Policy

Responsible Use

Last updated: May 28, 2026.

ValidationOS is designed to help one founder validate one idea responsibly. It is not a cold-outreach automation tool, a scraper, or a people-search engine. This guidance is written in plain language and is not formal legal advice; consult an attorney for jurisdiction-specific obligations.

No social platform scraping

Do not use ValidationOS to scrape LinkedIn, X/Twitter, Facebook, Instagram, TikTok, Reddit, Discord, Slack, or any other social platform whose terms prohibit automated access.
Do not enter prospect lists obtained by violating a social platform's terms of service.

No bypassing robots.txt, CAPTCHAs, logins, or paywalls

Public-page fetching respects each site's robots.txt. Do not attempt to work around it.
Do not use the app to defeat CAPTCHAs, sign-in walls, paywalls, rate limits, IP blocks, or any other access control.
Do not feed scraped or pirated content into the workspace and then ask the model to repackage it.

Network safety

ValidationOS rejects private/internal network targets and unsafe redirects. User-supplied URLs are checked against loopback, private RFC 1918, link-local, and cloud-metadata ranges (including 169.254.169.254) before any request is made.
DNS resolution is verified server-side before fetching so that hostnames that resolve to private IPs are also blocked (defence against DNS rebinding).
HTTP redirects are followed manually with a limit of three hops. Each redirect target is re-checked for safety before being followed. HTTPS → HTTP downgrades and redirects to blocked domains are rejected.

No automated outreach

ValidationOS does not send messages on your behalf and has no integration that does. Outreach drafts exist to be reviewed, edited, and sent by you through your own tools.
Do not pipe ValidationOS output into an external mailer or bot to blast prospects. That defeats the purpose of the product and is out of scope.

Human review is required

Every prospect, every research summary, every decision memo, and every outreach draft must be reviewed by you before it leaves the app.
Treat AI-generated artifacts as drafts and hypotheses, not as facts. Verify any specific claim about a real person or company before acting on it.

Respect opt-outs

If a prospect asks not to be contacted — by email, by reply, by form, or by any channel — stop contacting them and mark the prospect accordingly in the workspace.
Honor unsubscribe requests promptly. Maintain your own suppression list outside the tool if your jurisdiction requires it.

Use public business data responsibly

Public business information (company sites, public role pages, public posts) may be researched for validation purposes. Do not aggregate it into surveillance profiles of individuals.
Do not store special-category personal data (health, biometric, political, religious, sexual orientation, etc.) in prospect records.
Cite and attribute sources when you reuse evidence in external documents shared with others.

Cold email compliance

You are responsible for complying with the cold-email and anti-spam laws that apply to you and to your prospects, including CAN-SPAM (US), CASL (Canada), GDPR / PECR (EU/UK), and similar regimes elsewhere.
Include an identifiable sender, a real reply path, a working opt-out, and accurate subject lines in any message you send. Maintain a lawful basis for contacting business prospects in jurisdictions that require one.
ValidationOS does not pre-clear messages for legal compliance. When in doubt, consult counsel.

Delete or reject candidates that are not relevant

Discovery runs can surface candidate companies and contacts that are off-target. Reject or delete those promptly rather than letting them sit in the workspace.
If you import a CSV and decide a row should not have been imported, remove it. Minimizing stored personal data is good hygiene and reduces your obligations.

Reporting abuse or asking questions

If you believe ValidationOS is being used against this policy, or you have a question about responsible use, contact support@validate-os.com.

← Back to home