You cannot use Vercel to send spam, phishing messages, or any other unsolicited communications to people who have not asked to receive them.
This analysis describes what Vercel AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision prohibits using Vercel's infrastructure for spam or phishing campaigns, which is a standard AUP requirement and aligns with applicable law, but the extension of account-holder responsibility to end-user conduct means account holders must ensure their deployed applications do not facilitate these activities by third parties.
Account holders and their end users are prohibited from using Vercel-hosted infrastructure to send spam or phishing communications, and account holders are responsible for ensuring their deployed applications do not enable such conduct by third parties.
How other platforms handle this
We reserve the right, at our sole discretion, to modify or replace these Terms at any time. If a revision is material we will try to provide at least 30 days notice prior to any new terms taking effect. What constitutes a material change will be determined at our sole discretion.
If you believe that any Content on our website infringes upon your intellectual property rights, you can submit a Takedown notice to dmca@huggingface.co. This is a process we follow according to applicable law. Please include detailed and accurate information to support your claim. By submitting a c...
Starbucks reserves the right to modify these Terms at any time. We will post the most current version of these Terms on the Service. If we make material changes, we may notify you by email or by posting a notice on the Service prior to the effective date of the changes. Your continued use of the Ser...
Monitoring
Vercel AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"You may not use Vercel's services to send unsolicited communications, including spam, phishing, or other forms of unwanted messaging.— Excerpt from Vercel AI's Vercel AI Acceptable Use Policy
REGULATORY LANDSCAPE: This provision directly engages the CAN-SPAM Act, which establishes requirements for commercial email and prohibits deceptive messaging practices, enforced by the FTC. It also engages the Telephone Consumer Protection Act (TCPA) for messaging-capable applications, and GDPR Article 6 and the ePrivacy Directive for EU users, where lawful basis for communications must be established and unsolicited electronic marketing is restricted. State-level spam and phishing statutes in California, Virginia, and other states may also apply depending on the recipient's jurisdiction. GOVERNANCE EXPOSURE: Medium. The prohibition is clear and aligns with applicable law, but the extension of account-holder responsibility to end-user conduct (per the broader AUP end-user liability clause) means account holders whose platforms facilitate third-party messaging must implement controls to prevent unsolicited communications. JURISDICTION FLAGS: EU and EEA customers face the most significant regulatory exposure, where the ePrivacy Directive and GDPR impose consent requirements for electronic communications that are more prescriptive than US CAN-SPAM requirements. California customers should assess compliance with the California Business and Professions Code anti-spam provisions. CONTRACT AND VENDOR IMPLICATIONS: Organizations deploying messaging or email-capable applications on Vercel should review their consent collection mechanisms and unsubscribe processes to ensure compliance with both this AUP provision and applicable law. Vendor assessments should include a review of whether third-party messaging integrations used in Vercel-hosted applications comply with these restrictions. COMPLIANCE CONSIDERATIONS: Compliance teams should audit messaging functionality in Vercel-deployed applications to confirm that consent mechanisms, opt-out processes, and sender identification meet CAN-SPAM, GDPR ePrivacy, and applicable state law requirements, and that end-user terms of service prohibit use of messaging features for unsolicited communications.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Buried in Robinhood's customer agreement is broad authority to close your positions, suspend your account, and force arbitration. Here is what it actually says.
Stripe's terms authorize fund reserves, payout withholding, and account termination. Here is what the agreement states and what business owners should review.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision prohibits using Vercel's infrastructure for spam or phishing campaigns, which is a standard AUP requirement and aligns with applicable law, but the extension of account-holder responsibility to end-user conduct means account holders must ensure their deployed applications do not facilitate these activities by third parties.
Account holders and their end users are prohibited from using Vercel-hosted infrastructure to send spam or phishing communications, and account holders are responsible for ensuring their deployed applications do not enable such conduct by third parties.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Vercel AI.