Subscribe to GEN
Login to GEN
This Acceptable Use Policy (the “Policy”) sets out acceptable use of GEN’s services (the “Services”) by customers (“Customers”) and by users who access the Services through Customer accounts (“Users”). By using the Services, you acknowledge that you and your Users must comply with this Policy. You, as the Customer, are responsible for any breach of this Policy by any User who accesses the Services via your account(s), including, without limitation, Users to whom you provide services as a reseller. Whilst it is not our intent to control or monitor online experience or the content of online communications, we may edit, restrict, or remove content, or take other reasonable measures, where we consider it to violate this Policy or to be unlawful, harmful, or offensive.
This Policy forms part of, and is incorporated by reference into, the Framework Agreement between GEN and the Customer (the “Framework Agreement”). Capitalised terms used but not defined in this Policy have the meaning given in the Framework Agreement. If there is any conflict between this Policy and the Framework Agreement, the Framework Agreement shall prevail. “GEN” means the GEN Partnership at www.gen.uk and its group companies. The scope of this Policy includes, without limitation, GEN’s public and private networks and all equipment, systems, facilities, services, and products used in or connected to those networks.
This Policy helps protect the GEN Network, the Services, our Customers and Users, and the wider internet community from improper and/or illegal activity over public or private networks, and supports service quality and resilience. Where data communications traverse the networks of other internet service providers (ISPs), Users must also comply with the relevant acceptable use policies of those ISPs.
GEN may undertake proportionate monitoring, logging, auditing, or interception of network traffic strictly for the purposes of: (a) maintaining the security, integrity, and availability of the GEN Network and the Services; (b) preventing, detecting, investigating, or remediating misuse, fraud, or security incidents; and (c) complying with applicable law or the requirements of a competent authority. Such activities will be carried out in accordance with applicable law, including the UK General Data Protection Regulation and the Data Protection Act 2018, and (where relevant) the Investigatory Powers Act 2016. Unless prohibited by law or a competent authority, we will inform the Customer that auditing is taking place as soon as reasonably practicable. We will minimise access to personal data and will not retain personal data longer than necessary for the purposes above.
If any User engages in conduct that violates this Policy, or otherwise engages in unlawful or improper use of the Services, GEN may suspend and/or terminate the Services or the User’s access. Repeated violations, or a pattern of similar violations, may result in suspension or termination even if individual incidents are corrected. Where reasonably practicable, GEN will notify you and request remediation before taking action. However, where the operation or security of the GEN Network or the Services is threatened, or in cases involving, for example, unsolicited marketing communications, mail relaying, IP address spoofing, denial-of-service attacks, suspected fraud, harassment, or infringement, GEN may suspend or terminate without prior notice. Any action will be proportionate and taken in accordance with the Framework Agreement. Liability (if any) shall be limited as set out in the Framework Agreement and to the maximum extent permitted by law.
GEN will cooperate with the police, regulators, and other competent authorities in connection with alleged illegal or improper activity. We may disclose Customer information where we are legally permitted or required to do so, or where disclosure is otherwise lawful (for example, to establish, exercise, or defend legal claims). If you are a reseller Customer, you consent to GEN disclosing your identity as the service provider of record (including basic contact details) to a competent authority, where lawful and appropriate.
GEN may amend this Policy from time to time. Material changes will be notified to Customers in accordance with the Framework Agreement (and, where practicable, with reasonable prior notice). Changes take effect prospectively from the date specified in the notice or, if none, from the date of posting. Urgent changes necessary for security, legal, or regulatory reasons may take effect immediately.
GEN may use machine learning and artificial intelligence tools to help regulate and audit compliance, following a privacy-first approach. We use locally hosted, proprietary models and do not transmit Customer data to external providers for processing or training. Any such processing will be undertaken in accordance with the UK GDPR and the Data Protection Act 2018, on a lawful basis, with appropriate safeguards and retention controls.
You must not use the Services for any unlawful purpose or in breach of any applicable law or regulation. This includes, without limitation, transmitting, distributing, retrieving, or storing any information, data, or material in violation of intellectual property rights, export control laws, or defamation laws; or content that is obscene, harassing, hateful, or otherwise unlawful. Without limitation, Users must comply with the Communications Act 2003, the Racial and Religious Hatred Act 2006, the Online Safety Act 2023 (as and when in force), and any other applicable UK legislation.
Users must not attempt to gain unauthorised access to, interfere with, or compromise the normal functioning, operation, or security of any part of GEN’s infrastructure or any other network or system. Users must not monitor data, information, or communications on any network or system without proper authorisation, and must not attempt to obtain unauthorised access to other users’ accounts or credentials.
Users must not use the Services to send unsolicited direct marketing emails in breach of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) and applicable ICO guidance. Marketing emails must clearly identify the sender, include a valid address for opt-out (unsubscribe), and must only be sent where a valid lawful basis exists (for example, prior consent or a “soft opt-in” where permitted). Users must maintain verifiable records of consent and suppression lists, and must not operate, support, or advertise spam campaigns, including via third-party providers or open relays.
Users must not use the Services to make unsolicited marketing calls to consumers in breach of PECR, the Telephone Preference Service (TPS)/Corporate TPS rules, or Ofcom’s statement on persistent misuse. Calls must display a valid, returnable Calling Line Identification (CLI) that connects to a live agent or a recorded message clearly identifying the company and providing contact details. Predictive or automated diallers must connect a call to a live agent within two seconds of the call being answered. Silent and abandoned call rules must be respected. Where call recording is used for compliance and dispute resolution, it must be lawful, proportionate, and appropriately notified to recipients.
Users must not use the Services to send unsolicited marketing texts without valid prior opt-in consent, in breach of UK GDPR, the Data Protection Act 2018, and PECR. Marketing SMS must clearly identify the sender and include a simple, free-of-charge opt-out mechanism (e.g., reply “STOP”). Alphanumeric sender IDs that prevent replies must not be used for marketing messages unless an equivalent free opt-out route is provided and clearly signposted. Users must maintain verifiable consent and opt-out records and provide them on request.
Users must not inject false data into the internet (for example, by announcing IP address space not assigned to them or by publishing incorrect DNS information), and must not impersonate others or falsify headers, IP addresses, or other identifying details to deceive or defraud. Attempts to conceal identity fraudulently in connection with use of the Services are prohibited.
The following activities are also prohibited:
GEN may receive complaints directly, via internet organisations, or from other third parties. GEN is not required to determine the validity of a complaint before taking proportionate interim action under this Policy. A complaint from a recipient of direct marketing (including via an anti-spam organisation) may be treated as evidence that the communication was unsolicited. We will usually notify the relevant Customer’s primary contact and request prompt investigation and remediation, and we may share appropriate information to enable the complainant to contact you directly.
Customers are responsible for maintaining the confidentiality of credentials and account information, securing their networks and devices, and ensuring their Users comply with this Policy. Customers must promptly notify GEN via the HelpDesk of any unauthorised use of their account or any other security breach, and must notify GEN immediately upon becoming aware of any violation of this Policy by any person, including Users accessing the Services via the Customer’s account.
Fair use applies to all GEN Services and means use that is reasonable and consistent with that of a typical Customer. We monitor usage to protect service quality. Where usage is abusive or persistently exceeds expected limits, we may contact you to discuss changes (including service upgrades) and, if necessary, may restrict, suspend, or terminate the Services in accordance with this Policy and the Framework Agreement.
The internet is an inherently open and insecure means of communication. Data transmitted over the internet may be susceptible to interception or alteration. GEN does not guarantee the security or integrity of data transmitted via the Services or over the internet. Where you require secure transmission, GEN offers services that provide end-to-end protection over public networks. Any processing of personal data by GEN in connection with this Policy will be carried out in accordance with the Framework Agreement and GEN’s Privacy Policy, and in compliance with UK GDPR and the Data Protection Act 2018.
This Policy is incorporated into the Framework Agreement and does not operate as a standalone agreement. If there is any inconsistency between this Policy and the Framework Agreement, the Framework Agreement takes precedence.
All complaints by Users or Customers must be made via the HelpDesk and will be addressed promptly and comprehensively, in accordance with this Policy and the Framework Agreement.