Effective Date: 1/25/2026
Provider: FGCO Holdings LLC, DBA Rhino IT (“Provider”)
Customer: Any entity purchasing or using Services provided by Provider

1. Purpose and Scope

This Acceptable Use Policy (“AUP”) governs Customer access to, and use of all services provided, managed, resold, or supported by Provider (“Services”), including but not limited to:

• Voice, messaging, and unified communications services

• Cloud productivity, email, and collaboration services

• Managed security, monitoring, and threat detection services

• Managed networks, servers, endpoints, and mobile devices

• Internet connectivity and related infrastructure

• Associated software, hardware, and cloud resources

This AUP applies to Customer, its employees, contractors, agents, and any authorized users (“Users”).

Many Services rely on third-party platforms, carriers, licensors, and infrastructure providers. This AUP is intended to flow down acceptable use, security, and compliance obligations imposed on Provider by those third parties.

2. Acceptable Use

Customer and Users may use the Services solely for:

• Lawful, legitimate business purposes

• Normal business communications and collaboration

• Accessing authorized systems, applications, and data

• Activities consistent with Provider documentation and applicable law

Use of Services must not:

• Interfere with service integrity or availability

• Circumvent technical, administrative, or security controls

• Create unreasonable risk to Provider, third parties, or other customers

3. Prohibited Use

The following activities are strictly prohibited.

3.1 Illegal, Fraudulent, or Abusive Activity

Customer and Users must not use the Services to:

• Violate any local, state (Missouri), federal, or international law

• Engage in fraud, impersonation, deception, or social engineering

• Transmit, store, or distribute illegal content

• Distribute malware, ransomware, spyware, or other malicious code

3.2 Communications and Voice Services Abuse

Customer and Users must not:

• Engage in robocalling, auto-dialing, or bulk messaging without proper legal consent

• Transmit unsolicited, deceptive, or misleading calls or messages

• Manipulate or falsify caller identification or origin information

• Engage in call flooding, traffic pumping, or artificial call generation

• Misuse emergency calling features or provide inaccurate location data

3.3 Cloud, Email, and Collaboration Services Abuse

Customer and Users must not:

• Send spam, phishing, or mass unsolicited communications

• Abuse administrative privileges, APIs, or automation

• Circumvent licensing, usage limits, or security restrictions

• Improperly access, share, or exfiltrate data

• Store or distribute prohibited or unlawful content

3.4 Security and Monitoring Interference

Customer and Users must not:

• Disable, uninstall, or tamper with security or monitoring agents

• Suppress alerts, logs, or telemetry

• Interfere with threat detection, isolation, or remediation actions

• Obstruct investigations or incident response activities

Security services may operate using continuous monitoring and automated response mechanisms.

3.5 Network, Endpoint, and Infrastructure Abuse

Customer and Users must not:

• Conduct unauthorized scanning, probing, or penetration testing

• Operate unauthorized public services, relays, or proxy systems

• Consume bandwidth or resources excessively or abusively

• Connect unmanaged, non-compliant, or insecure devices to managed environments

4. Customer Responsibilities

Customer is solely responsible for:

• All actions performed by its Users

• Enforcing internal acceptable use and security policies

• User provisioning, access control, and timely offboarding

• Credential protection, MFA usage, and endpoint hygiene

• Data classification, retention, and regulatory compliance

Customer agrees to cooperate fully with Provider during investigations, audits, incident response, or compliance activities.

5. Security Requirements

Customer agrees to:

• Use strong passwords and multi-factor authentication where available

• Allow Provider-managed tools to remain installed and operational

• Apply required updates, patches, and configuration changes

• Maintain accurate contact and emergency service information

• Promptly report suspected misuse, incidents, or breaches

Failure to meet security requirements may result in service limitations or suspension.

6. Monitoring, Detection, and Disclosure

To maintain service integrity, security, and legal compliance, Provider may:

• Monitor system logs, traffic patterns, and security telemetry

• Investigate suspected violations of this AUP

• Take automated or manual response actions

• Share information with third parties or authorities when legally required

Customer acknowledges that privacy expectations are limited within managed business systems, subject to applicable law.

7. Suspension and Termination

Provider may, with or without notice:

• Suspend or restrict Services to mitigate risk

• Isolate affected systems or Users

• Terminate Services for material or repeated violations

Customer acknowledges that third-party platforms or infrastructure providers may independently suspend or restrict Services. Provider is not liable for service interruptions resulting from such actions.

8. Third-Party Services and Limitations

Customer acknowledges that:

• Services depend on third-party platforms, networks, and licensors

• Provider does not control third-party enforcement decisions

• Third-party acceptable use and licensing terms apply in parallel

Violations may result in irreversible suspension beyond Provider’s control.

9. Compliance with Law

Customer must comply with all applicable laws and regulations, including U.S. federal and Missouri state laws, communications regulations, and data protection requirements.

10. Policy Updates

Provider may update this AUP as required. Continued use of Services constitutes acceptance of the updated policy.

11. Contact Information

Rhino IT
Springfield, Missouri, USA
Email: support@rhinoitmsp.com

VOIP REGULATORY & COMMUNICATIONS COMPLIANCE ADDENDUM

Effective Date: 1/25/2026
Provider: FGCO Holdings LLC, DBA Rhino IT (“Provider”)

This VoIP Regulatory & Communications Compliance Addendum (“Addendum”) supplements the Master Services Agreement and Acceptable Use Policy. In the event of conflict, this Addendum controls for voice and communications services.

1. Scope

This Addendum applies to all voice and communications services, including:

• Hosted or cloud-based VoIP services

• SIP or session-based calling

• Messaging services (SMS/MMS, where applicable)

• Emergency calling (E911)

• Voice-enabled applications and integrations

2. Regulatory Compliance

Customer must comply with all applicable communications laws and regulations, including but not limited to:

• FCC regulations

• Telephone Consumer Protection Act (TCPA)

• TRACED Act

• Truth in Caller ID rules

• State and federal consumer protection laws

Violations may result in immediate service suspension without notice.

3. Prohibited Calling and Messaging Practices

Customer and Users must not engage in:

• Robocalling or auto-dialing without legally valid consent

• Unsolicited bulk calling or messaging

• Caller ID spoofing or deceptive origin masking

• Traffic pumping, call flooding, or artificial call generation

• Harassing, threatening, or abusive communications

Provider may restrict or suspend traffic that appears abusive, unlawful, or non-compliant.

4. Consent and Recordkeeping

Customer is solely responsible for:

• Obtaining and maintaining legally sufficient consent

• Maintaining records of consent, opt-ins, and opt-outs

• Honoring do-not-call requests and suppression lists

• Complying with time-of-day and geographic restrictions

Provider does not verify Customer consent practices and assumes no liability for Customer non-compliance.

5. Emergency Calling (E911)

Customer acknowledges that:

• E911 functionality depends on accurate location data

• Customer is responsible for maintaining current location information for all endpoints

• Nomadic and remote users may not have accurate emergency location data

• Provider is not responsible for failures caused by inaccurate or missing information

Customer agrees to notify Users of E911 limitations.

6. Traffic Monitoring and Enforcement

Provider may:

• Monitor call patterns and signaling behavior

• Implement rate limits, blocking, or traffic controls

• Suspend services immediately upon detection of suspicious activity

• Cooperate with regulators or law enforcement as required

Certain enforcement actions may be mandatory and non-reversible.

7. Suspension and Irreversible Actions

Customer acknowledges that:

• Voice services may be suspended or terminated without notice

• Phone numbers, routing, or access may not be recoverable following enforcement

• Provider is not liable for damages resulting from regulatory or carrier actions

8. Indemnification

Customer agrees to indemnify and hold harmless Provider from any claims, penalties, fines, or damages arising from:

• Customer calling or messaging practices

• Regulatory violations

• Failure to obtain or document consent

• Misuse of emergency services

This obligation survives termination.

9. No Legal Advice

Provider does not provide legal advice regarding communications compliance. Customer is responsible for consulting legal counsel as needed.

10. Acknowledgment

By using voice and communications services, Customer acknowledges responsibility for lawful use and regulatory compliance.