Acceptable Use Policy

← Back to Home

1. General Scope

This Acceptable Use Policy ("AUP") governs the use of all communication features within the iPendio platform. iPendio is a B2B Spend Intelligence and Accounts Payable automation platform that serves multi-location businesses including franchise operators, hospitality groups, retail chains, and healthcare networks.

Access to the platform and its communication capabilities is limited to authorized, registered users who have completed onboarding or who were invited by an organization's account administrator. This AUP applies to all transactional messages generated by or through the platform.

2. Nature of Allowable Traffic

iPendio generates strictly transactional and system-level communications. All outbound messages are triggered by user actions, system events, or operational workflows. The following message types are permitted:

• Invoice receipt and processing confirmations
• Payment approval requests and deadline reminders
• Payment settlement receipts and ACH/wire confirmations
• Budget threshold notifications and overspend alerts
• Vendor onboarding confirmations and document requests
• Contract renewal and expiration notifications
• Expense report submission and approval status updates
• Security alerts (new login, password change, MFA enrollment)
• Account provisioning and role assignment notifications
• Platform maintenance and incident advisories

The following are explicitly prohibited:

• Marketing emails or promotional offers
• Newsletters or editorial content
• Cold outreach or prospecting messages
• Advertisements or upsell communications
• Any communication not directly tied to a platform event or user action

3. Consent & Opt-In

All recipients of iPendio notifications are platform users with verified accounts. Consent is obtained through:

• Contractual basis: Organizations sign a service agreement that includes acknowledgment of transactional notifications as part of platform functionality.
• Registration opt-in: Individual users accept Terms of Service and this AUP during the account creation process.
• Administrator invitation: Users invited by their organization's administrator receive a one-time invitation email with explicit acceptance required before any further communications.

iPendio never uses purchased, rented, scraped, or third-party lists. Every email recipient has a direct, verifiable relationship with the platform.

Consent records (timestamp, IP, Terms version accepted) are stored and available for audit upon request.

Notification Management

Users can manage their notification preferences through the Notification Preferences page. Categories are divided into:

• Essential transactional: Security alerts, billing confirmations, and critical service notifications. These cannot be fully disabled because they are necessary for account security and service delivery.
• Optional operational: Budget alerts, vendor updates, and workflow reminders. Users may disable these categories at any time.

All emails include List-Unsubscribe headers and a link to the Notification Preferences page.

4. Zero-Tolerance Spam Policy

iPendio enforces a zero-tolerance policy toward unsolicited or abusive messaging:

• Complaint rate threshold: Any client or feature generating a complaint rate exceeding 0.1% triggers immediate suspension of sending capabilities for that account, pending investigation.
• Bounce rate threshold: A bounce rate exceeding 5% triggers a mandatory review of recipient data quality, with potential suspension if corrective action is not taken within 48 hours.
• Feedback loop participation: We subscribe to all major ISP feedback loops (FBLs) and monitor complaint signals in real time.
• List-Unsubscribe compliance: Every outbound message includes both RFC 2369 List-Unsubscribe and List-Unsubscribe-Post headers.
• Suppression enforcement: Hard bounces, complaints, and explicit opt-outs are immediately added to a global suppression list. Suppressed addresses are checked before every send operation.
• No re-engagement campaigns: Suppressed addresses are never re-activated without explicit, verified, fresh consent from the recipient.

5. Prohibited Content

The following content types are strictly prohibited in any communication sent through or generated by the iPendio platform:

• Spam: Unsolicited bulk messages, repeated unwanted communications, or any form of commercial solicitation.
• Phishing: Messages designed to fraudulently obtain credentials, financial information, or personal data.
• Malware: Attachments or links that distribute viruses, ransomware, spyware, or other malicious software.
• Illegal content: Any material that violates local, state, federal, or international law.
• Defamatory material: Content that is libelous, slanderous, or intentionally harmful to individuals or organizations.
• IP infringement: Content that violates trademarks, copyrights, patents, or other intellectual property rights of third parties.
• Deceptive subject lines: Email subjects that misrepresent the content or origin of the message.
• Misleading sender identity: Spoofing or falsifying sender addresses or names.

6. Email Authentication Standards

All outbound email from iPendio is fully authenticated to prevent spoofing and ensure deliverability:

• SPF (Sender Policy Framework): Published SPF records authorize only designated mail servers to send on behalf of ipendio.com.
• DKIM (DomainKeys Identified Mail): All emails are cryptographically signed with 2048-bit keys, ensuring message integrity and sender authenticity.
• DMARC (Domain-based Message Authentication, Reporting & Conformance): Configured with p=reject policy, instructing receiving servers to reject any message that fails SPF or DKIM alignment.
• Dedicated sending IP: All transactional emails originate from a dedicated IP address with established sender reputation, not shared with other senders.

7. Monitoring & Reporting

iPendio maintains continuous monitoring of all communication activity:

• Automated tracking: Every outbound message is logged with delivery status, bounce classification, and engagement signals.
• Content scanning: Outbound messages are reviewed against our prohibited content guidelines before delivery.
• Volume anomaly detection: Automated systems flag sending patterns that deviate from established baselines, triggering ops team review before further delivery.
• Complaint triage: Each complaint received via FBL is reviewed within 24 hours by our operations team. Root cause analysis is documented.
• Abuse reporting: Suspected abuse can be reported to abuse@ipendio.com. We acknowledge abuse reports within 24 hours and provide resolution updates within 5 business days.

8. Enforcement

Violations of this AUP are subject to the following tiered enforcement actions:

1. Warning: Minor or first-time violations result in a written notice with 48 hours to implement corrective action.
2. Suspension: Repeated violations or exceeding complaint/bounce thresholds results in immediate suspension of sending capabilities.
3. Termination: Severe or willful violations (spam campaigns, phishing, malware distribution) result in immediate account termination with no refund.
4. Reporting: Severe violations may be reported to relevant ISPs, anti-spam organizations (e.g., Spamhaus), law enforcement, or regulatory authorities.
5. Legal action: iPendio reserves the right to pursue legal remedies for damages caused by AUP violations.

9. Client Responsibility

Clients are responsible for:

• Ensuring that all users within their organization understand and comply with this AUP.
• Maintaining accurate recipient information and promptly removing invalid addresses.
• Implementing appropriate internal controls to prevent misuse of platform communication features.
• Reporting any suspected violations by users within their organization to abuse@ipendio.com.
• Cooperating with iPendio in investigations related to potential AUP violations.
• Ensuring that any data uploaded to the platform (vendor contacts, user lists) consists only of legitimately obtained, first-party relationships.

10. Contact

For questions about this Acceptable Use Policy, to report abuse, or to request clarification on permitted uses:

iPendio, Inc. — Compliance Team
580 Howard Street, Suite 210
San Francisco, CA 94105, United States
Abuse Reports: abuse@ipendio.com
General: legal@ipendio.com
Phone: +1 (415) 829-7143

Related policies: Terms of Service · Privacy Policy · Trust Center