Acceptable Use Policy
Effective date: 2026-06-04 · Last updated: 2026-06-04
1. Introduction
This Acceptable Use Policy ("AUP") forms part of the Tourbox SaaS Terms of Service and applies to all users of the Tourbox platform. By using the platform, you agree to comply with this AUP.
Tourbox Systems Limited (company number 15613075), registered at 125 Freshfield Road, Brighton, England, BN2 0BR, reserves the right to suspend or terminate access to the platform for any user who violates this AUP.
2. Permitted use
The Tourbox platform is provided for legitimate tour operation business purposes. This includes managing bookings, customers, itineraries, communications, finances, and related activities in the ordinary course of running a tour operation business.
3. Prohibited content
You must not upload, store, or transmit any of the following through the platform:
- Content that is illegal under the laws of England and Wales or any other applicable jurisdiction
- Malware, viruses, trojans, or any other malicious code or software
- Content that infringes the intellectual property rights of any third party, including copyright, trademarks, and patents
- Excessive volumes of sensitive personal data beyond what is reasonably necessary for tour operation, such as health records, biometric data, or criminal records
- Content that is defamatory, harassing, abusive, threatening, or discriminatory
4. Prohibited conduct
You must not:
- Attempt to access data belonging to other organisations or circumvent the platform's Row-Level Security (RLS) isolation mechanisms
- Attempt to bypass authentication, authorisation, or any other security controls
- Use automated scraping tools, bots, or crawlers against the platform
- Use the platform for purposes unrelated to tour operation
- Share your authentication credentials with unauthorised persons
- Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of any part of the platform
5. AI feature usage
Where you use AI-powered features within the platform, you must not:
- Use AI features to generate content that is misleading, fraudulent, or deceptive
- Attempt to circumvent AI token usage limits or cost controls applied to your account or plan
- Submit prohibited content (as defined in section 3 above) to AI providers via the platform
- Attempt to extract model weights, training data, or other proprietary information from AI providers accessed through the platform
- Use AI-generated content in a way that violates applicable laws or regulations
6. Integration usage
The platform provides integrations with third-party services, including Zoom, Slack, Vamoos, Xero, Gmail, and Outlook. When using these integrations, you must not:
- Use connected integrations for purposes other than legitimate tour operation
- Extract or store third-party credentials outside the platform's encrypted credential storage
- Use integrations to send unsolicited communications or spam
- Exceed reasonable usage limits for third-party services accessed through the platform
7. Resource limits
Fair use principles apply to the following platform resources. Tourbox reserves the right to enforce reasonable limits where usage is excessive or abusive:
- File storage (OVHcloud, EU) -- reasonable volumes of documents and media related to tour operation
- API calls -- reasonable request volumes consistent with normal platform use; no abusive or excessive request patterns
- AI token usage -- within the allocation included in your plan
- Email sending (via Mailgun) -- legitimate business communications only; bulk marketing or unsolicited email is not permitted
- Real-time connections (WebSocket) -- reasonable concurrent connections consistent with normal platform use
8. Consumer app responsibilities
If you use the consumer app sync feature to share trip information with your customers, you must:
- Only sync appropriate and accurate trip data to the consumer app
- Not use share tokens or short links for spam, marketing, or unsolicited communications
- Ensure the data you sync complies with your privacy obligations to your customers, including any obligations under applicable data protection legislation
- Not use the consumer app data sync for purposes other than providing trip information to your customers
9. Enforcement
If Tourbox determines that you have violated this AUP, we may take any of the following actions:
- Issue a written warning specifying the violation and the corrective action required
- Suspend access to specific features or to the entire platform
- Terminate your account in accordance with the SaaS Terms of Service
Tourbox will use reasonable efforts to notify you before taking enforcement action, except where immediate action is necessary to protect the platform, other users, or third parties.
10. Reporting violations
If you become aware of a violation of this AUP, please report it to abuse@tourbox.com. Include details of the suspected violation and any supporting evidence.
11. Changes to this policy
We may update this AUP from time to time. Material changes will be notified in accordance with the SaaS Terms of Service. Your continued use of the platform after any changes take effect constitutes acceptance of the updated AUP.
If you have any questions about this policy, please contact us at privacy@tourbox.com.