Solutions by Text, LLC Acceptable Use and Webhook Management Policies

Updated March 15, 2024

Acceptable Use Policy

This amended Acceptable Use Policy (“AUP” or “Amended AUP”) replaces the Solutions by Text, LLC (“SBT”) Acceptable Use Policy in effect before December 11, 2022. By beginning or continuing to use SBT’s products and services, Customer consents to be bound by this Acceptable Use Policy.

1.1.      Incorporation and Conflict. This AUP represents an integral component of the legally binding Agreement between Solutions by Text, LLC and Customer. This AUP is fully incorporated into the Agreement as if fully set forth therein. If there is a conflict between this AUP and the Agreement, this AUP will govern. 

1.2.      Scope. Any Customer utilizing the SBT software products and services (“SBT Services”) must comply with this AUP. By using or continuing to use SBT’s Services, Customer acknowledges and agrees to ensure compliance with this AUP. This AUP applies to any communication including, but not limited to, Short Message Service (“SMS”) messages, Multimedia Message Service (“MMS”) messages, Rich Communication Service (“RCS”) messages, telephone calls, facsimile transmittals, and email (collectively “Messages”). 

1.3.         Prohibited Actions. Customer agrees not to use, and will not suffer or permit its Clients and its and their end users using, the SBT Services to send Messages containing the following prohibited content:

(a)  junk mail, spam, or unsolicited material to persons or entities that have not agreed to receive such material or to whom Customer or End User do not otherwise have a legal right to send such material;

(b)   material that infringes or violates any third-party’s intellectual property rights, rights of publicity, privacy, or confidentiality, or the rights or legal obligations of any wireless service provider or any of its customers or subscribers;

(c)   Message Content that:

i.         is illegal, harassing, coercive, tortious, defamatory, libelous, abusive, threatening, obscene, or otherwise objectionable, in SBT’s sole discretion;

ii.         is harmful to minors;

iii.         is excessive in quantity;

iv.        could diminish or harm the reputation or business of SBT, SBT’s customers, suppliers, licensors, partners, end users, and/or any third-party service provider involved in the provision and execution of the SBT Services;

v.         is alcoholic beverage-related (e.g., beer, wine, or liquor), tobacco-related (e.g., cigarettes, cigars, pipes, chewing tobacco), guns or weapons-related (e.g., firearms, bullets), illegal drugs-related (e.g., marijuana, cocaine), pornographic-related (e.g., adult themes, sexual content), crime-related (e.g., organized crime, notorious characters), violence-related or intended to incite violence (e.g., violent games), death-related (e.g., funeral homes, mortuaries), hate-related (e.g. racist organizations), or gambling-related (e.g., casinos, lotteries).

vi.         has discriminatory or prejudicial content against age, gender, race, ethnicity, country of origin, religion, sexual orientation, disability, geographical location, or any other protected group;

vii.         specifically mentions any wireless carrier or copies or parodies the products or services of any wireless carrier;

viii.         contains viruses, Trojan horses, worms, time bombs, cancelbots, or other computer-programming routines that are intended to damage, detrimentally interfere with, surreptitiously intercept or expropriate any system, data, or personal information;

ix.         is false, misleading, or inaccurate;

x.         would expose SBT or any third-party to liability;

xi.         contains any signal or impulse that could cause electrical, magnetic, optical, or other technical harm to SBT or a third-party;

xii.         attempts to find inadequacies, limitations, or vulnerabilities in the SBT API, UI, or Intellectual Property.

xiii.         facilitates a denial of service attack on the SBT API, UI, Intellectual Property, or Services;

xiv.         disrupts or adversely impacts the availability, quality, or stability of the SBT API, UI, Intellectual Property, or Services;

xv.         violates any applicable laws or regulations of any applicable jurisdiction, including, but not limited to: applicable laws or regulations related to the transmission of data, import/export laws, the recording or monitoring of phone calls, and other forms of communication; applicable laws or regulations that prohibit engaging in any unsolicited advertising, marketing, or transmission of communications;  applicable anti-spam laws or regulations including, but not limited to, the Canada Anti-Spam Law (“CASL”), the Telephone Consumer Protection Act, the General Data Protection Regulation (“GDPR”), and the Do-Not-Call Implementation Act;

xvi.         transmits unsolicited communications, commercial or otherwise;

xvii.         uses the SBT Services to collect information about individuals without their explicit consent;

xviii.         records or monitors any communication without consent of all participants; and

xix.         violates any applicable industry standards, policies, or guidelines published by the CTIA (“Cellular Telecommunications Industry Association”), MMA (“Mobile Marketing Association”), or any other recognized entities.

1.4.         Restricted Actions. Customer shall not access and shall not permit any Client or end user to access any SBT Services that Customer has not requested and paid applicable charges for. Customer will not use or attempt to use a third-party’s account with SBT, interfere with the security of or otherwise abuse the SBT Services.

1.5.         Notification. Customer is solely responsible for any actions it takes within its account with SBT. Customer agrees to immediately notify SBT of any unauthorized use of the SBT Services or any other breach of security or access known to Customer related to the SBT Services. Customer shall cooperate with SBT in any investigation and other actions taken for suspected or known violations of this AUP, including any incidents caused or suspected to be caused by an End User.

1.6.      Sensitive Data. Customer acknowledges that the SBT Services are not to be used in any way to transmit full names, driver’s license numbers, addresses, Social Security numbers, passwords, or any other information that is private and sensitive in nature (“Sensitive Data”). SBT strongly advises against the transmittal by or acceptance of any Sensitive Data in Customer’s custody or control. Customer is responsible for ensuring that adequate security measures are in place prior to transmitting Sensitive Data to SBT or permitting end users to transmit Sensitive Data to SBT.

ANY TRANSMISSION OF SENSITIVE DATA TO END USERS THROUGH SBT’S API, UI, INTELLECTUAL PROPERTY, OR SERVICES IS DONE SOLELY AT CUSTOMER’S RISK. SBT WILL HAVE NO LIABILITY WHATSOEVER IN CONNECTION WITH ANY EVENTS INVOLVING SENSITIVE DATA TRANSMITTED OR PROCESSED VIA SBT’S API, UI, INTELLECTUAL PROPERTY, OR SERVICES UNLESS OTHERWISE PROVIDED IN THE AGREEMENT.

1.7.      Updates. SBT may update this AUP upon providing Customer with thirty (30) days’ written notice in advance of the updated AUP’s effective date (“Effective Date”). The updated AUP will supersede all other versions unless otherwise provided.

1.8.      Acceptance. Customer’s continued use of SBT Services on or after the updated AUP’s Effective Date constitutes Customer’s acceptance of the updates provided therein.

1.9.      Applicable Law. If changes to the AUP are required by law, mandates from telecommunications providers, or any other necessary requirements that need to be incorporated into the AUP immediately, SBT will not be able to provide thirty (30) days’ written notice to Customer. If any changes to the AUP are required immediately, Customer will be notified in writing as soon as commercially reasonable.

Webhook Management Policy

Introduction

Solutions By Text Customers and Partners may implement a webhook to obtain insight into events from transaction processing that occurs within the SBT (Solutions by Text) systems. The list of webhooks may change over time. Examples of webhooks include Inbound Messages, Message Status, and Inbound MMS (Multimedia Messaging Service). The term Webhook Receiver is used in this context.

Webhook receivers will accept authenticated posts, store the data, and return an HTTP 200: Success response to SBT as soon as the webhook call is received and acknowledged. The webhook receiver can subsequently process the payload data after acknowledging.

SBT customers and partners must maintain healthy webhooks to maximize platform availability and performance. This Webhook Management Policy outlines the various Webhook Handling Rules and Receiver Expectations applicable to SBT’s customers and partners utilizing webhooks to connect to the SBT FinText™ Platform.

Webhook Handling Rules

Behavior T2C Platform (1.0) FinText Platform (2.0)
Connection Time Out SBT requires a webhook URL to respond within five seconds. If this response time is exceeded, the webhook call is designated as FAILED. SBT will retry attempts pursuant to this Policy. This could result in duplicate webhooks and the webhook listener receiving duplicate posts from SBT.
Retry Policy Blacklist after 50 retries, each 10 minutes apart. 

Suspend after 50 retries, each 30 minutes apart. 

Deactivate after 200 retries, 30 minutes apart. 

Response Queuing and Retry Logic

Pending responses are held until the end of each calendar day. 

If an unhealthy webhook endpoint becomes healthy before the end of the day, the platform will attempt to send the remaining response. 

SBT utilizes a daily routine and marks the webhook active if it is healthy. 

Pending responses are queued for up to 7 days and sent when the webhook becomes healthy. If more responses need to be sent, please contact SBT Customer Support. 

SBT continues to retry every 30 minutes to send out all responses and reactivate the webhook if found healthy. 

Blacklist / Deactivate Webhook

If an email is configured within the UI (User Interface), and email notification will be sent. 

If there is no response to email for 7 days, the URL will be removed. 

If removed, manual intervention is required on the customer side to fix the webhook. Contact SBT Customer Support to reactivate the webhook. 

SBT Customer Support sends out an email notification to customers. 

If the webhook is deactivated, manual intervention is required on the customer side to fix the webhook. Contact SBT Customer Support to reactivate the webhook. 

Receiver Expectations

Behavior Expectations
Alert Notification SBT requires enabling notifications/alerts in case of issues with customer or partner webhooks. These notifications/alerts should be delivered to more than one technical resource. SBT suggests a distribution list for operations and/or technology teams. 
Response Time The webhook receiver must acknowledge the request immediately, within less than one second. 
Availability The webhook URL service must be available to receive calls from SBT 24 hours a day. 
Handling Webhook Responses Efficiently

Webhook listeners must refrain from any heavy processing in the foreground, must acknowledge requests as soon as possible, and must be equipped to handle sufficient load. 

Webhook listeners must be tested to successfully process four times the number of outbound messages sent per batch. For example, if a customer is likely to send batches of 10,000 outbound messages per hour, the corresponding webhook must be able to handle at least 40,000 status updates per hour.

Test Harness SBT has a test harness that may be leveraged for functional payload and performance testing. For more information, please contact Customer Support. 

Additional Resources