-the-loop” workflows for all AI-generated content. This includes conducting a thorough manual review of AI-generated text, images, and Call-to-Action (CTA) links before deploying them in live campaigns to ensure factual accuracy, brand alignment, and functional integrity.

Kindly refer to our AI Terms of Usage Policy for more details.

10. Data Retention, Privacy, and Law Enforcement Requests

Customer Data is managed in strict adherence to our Privacy Policy. It is securely permanently erased when no longer required for processing, unless subject to a legally mandated hold. Kindly refer to section 19 of our Privacy Policy for more details on data retention.
In compliance with applicable data protection laws, we will notify Customers of any confirmed personal data breach within 72 hours of awareness, where legally required. All law enforcement or regulatory requests for Customer Data undergo rigorous legal verification. Customers will be promptly notified of such requests unless expressly prohibited by law. Any mandated disclosure of Customer Data to external authorities is strictly limited to the minimum information necessary to satisfy the legal requirement.

11. Security Incident Response

Both MoEngage and the Customer are required to strictly adhere to the incident response procedures established in the applicable SLAs and relevant regulatory frameworks.

All security incidents must be reported promptly. Both parties must ensure that timely status updates are provided and that all remediation efforts are thoroughly documented.

12. Auditing and Monitoring

MoEngage reserves the right to continuously monitor the use of the Services to verify strict compliance with this Acceptable Usage Policy.

The Customer agrees to maintain all relevant usage records and provide reasonable assistance and transparency during any compliance audits conducted by MoEngage.

13. Reporting Violations and Appeals

Suspected violations of this Acceptable Usage Policy should be reported to [email protected] or via established MoEngage support channels.

MoEngage shall conduct a thorough investigation of all reported violations. Where feasible, MoEngage will provide the Customer with an opportunity to respond before initiating formal disciplinary action, except in instances where immediate service suspension is warranted to protect platform integrity or prevent harm.

Customers may appeal enforcement actions strictly in accordance with the dispute resolution provisions set forth in their governing agreement.

14. Updates to the AUP

To ensure we stay aligned with industry best practices and changing laws, MoEngage reserves the right to update this Acceptable Usage Policy from time to time. Whenever we make changes, we will post the revised copy directly on this webpage so you always know where to find the latest rules.

15. Governing Law and Dispute Resolution

This policy is governed by the laws outlined in your Master Subscription Agreement (MSA). Any disputes arising from this AUP will be resolved in accordance with the arbitration or jurisdictional clauses agreed upon in that MSA.

16. Consequences of AUP Violations

A violation of this AUP constitutes a material breach of your Agreement. In the event of a violation, MoEngage reserves the right to refuse the transmission of Messages or to suspend and/or terminate the Customer’s subscription to the applicable Services. MoEngage will provide a written basis for any such suspension or termination.

17. Contact Information & Interpretation

For questions, to report AUP violations, or for any related requests, please contact us at: [email protected]. MoEngage reserves all rights to interpret, enforce, and amend this policy to remain consistent with evolving legal, regulatory, and ethical standards.