aup - Databridge Sites

Acceptable Use Policy (AUP)

For purposes of this Acceptable Use Policy (this “AUP”) the term “Owner” shall mean the specific legal entity which is the owner, operator, or lessor, as may be applicable, of the building or property (the “Building”) in which the customer (“Customer”) has entered into an agreement with such Owner for the leasing, licensing and/or use of space, power, products and/or services in such Building.

This AUP augments and explains certain terms of each Customer’s individual agreement and is intended to be a guide to our Customer’s rights and obligations when utilizing Owner’s Data Center services.

As a provider of Internet access (also known as “Internet Transit”), cloud services, and other Internet-related services, Owner offers its Customers, their customers, and end-users (each, a “Subscriber“, and collectively, “Subscribers“), the means to acquire and disseminate a wealth of public, private, commercial, and non-commercial information. Owner respects that the Internet provides a forum for free and open discussion and dissemination of information, however, when there are competing interests at issue, Owner reserves the right to take certain preventative or corrective actions. In order to protect these competing interests, Owner has developed this AUP, which supplements and explains certain terms of each Subscriber’s respective service agreement and is intended as a guide to the Subscriber’s rights and obligations when utilizing Owner’s services. This AUP will be revised from time to time, with or without notice. A Subscriber’s use of Owner’s services after changes to this AUP are posted on Owner’s web site, at www.databridgesites.com/AUP, will constitute the Customer’s acceptance of any new or additional terms of this AUP that result from those changes.

One important aspect of the Internet is that no one party owns or controls it. This fact accounts for much of the Internet’s openness and value, but it also places a high premium on the judgment and responsibility of those who use the Internet, both in the information they acquire and in the information they disseminate to others. When Subscribers obtain information through the Internet, they must keep in mind that Owner cannot monitor, verify, warrant, or vouch for the accuracy and quality of the information that Subscribers may acquire. For this reason, the Subscriber must exercise their best judgment in relying on information obtained from the Internet, and also should be aware that some material posted to the Internet is sexually explicit or otherwise offensive. Because Owner cannot monitor or censor the Internet, and will not attempt to do so, Owner cannot accept any responsibility for injury to its Subscribers that results from inaccurate, unsuitable, offensive, or illegal Internet communications.

When Subscribers disseminate information through the Internet, they also must keep in mind that Owner does not review, edit, censor, or take responsibility for any information its Subscribers may create. When Subscribers place information on the Internet, they have the same liability as other authors for copyright infringement, defamation, and other harmful speech. Also, because the information they create may be passed-through Owner’s equipment (e.g. routers, switches, circuits, etc.) (collectively hereinafter, “Owner’s Network“) and may reach a large number of people, including both Subscribers and nonsubscribers of Owner, Subscribers’ postings to the Internet may affect other Subscribers and may harm Owner’s goodwill, business reputation, and operations. For these reasons, Subscribers violate Owner’s policy and their agreement with Owner when they, their customers, affiliates, or subsidiaries engage in the following prohibited activities:

Internet Spamming

Sending unsolicited bulk and/or commercial messages over the Internet (known as “Spam”) is in violation of policy. It is not only harmful because of its negative impact on consumer attitudes toward Owner, but also because it can overload Owner’s Network and disrupt service to other Subscribers. Also, maintaining an open SMTP relay (that is, an SMTP server that accepts outgoing email from sources beyond the Subscriber’s network and managed devices) is prohibited.

When a complaint is received, Owner has the sole discretion to determine from all of the evidence whether or not the email recipients were from a Confirmed Opt-in (as defined herein) email list. With “Confirmed Opt-in” (also called Closed-Loop Opt-in), the email recipient has verifiably confirmed permission (also known as “Verifiable Confirmation Information”) for the address to be included on the specific mailing list, by confirming (responding to) the list subscription request verification. This is the standard practice for all responsible Internet mailing lists, as it ensures users are properly subscribed, from a working address, and with the address owner’s consent. Owner reserves the right to request from Subscribers the Verifiable Confirmation Information and to verify this information with the email recipient.

Furthermore, Spam does not have to be sent from a Subscriber’s account or Owner’s Network to violate this AUP. Email sent by or through a third party that advertises or otherwise directs traffic or links to a Subscriber’s web site or a Subscriber’s account will be held to the same standard as those emails sent directly by Subscriber. The use of email lists obtained or purchased from a third party must also be verifiable by such Subscriber to meet the requirements of Confirmed Opt-in with Verifiable Confirmation Information that recipient has opted-in to email from such Subscriber.

Forging of Headers

It is a violation of Owner’s policy for Subscribers to engage in the activity of forging or misrepresenting message headers, whether in whole or in part, to mask the originator of the message.

Intellectual Property Violations

Engaging in any activity that infringes or misappropriates the intellectual property rights of others, including copyrights, trademarks, service marks, trade secrets, software piracy, and patents held by individuals, corporations, or other entities also, engaging in activity that violates privacy, publicity, or other personal rights of others violates Owner’s policy. Owner is required by law to remove or block access to a Subscriber’s content upon receipt of a proper notice of copyright infringement. It is also Owner’s policy to terminate the privileges of Subscribers who commit repeat violations of copyright laws.

Illegal Activity: Child Pornography

Using Owner’s Network to advertise, transmit, store, post, display, or otherwise make available child pornography is a violation of Owner’s policy. Owner has a no-tolerance policy for child pornography, and accounts reported to Owner as potentially containing child pornography will be immediately disabled and reported to the National Center for Missing and Exploited Children (also known as “NCMEC”). Owner is required by law to notify law enforcement agencies when it becomes aware of the presence of child pornography on or being transmitted through Owner’s Network.

Illegal or Unauthorized Access to Other Computers or Networks

It is a violation of Owner’s policy for Subscribers to access illegally or without authorization computers, accounts, or Networks belonging to another party, or attempting to penetrate security measures of another individual’s system (often known as “Hacking”).

Also, any activity that might be used as a precursor to an attempted system penetration (i.e. port scan, stealth scan, or other information gathering activity) is a violation of Owner’s policy.

Security Scans

Owner understands the needs of our Subscribers to meet certain industry requirements that require Subscriber or a third party engaged by Subscriber to conduct security scans of the Subscriber’s systems, such as penetration testing. All such scans must be coordinated in advance with Owner via a ticket on Owner’s portal. Failure to coordinate and meet all requirements prior to scanning is a violation of Owner’s policy.

Owner reserves the right to conduct its own periodic passive/non-intrusive security scans on all owned IP, cloud, and network assets. Additional active scans such as penetration tests are typically limited to owner-managed systems, but may be used to verify potential issues identified by passive scans. Owner will, at their discretion, advise Customer of results if they are deemed to be a potential AUP violation in need of correction.

Distribution of Internet Viruses, Worms, Trojan Horses, or Other Destructive Activities

Violations of Owner’s policy include distributing information regarding the creation of and sending Internet viruses, worms, Trojan horses, pinging, flooding, mailbombing, phishing, or denial of service attacks, as well as activities that disrupt the use of or interfere with the ability of others to effectively use the Network or any connected Network, system, service, or equipment.

Facilitating a Violation of this AUP

Advertising, transmitting, or otherwise making available any software, program, product, or service that is designed to violate this AUP, which includes the facilitation of the means to Spam, initiation of pinging, flooding, mailbombing, phishing, denial of service attacks, and piracy of software. This can include failure to update software used on Subscriber accounts or systems that is known to be vulnerable to malicious activity or exploitation or otherwise failing to follow security best practices.

Export Control Violations

Exporting controlled software or data, including but not limited to encryption algorithms defined under Export Administration Regulations or ITAR-controlled software, in violation of United States law, is a violation of Owner’s policy.

Other Illegal Activities

Engaging in activities that are determined to be illegal, including advertising, transmitting, or otherwise making available ponzi schemes, pyramid schemes, phishing attempts, fraudulently charging credit cards, and pirating software.

Other Harmful Activities

Engaging in activities, whether lawful or unlawful, that Owner determines to be harmful to its Subscribers, operations, reputation, goodwill, or customer relations is a violation of Owner’s policy.

As we have pointed out, the responsibility for avoiding the harmful activities just described rests primarily with Subscribers. Owner will not, as an ordinary practice, monitor the communications or content of its Subscribers to ensure that they comply with Owner’s policy or any applicable law. When Owner becomes aware of harmful activities, however, it may take any action to stop the harmful activity, including but not limited to, removing information, shutting down a web site, implementing screening software designed to block offending transmissions, denying access to the Internet, or take any other action it deems appropriate.

Owner also is aware that many Subscribers are themselves providers of Internet services, and that information reaching Owner’s Network from those Subscribers may have originated from a customer of the Subscriber or from another third-party. Owner does not require its Subscribers who offer Internet services to monitor or censor transmissions or web sites created by customers of its Subscribers. Owner has the right to directly take action against a customer of a Subscriber. Also, Owner may take action against the such Subscriber because of activities of said customer of the Subscriber, even though the action may affect other customers of the Subscriber. Similarly, Owner expects that Subscribers who offer Internet services will cooperate with Owner in any corrective or preventive action that Owner deems necessary. Failure to cooperate with such corrective or preventive measures is a violation of Owner’s policy.

Privacy

Owner also is concerned with the privacy of on-line communications and web sites. In general, the Internet is neither more nor less secure than other means of communication, including mail, facsimile, and voice telephone service, all of which can be intercepted and otherwise compromised. As a matter of prudence, however, Owner urges Subscribers to assume that all of their on-line communications are insecure. Owner cannot take any responsibility for the security of information transmitted over Owner’s Network or through Owner’s facilities.

Owner will not intentionally monitor private electronic mail messages sent or received by Subscribers unless required to do so by law, governmental authority, or when public safety is at stake. Owner may, however, monitor its service electronically to determine that its Network and facilities are operating satisfactorily. Also, Owner may disclose information, including but not limited to, information concerning a Subscriber, a transmission made using Owner’s Network, or a web site, in order to comply with a court order, subpoena, summons, discovery request, warrant, statute, regulation, or governmental request. Owner assumes no obligation to inform a Subscriber that such Subscriber’s information has been provided and in some cases may be prohibited by law from giving such notice. Finally, Owner may disclose Subscriber information or information transmitted over its Network where necessary to protect Owner and others from harm, or where such disclosure is necessary to the proper operation of the system.

Owner expects that its Subscribers who provide Internet services to others will comply fully with all applicable laws concerning the privacy of on-line communications. A Subscriber’s failure to comply with those laws will violate Owner’s policy. Finally, Owner wishes to emphasize that in signing the lease, license or service agreement, as the case may be, Subscribers indemnify Owner for any violation of such agreement, law, or Owner’s policy, that results in loss to Owner or its affiliate or the bringing of any claim against Owner or its affiliate by any third-party. This means that if Owner or its affiliate is sued because of a Subscriber’s or customer of a Subscriber’s activity, the Subscriber will pay any damages awarded against Owner or its affiliate, plus costs and reasonable attorneys’ fees.

Customer Responsibilities

Customers are expected to promptly notify Owner of any breach of security or other unauthorized activity, including violations of this AUP, or threats of hacking or attacks, within systems and services present at Owner’s location. This will ensure that Owner can coordinate an appropriate response to any notifications it receives.

Customers are expected to respond promptly to communication from Owner via email, ticket system, or phone calls regarding potential violations of this AUP, including investigating any received complaints and providing requested documentation verifying that any reported issue has been appropriately addressed.

Customers are expected to ensure that all systems are running currently supported operating systems, firmware, and software (that is, still receiving security updates and patches from the vendor) and adhere to best practices for securing systems and accounts, including a process for periodically and consistently reviewing and applying security updates to all systems. Customers are expected to provide evidence of this if Owner requests it as a part of an investigation into complaints or violations of this AUP.

We hope this AUP is helpful in clarifying the obligations of Internet users, including Owner and its Subscribers, as responsible members of the Internet. Any complaints about a Subscriber’s violation of this AUP should be sent to abuse@databridgesites.com.