Last updated: July 7, 2026
This Acceptable Use Policy (“AI AUP”) of Appcues, Inc. (“Appcues”) describes activities that are not allowed in connection with your use of Appcues’ artificial intelligence features, including Captain AI, AI Insights, the Appcues MCP Server, and any other AI-powered features made available within or in connection with the Appcues platform (collectively, the “AI Features”). Your use of the AI Features constitutes your agreement to this AI AUP.
AI technology and the ways it can be used or misused are continuously evolving. We may from time to time amend this AI AUP to further detail or describe reasonable measures, restrictions, or conditions on your use of the AI Features by publishing a revised version at https://www.appcues.com/ai-aup, or, in the event of a material adverse change, by providing you thirty (30) days written notice.
This AI AUP is part of the Appcues Terms of Service, Master Subscription Agreement, or any other agreement (collectively “Agreement”) between Appcues and the customer (“Customer”). It applies whenever Customer or Customer’s authorized users (“Users”) access or use the AI Features as part of the services provided under the Agreement. This AI AUP is effective for the same duration as the Agreement and replaces any previous acceptable use policies related to AI features under that Agreement. This AI AUP is incorporated by reference in the Appcues Terms of Use at https://www.appcues.com/terms.
If you breach this AI AUP (in whole or in part), we may limit, suspend, or terminate access to the AI Features or your account in accordance with the Agreement. We may intercept, restrict, or block any input, output, or traffic associated with your use of the AI Features where such use is unlawful or not in accordance with this AI AUP. No credit will be available under the Agreement for interruptions of service resulting from any AI AUP violation.
The determination of whether and to what extent a Customer’s act or omission is in violation of this AI AUP will be made at our sole discretion.
This AI AUP applies to all current and future AI-powered functionality made available by Appcues, including but not limited to (collectively, the “AI Features”):
Captain AI - an in-product assistant that provides coaching, support, analytics insights, and AI-assisted content/experience creation based on prompts submitted by Users and Customer’s Appcues account data.
AI Recommendations - automated, prompt-free analysis of Customer’s account (e.g., copy/grammar checks, broken link detection, stale targeting/property checks, dormant content detection) that surfaces recommendations to Customer.
Appcues MCP Server - a connector that allows Customer to access and combine Appcues account data within third-party AI tools and environments that Customer separately operates or subscribes to (e.g., Claude, ChatGPT, or similar).
Any other feature that uses machine learning, large language models, or similar AI/ML technology to generate, summarize, analyze, recommend, or act on content or data within or via the Appcues platform.
Customer and its Users will follow these guidelines when using the AI Features:
2a. Use the AI Features only for legitimate business purposes consistent with their intended functionality (e.g., building, analyzing, or troubleshooting in-app experiences) and in accordance with the Agreement and applicable documentation.
2b. Maintain appropriate account access controls. Access to the AI Features, including the MCP Server, is governed by the same roles and permissions Customer has configured in its Appcues account. Customer is responsible for ensuring only authorized Users can access AI Features and any connected third-party AI tools.
2c. Review AI-generated output before relying on it or publishing it. Where AI Features generate content that will be shown to Customer’s end users (e.g., flow copy, messages, mobile experiences drafted by Captain AI), Customer is solely responsible for reviewing that content for accuracy, appropriateness, legal compliance, and consistency with Customer’s own obligations (including, where applicable, the Appcues Email AUP) before publishing it.
2d. Do not submit, upload, or otherwise input into the AI Features any data Customer is not authorized to share, including third-party confidential information, special categories of personal data, or data subject to contractual or regulatory restrictions Customer has not satisfied.
2e. Where Customer connects the MCP Server to a third-party AI tool, Customer’s use of that third-party tool remains subject to that provider’s own terms, acceptable use policies, and privacy practices. Appcues is not responsible for how a third-party AI tool uses, retains, or processes data once it has been provided to that tool by Customer.
2f. Provide prompts, instructions, or configurations to the AI Features in good faith. Do not attempt to use prompts, inputs, or repeated queries designed to manipulate the AI Features into violating Section 3 or 4 below (including so-called “jailbreak” or prompt-injection techniques).
You may not use the AI Features to engage in, foster, or promote illegal, abusive, or irresponsible behavior, including (but not limited to):
3a. Any activity or conduct likely to be in breach of applicable laws, codes, or regulations, including data privacy laws;
3b. Attempting to reverse-engineer, extract, or replicate the underlying models, weights, training data, or proprietary logic powering the AI Features, or using output from the AI Features to build, train, or improve a competing product or service;
3c. Probing, scanning, or testing the AI Features for vulnerabilities, or attempting to bypass any rate limit, usage threshold, or access control applicable to the AI Features, except through Appcues’ responsible disclosure process;
3d. Using the AI Features to impersonate any person, organization, or entity, or to generate content that misrepresents its AI origin where such disclosure is required by law or by Appcues policy;
3e. Submitting prompts or inputs designed to cause the AI Features to generate content prohibited under Section 4, or to disrupt, degrade, or gain unauthorized access to Appcues’ systems, other customers’ data, or any AI model or third-party service connected via the MCP Server;
3f. Any activity that might reasonably be considered illegal, immoral, unethical, deceptive, fraudulent, offensive, or obscene, or that could injure, tarnish, or damage the reputation or goodwill of Appcues, its AI Features, or any of its customers; or
You may not use the AI Features to generate, request, publish, transmit, or store any content that Appcues reasonably believes is illegal, harmful, unwanted, or otherwise poses a threat to the public, including content that:
• Sexualizes, exploits, or otherwise endangers persons’ including minors in any way;
• Is excessively violent, incites or threatens violence, contains harassing content or hate speech, or creates a risk to any person’s or the public’s safety or health;
• Constitutes or facilitates fraud, phishing, malware, or other malicious code;
• Discriminates against, or could reasonably be used to discriminate against, individuals on the basis of any protected characteristic;
• Is defamatory, infringes a third party’s intellectual property or privacy rights, or otherwise violates a person’s legal rights;
• Is deceptive or unfair under the consumer protection laws of any jurisdiction; or
• Is otherwise malicious, fraudulent, or morally repugnant.
3g. Excessive or abusive querying of the AI Features in a manner that unreasonably consumes shared computing resources or degrades the experience of other customers. Appcues reserves the right to apply and update reasonable usage limits on the AI Features without prior notice.
5a – Appcues processes Customer account data and prompts as necessary to provide, maintain, support, and improve the AI Features, consistent with the Data Processing Addendum and Privacy Policy between Appcues and Customer. Appcues leverages subprocessors to provide the underlying model as well as monitoring and quality testing tooling, which can be found on the subprocessor list on Appcues Trust Center. Appcues does not have direct control over the subprocessor who hosts the underlying models and relies on that subprocessors own data handling and retention commitments, including its commitments regarding whether API inputs are used to train or improve its models. Appcues does not use Customer data or User prompts to train or fine-tune any model.
5b – Output generated by the AI Features on behalf of Customer is intended for Customer’s use in connection with the Agreement. Customer is responsible for verifying the accuracy of any AI-generated content before relying on it, and Appcues makes no warranty that AI-generated output is accurate, complete, or fit for any particular purpose.
5c – Where the MCP Server is used to bring Appcues account data into a third-party AI tool, that data is transmitted subject to Customer’s own configuration and the access permissions Customer has granted. Appcues does not control, and is not responsible for, how the third-party AI tool subsequently stores, processes, or uses that data.
5d - Customer is responsible for all input Customer transmits to the AI Features and shall have sole ownership of any output resulting from the AI Features.
5e - In order to provide the AI Features to Customer, Appcues may collect and process Usage Data. Usage Data may be used by Appcues for troubleshooting and support, diagnosing and remediating performance issues, improving the Services and customer experience, and other lawful business purposes. Customer hereby grants to Appcues a royalty-free, irrevocable, license to use any such Usage Data solely as necessary for its provision of the Services and Appcues’ internal business purposes in accordance with this Section. “Usage Data” means any and all diagnostic, inferred, or derived data reflecting access or use of the AI Features by Customer, including, any end user profile-, visit-, session-, impression-, click through-, or click stream-data, and any statistical or other analysis, information, or data based on or derived from any of the foregoing.
If we are legally required to permit any relevant authority to inspect content, prompts, or output associated with your use of the AI Features, you agree we can do so; provided, where possible without breaching any legal or regulatory requirement, we give you reasonable prior notice.
Our right to suspend or terminate access to the AI Features applies even if a breach is committed unintentionally or without your authorization.
You are responsible for violations of this AI AUP by anyone using the AI Features through your account, with or without your permission, including unauthorized use resulting from your failure to use reasonable security precautions (e.g., MFA, role-based access controls). Your use of the AI Features to assist another person in an activity that would violate this AI AUP if performed by you is also a violation of this AI AUP.
This prohibition applies regardless of whether the content originates from a Customer’s or User’s prompt, from the AI Feature’s own output, or from data ingested via the MCP Server.
We may, without notice to you, report to the appropriate authorities any conduct by you that we believe violates applicable law, and provide any information we have about you, your Users, or your use of the AI Features, and cooperate in response to a formal request from a law enforcement or regulatory agency, or a civil action that on its face meets the requirements for such a request.
Appcues' security and privacy practices are described in the Appcues Trust Center and in the Shared Responsibility Model documentation. The AI Features are subject to that Shared Responsibility Model. In particular, when using the AI Features, Customer is responsible for:
• Determining what data is appropriate to submit as input to the AI Features, including prompts to Captain AI and any data made available through the Appcues MCP Server, consistent with Section 2(d) above;
• Using Identity Verification and Ingest Filtering, where applicable, to limit the sensitivity of data processed by or available to the AI Features, particularly for accounts handling PII, PHI, or other confidential information;
• Reviewing and approving AI-generated content before it is published to end users, consistent with Section 2(c) above; and
• Configuring and maintaining appropriate access permissions for Users and any third-party AI tools connected via the MCP Server.
As new AI capabilities are introduced or responsibilities are identified, the Shared Responsibility Model documentation will be updated to reflect them, and this AI AUP will be read consistently with the version of that documentation in effect at the time.
Appcues reserves the right to update the parameters, rate limits, and availability of any AI Feature in its sole discretion. Appcues may also update the underlying AI model in its sole discretion, subject to its obligations under the Data Processing Addendum to provide notice of a change in subprocessor. In no event shall such changes materially reduce the security or privacy protections applicable to Customer data. Material changes to functionality will be communicated in accordance with standard product update practices.