Lega
LEGAL · LAST UPDATED 10 MAY 2026

Acceptable Use Policy

This Acceptable Use Policy ("AUP") describes prohibited activities on the Lega platform. It applies to every account holder and to any messages, content, or activity conducted through the Service. The AUP is incorporated by reference into our Terms of Service; violation may result in suspension or termination without refund.

1. General Prohibited Use

You may not use the Service to:

  • Violate any applicable law, regulation, or third-party right (including intellectual property, privacy, and contract rights)
  • Distribute malware, viruses, ransomware, phishing payloads, or any code intended to disrupt or damage systems
  • Engage in fraud, deception, identity theft, or impersonation of any individual or organisation
  • Harass, threaten, defame, or stalk any individual
  • Promote or facilitate violence, self-harm, or terrorism
  • Distribute child sexual abuse material or any content sexually exploiting minors
  • Promote discrimination, hate speech, or hostility based on race, ethnicity, religion, gender, sexual orientation, disability, or other protected attributes
  • Sell or facilitate the sale of illegal goods or services, including unlicensed pharmaceuticals, weapons, controlled substances, or counterfeit products
  • Operate gambling, lotteries, or financial schemes (Ponzi, pyramid, multi-level marketing recruitment) without proper licensing
  • Engage in money laundering, terrorism financing, or sanctions evasion

2. WhatsApp-Specific Rules

Because Lega connects to WhatsApp, you must additionally comply with the following rules — many of which derive from WhatsApp's own Business Policy:

2.1 Consent and Opt-In

  • You may only send messages to recipients who have provided clear, prior consent to receive WhatsApp communications from your business
  • Consent must be obtained through a transparent opt-in (web form, in-store sign-up, etc.) — pre-checked boxes, purchased lead lists, and scraped contacts are not valid consent
  • You must keep records of consent and produce them on request

2.2 Opt-Out

  • You must honour opt-out requests immediately. Once a recipient asks to stop receiving messages, you may not send further marketing or promotional content
  • You may continue to send transactional messages (e.g. order receipts, appointment confirmations) only where the underlying transaction is the basis

2.3 Bulk Messaging

  • Bulk campaigns must use throttling settings provided by the Service. Disabling, circumventing, or attempting to accelerate throttling is a violation of this AUP
  • Sending the same or similar message to a large number of recipients without prior consent constitutes spam and is prohibited

2.4 Number Use

  • You must use a dedicated business WhatsApp number, not your personal WhatsApp number
  • You must not pair a number you do not own or have explicit authorisation to operate
  • You must not use the Service to operate accounts intended to evade prior bans imposed by Meta

3. AI Feature Use

  • You may not use AI features to generate content that would violate this AUP if sent manually (spam, scams, hate speech, illegal content)
  • You may not use AI to impersonate a human in contexts where the recipient has a reasonable expectation of human interaction without disclosing AI involvement, where law requires such disclosure
  • You are responsible for AI outputs sent through the Service, even if generated automatically

4. Platform Integrity

You may not:

  • Probe, scan, or test the vulnerability of the Service without prior written authorisation
  • Attempt to gain unauthorised access to other accounts, tenants, or systems
  • Reverse-engineer, decompile, or attempt to extract source code or trade secrets from the Service
  • Resell access to the Service or build a competing product using the Service
  • Place excessive load on the Service through automated requests beyond your subscription plan's limits

5. End Customer Data

You are the data controller for your end customers' personal data. You must:

  • Have a lawful basis to collect, store, and process the data, in accordance with the Personal Data Protection Act 2010 (Malaysia) and any other applicable privacy law
  • Provide your end customers with appropriate notice of collection and use
  • Honour data access, correction, and deletion requests made by your end customers

6. Reporting Violations

If you become aware of activity on the Service that violates this AUP, please report it to hi@lega.my. Reports may be submitted anonymously, but providing contact details helps us follow up if more information is needed.

7. Enforcement

We investigate reported violations and may take any of the following actions:

  • Warning — for minor or first-time violations
  • Temporary suspension — for serious or repeated violations, pending corrective action
  • Permanent termination — for severe violations (fraud, child safety, illegal content, repeated spam) or refusal to remediate
  • Reporting to authorities — for activity that constitutes a criminal offence under Malaysian or relevant foreign law

Accounts terminated for AUP violations are not eligible for refunds. We may, at our discretion, retain logs of violating activity for a period consistent with legal obligations.

8. Changes to This Policy

We may update this AUP from time to time as new abuse patterns emerge or as the Service evolves. The current version is always available at lega.my/aup. Continued use of the Service after changes are posted constitutes acceptance of the updated AUP.

9. Contact

Polygon Technology Solutions
Kuala Lumpur, Malaysia
Email: hi@lega.my

Operated by Polygon Technology Solutions, a subsidiary of Polygon Synergy. Registered in Malaysia. Contact: hi@lega.my