Acceptable Use Policy (India)
ACCEPTABLE USE POLICY
Information Technology Act 2000 | IT Intermediary Guidelines Rules 2021 | Indian Contract Act 1872
Effective Date: [Effective Date]
This Acceptable Use Policy ("AUP") is published by [Company Name], registered at [Company Address] ("we", "us", or "our"), in respect of [Website URL] (the "Service"). This AUP forms part of our Terms of Service and applies to [Policy Scope].
1. PERMITTED USE
1.1 You may use the Service for the following purposes: [Permitted Use].
1.2 All use of the Service must comply with applicable Indian law, including the Information Technology Act 2000 and all rules notified thereunder.
2. PROHIBITED ACTIVITIES
2.1 You must not use the Service to:
(a) Upload, post, or transmit any content that is obscene, sexually explicit, defamatory, threatening, abusive, hateful, or invasive of another person's privacy — as prohibited under the IT Act 2000 and Rule 3(1)(b) of the IT Intermediary Guidelines Rules 2021;
(b) Upload, post, or transmit child sexual abuse material (CSAM) — a criminal offence under Section 67B of the IT Act 2000;
(c) Engage in hacking, unauthorised access, denial-of-service attacks, or other cyber offences under Sections 43 and 66 of the IT Act 2000;
(d) Transmit viruses, malware, ransomware, spyware, or other malicious code;
(e) Commit identity theft, impersonation, or cheating by personation — offences under Sections 66C and 66D of the IT Act 2000;
(f) Publish content that threatens India's sovereignty, integrity, security, or public order — an offence under Section 66F (cyber terrorism) of the IT Act 2000;
(g) Infringe any third party's intellectual property rights (copyright, trademark, patent) — contrary to the Copyright Act 1957 and the Trade Marks Act 1999;
(h) Engage in spam, phishing, or fraudulent communications — contrary to the IT Act 2000 and the Consumer Protection Act 2019;
(i) Use the Service for any activity that constitutes an offence under the Indian Penal Code 1860 or any other applicable Indian statute.
3. CONTENT MODERATION AND TAKE-DOWN
3.1 We reserve the right to monitor, review, and remove any content that we believe violates this AUP or applicable law, without prior notice.
3.2 Where we have actual knowledge of unlawful content, we will act expeditiously to disable access to or remove such content in accordance with our obligations under Section 79(3) of the IT Act 2000 and the IT Intermediary Guidelines Rules 2021.
3.3 Content removal decisions may be appealed to our Grievance Officer within 30 days of the removal action.
4. ENFORCEMENT
4.1 Violations of this AUP may result in: (a) a written warning; (b) temporary suspension of account access; (c) permanent termination of your account; (d) removal of violating content; (e) reporting to law enforcement authorities where the violation constitutes a criminal offence under the IT Act 2000 or the Indian Penal Code 1860.
4.2 We reserve the right to take any action necessary to protect our users, third parties, and the integrity of the Service.
5. REPORTING VIOLATIONS
5.1 To report an AUP violation, please email [Reporting Email] with details of the violating content or activity (including URL, description, and evidence where available).
5.2 We will acknowledge your report within 24 hours and take appropriate action.
6. GRIEVANCE OFFICER
6.1 Our Grievance Officer (as required under Rule 3(2) of the IT Intermediary Guidelines Rules 2021):
Name: [Grievance Officer Name] | Email: [Grievance Officer Email]
Complaints will be acknowledged within 24 hours and resolved within 30 days.
7. GOVERNING LAW
7.1 This AUP is governed by the Information Technology Act 2000, the Indian Contract Act 1872, and the laws of India. Any disputes shall be subject to the jurisdiction of the courts at the location of [Company Address].
Authorised Signatory
________________
Signature
What Is a Acceptable Use Policy (India)?
An Acceptable Use Policy in India records the organisation's position on the matter, defining what is permitted, what is prohibited and how breaches are handled.
For online platforms and intermediaries in India, an AUP is a mandatory component of the IT Intermediary Guidelines compliance framework under the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021. Rule 3(1)(b) of the IT Intermediary Rules 2021 requires all intermediaries to publish rules and regulations prohibiting specified categories of prohibited content and activity.
The AUP draws its legal force from the Indian Contract Act 1872 (as part of the user agreement), the IT Act 2000 (cyber offences and intermediary liability), the IT Intermediary Rules 2021 (content moderation requirements), and the Indian Penal Code 1860 (criminal offences that may overlap with AUP violations such as defamation, criminal threats, obscenity).
For enterprise IT environments, an AUP for employees governing use of company IT resources, email, internet access, and data handling is a key element of information security policy and is required under IT security frameworks such as ISO/IEC 27001 and the DPDP Act 2023's obligation to implement reasonable security measures.
The legal framework governing the Acceptable Use Policy (India) in India draws on several key statutes and regulatory bodies. Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). The Industrial Disputes Act 1947 and state labour commissioners govern employment disputes. The Information Technology Act 2000 and IT (Reasonable Security Practices) Rules 2011 protect personal data. The Income Tax Act 1961 and Goods and Services Tax Act 2017 govern tax obligations through the Central Board of Direct Taxes (CBDT) and GST Council. Parties executing a Acceptable Use Policy (India) in India should confirm the document reflects current law, including any amendments enacted since the original drafting date. The Indian Contract Act, 1872 sets the foundational requirements.
When Do You Need a Acceptable Use Policy (India)?
An Acceptable Use Policy is needed for: (1) any online platform, website, or app that has users — to define the rules of conduct and comply with IT Intermediary Rules 2021; (2) enterprise IT environments — to govern employee use of company computers, networks, email, and internet access; (3) cloud and SaaS service providers — to define permitted and prohibited uses of their services; and (4) educational institutions and public Wi-Fi providers — to define acceptable use of their IT infrastructure.
The AUP should be published alongside the Terms of Service and Privacy Policy and should be incorporated by reference into the main user agreement so that it forms part of the binding contract with users.
Parties in India should prepare a Acceptable Use Policy (India) proactively rather than waiting for a dispute to arise. Courts interpret agreements based on the written terms rather than oral representations. Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). The Industrial Disputes Act 1947 and state labour commissioners govern employment disputes. The Information Technology Act 2000 and IT (Reasonable Security Practices) Rules 2011 protect personal data. The Income Tax Act 1961 and Goods and Services Tax Act 2017 govern tax obligations through the Central Board of Direct Taxes (CBDT) and GST Council. Where the transaction involves regulated activities, prior approval from the relevant authority may be required before execution.
What to Include in Your Acceptable Use Policy (India)
A thorough India Acceptable Use Policy should include: scope (who and what it applies to); permitted uses; prohibited activities (mirroring IT Intermediary Rules 2021 categories: illegal content, defamatory content, obscene content, privacy violations, IP infringement, malware, hacking, spam, impersonation, incitement); content moderation and take-down procedure; Grievance Officer details and complaint process; enforcement actions (warnings, suspension, termination, reporting to law enforcement); user's obligation to report AUP violations; disclaimer of liability for user-generated content; interaction with the Terms of Service and Privacy Policy; and governing law (IT Act 2000, Indian Contract Act 1872).
Additional compliance elements for a Acceptable Use Policy (India) used in India include: Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). The Industrial Disputes Act 1947 and state labour commissioners govern employment disputes. The Information Technology Act 2000 and IT (Reasonable Security Practices) Rules 2011 protect personal data. The Income Tax Act 1961 and Goods and Services Tax Act 2017 govern tax obligations through the Central Board of Direct Taxes (CBDT) and GST Council. Forms-legal.com provides this template as a starting point for India-compliant documentation.
Cite this page
Reference this free template in an article, syllabus, or research note:
Forms Legal. (2026). Acceptable Use Policy (India) (India) [Legal document template]. Forms Legal. https://forms-legal.com/india/business/policies/acceptable-use-policy-india
"Acceptable Use Policy (India) (India)." Forms Legal, 2026, https://forms-legal.com/india/business/policies/acceptable-use-policy-india.
@misc{formslegal-acceptable-use-policy-india,
author = {{Forms Legal}},
title = {Acceptable Use Policy (India) (India)},
year = {2026},
howpublished = {\url{https://forms-legal.com/india/business/policies/acceptable-use-policy-india}},
note = {Free legal document template. Based on Indian Contract Act, 1872}
}Also available for these jurisdictions:
Frequently Asked Questions
The Information Technology Act 2000 (IT Act 2000), as amended by the Information Technology (Amendment) Act 2008, establishes several categories of prohibited content and activities for Indian websites, platforms, and electronic communications. Section 66A (struck down): Section 66A, which criminalised offensive or menacing electronic communications, was declared unconstitutional by the Supreme Court of India in Shreya Singhal v. Union of India (2015) for violating Article 19(1)(a) (freedom of speech and expression). It is no longer in force. Section 66B — Receiving stolen computer resources: Dishonestly receiving any stolen computer resource or communication device — up to 3 years imprisonment and/or ₹1 lakh fine. Section 66C — Identity theft: Fraudulently or dishonestly using the electronic signature, password, or any other unique identification feature of another person — up to 3 years imprisonment and ₹1 lakh fine. Section 66D — Cheating by impersonation: Cheating by impersonating someone using a computer resource or communication device — up to 3 years imprisonment and ₹1 lakh fine. Section 66E — Violation of privacy: Publishing or transmitting the image of a person's private area without consent in circumstances that violate privacy — up to 3 years imprisonment and ₹2 lakh fine. Section 66F — Cyber terrorism: Denying access to authorised personnel to a computer resource, accessing computer resources without authorisation, introducing a computer contaminant, or causing death or injury using critical infrastructure systems — up to life imprisonment.
Violations of an Acceptable Use Policy (AUP) in India can result in consequences at multiple levels: contractual, civil, and criminal. Contractual consequences: The AUP is a contractual document that forms part of the user agreement with the platform or service provider. A user who violates the AUP breaches their contract with the service provider. The service provider's contractual remedies include: immediate suspension or termination of the user's account without notice (where the AUP expressly reserves this right); forfeiture of any prepaid fees or credits; civil action for damages caused by the breach under Section 73 of the Indian Contract Act 1872; and seeking an injunction from a competent court to restrain further breach. Civil liability under the IT Act 2000: Section 43 of the IT Act 2000 imposes civil liability (without limit) on any person who without permission: accesses a computer system; downloads, copies, or extracts data; introduces a virus or contaminant; disrupts service; denies access; assists unauthorised access; charges to another person's account; or destroys, deletes, or alters information. The affected person or company can seek compensation from the adjudicating officer appointed under Section 46 of the IT Act 2000. Criminal liability: AUP violations that constitute offences under the IT Act 2000 (Sections 66–74) or the Indian Penal Code 1860 (IPC) can result in criminal prosecution, with penalties ranging from fines to imprisonment depending on the offence.
Enforcing an Acceptable Use Policy (AUP) against employees in India requires a multi-layered approach grounded in both contract law and employment law. First, the AUP must be incorporated into the employment contract or acknowledged via a separate signed agreement, creating a contractual obligation under the Indian Contract Act 1872. Courts have consistently held that policies made known to employees and accepted by them form part of the employment contract. Second, violations involving misuse of IT infrastructure can attract liability under the Information Technology Act 2000 and the IT (Amendment) Act 2008, particularly Sections 43, 66, 66C, and 72A dealing with unauthorized access, identity theft, and breach of confidentiality. Third, disciplinary proceedings must follow principles of natural justice — the employee must receive a show-cause notice, an opportunity to respond, and a fair inquiry before any adverse action. Summary dismissal without process exposes the employer to claims under the Industrial Disputes Act 1947. Fourth, organizations should maintain detailed audit logs as evidence. The Personal Data Protection Bill framework also requires that monitoring employees' digital activity comply with data minimization and purpose-limitation principles. Regular training sessions and acknowledgment refreshes strengthen enforceability by demonstrating that employees were repeatedly made aware of policy terms.
A Acceptable Use Policy (India) does not legally require a lawyer in India, and individuals and businesses may draft and execute the document independently. The Indian Contract Act, 1872 does not mandate legal representation for the creation or signing of this type of document. However, seeking independent legal advice from a qualified India lawyer is recommended for transactions involving substantial financial value, complex regulatory requirements, or cross-border elements where multiple legal jurisdictions may apply. A lawyer can verify that the document complies with all applicable statutory requirements, identify potential risks specific to the transaction, and confirm that the terms adequately protect the interests of all parties involved. The Supreme Court of India has jurisdiction over disputes arising from this type of document, and Registrar of Companies (ROC) may impose additional compliance obligations depending on the nature of the underlying transaction. Professional legal review is particularly advisable where the document will be submitted to government agencies or used as evidence in legal proceedings.
A Acceptable Use Policy (India) does not legally require a lawyer in India, though legal advice is recommended. Under Indian law, the Indian Contract Act 1872 governs agreements. The Companies Act 2013 and Registrar of Companies (ROC) regulate corporate documents. The Information Technology Act 2000 governs electronic contracts and data protection. The Consumer Protection Act 2019 provides consumer rights. The Income Tax Act 1961 requires tax compliance. Forms-legal.com provides this template as a starting point — always review with a qualified Indian advocate for significant transactions. Under India law, Indian Contract Act, 1872, parties should seek independent legal advice from a qualified lawyer to confirm compliance with all applicable requirements. Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). Forms-legal.com provides this template as a starting point for India-compliant documentation.
This template is provided for informational purposes only and does not constitute legal advice. Laws vary by jurisdiction and change over time. Consult a qualified attorney for advice specific to your situation.Full disclaimer
Found an error? Let us knowRelated Documents
You may also find these documents useful:
Terms of Service (India)
Comprehensive terms of service for Indian websites and apps under the IT Act 2000 and Consumer Protection Act 2019. Covers user obligations, intellectual property, liability limitations, dispute resolution, and governing law.
Privacy Policy (India)
A comprehensive privacy policy for Indian businesses under the Digital Personal Data Protection Act 2023 (DPDP Act) and the Information Technology Act 2000. Covers data collection, processing purposes, user rights, data transfers, and grievance redressal.
Data Protection Policy (India)
An internal data protection policy for Indian organisations under the DPDP Act 2023 and IT Act 2000, governing how employees handle personal data, implement security controls, respond to breaches, and fulfil Data Principal rights requests.