ACCEPTABLE USE.

This Acceptable Use Policy ("AUP") governs how you may use Shop Commander. It exists to protect the platform, its users, and the customers those users serve. By using Shop Commander, you agree to follow these rules.

1. SMS & COMMUNICATION.

No spamming customers via SMS campaigns. All SMS messages sent through Shop Commander must be to customers who have provided opt-in consent. This means:

• You may send messages related to active repair orders, appointments, inspections, and estimates to customers who have provided their phone number for service communication
• You may send follow-up messages for declined services to existing customers
• You may not use Shop Commander to send unsolicited bulk marketing messages, cold outreach, or promotional blasts to purchased contact lists
• You must honor opt-out requests promptly

Violations of SMS consent rules can result in immediate suspension of messaging capabilities and may violate Canadian anti-spam legislation (CASL).

2. DATA INTEGRITY.

No storing illegal or fraudulent information. Shop Commander is a business tool for legitimate auto shop operations. You may not use the platform to store, process, or transmit information related to illegal activities, fraud, or deception.

3. DATA ISOLATION.

No attempting to access other shops' data. Shop Commander is a multi-tenant platform. Each shop's data is isolated. Any attempt to access, view, modify, or export data belonging to another shop is a serious violation and will result in immediate account termination. This includes attempting to exploit API endpoints, manipulate URLs, or use any other method to bypass tenant isolation.

4. PLATFORM INTEGRITY.

No reverse engineering or scraping. You may not reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of Shop Commander. You may not scrape, crawl, or use automated tools to extract data or content from the platform beyond what is available through normal use and the provided export features.

5. SYSTEM ABUSE.

No automated abuse or excessive API calls. You may not use bots, scripts, or automated tools to interact with Shop Commander in a way that degrades performance for other users. This includes but is not limited to:

• Excessive API requests that place unreasonable load on the system
• Automated account creation
• Denial-of-service attacks or attempts
• Stress testing or load testing without prior written authorization

6. AI FEATURES.

No using AI features to generate misleading or deceptive content for customers. Shop Commander's AI features (note cleanup, inspection summaries, follow-up messages) are designed to help you communicate clearly and professionally with your customers. You may not use these features to:

• Generate false or misleading repair recommendations
• Fabricate inspection findings or vehicle conditions
• Create deceptive communications designed to mislead customers about the condition of their vehicle or the necessity of repairs
• Impersonate individuals or organizations

7. ACCOUNT SHARING.

No sharing account credentials across shops to bypass multi-tenancy. Each Shop Commander account is for a single shop location. You may not share login credentials between separate shop businesses to avoid creating individual accounts. Team members within the same shop may have their own user accounts under the shop's account.

8. MALICIOUS CONTENT.

No uploading malware or malicious files. You may not upload viruses, trojans, worms, malware, or any other malicious code through file attachments, inspection photos, or any other upload mechanism in Shop Commander.

9. ENFORCEMENT.

Violation of this Acceptable Use Policy can result in suspension or termination of your Shop Commander account. We reserve the right to be the sole judge of what constitutes a violation of this policy. We'll make reasonable efforts to contact you about violations before taking action, except in cases where immediate action is necessary to protect the platform or other users.

If your account is terminated for a policy violation, you may request an export of your data within 30 days of termination.

10. REPORTING VIOLATIONS.

If you become aware of a violation of this policy, please report it to:

• Email: support@shopcommander.com
• Phone: 855.725.0000