Legal

Compliance Statement

Cloudsol OÜ — Registration No: 14229249 — VAT: EE101963415
Pärnu mnt 139e/2-8
Kesklinna linnaosa, Tallinn
Harju maakond, 11317
Estonia
Effective date: 1 January 2025 — Governing law: Republic of Estonia

Purpose

This Compliance Statement summarizes the operational governance, legal posture, and regulatory commitments of Cloudsol OÜ. It provides a structured overview of our legal identity, applicable regulatory frameworks, service model, and operational policies.

1. Legal Entity

Cloudsol OÜ is a private limited company (osaühing) incorporated and registered in the Republic of Estonia.

Legal name	Cloudsol OÜ
Registration number	14229249
VAT number	EE101963415
Registered address	Pärnu mnt 139e/2-8, Kesklinna linnaosa, Tallinn, Harju maakond, 11317, Estonia
Jurisdiction	Republic of Estonia

Cloudsol OÜ is registered in the Estonian Business Register and operates under Estonian commercial law, operating within the applicable EU commercial and regulatory framework for infrastructure service providers.

2. Regulatory Framework

Cloudsol OÜ operates under and in compliance with:

Estonian Commercial Code (Äriseadustik) and applicable company law obligations.
Estonian Accounting Act (Raamatupidamise seadus) — governing financial records and invoicing.
GDPR (Regulation (EU) 2016/679) — governing the processing of personal data. See Privacy Policy.
Estonian Personal Data Protection Act (Isikuandmete kaitse seadus) — supplementing GDPR obligations.
EU, UN, and other applicable international sanctions regimes — including EU Common Foreign and Security Policy sanctions and UN Security Council measures.
Applicable EU Directives and Regulations — including awareness of the NIS2 Directive where applicable to digital infrastructure providers.

Cloudsol OÜ does not operate in sanctioned jurisdictions and does not provide services to sanctioned entities.

3. Business Model

Cloudsol OÜ operates exclusively as a B2B infrastructure services provider. Our business model is characterized by:

B2B-only service delivery: All clients are registered business entities. No consumer-facing services are offered.
Contract-based provisioning: Every service is delivered under a formal Service Agreement signed by both parties. There is no anonymous, instant, or self-service provisioning.
Structured client onboarding: All client engagements begin with a technical assessment. Client identity and business purpose are established prior to service commencement.
Recurring monthly billing: Services are invoiced on a monthly basis in EUR. All invoices are issued under formal agreements with identified business clients.
No consumer services: No shared hosting, no self-service VPS, no public checkout, no anonymous infrastructure products.

4. Acceptable Use Enforcement

Cloudsol OÜ maintains a published Acceptable Use Policy (AUP) that is incorporated by reference into all Service Agreements. Key enforcement commitments include:

Formal AUP in place defining prohibited activities, including spam, malware distribution, DDoS, fraud, CSAM, and sanctions violations.
Active abuse monitoring with a dedicated reporting channel:
Defined response timeframes: 24 hours for urgent reports (active attacks, CSAM), 72 hours for standard reports.
Rights to suspend or terminate services for AUP violations, including immediate termination for CSAM, active DDoS attacks, or sanctions violations.
Commitment to cooperate with law enforcement and regulatory authorities on lawful requests.

5. Data Protection

Cloudsol OÜ is committed to GDPR compliance in all personal data processing activities:

A published Privacy Policy in compliance with GDPR transparency requirements (Articles 13–14).
Data subject rights respected and exercisable via
Personal data is not sold to third parties under any circumstances.
Third-party processors engaged under GDPR Article 28 data processing agreements.
Data processing takes place primarily within the EEA.
The competent supervisory authority is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

6. Sanctions Compliance

Cloudsol OÜ maintains active awareness of and compliance with applicable international sanctions frameworks:

Awareness of EU, UN, and other applicable international sanctions lists.
Client onboarding procedures include verification that prospective clients are not designated entities or located in sanctioned jurisdictions.
No services are provided to sanctioned individuals, entities, or territories.
Cloudsol OÜ has a process for identifying and escalating potential sanctions concerns identified during the client lifecycle.
Potential sanctions concerns are escalated and addressed where required by applicable law.

7. Financial Transparency

Cloudsol OÜ's financial operations are transparent and consistent with a legitimate B2B infrastructure provider:

All revenue is derived from recurring monthly service invoices issued to identified business clients under formal Service Agreements.
No anonymous payment methods are accepted. All payments are traceable to identified legal entities.
No prepaid, disposable, or anonymous hosting products are offered.
Published Refund & Cancellation Policy governs all cancellation and refund procedures.
Billing disputes are resolved through direct communication at billing@cloudsol.ee before any escalation to payment institutions.
Financial records are maintained in accordance with Estonian Accounting Act requirements (7-year retention).

8. Abuse and Security Response

Cloudsol OÜ operates an active abuse management function:

The abuse contact is monitored and operational.
Defined response timeframes: 24 hours for urgent/active incidents; 72 hours for standard reports.
Infrastructure monitoring for anomalous activity is conducted as part of standard service operations.
Cooperation with affected parties, law enforcement, and CERTs on substantiated incidents.
Rights to suspend and terminate services are exercised in accordance with the AUP.

9. Contact for Compliance Inquiries

For compliance-related inquiries, due diligence requests, or questions about this statement:

General:
Abuse:
Privacy / Data Protection:
Postal: Pärnu mnt 139e/2-8, Kesklinna linnaosa, Tallinn, Harju maakond, 11317, Estonia

This statement was last updated on 1 January 2025 and is subject to legal review prior to publication.