Acceptable Use Policy

← Back to Home

1. General Scope

This Acceptable Use Policy ("AUP") governs the use of all services provided by KumbukTree, Inc. ("KumbukTree," "we," "us"), located at 3847 Peachtree Road NE, Suite 210, Atlanta, GA 30319. This policy applies to all clients, their staff members, and any authorized users of the KumbukTree platform.

KumbukTree is a B2B software-as-a-service platform serving licensed childcare centers and early education providers. Access to the platform is restricted to:

• Authorized childcare center administrators and directors
• Center staff members onboarded through the HR module
• Parents and guardians registered by center administrators during child enrollment

The platform is not a general-purpose email sending tool, marketing platform, or email service provider. It is purpose-built software that generates transactional notifications as a by-product of childcare operations.

2. Nature of Allowable Email Traffic

All outbound email generated by the KumbukTree platform is strictly transactional and operational. Allowable email types include:

• Attendance notifications — child check-in and check-out confirmations sent to authorized guardians
• Pickup verification alerts — notifications to guardians when an authorized person picks up a child
• Daily activity reports — summaries of meals, nap times, activities, and milestones
• Incident and health reports — alerts about injuries, illness, or health observations requiring parental attention
• Invoices and payment receipts — tuition billing documents, payment confirmations, and past-due reminders
• Staff schedule notifications — shift assignments, schedule changes, and coverage requests
• Compliance and licensing alerts — certification expiration reminders, licensing milestone notifications
• Account and security notices — email verification, password resets, two-factor authentication codes
• System maintenance notices — planned downtime windows and post-maintenance confirmations

Explicitly Prohibited Email Types

The following types of email are strictly prohibited on the KumbukTree platform and will result in immediate account action:

• ❌ Marketing emails, promotional campaigns, or advertising
• ❌ Newsletters, content digests, or editorial communications
• ❌ Cold outreach, prospecting, or sales emails
• ❌ Bulk announcements to non-enrolled or non-registered recipients
• ❌ Political, fundraising, or advocacy messages
• ❌ Any message sent to recipients who do not have a direct, verifiable relationship with a childcare center operating on our platform

3. Consent & Opt-In Requirements

All email recipients on the KumbukTree platform must have a verifiable, pre-existing relationship with a childcare center that uses our Service:

3.1 Parent / Guardian Recipients

• Added to the platform exclusively by center administrators during the child enrollment process
• Identity verified through government-issued documentation presented at enrollment
• Consent to transactional notifications is established through the enrollment agreement (contractual basis)
• Consent records are stored in the platform and available for audit

3.2 Staff Recipients

• Added to the platform by their employer (the childcare center) during employment onboarding
• Employment relationship verified by the center administrator
• Consent to operational notifications is established through employment terms

3.3 Never Permitted

• Purchased, rented, borrowed, or scraped email lists are never allowed
• Email addresses obtained through co-registration, contests, or third-party sources are not permitted
• Importing contacts from personal email address books, social media, or external databases is prohibited

3.4 Unsubscribe & Opt-Out

• All non-critical transactional emails include a List-Unsubscribe header and one-click unsubscribe link
• Unsubscribe requests are processed within 24 hours
• Safety-critical notifications (e.g., child incident alerts, pickup verification) cannot be unsubscribed from due to child safety requirements, but recipients are informed of this at enrollment
• Every email includes a link to our Privacy Policy

4. Zero Tolerance Spam Policy

KumbukTree maintains a zero-tolerance policy toward spam and unsolicited email. We enforce the following thresholds:

Metric	Threshold	Action
Spam complaint rate	> 0.1%	Immediate account suspension pending review
Bounce rate	> 5%	Account placed under review; sending may be throttled or suspended
Unsubscribe rate anomaly	Significant spike	Automated alert; manual review of sending patterns

Additional enforcement details:

• We monitor feedback loops (FBLs) from all major mailbox providers (Gmail, Outlook, Yahoo) in real time
• Complaint data is aggregated at the account level and reviewed daily
• Accounts exceeding thresholds are automatically suspended — no exceptions
• All outbound emails include List-Unsubscribe and List-Unsubscribe-Post headers as required by RFC 8058

5. Prohibited Content

Content transmitted through the KumbukTree platform must not contain:

• Unsolicited commercial messages (spam)
• Phishing attempts, social engineering, or credential harvesting
• Malware, viruses, trojans, or malicious attachments or links
• Content that is illegal under federal, state, or local law
• Defamatory, libelous, or harassing content
• Intellectual property that infringes third-party rights
• Deceptive or misleading subject lines
• Falsified sender identity or header information
• Content promoting illegal activities, violence, or discrimination
• Sexually explicit or pornographic material
• Content related to gambling, cryptocurrency trading, pharmaceuticals without prescription, weapons, or controlled substances

6. Email Authentication Standards

All outbound email from KumbukTree is authenticated using industry-standard protocols to protect deliverability and prevent spoofing:

• SPF (Sender Policy Framework): Published SPF records authorize only designated sending servers
• DKIM (DomainKeys Identified Mail): All outbound messages are cryptographically signed with a 2048-bit DKIM key
• DMARC (Domain-based Message Authentication, Reporting, and Conformance): Enforced at p=reject, ensuring unauthenticated messages are blocked by receiving servers
• Dedicated IP: Outbound transactional email is sent from a dedicated IP address to maintain sender reputation independence

7. Monitoring & Reporting

KumbukTree implements comprehensive monitoring to maintain email quality and compliance:

7.1 Automated Monitoring

• Real-time tracking of delivery rates, bounce rates, complaint rates, and unsubscribe rates
• Automated alerting when any metric approaches policy thresholds
• Volume anomaly detection: significant deviations from an account's historical sending pattern trigger automated review
• Content scanning: outbound messages are checked for patterns associated with spam or prohibited content

7.2 Manual Review

• Our operations team reviews flagged accounts within 4 business hours
• Quarterly audits of sending patterns across all active accounts
• Annual policy review and update cycle

7.3 Abuse Reporting

To report suspected abuse or policy violations, contact:

• Email: abuse@kumbuktree.com
• We acknowledge abuse reports within 24 hours and investigate within 48 hours

8. Enforcement

Violations of this AUP are enforced through a graduated response process:

1. Warning: For first-time minor violations, the account administrator receives a written warning with specific remediation requirements and a compliance deadline
2. Suspension: For repeated violations, threshold breaches, or moderate violations, the account's sending capability is suspended pending remediation
3. Termination: For severe violations (spam, phishing, malware distribution), or failure to remediate within the specified deadline, the account is permanently terminated
4. External Reporting: In cases of illegal activity (e.g., phishing, fraud), we will report the violation to relevant ISPs, blacklist operators, and law enforcement agencies
5. Legal Action: KumbukTree reserves the right to pursue legal remedies for violations that cause harm to our infrastructure, reputation, or other clients

9. Client Responsibility

Each client (childcare center) is responsible for:

• Ensuring that all users associated with their account comply with this AUP
• Maintaining accurate and current recipient data (guardian and staff contact information)
• Promptly removing contacts who are no longer enrolled, employed, or associated with the center
• Reporting any suspected misuse of their account to KumbukTree immediately
• Cooperating with any AUP investigation or compliance review
• Educating their staff on proper platform use and email practices

Clients who fail to meet these responsibilities may have their accounts reviewed, suspended, or terminated in accordance with Section 8.

10. Policy Updates

We may update this Acceptable Use Policy periodically. Material changes will be communicated to account administrators at least 30 days before they take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

11. Contact Information