Acceptable Use Policy

Last updated: 2026-05-06 · Forms part of our Terms of Service.

Plain-English summary. Prospera is a B2B prospecting tool. You can use the data you find through it to reach UK businesses for legitimate sales, marketing or partnership purposes — provided you do so lawfully (UK GDPR, PECR, the Telephone Preference Service rules etc.). You cannot use it for spam, scraping competitors, building a rival product, harassing individuals, or anything illegal. If you do, we'll suspend your account.

1. What you can do

Use the Service to identify and qualify UK B2B prospects for your own business.
Export data (within your plan limits) for use in your own CRM or outreach tools.
Contact prospects you've identified — provided your outreach complies with UK GDPR, PECR, and any sector-specific rules (e.g. FCA, regulated-call rules).
Build internal automations against our API using the keys we issue you.

2. What you must not do

2.1 Misuse of the Service or data

Sell, rent, sub-license or redistribute the data we provide to third parties as a data product. The data is for use within your own business.
Use the data to train, build or improve a competing product (lead-intelligence platform, database, ML model, scraping engine, B2B contact directory, or similar).
Reverse-engineer, decompile, or attempt to extract our source code, models or algorithms.
Bypass plan limits via multiple accounts, shared credentials, automated scraping of our UI, or any other circumvention.
Exceed published rate limits on our API.
Resell access to your account or share your API key publicly.

2.2 Unlawful or harmful outreach

Send spam, unsolicited bulk email, or any communication that violates UK GDPR, PECR, the CAN-SPAM Act, or equivalent law in the recipient's jurisdiction.
Make unsolicited marketing calls to UK numbers without screening against the Telephone Preference Service (TPS) and the Corporate TPS (CTPS) where applicable.
Send marketing texts without prior opt-in consent from the recipient.
Harass, intimidate, threaten, or impersonate any individual.
Use the Service for fraud, money laundering, identity theft, phishing, or any attempt to deceive the recipient.
Collect data on individuals to discriminate against them on protected grounds (age, race, sex, disability, religion, sexual orientation, etc.).
Process the data in a way that is unlawful in the country where you are operating or where the data subjects are located.

2.3 Honouring data-subject rights

If a data subject contacts you exercising rights under UK GDPR (objection to processing, erasure, access etc.) you must act on their request promptly, in line with your own data-controller obligations.
If a data subject opts out of marketing from you, you must record that opt-out and not contact them again.
You agree not to re-purchase data on someone who has opted out.

2.4 Service abuse

Do not attempt to compromise the security of the Service or other tenants (penetration testing, denial-of-service, exploiting vulnerabilities, accessing data that isn't yours).
If you discover a vulnerability, disclose it to us responsibly at [email protected] before publishing.
Do not upload malware, viruses, or content that infringes intellectual-property rights.

3. Outreach standards we expect

The single biggest risk for users of B2B prospecting tools is using contact details obtained through us to send marketing that breaches PECR / GDPR. Rules of thumb:

Make outreach relevant to the recipient's role and company — generic blast emails are the easiest way to draw an ICO complaint.
Always include an unsubscribe link in marketing emails that works on first click, and honour the request immediately.
Always include the sender's company name, postal address and registered company number in any marketing email (UK Companies Act + ePrivacy / PECR).
If your email is sent to sole traders or partnerships, you generally need prior consent or "soft opt-in" — they are treated like consumers under PECR.
If your email is sent to limited companies / LLPs / public bodies, you can rely on legitimate interests, but must still allow opt-out and screen against your own suppression list.
Maintain a suppression list of addresses that have opted out and feed it into every campaign.
For phone outreach, screen against TPS / CTPS before calling.

4. Suspension & termination

If we receive credible evidence of policy abuse — for example, a complaint to the ICO traceable to your account, or scraping behaviour exceeding our rate limits — we reserve the right to:

Suspend your account for investigation;
Revoke API keys with immediate effect;
Terminate the account permanently in cases of serious or repeated breach;
Cooperate fully with regulatory investigations, subject to law.

Where we suspend an account, we will tell you the reason in writing within 5 business days unless prevented by law.

5. Reporting abuse

To report abuse of the Service by another user, or to flag a violation by an account holder you believe is using Prospera-derived data unlawfully, contact us at [email protected].

6. Changes

We may update this policy. Material changes will be notified by email to account holders. Continued use of the Service after a change constitutes acceptance.