PropStackX

Legal

Acceptable Use Policy

Last updated: 10 May 2026Effective: 10 May 2026

In plain English

We built PropStackX so legitimate real-estate teams can run their business cleanly. This page is a short list of the things that get an account suspended — most of them are also things Indian law would penalise far more harshly than we will. Read them once, then go build your business.

1. Scope

This Acceptable Use Policy ("AUP") is part of the PropStackX Terms of Service and applies to every Tenant, Authorised User, Channel Partner and any other person who accesses or uses PropStackX. By using the Service, you agree to follow this AUP and to ensure that everyone who acts under your account follows it too.

2. Core principles

Three rules underlie everything below:

  1. Be lawful. Do not use PropStackX to do anything that is illegal under Indian law or the law of the country where your recipient is.
  2. Be honest. Do not misrepresent who you are, what you sell, or what regulatory approvals you have.
  3. Be respectful of consent. Do not contact people who have not asked to hear from you, and stop the moment they ask.

3. Prohibited content

You will not upload, store, send or display content that:

  • is unlawful, defamatory, obscene, paedophilic, invasive of another's privacy, hateful, or racially or ethnically objectionable, including content of the kind described in section 67, 67A and 67B of the IT Act, 2000 and the POCSO Act, 2012;
  • infringes any patent, trademark, copyright, trade secret or other proprietary right;
  • impersonates any person or entity, or falsely states or misrepresents an affiliation with a person or entity;
  • contains a virus, worm, ransomware, cryptominer, or any other harmful code;
  • is misleading on a material fact about a real-estate project, promoter, RERA approval, occupancy certificate, carpet area, or payment schedule;
  • promotes financial fraud, Ponzi schemes, money-laundering, or any transaction that violates the Foreign Exchange Management Act, 1999 or the Prevention of Money Laundering Act, 2002;
  • relates to a transaction that requires KYC under PMLA without the necessary KYC having been collected.

4. Prohibited activity

You will not, and will not permit anyone else to:

  • scrape, crawl, harvest or otherwise extract data from the Service other than through documented APIs and within published rate limits;
  • reverse engineer, decompile, disassemble, copy, or attempt to derive the source code of the Service, except to the limited extent permitted by mandatory law;
  • bypass, disable or circumvent any access control, rate limit, captcha, audit log or other security feature;
  • share login credentials between users, sell or sub-license access, or use the Service on behalf of an undisclosed third party;
  • use the Service to build, train or improve a product that competes with PropStackX;
  • use the Service to send phishing, smishing or other social engineering attempts;
  • use the Service to test or distribute malware, including against your own internal targets without prior written notice to us;
  • interfere with the normal operation of the Service, generate traffic in volumes intended to overwhelm shared infrastructure, or knowingly degrade quality for other Tenants.

5. Messaging & anti-spam

A large part of the Service is messaging. We expect you to use it in line with TRAI's Telecom Commercial Communications Customer Preference Regulations, 2018 (the "TCCCP Regulations"), Meta's WhatsApp Business Messaging Policy, and email-sending best practice (CAN-SPAM-style compliance). Specifically:

  • Register your sender headers, content templates and consent records on a TRAI-approved DLT platform before you send the first SMS through the Service.
  • For WhatsApp, use only Meta-approved message templates outside the 24-hour customer-care window. Maintain documented opt-in for every recipient.
  • For email, include a working one-click unsubscribe link in every marketing message, identify yourself accurately in the From and Reply-To headers, and authenticate your domain (SPF, DKIM, DMARC).
  • Honour DND (Do Not Disturb) and unsubscribe requests within 24 hours and never re-add a recipient who has unsubscribed without fresh, documented consent.
  • Do not buy or rent contact lists. Lists obtained without lawful basis violate the DPDPA and will trigger enforcement under section 11 of this AUP.
  • Use truthful subject lines. Do not use misleading content previews or deceptive sender names.

Carrier penalties, regulator notices, blocklist incidents and provider take-down notices that originate from your account can be charged back to you under section 19 of the Terms.

6. Lead data quality

Your leads, allottees and channel partners are real people with rights under the DPDPA. Before uploading or capturing data through PropStackX:

  • Confirm you have a lawful basis (consent or another permitted ground) for the data and the way you intend to process it.
  • Provide the notices required by section 5 of the DPDPA at or before the point of collection. Generic landing-page footers generally are not enough on their own.
  • Do not collect or store sensitive special-category data (for example, health, biometrics, religion or caste) unless it is strictly necessary for a documented use case and explicit consent has been obtained.
  • Do not upload children's personal data without verifiable parental consent.
  • Promptly action erasure and correction requests from your End Customers, including those we forward to you under section 10 of the Privacy Policy.

7. RERA & advertising rules

Real-estate marketing is heavily regulated. Section 12 of the Real Estate (Regulation and Development) Act, 2016 makes a promoter liable to refund (with interest) any allottee who relied on a false advertisement. The Advertising Standards Council of India's guidelines also apply.

When you use PropStackX to market a project, you must:

  • display the RERA registration number on every advertisement of a registered project, including AI-generated content, social posts, broker notifications and landing pages;
  • describe carpet area, super-built-up area, possession date, payment schedules and amenities accurately and consistently with the RERA filings;
  • avoid pre-launch bookings before registration where the law requires it;
  • avoid "assured returns", guaranteed appreciation, or tax-evasion claims;
  • not generate or distribute deepfake imagery, doctored renders, or fake reviews.

8. Security & system integrity

  • Use strong, unique passwords. Enable multi-factor authentication where the Service offers it.
  • Treat API tokens, webhooks and integration secrets as credentials. Rotate them when staff leave or when they may have been exposed.
  • Notify us at admin@propstackx.com within 24 hours if you suspect a breach of an account, an API token compromise, or any other incident affecting the security of data on the Service.
  • Do not run vulnerability scans, penetration tests or red-team exercises against the Service without prior written authorisation from us. Responsible disclosure of bugs found through normal use, on the other hand, is welcome and we will not pursue legal action against good-faith researchers.

9. AI features

Some PropStackX modules generate text or imagery using AI. These features are tools, not advisors. You are responsible for the content you publish or send to a customer, even when AI helped draft it. In particular:

  • Review AI-drafted ad copy, brochures and emails for factual accuracy and RERA compliance before sending.
  • Do not use AI features to produce defamatory or misleading content about competitors, individuals or projects.
  • Do not use AI features to impersonate another brand, person or government authority.
  • Where AI-generated visuals depict a project, label them as artistic impressions when they are not actual photographs.

10. Reporting violations

If you think someone is using PropStackX in violation of this AUP — for example, you receive a spam SMS that you can trace to a PropStackX-powered sender, or you spot a phishing email — please report it to admin@propstackx.com. Include headers, screenshots and any context you can. We investigate every credible report.

11. Enforcement

Where we believe an account has breached this AUP, we may:

  1. issue a written warning and ask for the violating activity to stop;
  2. disable the affected feature (for example, the SMS or WhatsApp module);
  3. suspend the account, in whole or in part;
  4. terminate the account under section 16 of the Terms.

For serious or recurring violations — including those that put other Tenants, our infrastructure or our regulatory standing at risk — we may skip earlier steps and act immediately. Where the breach has caused us or others to incur fines, blocklist costs or legal expenses, we may recover those amounts under section 18 of the Terms.

12. Cooperation with law enforcement

We will cooperate with lawful requests from Indian courts, regulators and law-enforcement agencies, including under the IT Act, the CrPC, RERA notifications and CERT-In directions. We will challenge requests we believe to be over-broad and, where the law permits, we will notify the affected Tenant before disclosure.

13. Changes

We may update this AUP as the Service evolves and as the law changes. The "Last updated" date at the top of the page reflects the current version. Material changes will be notified to Tenants by email at least 15 days in advance. Continued use after a change means you accept the updated AUP.