Preloader

Acceptable Use Policy

Acceptable Use Policy

Guidelines for acceptable use of Gestlat ThinkLab services.

Acceptable Use Policy (AUP)

Effective Date: December 17, 2025
Last Updated: December 17, 2025

1. Introduction

This Acceptable Use Policy ("AUP" or "Policy") defines acceptable and prohibited uses of Gestlat ThinkLab's services, software, website, and systems (collectively, "Services"). This Policy protects our users, infrastructure, and reputation.

This Policy applies to:

  • All users of our Services
  • Customers, visitors, and trial users
  • Employees, contractors, and partners
  • Any access to our systems or platforms

By using our Services, you agree to comply with this Policy. Violations may result in immediate service suspension or termination.

2. Purpose and Scope

2.1 Purpose

This Policy is designed to:

  • Protect our infrastructure and services
  • Ensure legal compliance
  • Maintain service quality and availability
  • Protect all users' interests
  • Prevent abuse and illegal activities
  • Preserve our reputation and brand

2.2 Scope

This Policy covers use of:

  • Software products (all 360° business management systems)
  • Website and online services (gestlatthinklab.com)
  • Cloud infrastructure and hosting
  • Customer support channels
  • Email and communication systems
  • Training and educational platforms
  • API and integration services

3. General Acceptable Use

3.1 Permitted Uses

You MAY use our Services to:

  • ✅ Conduct legitimate business operations
  • ✅ Manage your organization's operations and data
  • ✅ Communicate with customers and stakeholders
  • ✅ Store and process business information
  • ✅ Generate reports and analytics
  • ✅ Integrate with compatible third-party services
  • ✅ Access support and training resources
  • ✅ Collaborate with authorized team members

3.2 General Obligations

You MUST:

  • ✅ Use Services lawfully and ethically
  • ✅ Respect intellectual property rights
  • ✅ Maintain accurate account information
  • ✅ Keep login credentials confidential
  • ✅ Report security vulnerabilities responsibly
  • ✅ Comply with all applicable laws and regulations
  • ✅ Respect other users' rights and privacy
  • ✅ Use Services in accordance with documentation

4. Prohibited Activities

4.1 Illegal Activities

You may NOT use our Services for:

  • ❌ Any illegal purpose or activity
  • ❌ Violating local, national, or international laws
  • ❌ Money laundering or financial fraud
  • ❌ Tax evasion or financial crime
  • ❌ Trafficking (human, drug, weapons, etc.)
  • ❌ Terrorism or terrorist financing
  • ❌ Child exploitation or abuse
  • ❌ Distribution of illegal substances
  • ❌ Gambling operations (where illegal)
  • ❌ Copyright or trademark infringement
  • ❌ Identity theft or fraud

4.2 Security Violations

You may NOT:

  • ❌ Attempt unauthorized access to our systems or other users' accounts
  • ❌ Bypass, circumvent, or disable security features
  • ❌ Probe, scan, or test vulnerabilities without authorization
  • ❌ Crack, decrypt, or break encryption
  • ❌ Distribute viruses, malware, or harmful code
  • ❌ Launch denial-of-service (DoS) or DDoS attacks
  • ❌ Engage in hacking, phishing, or social engineering
  • ❌ Share login credentials with unauthorized persons
  • ❌ Use stolen credentials or payment methods
  • ❌ Interfere with service operation or availability

4.3 Abuse of Services

You may NOT:

  • ❌ Use Services to harm, harass, or threaten others
  • ❌ Send spam, unsolicited communications, or bulk messages
  • ❌ Engage in fraudulent or deceptive practices
  • ❌ Misrepresent your identity or affiliation
  • ❌ Scrape, harvest, or mine data without permission
  • ❌ Overload or abuse system resources
  • ❌ Create fake accounts or multiple accounts to evade restrictions
  • ❌ Use Services to compete with Gestlat ThinkLab
  • ❌ Resell Services without authorization
  • ❌ Use automated bots excessively

4.4 Intellectual Property Violations

You may NOT:

  • ❌ Copy, distribute, or modify our Software without permission
  • ❌ Reverse engineer, decompile, or disassemble our applications
  • ❌ Remove or alter proprietary notices or labels
  • ❌ Use our trademarks or branding without authorization
  • ❌ Create derivative works from our Services
  • ❌ Infringe third-party intellectual property rights
  • ❌ Upload pirated content or illegal materials

4.5 Harmful or Offensive Content

You may NOT upload, transmit, or store content that:

  • ❌ Is defamatory, libelous, or slanderous
  • ❌ Incites hatred, violence, or discrimination
  • ❌ Contains pornographic or sexually explicit material
  • ❌ Exploits or harms minors
  • ❌ Promotes self-harm or suicide
  • ❌ Contains graphic violence or gore
  • ❌ Harasses, bullies, or threatens individuals
  • ❌ Violates privacy rights
  • ❌ Is misleading, fraudulent, or deceptive

4.6 Network and System Abuse

You may NOT:

  • ❌ Consume excessive bandwidth or storage
  • ❌ Run cryptocurrency mining operations
  • ❌ Host file-sharing or torrent services
  • ❌ Operate open proxies or VPN exit nodes
  • ❌ Send email bombs or chain letters
  • ❌ Generate artificial traffic or fake usage
  • ❌ Interfere with other users' service access
  • ❌ Attempt to gain unauthorized elevated privileges

4.7 Data Misuse

You may NOT:

  • ❌ Access data you're not authorized to view
  • ❌ Share confidential data without authorization
  • ❌ Misuse customer or user data collected through Services
  • ❌ Sell, trade, or distribute data inappropriately
  • ❌ Process data in violation of privacy laws
  • ❌ Use data for unauthorized marketing purposes
  • ❌ Scrape or extract data systematically

5. Specific Use Cases

5.1 Business Management Systems (360° Products)

Acceptable:

  • ✅ Managing legitimate business operations
  • ✅ Storing accurate business records
  • ✅ Processing customer transactions
  • ✅ Generating financial reports
  • ✅ Tracking inventory and assets

Not Acceptable:

  • ❌ Recording fraudulent transactions
  • ❌ Manipulating financial records illegally
  • ❌ Evading tax obligations through false entries
  • ❌ Conducting illegal business activities

5.2 Educational Systems (ESchool360)

Acceptable:

  • ✅ Managing legitimate educational institutions
  • ✅ Tracking student academic progress
  • ✅ Communicating with parents and guardians
  • ✅ Processing tuition and fees
  • ✅ Maintaining attendance records

Not Acceptable:

  • ❌ Operating illegal or unregistered schools
  • ❌ Misusing student personal information
  • ❌ Falsifying academic records
  • ❌ Discriminatory practices
  • ❌ Violating child protection laws

5.3 Healthcare Systems (HealthCenterOps360, DrugStoreOps360)

Acceptable:

  • ✅ Managing legitimate healthcare facilities
  • ✅ Maintaining patient records securely
  • ✅ Processing prescriptions legally
  • ✅ Tracking medical inventory
  • ✅ Billing and insurance processing

Not Acceptable:

  • ❌ Operating without required licenses
  • ❌ Violating patient privacy (HIPAA-like violations)
  • ❌ Illegal prescription practices
  • ❌ Distributing controlled substances illegally
  • ❌ Insurance fraud
  • ❌ Falsifying medical records

5.4 Retail and Commerce Systems

Acceptable:

  • ✅ Operating legitimate retail businesses
  • ✅ Processing customer payments legally
  • ✅ Managing inventory and suppliers
  • ✅ Issuing proper receipts and invoices

Not Acceptable:

  • ❌ Selling illegal or prohibited goods
  • ❌ Operating unlicensed businesses
  • ❌ Tax evasion through false records
  • ❌ Counterfeit goods distribution
  • ❌ Credit card fraud

5.5 Communication and Marketing

Acceptable:

  • ✅ Legitimate business communications
  • ✅ Marketing to opted-in customers
  • ✅ Transactional emails and notifications
  • ✅ Customer support communications

Not Acceptable:

  • ❌ Spam or unsolicited bulk email
  • ❌ Misleading or deceptive marketing
  • ❌ Violating anti-spam laws
  • ❌ Phishing or social engineering
  • ❌ Purchasing email lists and mass mailing

6. Content Standards

6.1 User Content Responsibility

You are solely responsible for:

  • Content you upload, create, or transmit
  • Ensuring content complies with laws
  • Having rights and permissions for content
  • Accuracy and legality of data entered

6.2 Content We May Remove

We reserve the right to remove content that:

  • Violates this Policy
  • Infringes intellectual property rights
  • Is illegal or harmful
  • Violates third-party rights
  • Presents security risks
  • Violates our Terms of Service

6.3 Content Backup

While we maintain backups:

  • You're responsible for your own backups
  • We may delete data per our policies
  • Data loss may occur due to violations
  • Export data regularly

7. Resource Usage and Performance

7.1 Fair Use

  • Use Services reasonably and fairly
  • Don't monopolize shared resources
  • Respect system capacity limits
  • Scale usage appropriately with subscription tier

7.2 Resource Limits

We may impose limits on:

  • Storage: Per subscription tier
  • API Calls: Rate limiting to prevent abuse
  • Bandwidth: Fair usage policies apply
  • Concurrent Users: Based on license type
  • Database Queries: To protect performance

7.3 Performance Impact

You must NOT:

  • Run processes that degrade service performance
  • Execute excessively large queries repeatedly
  • Generate artificial load for testing without permission
  • Consume disproportionate resources

8. Account and Access Security

8.1 Account Security Obligations

You MUST:

  • Use strong, unique passwords
  • Enable multi-factor authentication (where available)
  • Keep credentials confidential
  • Monitor account activity
  • Report suspicious activity immediately
  • Log out from shared devices
  • Update security information regularly

8.2 Prohibited Security Practices

You may NOT:

  • Share accounts among unauthorized users
  • Use another person's account without permission
  • Attempt to access other users' data
  • Bypass authentication mechanisms
  • Use automated credential stuffing
  • Share API keys or access tokens publicly

9. Third-Party Services and Integrations

9.1 Integration Responsibility

When integrating third-party services:

  • ✅ Ensure third parties comply with their own policies
  • ✅ Verify you have rights to integrate
  • ✅ Monitor integrated services for abuse
  • ✅ Report integration issues to us

9.2 API Usage

When using our APIs:

  • ✅ Follow API documentation and limits
  • ✅ Use APIs for intended purposes
  • ✅ Respect rate limits and throttling
  • ✅ Implement proper error handling
  • ❌ Don't abuse or overload APIs
  • ❌ Don't circumvent API restrictions
  • ❌ Don't share API keys insecurely

10. Reporting and Enforcement

10.1 Reporting Violations

Report suspected violations:

  • Email: [email protected]
  • Subject: "AUP Violation Report"
  • Include: Details, evidence, affected parties

What to report:

  • Security breaches or vulnerabilities
  • Illegal activity
  • Abuse of services
  • Terms of Service violations
  • Harmful content

10.2 Investigation Process

When violations reported:

  1. Acknowledgment: Within 24-48 hours
  2. Investigation: Review evidence and logs
  3. Determination: Assess if violation occurred
  4. Action: Take appropriate enforcement measures
  5. Communication: Notify relevant parties

10.3 Enforcement Actions

Warning:

  • First-time minor violations
  • Unintentional breaches
  • Warning email sent
  • Explanation of violation
  • Requirement to cease activity

Service Suspension:

  • Repeat violations
  • Moderate severity violations
  • Immediate if posing security risk
  • Access temporarily disabled
  • Reinstatement upon compliance

Account Termination:

  • Severe or repeat violations
  • Illegal activities
  • Security threats
  • Permanent account closure
  • No refund of fees
  • Data deletion per policy

Legal Action:

  • Criminal activity
  • Significant harm caused
  • Intellectual property violations
  • Referral to law enforcement
  • Civil litigation if warranted

10.4 Appeal Process

If you believe enforcement action was in error:

  1. Email: [email protected]
  2. Include: Account details, explanation, evidence
  3. Review: We review within 5 business days
  4. Decision: Uphold, modify, or reverse action
  5. Final: Our decision is final

11. Monitoring and Compliance

11.1 Our Monitoring Rights

We reserve the right to:

  • Monitor service usage and activity
  • Review content for compliance (when legally permitted)
  • Analyze logs and system performance
  • Investigate suspicious activity
  • Audit accounts for policy compliance
  • Use automated tools to detect violations

We do NOT:

  • Routinely review private communications
  • Access Your Data without cause
  • Monitor content unnecessarily

11.2 Cooperation with Authorities

We will cooperate with:

  • Law enforcement investigations
  • Court orders and subpoenas
  • Regulatory inquiries
  • Legal obligations
  • Protection of rights and safety

11.3 Transparency

We strive to be transparent about:

  • Policy enforcement
  • Government requests (where legally allowed)
  • Service disruptions due to violations
  • Changes to this Policy

12. Consequences of Violations

12.1 Immediate Consequences

Violations may result in:

  • Immediate service suspension
  • Account termination
  • Data deletion
  • Loss of access to Services
  • Forfeiture of fees paid
  • Reporting to authorities

12.2 Legal Consequences

Serious violations may lead to:

  • Criminal prosecution
  • Civil lawsuits
  • Damages claims
  • Injunctive relief
  • Seizure of assets (illegal proceeds)

12.3 Reputational Consequences

  • Permanent ban from Services
  • Public disclosure of violations (where appropriate)
  • Notification to affected parties
  • Industry blacklisting for serious violations

13. Modifications to This Policy

13.1 Right to Modify

We may update this Policy:

  • To reflect new threats or services
  • To comply with legal changes
  • To improve clarity
  • Based on user feedback

13.2 Notice of Changes

Material Changes:

  • 30 days' notice via email
  • Prominent website notice
  • Updated "Last Updated" date

Non-Material Changes:

  • Posted on website
  • Effective immediately

13.3 Continued Use

Continued use of Services after changes constitutes acceptance of updated Policy.

14. Disclaimer and Limitation

14.1 Best Efforts

We make best efforts to:

  • Prevent abuse of Services
  • Enforce this Policy fairly
  • Protect all users

However:

  • We cannot prevent all violations
  • We're not liable for user actions
  • Enforcement is at our discretion

14.2 No Liability

We are not responsible for:

  • User violations of this Policy
  • Harm caused by user activities
  • Third-party actions
  • Content uploaded by users
  • Losses due to Policy enforcement

15. International Considerations

15.1 Multi-Jurisdictional Compliance

Users must comply with:

  • Laws of their country
  • Ugandan laws
  • East African Community regulations
  • International laws (where applicable)

15.2 Export Controls

  • Respect export control laws
  • Don't use Services in embargoed countries
  • Don't use for prohibited end-users or purposes
  • Comply with sanctions and restrictions

15.3 Data Protection

  • Comply with local data protection laws
  • Respect cross-border data transfer rules
  • Follow sector-specific regulations (healthcare, education, finance)

16. Special Provisions

16.1 Minors

  • Services not intended for minors under 18
  • Parental/guardian consent required
  • Special protections for educational use
  • Report exploitation immediately

16.2 Government and Public Sector Use

  • Additional regulations may apply
  • Comply with procurement rules
  • Follow government IT policies
  • Classified or sensitive data restrictions

16.3 Regulated Industries

Healthcare:

  • Comply with medical privacy laws
  • Maintain professional licensure
  • Follow healthcare regulations

Finance:

  • Comply with anti-money laundering (AML) laws
  • Follow know-your-customer (KYC) requirements
  • Adhere to financial regulations

Education:

  • Protect student privacy
  • Comply with educational standards
  • Follow child protection laws

17. Best Practices

17.1 Security Best Practices

  • ✅ Keep software and devices updated
  • ✅ Use antivirus and security software
  • ✅ Be cautious with email links and attachments
  • ✅ Verify sources before sharing data
  • ✅ Regularly review account activity
  • ✅ Educate team members on security

17.2 Ethical Use

  • ✅ Use Services honestly and transparently
  • ✅ Respect competitors and partners
  • ✅ Honor commitments and agreements
  • ✅ Contribute positively to community
  • ✅ Report issues responsibly

17.3 Data Hygiene

  • ✅ Maintain accurate records
  • ✅ Delete unnecessary data
  • ✅ Backup important information
  • ✅ Organize data properly
  • ✅ Secure sensitive information

18. Questions and Support

18.1 Policy Questions

Email: [email protected]
Subject: "AUP Question"

18.2 Abuse Reporting

Email: [email protected]
Subject: "AUP Violation Report"
Include: Details, evidence, urgency level

18.3 General Support

Email: [email protected]
Phone: +256 763 414937
Hours: Monday-Friday, 8 AM - 6 PM EAT

19. Related Policies

This Policy works in conjunction with:

In case of conflict, Terms of Service prevail.

20. Acknowledgment

By using Gestlat ThinkLab Services, you acknowledge that:

  1. You have read and understood this Policy
  2. You agree to comply with all provisions
  3. You understand consequences of violations
  4. You will use Services responsibly and legally

Failure to comply may result in immediate service termination and legal action.

Last Updated: December 17, 2025
Effective Date: December 17, 2025
Version: 1.0

Contact Information:

Gestlat ThinkLab
Address: Kampala, Kampala, Uganda
Website: www.gestlatthinklab.com
Email: [email protected]
Abuse Email: [email protected]
Legal Email: [email protected]

This Acceptable Use Policy is available in English, French (Français), and Arabic (العربية). The English version is authoritative in case of discrepancies.

Stay Updated

Get the latest insights on data, technology, and digital transformation in Africa.

Your experience on this site will be improved by allowing cookies.