Master Services Agreement & Policy

1. Strict B2B Infrastructure Operations

DesireTreeShop Systems provides margin calculation and delivery reporting infrastructure strictly for registered corporate entities (B2B). We do not offer services to consumers (B2C). All deploying entities must undergo manual verification, including corporate domain validation, tax ID cross-referencing, and DNS alignment checks. Access by unauthorized entities will result in immediate termination of the node.

2. Nature of Transmitted Payloads (Transactional Only)

Our infrastructure is explicitly whitelisted for transactional communications only. Allowed payloads include:

• Daily margin and cost-of-goods-sold (COGS) reports.
• System-generated logistics alerts and webhook delivery notifications.
• B2B fiscal invoices and billing statements.

PROHIBITED CONTENT:

We categorically prohibit the routing of marketing, promotional, newsletter, or cold-outreach emails through our network. Detection of promotional keywords or bulk non-transactional patterns will trigger an automated kill-switch on your API keys.

3. Zero Tolerance Anti-Spam Policy

DesireTreeShop Systems enforces a Zero Tolerance policy against unsolicited email (SPAM). Clients must adhere to the CAN-SPAM Act, GDPR, and CASL. Under no circumstances are clients permitted to use purchased, rented, or third-party scraped lists. Any account generating a bounce rate exceeding 3% or a complaint rate exceeding 0.08% will be subjected to an immediate infrastructure audit and potential permanent suspension.

Abuse Reporting: If you suspect any infrastructure node is violating this policy, immediately forward the full email headers to abuse@desiretreeshop.com. Our compliance team acts within 15 minutes.

4. Mandatory Account & Recipient Verification (Double Opt-In)

To protect our routing IPs, all recipient nodes (e.g., your supply chain partners receiving reports) must be explicitly authorized. We mandate a cryptographic Double Opt-In verification framework. A confirmation payload must be affirmatively acknowledged by the recipient's corporate inbox before our system will route automated daily reports to them. Single Opt-In or implicit consent is invalid on this platform.

5. Extended Corporate Rules & Data Handling

To maintain our Service Level Agreements (SLA) and ensure compliance beyond standard ISP rules, clients must adhere to the following proprietary guidelines:

• Payload Sanitization: Clients are responsible for stripping non-essential Personally Identifiable Information (PII) from JSON payloads prior to API ingestion. Only required fiscal data should be transmitted.
• Data Retention Limitations: To minimize liability, DesireTreeShop purges all raw webhook payloads, calculated margin logs, and email delivery receipts after 90 days.
• API Rate Limits: To prevent DDOS vectors, concurrent connections are capped at 500 requests per second per node. Burst traffic exceeding this must be buffered in your local Redis/Kafka queues.

6. Privacy & Third-Party Processing

As a data processor, we employ AES-256 encryption at rest. We do not sell, share, or monetize the fiscal data or email addresses parsed through our system. Our infrastructure utilizes secure upstream relays (including AWS and dedicated Mailgun enterprise clusters) strictly configured for transactional throughput. You grant us the right to inspect routing metadata purely for deliverability optimization and fraud prevention.