Anti-Spam & Communications Policy

Effective Date: December 17, 2025
Last Updated: December 17, 2025

---

1. Introduction

This Anti-Spam & Communications Policy ("Policy") governs how Gestlat ThinkLab ("we," "us," or "Company") communicates with customers, users, and subscribers, and defines our commitment to responsible email practices and compliance with anti-spam regulations.

This Policy covers:

• Email communications from Gestlat ThinkLab
• SMS/text message communications
• Push notifications and in-app messages
• Phone calls and voicemail
• WhatsApp and other messaging platforms
• Newsletter and marketing communications

Our Commitment: We are committed to respecting your inbox and communication preferences. We comply with anti-spam laws in Uganda, East Africa, and internationally, including:

• Uganda Communications Act
• Kenya Information and Communications Act
• CAN-SPAM Act (USA)
• GDPR (EU)
• CASL (Canada)

---

2. Types of Communications

2.1 Transactional Communications (Non-Marketing)

These communications are necessary for service delivery and cannot be opted out of (except by closing your account):

Account and Service Management

• Account Creation: Welcome emails, account setup instructions
• Password Resets: Security-related communications
• Account Changes: Confirmation of profile updates, security alerts
• Subscription Changes: Confirmations of plan changes, renewals, cancellations

Billing and Payment

• Invoices and Receipts: Payment confirmations, billing statements
• Payment Issues: Failed payment notifications, payment reminders
• Subscription Renewals: Upcoming renewal notices, auto-renewal confirmations
• Refunds: Refund processing notifications

Product and Service Delivery

• Order Confirmations: Hardware purchases, software licenses
• Shipping Updates: Delivery status, tracking information
• License Delivery: Software activation keys, download links
• Access Credentials: Login information, temporary passwords

Support and Technical

• Support Tickets: Ticket updates, resolution notifications
• System Notifications: Service outages, maintenance windows, security alerts
• Product Updates: Critical security patches, mandatory updates
• Data Exports: Requested data download links

Legal and Compliance

• Policy Updates: Changes to Terms of Service, Privacy Policy, etc.
• Legal Notices: Compliance requirements, regulatory communications
• Security Alerts: Data breach notifications, security incidents

Frequency: As needed based on account activity
Opt-Out: Not available (essential for service)

2.2 Marketing Communications (Promotional)

These communications promote our products and services and can be opted out of at any time:

Promotional Emails

• Product Announcements: New product launches, feature releases
• Special Offers: Discounts, promotions, seasonal sales
• Newsletters: Company updates, industry insights, blog posts
• Event Invitations: Webinars, workshops, conferences
• Product Recommendations: Personalized suggestions based on your usage

Educational Content

• Tips and Tutorials: How-to guides, best practices
• Case Studies: Customer success stories
• Webinars and Training: Educational opportunities
• Industry Reports: Market research, whitepapers

Surveys and Feedback

• Customer Satisfaction Surveys: Product feedback, NPS surveys
• Product Research: Feature requests, user experience research
• Beta Testing Invitations: New feature preview opportunities

Frequency:

• Newsletters: 2-4 times per month
• Promotional Emails: 1-2 times per week (maximum)
• Surveys: Quarterly or as needed

Opt-Out: Available at any time (see Section 6)

2.3 Service and Engagement Communications

These are optional communications that enhance your experience:

Product Usage

• Usage Tips: Feature highlights, productivity tips
• Milestone Celebrations: Account anniversaries, usage milestones
• Onboarding Guidance: Getting started tips, setup assistance
• Inactivity Reminders: Re-engagement emails for inactive users

Community and Social

• User Community Invitations: Forum participation, user groups
• Social Media Updates: Important announcements via social channels
• Partner Communications: Co-marketing messages from partners (with permission)

Frequency: 1-2 times per month
Opt-Out: Available in preferences

---

3. Consent and Permission

3.1 How We Obtain Consent

Explicit Consent (Opt-In)

We obtain your explicit consent when you:

• ✅ Check a box during account registration (unchecked by default)
• ✅ Subscribe to our newsletter via website form
• ✅ Request information or download resources
• ✅ Register for events or webinars
• ✅ Participate in promotions or contests
• ✅ Update communication preferences to opt-in

Implied Consent (Soft Opt-In)

We may send marketing communications based on implied consent when:

• ✅ You purchased or trialed our products/services
• ✅ You inquired about our services within last 6 months
• ✅ You have existing business relationship with us

Requirements for Implied Consent:

• Must be relevant to products/services you've shown interest in
• Must provide easy opt-out in every message
• Ceases if you opt-out or show no engagement

3.2 What Constitutes Consent

Valid consent requires:

• Freely Given: No coercion or bundling with services
• Specific: Clear what you're consenting to
• Informed: Know what communications you'll receive
• Unambiguous: Clear affirmative action required

NOT Valid Consent:

• Pre-checked boxes
• Inactivity or silence
• Purchased email lists
• Third-party provided lists (without verification)

3.3 Consent Management

We record:

• When consent was given
• How consent was obtained
• What you consented to
• IP address and timestamp (for verification)

You can:

• Review your consent at any time
• Modify communication preferences
• Withdraw consent instantly

---

4. Email Best Practices

4.1 Identification and Transparency

All our emails include:

• ✅ Clear "From" Name: "Gestlat ThinkLab" or specific product name
• ✅ Valid "From" Address: @gestlatthinklab.com domain
• ✅ Accurate Subject Lines: No deceptive or misleading subjects
• ✅ Physical Address: Our business address in Uganda
• ✅ Clear Identification: Who we are and why we're emailing

We NEVER:

• ❌ Use misleading subject lines
• ❌ Hide or disguise our identity
• ❌ Use deceptive headers or routing information
• ❌ Imply false affiliations

4.2 Content Standards

Our emails:

• ✅ Are relevant to your interests or account activity
• ✅ Provide value (information, offers, updates)
• ✅ Are professional and respectful in tone
• ✅ Have clear calls-to-action
• ✅ Are mobile-responsive and accessible

We avoid:

• ❌ Excessive frequency (email fatigue)
• ❌ Irrelevant content
• ❌ Aggressive or pushy language
• ❌ ALL CAPS or excessive punctuation!!!
• ❌ Misleading or false claims

4.3 Deliverability and Technical Standards

We implement:

• SPF (Sender Policy Framework): Validates sending servers
• DKIM (DomainKeys Identified Mail): Email authentication
• DMARC (Domain-based Message Authentication): Email security
• List Hygiene: Regular removal of bounced/invalid addresses
• Engagement Tracking: Monitor and respect engagement levels
• Complaint Monitoring: Track and respond to spam complaints

---

5. Communication Frequency

5.1 Expected Frequency by Type

Communication Type	Typical Frequency	Maximum Frequency
Transactional	As needed	Unlimited (necessary)
Marketing Newsletters	2-4 per month	1 per week
Promotional Offers	1-2 per month	2 per week
Product Updates	1-2 per month	1 per week
Educational Content	2-4 per month	2 per week
Surveys	Quarterly	1 per month
Re-engagement	As needed	1 per quarter

Overall Marketing Limit: Maximum 2-3 marketing emails per week during peak periods (promotions, launches).

5.2 Frequency Management

We manage frequency by:

• Preference Center: Granular control over email types
• Engagement Monitoring: Reduce frequency for inactive users
• Smart Sending: Avoid multiple emails on same day
• Suppression Lists: Honor do-not-contact requests immediately

5.3 Reducing Email Volume

If receiving too many emails:

1. Update Preferences: Choose specific email types
2. Digest Options: Receive weekly digest instead of individual emails
3. Pause Communications: Temporarily stop marketing emails (3-6 months)
4. Unsubscribe: Completely opt-out of marketing

---

6. Opt-Out and Unsubscribe

6.1 Easy Unsubscribe Mechanism

Every marketing email includes:

• Unsubscribe Link: One-click unsubscribe in footer
• Preference Center Link: Manage specific email types
• Clear Instructions: How to opt-out

Location: Bottom of every marketing email

Process:

1. Click "Unsubscribe" link
2. Confirm on unsubscribe page (or instant one-click)
3. Receive confirmation email
4. Removal processed immediately (up to 48 hours)

6.2 Unsubscribe Timeframe

Processing Time:

• Immediate: Most unsubscribes processed instantly
• Maximum: 48 hours (2 business days)
• Already Scheduled: Emails scheduled before unsubscribe may still send

6.3 Alternative Opt-Out Methods

You can also unsubscribe via:

• Email: [email protected] with "Unsubscribe" in subject
• Account Settings: Update preferences in your account portal
• Reply: Reply to any marketing email with "UNSUBSCRIBE"
• Phone: Call support and request removal
• Written Request: Mail to our physical address

6.4 Partial Opt-Out (Preferences)

Instead of complete unsubscribe, you can:

• Opt-out of specific email types (newsletters only, promotions only)
• Reduce frequency (weekly digest instead of daily)
• Choose topics of interest
• Pause temporarily

Access Preference Center: Link in every email or via account settings

6.5 What Happens After Unsubscribe

You will NO LONGER receive:

• ❌ Marketing emails
• ❌ Newsletters
• ❌ Promotional offers
• ❌ Product announcements
• ❌ Event invitations

You WILL STILL receive:

• ✅ Transactional emails (invoices, receipts)
• ✅ Service notifications (outages, security)
• ✅ Support communications (ticket updates)
• ✅ Legal notices (policy changes)
• ✅ Account security alerts

Re-Subscription:

• You can re-subscribe anytime via website or email preferences
• Requires new opt-in action

---

7. SMS/Text Messaging

7.1 SMS Communications We Send

Transactional SMS

• Account verification codes (2FA, OTP)
• Password reset codes
• Critical security alerts
• Payment confirmations
• Delivery notifications (hardware orders)

Marketing SMS (Opt-In Required)

• Special promotions and offers
• Event reminders
• Product launch alerts
• Flash sales

7.2 SMS Consent

Explicit Opt-In Required:

• Cannot send marketing SMS without your express consent
• Consent obtained via website form, SMS keyword, or account settings
• Must provide clear terms at opt-in (frequency, message rates)

Standard Terms:

• Message frequency varies by campaign
• Message and data rates may apply
• Carriers not liable for delayed or undelivered messages

7.3 SMS Opt-Out

To Stop SMS:

• Reply STOP, UNSUBSCRIBE, or QUIT to any marketing SMS
• Processed immediately
• Receive confirmation SMS

Help:

• Reply HELP for assistance
• Receive information on how to contact support

7.4 SMS Best Practices

We:

• ✅ Send during reasonable hours (8 AM - 8 PM recipient's timezone)
• ✅ Limit frequency (max 4 marketing SMS per month)
• ✅ Keep messages concise and valuable
• ✅ Include sender identification
• ✅ Provide opt-out in every message

---

8. Push Notifications and In-App Messages

8.1 Mobile and Web Push Notifications

Types:

• Transactional: Order updates, sync status, security alerts
• Engagement: Usage tips, new features, reminders
• Marketing: Special offers, product announcements (opt-in)

Permission:

• Requested at app install or first use
• Can be managed in device settings
• Can be customized in app settings

8.2 In-App Messages

Types:

• Onboarding: Getting started tips, feature tours
• Contextual Help: Tips based on current activity
• Announcements: New features, updates
• Feedback: Surveys, ratings prompts

Management:

• Can be dismissed
• Frequency controlled to avoid annoyance
• Relevant to your usage

8.3 Controlling Push Notifications

Device Level:

• iOS: Settings → Notifications → Gestlat App
• Android: Settings → Apps → Gestlat App → Notifications

App Level:

• In-app Settings → Notifications
• Choose notification types
• Set quiet hours

---

9. Phone and WhatsApp Communications

9.1 Phone Calls

When We Call:

• You requested a consultation or callback
• Follow-up on support tickets (with permission)
• Account verification (suspected fraud)
• Enterprise customer check-ins (account managers)

We Do NOT:

• Make unsolicited cold calls for sales
• Call outside business hours (8 AM - 8 PM EAT)
• Call repeatedly if you don't answer
• Use automated robocalls (except appointment reminders with consent)

Your Opt-Out:

• Request no-call status in account preferences
• Tell representative during call
• Email: [email protected]

9.2 WhatsApp and Messaging Apps

Uses:

• Customer support (if you initiate)
• Order and delivery updates (with consent)
• Appointment reminders (with consent)
• Event confirmations (with consent)

Consent Required:

• We ask permission before sending WhatsApp messages
• Opt-in via website, account settings, or reply to initial message
• Opt-out: Reply "STOP" or update preferences

---

10. Third-Party Communications

10.1 Partner Marketing

When We Share Your Information:

• NEVER without your explicit consent
• Only with trusted partners offering relevant services
• Always provide opt-out option

When Partners May Contact You:

• You attended co-hosted webinar or event
• You opted-in to partner offers
• You purchased partner-integrated product

Your Control:

• Separate consent for each partner
• Opt-out affects only that partner
• Does not affect Gestlat communications

10.2 Third-Party Services We Use

Email Service Providers:

• We use reputable email platforms for delivery
• They process data under strict agreements
• They do not use your data for their purposes

Analytics and Tracking:

• Email open and click tracking (anonymized where possible)
• Can opt-out via email preferences
• Used to improve content and relevance

---

11. Data and Privacy

11.1 Information We Collect

For Communications:

• Email address, phone number (if provided)
• Name and company information
• Communication preferences
• Engagement data (opens, clicks)
• Device and browser information

Usage:

• Deliver communications you've requested
• Personalize content
• Measure effectiveness
• Improve services
• Comply with legal requirements

See our Privacy Policy for full details.

11.2 Data Security

We protect your information with:

• Encryption in transit and at rest
• Access controls (need-to-know basis)
• Regular security audits
• Secure email transmission (TLS)
• Data minimization practices

11.3 Data Retention

Contact Information:

• Active subscribers: Retained indefinitely
• Unsubscribed: Retained in suppression list (to honor opt-out)
• Inactive (3 years): May be deleted

Engagement Data:

• Retained for 2 years for analytics
• Aggregated data retained longer

---

12. Compliance and Enforcement

12.1 Anti-Spam Laws We Comply With

Uganda:

• Uganda Communications Act
• Data Protection and Privacy Act, 2019

Regional:

• Kenya Information and Communications Act
• Tanzania Electronic and Postal Communications Act
• EAC data protection frameworks

International:

• CAN-SPAM Act (USA)
• GDPR (European Union)
• CASL (Canada)
• PECR (UK)

12.2 Consequences of Non-Compliance

If we violate anti-spam laws:

• Regulatory fines and penalties
• Legal action from affected parties
• Damage to reputation and trust
• Service provider blacklisting

We take compliance seriously.

12.3 Using Our Services for Spam

Prohibited: You may NOT use our Services to:

• ❌ Send unsolicited bulk email (spam)
• ❌ Harvest email addresses
• ❌ Purchase or rent email lists
• ❌ Violate anti-spam laws
• ❌ Send emails without proper consent

Consequences:

• Immediate account suspension
• Account termination
• Reporting to authorities
• Legal action

See our Acceptable Use Policy for details.

---

13. Best Practices for Users

13.1 Using Our Email Features Responsibly

If you use our software to send emails (e.g., from POS, school systems):

Do:

• ✅ Obtain proper consent from recipients
• ✅ Provide clear opt-out mechanism
• ✅ Honor unsubscribe requests promptly
• ✅ Send relevant, valuable content
• ✅ Comply with applicable laws

Don't:

• ❌ Send unsolicited bulk emails
• ❌ Use purchased email lists
• ❌ Make false or misleading claims
• ❌ Hide your identity
• ❌ Ignore unsubscribe requests

13.2 Managing Your Own Mailing Lists

Best Practices:

• Build organic lists (earned permission)
• Use double opt-in when possible
• Regularly clean lists (remove bounces, inactive)
• Segment lists for relevance
• Monitor engagement and adjust
• Test emails before sending

---

14. Reporting and Complaints

14.1 Report Spam or Abuse

If you receive spam from Gestlat ThinkLab:

1. Verify: Ensure it's actually from us (@gestlatthinklab.com domain)
2. Report: [email protected] with email headers
3. Unsubscribe: Use unsubscribe link if legitimate but unwanted

If you receive spam from our customer:

1. Contact them directly to unsubscribe
2. Report to: [email protected] (we'll investigate)

14.2 Our Response to Reports

We will:

• Investigate within 48 hours
• Take corrective action if confirmed
• Notify you of outcome
• Update systems to prevent recurrence

If Our Customer Violates:

• Warning and required corrective action
• Service suspension for repeat violations
• Account termination for serious violations

14.3 Filing a Complaint with Authorities

If unsatisfied with our response:

• Uganda: Uganda Communications Commission (UCC)
• Regional Authorities: Respective national regulators
• International: Relevant authority in your jurisdiction

---

15. Modifications to This Policy

15.1 Updates and Changes

We may update this Policy to:

• Reflect new communication channels
• Comply with legal changes
• Improve clarity
• Add new services

15.2 Notice of Changes

Material Changes:

• 30 days advance notice via email
• Posted on website with updated date
• Prominent notice in communications

Non-Material Changes:

• Posted on website
• Effective upon posting

15.3 Your Options

If you disagree with changes:

• Update communication preferences
• Unsubscribe from marketing
• Close account (if changes fundamentally alter agreement)

---

16. Contact Us

16.1 Communications Team

General Inquiries:

• Email: [email protected]
• Phone: +256 763 414937

Unsubscribe Requests:

• Use link in emails (fastest)
• Email: [email protected]

Preference Management:

• Account portal: gestlatthinklab.com/account/preferences
• Email: [email protected]

Spam Reports:

• Email: [email protected]
• Include: Full email headers, date received

Opt-Out Requests (All Channels):

• Email: [email protected]
• Specify: Which channels (email, SMS, phone, all)

16.2 Mailing Address

Gestlat ThinkLab
Kampala
Kampala, Uganda

---

17. Summary of Your Rights

You Have the Right To:

• ✅ Know what communications you'll receive before opting in
• ✅ Opt-out of marketing communications at any time
• ✅ Update your communication preferences
• ✅ Choose which types of emails you receive
• ✅ Expect reasonable communication frequency
• ✅ Receive only relevant, valuable content
• ✅ Have your opt-out honored within 48 hours
• ✅ Not receive deceptive or misleading communications
• ✅ Access and correct your contact information
• ✅ File complaints with regulatory authorities

We Commit To:

• ✅ Respecting your communication preferences
• ✅ Making opt-out easy and effective
• ✅ Sending only relevant, valuable content
• ✅ Being transparent about who we are
• ✅ Complying with all anti-spam regulations
• ✅ Protecting your personal information
• ✅ Responding promptly to your requests

---

18. Acknowledgment

By providing your contact information to Gestlat ThinkLab, you acknowledge that:

1. You have read and understood this Policy
2. You consent to receive communications as described
3. You understand how to opt-out or manage preferences
4. You agree to our data practices as outlined

---

Last Updated: December 17, 2025
Effective Date: December 17, 2025
Version: 1.0

---

Quick Links:

• Unsubscribe from Emails
• Manage Email Preferences
• Privacy Policy
• Acceptable Use Policy
• Report Spam or Abuse

---

This Anti-Spam & Communications Policy is available in English, French (Français), and Arabic (العربية). The English version is authoritative in case of discrepancies.

---

Your Inbox. Your Rules. We Respect That.