Legal

Acceptable Use Policy

Cloudsol OÜ — Registration No: 14229249 — VAT: EE101963415
Pärnu mnt 139e/2-8
Kesklinna linnaosa, Tallinn
Harju maakond, 11317
Estonia
Effective date: 1 January 2025 — Governing law: Republic of Estonia

1. Purpose and Scope

This Acceptable Use Policy ("AUP") defines the conditions under which Cloudsol OÜ infrastructure may be used. Its purpose is to protect the integrity of the infrastructure, safeguard third parties, and ensure that Cloudsol OÜ operates in compliance with applicable law.

This AUP applies to all Clients and their authorized end users, subcontractors, customers, and any other persons or entities accessing services under a Client's account. Compliance with this AUP is a material condition of every Service Agreement. This AUP is incorporated by reference into all Service Agreements and into the Cloudsol OÜ Terms of Service.

Cloudsol OÜ reviews this AUP periodically. Material amendments are communicated to active Clients with 30 days' notice.

2. Prohibited Activities

The following activities are strictly prohibited on Cloudsol OÜ infrastructure. This list is illustrative and not exhaustive.

2.1 Malicious Software and Attacks

Distribution, hosting, or execution of malware of any kind, including viruses, ransomware, spyware, trojans, rootkits, keyloggers, or worms.
Operating botnet command-and-control (C2) infrastructure.
Conducting or facilitating Distributed Denial of Service (DDoS) attacks, or operating DDoS-for-hire services.
Port scanning, vulnerability scanning, or exploitation of third-party systems without the explicit written authorization of those systems' owners.
Conducting or facilitating brute-force attacks against any system.

2.2 Fraud and Financial Crime

Phishing, spear phishing, social engineering, or credential theft operations.
Hosting infrastructure for financial fraud, carding, identity theft, or money laundering.
Operating counterfeit or fraudulent websites impersonating legitimate entities.
Impersonating Cloudsol OÜ or any other legal entity.

2.3 Illegal Content

Hosting, distributing, or facilitating access to child sexual abuse material (CSAM) or any content involving the sexual exploitation of minors. This prohibition is absolute and results in immediate termination and referral to law enforcement.
Hosting or distributing content that is illegal under the laws of the Republic of Estonia or the European Union.
Copyright infringement at scale, including unauthorized distribution of copyrighted material.

2.4 Spam and Unsolicited Communications

Sending spam, unsolicited bulk email (UBE), or unsolicited commercial communications via email, SMS, or any messaging platform.
Operating open mail relays or infrastructure used to facilitate spam campaigns.
Harvesting email addresses or other contact information for use in unsolicited communications.

2.5 Sanctions and Regulatory Violations

Using the infrastructure in violation of EU or UN sanctions frameworks, or any applicable national sanctions regimes.
Providing services to sanctioned entities, individuals, or jurisdictions.
Any activity that would make Cloudsol OÜ complicit in a sanctions violation.

2.6 Infrastructure Abuse

Cryptocurrency mining (including proof-of-work mining of any currency) without prior written authorization from Cloudsol OÜ.
Activities that degrade infrastructure performance, network stability, or service quality for other Clients.
Circumventing security controls, access restrictions, or network filtering.
Using infrastructure resources in excess of contractual allocations without authorization.

3. Abuse Reporting

Abuse reports concerning Cloudsol OÜ infrastructure must be submitted to:

A valid, actionable abuse report must include:

Type of incident (e.g., spam, DDoS, phishing, malware)
Specific evidence supporting the report (logs, headers, screenshots, timestamps)
Affected IP address, hostname, or URL
Reporter's contact information for follow-up

Reports lacking sufficient evidence for investigation may not be actionable. Cloudsol OÜ will acknowledge all valid abuse reports within the timeframes defined in Section 4.

4. Response Timeframes

Cloudsol OÜ commits to the following response timeframes for abuse reports:

Urgent reports (active DDoS attacks, CSAM, active exploitation): acknowledgement and initial action within 24 hours.
Standard reports (spam, phishing, malware distribution, policy violations): acknowledgement within 72 hours; investigation commencement within 5 business days.

Status updates are provided to reporters for active investigations upon request. Cloudsol OÜ cooperates with law enforcement and regulatory authorities on lawful requests.

5. Suspension Procedure

Where a credible abuse report is received or an AUP violation is identified, Cloudsol OÜ may suspend the affected service, in whole or in part, pending investigation. Suspension may be applied without prior notice where continued operation poses an imminent risk of harm to third parties or to the integrity of the infrastructure.

In non-urgent cases, Cloudsol OÜ will: (a) notify the Client of the alleged violation and the evidence received; (b) provide a reasonable opportunity to respond or remediate; and (c) escalate to suspension if the violation is confirmed or the Client does not respond within the stated timeframe.

During suspension, Client data remains accessible for extraction unless the nature of the violation (e.g., CSAM) requires immediate preservation for law enforcement.

6. Immediate Termination

The following violations result in immediate termination of all services, without a notice period and without refund of any remaining service fees:

Hosting, distribution, or facilitation of CSAM or child exploitation material of any kind.
An active DDoS attack originating from the infrastructure at the time of termination.
Confirmed activity in breach of EU or UN sanctions frameworks.
Any activity that poses imminent, serious harm to third parties and cannot be remediated by suspension alone.

Termination under this section does not prejudice any legal remedies available to Cloudsol OÜ or third parties. Relevant evidence may be preserved and disclosed to law enforcement or regulatory authorities as required by law.

7. Client Notification

Except where immediate termination applies, Cloudsol OÜ will notify the Client by email to the registered contact address specifying: the nature of the alleged violation, a summary of the supporting evidence, and the required remediation action or response timeframe (minimum 48 hours for non-urgent cases).

If the Client does not respond within the stated period or does not provide a satisfactory remediation plan, Cloudsol OÜ may proceed with suspension or termination at its discretion.

8. Reinstatement

Following a suspension, services may be reinstated if the Client demonstrates to Cloudsol OÜ's reasonable satisfaction that: (a) the violating activity has ceased and been remediated; (b) the root cause has been identified and addressed; and (c) the Client has implemented measures to prevent recurrence.

Reinstatement requests must be submitted in writing to abuse@cloudsol.ee. Cloudsol OÜ will review reinstatement requests within 5 business days. Reinstatement is not available where immediate termination has been applied under Section 6, or where the Client has committed repeated AUP violations.

9. Relationship to Service Agreement

This AUP is incorporated by reference into all Cloudsol OÜ Service Agreements. Violation of this AUP constitutes a material breach of the Service Agreement and may give rise to termination under the Terms of Service. This AUP takes precedence over any Client instruction that conflicts with it. Cloudsol OÜ's obligation to enforce this AUP is not limited by Client consent or direction.

To report abuse: