ACCEPTABLE USE POLICY

OVERVIEW

USTCLOUD’s Acceptable Use Policy (“AUP”) is designed to protect USTCLOUD’s customers (“Customers”) and third parties, further compliance with all relevant laws and regulations, and promote the security and availability of USTCLOUD network, servers and physical infrastructure. This AUP applies to each Customer’s use of the services provided to it by USTCLOUD (“Services”) and every server or network device that is under USTCLOUD or each Customer’s control and attached to USTCLOUD infrastructure as a part of the Services (“Server”).

This AUP is incorporated by this reference into each Customer’s service agreement. USTCLOUD reserves the right to amend this AUP from time to time, and a Customer’s use of the Services after changes to the AUP are posted on USTCLOUD’s web site http://www.ustcloud.com will constitute the Customer’s acceptance of any such amendments as will payment of each invoice.

Customers are responsible for complying with this AUP and for violations attributable to their customers and users, whether authorized or not by Customer. Customers must take all reasonable steps to ensure that they, their customers and users will comply with this AUP.

This AUP does not (a) obligate USTCLOUD to monitor, review, or police the data and content residing on its network or (b) create any obligation of USTCLOUD to any party that is not a Customer. USTCLOUD expressly disclaims any liability for the data and content residing on its network and servers and for the actions of its Customers.

Prohibited Content

Customers shall not allow the posting, transmission, or storage of data and content on or through the Services which, in USTCLOUD’s sole determination, constitutes a violation of any relevant law, regulation, ordinance, or court order. Customers shall be responsible for determining what laws or regulations are applicable to their use of the Services. Prohibited content includes, without limitation, (a) content or code that facilitate any violation of, or describe ways to violate, this AUP or (b) “harvested” addresses or information, (c) “phishing” web sites, or (d) “spamvertising” sites.

A Customer shall not knowingly host on its account, or transmit over USTCLOUD’s servers or network, any material believed by USTCLOUD to constitute child pornography. In addition to the any other actions it may take under this AUP, USTCLOUD reserves the right to cooperate fully with any criminal investigation of content located on a Server that constitutes alleged child pornography.

Customer Security Obligation

Customers must use reasonable care to ensure the security of each Server. A Customer is solely responsible for any intrusions into or security breaches of, any of its Domains or Servers, except as otherwise covered by a specifically designated security administration or firewall security service package ordered by the Customer. USTCLOUD reserves the right to disconnect without provision of service credit any Server or Account which disrupts USTCLOUD’s servers, network or any hardware objects on the network as a result of a security compromise.

Network Abuse

Customers are prohibited from engaging in any activities that USTCLOUD determines in its sole discretion to constitute network abuse, including the following:

1. Introducing or executing malicious programmes into any network or server, such as viruses, worms, Trojan Horses, and key loggers.
2. Causing or initiating security breaches or disruptions of network communication and/or connectivity, including port scans, flood pings, email-bombing, packet spoofing, IP spoofing, and forged routing information.
3. Executing any form of network activity that will intercept data not intended for the Customer’s server or account.
4. Evading or circumventing user authentication or security of any host, network or account, including cracking, brute-force, or dictionary attacks.
5. Interfering with or denying service to any user, host, or network other than the Customer’s host, such as a denial of service attack or distributed denial of service attack.
6. Conduct designed to avoid restrictions or access limits to specific services, hosts, or networks, including the forging of packet headers or other identification information.
7. Using any program, or sending messages of any kind, designed to interfere with or disable a user’s terminal session.
8. Being in breach of the Anti Spam Laws of any country.

Intellectual Property Infringement Policy

Customers may not transmit, distribute, download, copy, cache, host, or otherwise store on a Server any information, data, material, or work that infringes the intellectual property rights of others. USTCLOUD has the right to disable access to, or remove, infringing content to the extent required under any law or regulation.

USTCLOUD reserves the right to suspend permanently or terminate the Services of any Customer that repeatedly violates USTCLOUD’s Intellectual Property Infringement Policy or any copyright law.

E-mail Policy

Customer may not send unsolicited bulk messages over the Internet (i.e., “spamming”) and must comply with all relevant legislation and regulations on bulk and commercial e-mail, including the CAN-SPAM Act of 2003.

Mass Mailings – Customers may not sending mass unsolicited e-mail, which is email that is sent to recipients who have not double-opted in to mailings from the Customer. Customers who send mass mailings must maintain complete and accurate records of all consents and opt-ins, including the actual e-mail and its headers, and provide such records to USTCLOUD upon its request. If a Customer cannot provide positive and verifiable proof of such consents and opt-ins, USTCLOUD will consider the mass mailing to be unsolicited.

Mailing Lists – Customers are prohibited from operate mailing lists, listservs, or mailing services that do not target an audience that has voluntarily signed up for e-mail information using a double opt-in process or that has made their e-mail addresses available to Customer for distribution of information. Customers who operate mailing lists must maintain complete and accurate records of all consents and opt-ins (including the actual e-mails and their headers) and provide such records to USTCLOUD upon its request. If a Customer cannot provide positive and verifiable proof of such consents and opt-ins, USTCLOUD will consider the list mailing to be unsolicited. Any Customer-maintained mailing list must also allow any party on the list to remove itself automatically and permanently. On shared servers no more than 500 emails may be sent from an account in an hour.

Other prohibited mailing activities include the following:

1. Use of USTCLOUD’s servers and network for the receipt of replies to unsolicited mass e-mail
2. Forgery of e-mail headers (“spoofing”)
3. Spamming via third-party proxy, aggregation of proxy lists, or installation of proxy mailing software
4. Configuration of a mail server to accept and process third-party messages for sending without user identification and authentication
5. Hosting of open (public) recursive DNS servers.
6. Hosting web pages advertised within “spam e-mail” sent from another network (“spamvertising”)
7. Any other unsolicited bulk messages, postings, or transmissions through media such as weblog posts, IRC/chat room messages, guestbook entries, HTTP referrer log entries, usenet posts, pop-up messages, instant messages, or SMS messages.

Block Removal – If, as a result of a Customer’s actions, USTCLOUD’s mail servers or IP address ranges are placed on black hole lists and other mail filtering software systems, USTCLOUD shall charge Customer $100 up front and $100 per hour thereafter for any necessary remedial actions.

IP Allocation

A Customer shall not use IP addresses that were not assigned to it by USTCLOUD. USTCLOUD reserves the right to suspend the network access of any account or server utilising IP addresses outside of the assigned range.

Frequent Attack Targets Services (IRC networks, Camfrog, etc.)

It is absolutely forbidden to host an IRC server that is part of or connected to another IRC network or server. Servers found to be connecting to or part of these networks will be immediately removed from our network without notice. The server will not be reconnected to the network until such time that you agree to completely remove any and all traces of the IRC server, and agree to let us have access to your server to confirm that the content has been completely removed. It is also forbidden to host Camfrog servers or other server applications that are frequent targets of Denial of Service attacks or other types of attacks. Any server guilty of a second violation will result in immediate account termination.

Usenet Policy

Usenet posts and content must conform to standards established by the Internet community and the applicable newsgroup charter. USTCLOUD reserves the right to determine whether such posts violate the AUP.

Legal Investigations

Customers will cooperate and comply with any civil or criminal investigation regarding content located on its Accounts or Servers, including, without limitation, the following: discovery orders, subpoenas, freeze orders, search warrants, information requests, wire taps, electronic intercepts and surveillance, preservation requests, and any other order from a court or government entity (each an “Investigation”). USTCLOUD reserves the right to comply with any Investigation without notice to a Customer. Customers shall not be entitled to service credits, and USTCLOUD shall not be in default under any agreement for Services, if its compliance with any Investigation causes a Customer to incur downtime or requires the sequestering of all or a portion of the Servers.

Violations of AUP

USTCLOUD may enforce this AUP with or without notice to a Customer by any actions it deems necessary in its sole discretion, including the following:

1. Disabling access to a Customer’s content that violates this AUP
2. Removal of DNS records from Servers
3. Blocking mail or any other network service
4. Effecting IP address null routing
5. Suspending or terminating of a Customer’s service
6. Taking direct action against a Customer’s users and customers.

The aforementioned list of actions shall not be construed in any way to limit the actions or remedies that USTCLOUD may take to enforce and ensure compliance with this AUP. USTCLOUD reserves the right to recover any and all expenses, and apply any reasonable charges, in connection with a Customer’s violation of this AUP. No service credits, no refunds will be issued for any interruption in service resulting from violations of this AUP.

USTCLOUD reserves the right at all times to investigate any actual, suspected, or alleged violations of this AUP, with such investigation to include accessing of data and records on, or associated with, any Server.