This Acceptable Use Policy describes the activities that are not allowed on the Memset® network and defines terms of responsibility. In using the Services provided by Memset®, Customers agree to comply with this policy and also to indemnify Memset® against any claims by third parties arising from violation of this Policy.
Memset® reserves the right to make changes to this Acceptable Use Policy at any time, and any changes will be effective immediately upon posting to Memset® web site: www.memset.com. Memset®'s Customers are responsible for regularly reviewing the Policy. Continued use of the Services following any changes shall constitute acceptance of the changes.
This policy recognises the fundamental fact that no one owns or controls the Internet. Memset® cannot monitor or control all the activities of our Customers. We do not intend to actively screen, review, censor, edit or take responsibility for the activities or content of our Customers.
The Customer, not Memset® is considered to be the Primary System Administrator and assumes all responsibility relating to their activities including, but not limited to:
- Aspects of the Customer's business
- The security of Customer Hosted Data and of the Customer’s hosted solution in any case where the Customer maintains sole access to or administrative capabilities of a feature or security control, or where the Customer and Memset® share administrative capabilities
- Any compliance or regulatory status or matter applicable to the Customer’s solution or business
- Content and data provided by or through a Customer for use with the Services
- Decisions about Customer's computer and communications systems needed to access the Services
- Results obtained from using Memset® Services
- Compliance with all applicable laws and governmental regulations regarding Customer's business or use of the Services
- Administration and protection of confidential data or secrets provided by Memset® to the Customer or generated by the Customer including:
- IP addresses intended for use behind DDoS mitigation services
- Customer user accounts, rights and credentials including API tokens
- Use of the Memset® Services by Customer's end users
- Compliance with this Acceptable Use Policy by the Customer and the Customer's end users
Activities conducted on the Internet are subject to many of the same laws and regulations applicable to the offline environment. Customers must exercise a high degree of judgement and responsibility with respect to their use of the Services, including the responsibility to comply with this Acceptable Use Policy.
Illegal Content and Actions
Accounts and the Services therein may not be used to support, engage in or promote fraudulent, abusive or illegal acts, including but not limited to the hosting of any content, behaviour or services that:
- Contains or promotes injury, violence, hate speech or physical harm against any group or individual
- Is in any way related to child exploitation or illegal pornography
- Disseminates, promotes or transmits any form of malware, adware, spyware, phishing attacks and campaigns, internet scamming, illegal data harvesting or password or identity robbery or fraud
- Infringes on copyright, patents, trademarks, trade secrets, or other intellectual property including pirated computer programs, cracker utilities, warez and software serial numbers or registration codes
- Violates any law, statute, ordinance or regulation governing the Customer's business or activities, including without limitation the laws and regulations governing export control, unfair competition, false advertising, consumer protection, issuance or sale of securities, trade in firearms, privacy, data transfer and telecommunications
Further, Memset® Customers may not use Memset® Services for:
- Interception, ‘eavesdropping’ or monitoring of data not intended for the Customer
- Unauthorised use of data, access to data or malicious activity including attempted or actual probes, enumeration, port scanning or vulnerability scanning of other networks or to attack, hack, attempt or achieve a breach of those networks.
- Any service, high risk use, conduct, content, website or product that is likely to cause Memset® or the Customer’s Memset® hosted solution to become the target of retaliation, DDoS attacks, etc.
- Creation of spoofed or otherwise misleading TCP-IP or UDP packets or other network traffic or intentionally omitting, deleting, forging or misrepresenting transmission information, including headers, return addressing information and IP addresses, or using IP addresses which were not assigned to them by Memset®
- Maintaining an Open Email Relay/Open Data Relay or allowing any data to be sent through one's server by an unrelated third party, including, but is not limited to, via open email gateways and open proxy servers.
SPAM or Unsolicited Commercial Email
Memset® has zero tolerance for the sending of SPAM or Unsolicited Commercial Email (UCE) over our network. Memset® Customers cannot send UCE and cannot host sites or information advertised in UCE. Customers are also responsible for the actions of their clients and must take all reasonable precautions to secure their servers and sites against SPAM exploits (e.g. open email relays and insecure cgi scripts).
Memset® does not permit:
- The sending of bulk emails, defined as the sending of the same email, or emails which are substantially the same, unless recipients have agreed to double-opt in to the mailing list. Proof may be required of the subscription opt-in process. Memset® does not permit the sending of bulk email to recipients whose details have been obtained from third-party sources.
- Hosting content on a Memset® server which is advertised or linked to by a bulk email campaign, even if this campaign is not run from a Memset® server.
- Violating our UCE or SPAM policy will result in penalties. Upon detection or notification of a violation of our UCE policy, Memset® will initiate an immediate investigation. During this time, outgoing mail may be suspended from the offending ip address to prevent further violations. If a client is found to be in violation of our UCE policy, Memset® will impose penalties and/or, at its discretion, restrict or terminate the offending account and the Customer's access to our network. Repeated or serious violations may result in the immediate termination of the account. SPAM is a very serious matter. PLEASE DO NOT SPAM. EDUCATE YOUR CLIENTS and TAKE ALL PRECAUTIONS against SPAM EXPLOITS.
Memset® Administrative Login and Management Software
To facilitate network/server management, inventory and related activities, all Memset® Servers and Services include a Memset® administrative account, Memset® agent or other method of Memset® administration. Reasonable precautions are taken by Memset® to maintain the security of these tools and the privacy of client data. Customers should not tamper, hinder, delete, or in any way change the functioning of these Memset® administration methods. To do so intentionally will breach the Memset® Terms and Conditions and may affect our ability to deliver in line with the Service Level Agreement.
The Customer is responsible for the appropriateness and accuracy of licensing of any software, including the licensing of individual users that is not sold or explicitly licensed by Memset. Where Memset® has sold or provided licensed software to the Customer, the Customer must on an on-going basis provide updates of user numbers, software installed and any other licensing data requested to Memset® such that accurate licensing can be maintained. The Customer is liable to Memset® for any financial impact where Memset®'s licensing is inaccurate under Memset®'s various Service Provider or Reseller License Agreements as a result of Customer action or inaction.
Customers purchasing or otherwise using Microsoft products are additionally bound by the Microsoft EULA, for which they (the Customer), are solely responsible for reviewing and implementing the necessary controls to meet the requirements of the EULA.
Cloud IaaS (Powered by OpenStack) Licensing
Customer use of Microsoft licenses or Images not provided by Memset is prohibited under the terms of our SPLA, regardless of any agreements you or your organisation has with Microsoft or a reseller of Microsoft products.
The Customer is liable to Memset® for any financial impact where Memset®'s licensing is inaccurate under Memset®'s various Service Provider or Reseller License Agreements as a result of Customer action or inaction.
Customer Penetration Testing and Vulnerability Scanning
No penetration testing, vulnerability scanning or assessment or target reconnaissance or enumeration of Memset® systems and networks or Memset® Customer solution and Services is by any Customer or third party permitted without written authorisation by Memset®. This will typically be provided in the form of a Memset® Customer Security Testing Consent Agreement, to be mutually agreed and executed by Memset®, the Customer and Customer’s third parties.
Cooperation with Law Enforcement Organisations, Investigations and Civil or Legal Proceedings
Memset® may, without prior notification to the Customer, alert the relevant authorities to any activity occurring on the Customer solution that is obviously in contravention of the laws under which Memset® operates.
The Customer provides consent where Memset® is required by law to cooperate with or permit investigation by relevant authorities including Law Enforcement Organisations, including the disclosure of Customer personal data or personal information or the interception or monitoring of Customer data or traffic. Where Memset® is permitted to, we will make reasonable endeavours to inform and alert the Customer.
Where Memset® receives notice of civil actions, DMCA takedown notices or other legal matters relating to the Customer’s hosted data, content or activities, the Customer consents that Memset® may reasonably provide the issuer of such notices with the identity of or contact details for the Customer’s organisation.
Fair Usage of Shared, Burstable Resources
For some shared resources we require that customers do not continuously use an unreasonable excess of those resources. Examples of an excess might include continuously & actively using swap on Cloud VPS (Miniserver) rather than upgrading RAM, running software that deliberately uses all available CPU resource constantly or continuously using many times the base-allocation of unmetered bandwidth. In such circumstances we reserve the right, at our discretion, to request that the client cease such activities or be forcibly upgraded to a more suitable package or, in the case of excess use of unmetered bandwidth, be moved to a metered bandwidth connection.
Consequences of Breach of the Memset® AUP
Should the Customer breach the Memset® AUP, Memset® reserves the right to immediately blackhole or null-route, intercept or block traffic to or from the Customer’s Services, suspend and/or completely terminate the customer’s account in order to protect Memset’s or Memset’s Customers’ Services, availability or reputation. No credit or compensation is available for service interruptions resulting from breach of the Memset® AUP.
This Acceptable Use Policy (AUP) is not exhaustive. Memset® has the right to refuse service to anyone at any time WITHOUT WARNING OR PRIOR NOTICE. No refunds of fees paid will be made if account termination is due to a violation of the Acceptable Use Policy as outlined above.