Skip to Content
SettingsCompliance

Compliance

The Compliance page lets you define behavioral guardrails that are injected into every AI-generated message. These rules ensure your AI agents follow your company policies, industry regulations, and legal requirements like CAN-SPAM and GDPR.

Accessing Compliance Settings

Go to Settings > Compliance in the sidebar.

AI Compliance Rules

Compliance rules are instructions that get injected into every AI prompt. They control what the AI can and cannot say or do.

How Rules Work

  • Active rules are included in every AI prompt, ensuring consistent behavior
  • Inactive rules are stored but not enforced — you can toggle them on/off without deleting
  • Locked rules cannot be deleted, only toggled — use this for rules that must always exist

Viewing Rules

Each rule shows:

  • Toggle — Active (enabled) or inactive (disabled)
  • Label — A short name for the rule
  • Rule text — The full instruction injected into the AI prompt
  • Lock badge — Indicates if the rule is locked (cannot be deleted)

Adding a Rule

  1. Click + Add Rule at the bottom of the rules list.
  2. Enter a Label (e.g., “No pricing discounts”).
  3. Enter the Rule text — this is the exact instruction the AI follows. For example:
    • “Never offer or imply pricing discounts. If asked about discounts, redirect to the value of the product.”
    • “Always include the company name and unsubscribe link in marketing emails.”
    • “Do not make claims about product capabilities that are not documented in the knowledge base.”
  4. Optionally check Lock this rule to prevent deletion.
  5. Click Save Rule.

Toggling a Rule

Click the toggle switch next to any rule to activate or deactivate it. Changes take effect immediately for new AI-generated messages.

Deleting a Rule

Click the delete button (x) on any unlocked rule. Locked rules cannot be deleted — they can only be toggled off.

Permissions

Only users with the Owner or Manager role can modify compliance rules. Other roles can view the rules but cannot make changes.

CAN-SPAM Compliance

For email marketing compliance in the United States:

  • Include your physical mailing address in marketing emails
  • Provide a clear unsubscribe mechanism
  • Honor unsubscribe requests within 10 business days
  • Do not use deceptive subject lines
  • Identify the message as an advertisement

Create compliance rules to enforce these requirements. For example:

  • “Always include the physical business address in the email signature.”
  • “Never use misleading or deceptive subject lines.”

GDPR Compliance

For compliance with the General Data Protection Regulation (EU):

  • Only process personal data with a lawful basis
  • Honor data deletion requests promptly
  • Maintain records of consent
  • Include a clear privacy policy link in communications

Unsubscribe Handling

When a contact requests to unsubscribe:

  1. The AI detects the unsubscribe intent in the message
  2. The contact’s lead status is updated to do_not_contact
  3. All future AI outreach to that contact is automatically blocked
  4. The contact remains in your database but will not receive new messages

You can also manually set a contact to do_not_contact from the contact detail page.

Suppression

Contacts are automatically suppressed (removed from active outreach) when:

  • They request to unsubscribe
  • Their email hard-bounces
  • They mark your email as spam
  • They are manually set to do_not_contact

Suppressed contacts appear in your contact list but will not receive AI-generated outreach.

Best Practices

  • Create rules for your most important policies first (pricing, legal claims, competitor mentions)
  • Lock critical rules that should never be accidentally deleted
  • Review and update rules quarterly as your policies evolve
  • Test rules by sending test messages and verifying AI behavior
  • Keep rule text specific and actionable — vague instructions lead to inconsistent behavior

Troubleshooting

AI ignoring a compliance rule

  • Verify the rule is toggled to Active.
  • Check that the rule text is clear and unambiguous.
  • Very long or complex rules may be diluted — keep them focused.

Cannot modify rules

  • Only Owner and Manager roles can edit compliance rules.
  • Contact your account owner to request changes.
Last updated on
IntegrationsBilling & Usage
Compliance – ScendCore Docs