What you can and can't do on Debutap.

Three rules that decide everything else:

1. Don't break the law — in India, where you operate, or where your visitors and customers are.
2. Don't harm other people.
3. Don't harm the integrity of Debutap or the people running it.

If a situation isn't explicitly listed below, fall back to these three.

You may not publish, link to, or distribute through Debutap any content that:

• Is illegal in India or in any jurisdiction where the content is published or accessed.
• Sexually exploits or endangers minors, or is otherwise child sexual abuse material (CSAM). We report CSAM to the National Center for Missing & Exploited Children (NCMEC) or the equivalent authority and to law enforcement.
• Promotes, glorifies, or incites violence, terrorism, mass casualty events, suicide, or self-harm.
• Promotes or facilitates hate based on race, ethnicity, national origin, caste, religion, sex, gender identity, sexual orientation, disability, or any other protected characteristic.
• Harasses, threatens, stalks, defames, or impersonates a real person without consent.
• Doxxes a person — publishing non-public personal data (home address, phone, financial information) without consent.
• Infringes a third party's intellectual property, trade marks, publicity rights, or moral rights.
• Misleadingly impersonates a brand, business, or public figure.
• Is sexually explicit (legal in many places but not allowed on Debutap), including content marketed to adults under deceptive or non-consensual conditions.
• Advertises or promotes regulated goods/services (drugs, firearms, gambling, financial instruments, prescription medicines, alcohol, tobacco) outside the scope of applicable licensing in the jurisdictions you operate.
• Promotes pyramid schemes, multi-level marketing programmes the sole purpose of which is recruitment, or other deceptive financial structures.
• Contains malware, phishing pages, deceptive forms, drive-by downloads, or other security-harmful payloads.

You may not use Debutap to:

• Send unsolicited bulk messages (spam) — see the Anti-spam section.
• Carry out, distribute, or facilitate denial-of-service (DoS / DDoS) attacks, port scans, brute-force attacks, or other unauthorised security testing against us or any third party.
• Probe or circumvent our authentication, rate-limiting, or access-control mechanisms.
• Use the Service to mine cryptocurrency, run distributed compute, or otherwise misappropriate compute resources.
• Scrape, crawl, or systematically harvest Debutap-hosted content beyond reasonable use — including the marketing site and public cards.
• Reverse-engineer, decompile, or extract our source code from the Service, except to the extent expressly permitted by law (e.g. for interoperability).
• Sublicense, resell, lease, or otherwise commercially redistribute the Service unless you are on the white-label / agency mode on the Business plan and within the limits of that programme.
• Misrepresent your identity or organisation, including the use of fake business names to acquire payment processing services.
• Process personal data without a valid lawful basis under your applicable privacy law.

Debutap email campaigns and WhatsApp messaging (where enabled in V2+) are powerful tools that get throttled fast when abused. Anti-spam rules:

• Send only to contacts who have opted in or have a clear pre-existing business relationship with you (a soft opt-in). Don't buy or scrape email lists.
• Every email must include a working unsubscribe link in the footer. We add one automatically; don't hide it.
• Don't use deceptive subject lines, "Re:" or "Fwd:" prefixes on unsolicited messages, or misleading sender names.
• Include your legal business name and a postal address in commercial emails (CAN-SPAM, CASL, EU and India e-commerce rules).
• Honour unsubscribe requests within 10 days (CAN-SPAM); promptly within 48 hours where local law requires faster (e.g. some EU member states).
• For WhatsApp, comply with WhatsApp Business Platform policies, the User Acquisition Policy, and template-message rules. Don't send marketing messages to users who haven't opted in.
• Bounce rate over 5% or complaint rate over 0.1% may trigger account-level rate limiting and review.

• Don't create multiple accounts to evade plan limits or to bypass a previous suspension.
• Don't exploit the 14-day refund policy serially — one refund per individual or organisation; we may treat patterns as fraud.
• Don't use the Service to compete with Debutap by building a substantially similar product on top of our infrastructure.
• Don't use referral or affiliate programmes (when introduced) in ways that violate the programme's spirit (self-referrals, fake accounts, coordinated abuse).

When you use Debutap to collect personal data from your own customers — inquiries, orders, bookings, newsletter sign-ups — you are the controller and we are your processor. Your obligations include:

• Having a lawful basis under GDPR/UK GDPR (consent, contract, etc.) or DPDP (notice + consent) to collect that data.
• Showing a privacy notice to your visitors before collecting personal data.
• Honouring data-subject rights (access, deletion, etc.) your customers exercise against you. Debutap will help via the dashboard.
• Not using collected data for purposes outside what you disclosed to your customers.

See content on Debutap that breaks this policy? Tell us:

• Spam and phishing: [email protected]
• Copyright infringement: [email protected] (we honour valid DMCA-style takedown notices and counter-notices)
• Trademark complaints: [email protected]
• Security issues and vulnerabilities: [email protected]
• Anything else: [email protected]

Please include the URL or username of the offending content, what rule you believe was broken, and (where relevant) evidence such as screenshots.

1. Notice and cure for first-time minor breaches. We email the customer, ask for the issue to be fixed within a defined window, and follow up.
2. Content removal for clear breaches. We may remove the specific content without removing the account.
3. Temporary suspension for repeat or moderate breaches. The customer keeps access to their data but the Service is paused.
4. Termination for severe or repeat breaches — illegal content, CSAM, repeated spam, security attacks. No refund of prepaid balance for the period of termination.
5. Legal escalation for criminal conduct. We cooperate with valid law-enforcement requests and preserve evidence where appropriate.

If your account or content has been actioned, you can appeal by emailing [email protected] within 30 days of the action. Include your account email, what was actioned, and why you believe the decision was wrong. A human will review and respond within 5 business days.