Acceptable Use Policy

This Acceptable Use Policy (“Policy”) supplements the Master Service Agreement (“Agreement”), located at https://satccolo.com/masterserviceagreement and incorporated by reference therein, and governs the Customer’s use of Services (as defined in the Agreement and applicable service order document (“Order Form”)). By using the Services, Customer  (“You”) agrees to abide by the terms outlined in this Policy. If you engage in any of the activities prohibited by this Policy, or otherwise fail to comply with the terms herein, you will have breached the Agreement, and SATC COLO may suspend or terminate the Services and your account at any time. SATC COLO will investigate incidents involving such violations and may involve and will cooperate with law enforcement if a criminal violation is suspected. Questions regarding this policy should be directed to abuse-notificiation@satccolo.com.

1.     General Compliance

Customer shall use the Services in compliance with all applicable laws, regulations, and contractual obligations. Customer is solely responsible for understanding and ensuring adherence to all legal and regulatory requirements applicable to its use of the Services.

2.     Prohibited Uses

Some Services are for internal use only for designated employees and contractors of Customer’s organization ("Internal Users"). Other Services, such as cloud hosting, may involve providing access to Services to authorized third-party customers ("External Users"). (collectively, “User(s)”). Customer is responsible for the acts and omissions of all Users.

Customer shall not use the Services or network to engage in, foster, solicit, or promote illegal, improper, abusive, or irresponsible conduct, including:

a.     Unlawful, Fraudulent, and Deceptive Conduct:

                      i.     Conduct likely to breach any laws, codes, or regulations applicable to the parties, including conduct infringing or misappropriating intellectual property, trade secrets, confidential or proprietary information; or conduct which is fraudulent, unfair, deceptive, or defamatory;

                    ii.     Conduct violating rules and conventions of any domain registrar, email service, bulletin board, chat group, or forum used in conjunction with the Services or network, including using false, misleading, or deceptive TCP-IP packet header information in an email or newsgroup posting;

                   iii.     Deceitfully collecting, transmitting, or using information, or distributing software that covertly gathers or transmits information about User(s);

                   iv.     Conduct intended to withhold or cloak identity or contact information, registering to use Services under a false name, or using an invalid or unauthorized credit card in connection with Services;

                     v.     Using domains registered through the Services for phishing attacks, fraudulent impersonation, misleading activities, or hosting deceptive or malicious content designed to mislead or exploit users; and

                   vi.     Operating accounts on behalf of or providing services to persons or entities listed in the Spamhaus Register of Known Spam Operations (ROKSO) database (www.spamhaus.org/rokso).

b.    Unauthorized Access and Security Violations:

                      i.     Unauthorized access to, monitoring, or use of, or interference with an internet account, computer, system, network, data, or traffic;

                    ii.     Unauthorized access, alteration, or destruction of any SATC COLO customer or end-user information;

                   iii.     Reverse engineering (including any attempt to gain unauthorized access to the Services or attempt to discover the underlying source code or structure of the Services);

                   iv.     Intentionally, knowingly, or recklessly introducing any malicious code into the Services; and

                     v.     Attempting to test the vulnerability of a SATC COLO system or network or attempt to breach SATC COLO security measures by any means (unless expressly authorized by SATC COLO in writing).

c.     Network Abuse and Disruption:

                      i.     Interfering with the Services or disrupting any User’s or other customer’s access to the Services;

                    ii.     Network manipulation, or IP Spoofing;

                   iii.     Initiating pinging, flooding, mail-bombing, or denial-of-service (DoS) attacks; and

                   iv.     Using the Colocation Space or Services in a way that unnecessarily interferes with the normal operation of the shared system or consumes a disproportionate share of system resources.

d.     Spam and Misuse of Email Services

                      i.     Advertising, transmitting, or making available software, programs, products, or services designed to violate this Policy;

                    ii.     Using tools facilitating the sending of Unsolicited Bulk Emails (“UBE” or “spam”), chain letters, or deceptive solicitations; and

                   iii.     Email harvesting, purchasing email lists, forging email headers, impersonating others (or other fraudulent email activities), operating open mail relays, mail bombing, or excessive use of SMTP resources that negatively impacts other customers.

e.      Data Misuse and Unauthorized Distribution

                      i.     Distribution, reselling, or permitting access (except for Users) to the Services by any third party;

                    ii.     Permitting multiple Users to access the Services using shared login credentials; and

                   iii.     Data scraping or data extraction outside of the ordinary features of the Services.

f.      Prohibited Content and High-Risk Use

                      i.     Publishing, transmission, or storage on or via the Services of content or links to content that SATC COLO reasonably believes relates in any manner to child pornography, bestiality, non-consensual sex acts, or live sex acts; or is excessively violent, incites or threatens violence, contains harassing content or hate speech, violates a person’s privacy, is malicious, or is morally repugnant; and

                    ii.     Using the Services in any situation where failure or fault of the Services could lead to death or serious bodily injury of any person or to physical or environmental damage, including in connection with aircraft or other modes of human mass transportation, or nuclear or chemical facilities.

g.     Gambling, Cryptocurrency, and Restricted Activities

                      i.     Gambling activity violating any applicable law, required licenses, or technical standards; and

                    ii.     Using the Services for cryptocurrency mining (or any derivative thereof) (unless expressly authorized by SATC COLO in writing).  

3.     Mail Requirements

Unless Customer has obtained prior written permission from SATC COLO, Customer and its Users may not send more than 500 emails per hour or 1,000 per day. All mailing list recipients must have opted-in, and opt-out options must be clearly provided.

4.     Export Control

Customer shall ensure Services are not used in breach of export laws, controls, regulations, or sanction policies of the United States or Customer’s applicable jurisdiction. Customer shall ensure Services are not used by any person or entity suspected of involvement or affiliation with those involved in activities or causes relating to human trafficking, illegal gambling, terrorism, narcotics trafficking, arms trafficking, or the proliferation, development, design, manufacture, production, stockpiling, or use of nuclear, chemical, or biological weapons, weapons of mass destruction, or missiles.

5.     Cooperation with Investigations and Proceedings

If legally required, SATC COLO may allow relevant authorities to inspect Customer’s content or traffic. SATC COLO also reserves the right to report any Customer activity it reasonably believes violates applicable law, including providing relevant information about the Customer, its Users, or traffic, without prior notice. Additionally, SATC COLO may cooperate with law enforcement or regulatory agencies in response to formal requests related to suspected legal violations or civil actions.

6.     Regulated Data Handling

To ensure compliance with legal and security obligations, Customer shall adhere to the following requirements when handling regulated data:

a.     Personally Identifiable Information (PII): PII includes, but is not limited to, names, addresses, phone numbers, email addresses, Social Security numbers, driver’s license numbers, passport numbers, financial account information, and any other data that can be used to identify an individual. Customer shall comply with all applicable data protection laws when storing, processing, or transmitting PII. This includes:

                      i.     General Data Protection Regulations (GDPR): If handling data related to European Union (EU) residents, Customer shall ensure data processing follows GDPR guidelines, including obtaining consent, ensuring the right to be forgotten, and implementing appropriate security measures.

                     ii.     California Consumer Privacy Act (CCPA): If processing the personal data of California residents, Customer shall comply with CCPA regulations regarding data access, deletion, and consumer rights.

                   iii.     Health Insurance Portability and Accountability Act (HIPAA): If handling PII that qualifies as Protected Health Information (PHI), as defined by HIPAA, Customer shall follow HIPAA guidelines to protect patient data.

                   iv.     Payment Card Industry (PCI) Data: If processing, storing, or transmitting credit card or payment data, Customer shall comply with the Payment Card Industry Data Security Standard (PCI-DSS), which includes: (x) encrypting cardholder data during transmission; (y) restricting access to payment information to authorized personnel only; and (z), implementing robust authentication and access control measures; regularly testing security systems and maintaining secure networks.

b.     Health Information (HIPAA Compliance): When handling PHI, Customer shall: (i) implement security controls to ensure the confidentiality, integrity, and availability of PHI; (ii) sign a Business Associate Agreement (BAA) if required, which formalizes the Customer’s responsibility in handling PHI on behalf of covered entities; (iii) ensure compliance with administrative, physical, and technical safeguards, such as encryption, role-based access controls, and audit logs.

c.     Export-Controlled Data: Customer may not store or transmit any data that falls under U.S. export control laws, such as International Traffic in Arms Regulations (ITAR) or Export Administration Regulations (EAR), without first obtaining the necessary governmental approvals.

7.     Customer Responsibilities

a.     Domain Compliance: To prevent email spoofing and maintain email integrity, Customer shall maintain accurate and up-to-date registration information for any domain registered through the Services, including providing valid contact details for domain ownership records and ensuring compliance with domain registrar policies.

b.     Software Updates & Patch Management: Customer is responsible for ensuring that all software, applications, and systems hosted on the Services are regularly updated and patched to prevent security vulnerabilities, including (i) applying SATC COLO-released security updates for operating systems, databases, and web applications and (ii) disabling or removing outdated software that may pose security risks.

c.     Backup & Data Integrity: Customer is responsible for implementing its own data backup solutions to prevent data loss, including (i) maintaining regular backups of critical data in a secure offsite location; (ii) ensuring that backups are tested periodically to verify their integrity and usability; and (iii) acknowledging that SATC COLO is not responsible for lost data due to a failure on the Customer’s part to implement backup procedures.

d.     Incident Response & Security Breach Notification: In the event of a security breach, Customer agrees to: (i) notify SATC COLO immediately upon discovery of unauthorized access, data breaches, or security incidents; (ii) cooperate fully in the investigation and remediation efforts to minimize damage; and (iii) take necessary actions to mitigate risks and prevent future occurrences.

e.     Third-Party Compliance: Customer may, with written permission from SATC COLO, allow third parties (e.g., contractors, partners, clients) other than its Users to access the Services. The Customer agrees to: (i) ensure third-parties adhere to this Policy; (ii) implement necessary controls to prevent unauthorized access or misuse of the Services; (iii) be held accountable for any violations or breaches caused by third-party users under their control.

8.     Policy Breach and Enforcement.

If Customer (or its Users) breaches this Policy (including unintentionally, through failure to use reasonable security precautions, or as a result of unauthorized activity), SATC COLO may block any content or traffic, suspend Services, or terminate Services in accordance with the Agreement. No credit shall be available under any Service Level Agreement for interruptions of Services resulting from breach of this Policy.

9.     Modifications.

SATC COLO reserves the right, in its discretion, to change, modify, add to, or remove portions of the Policy (collectively, “Changes”), at any time. Such Changes will apply prospectively beginning on the date the Changes are posted to https://satccolo.com/acceptable-use-policy. Continued use of the Services after Policy Changes constitutes acceptance of the revised terms.

[End]