Acceptable Use Policy

1. Purpose

This Acceptable Use Policy ("AUP") outlines prohibited uses of DanubeData's services. By using our services, you agree to comply with this policy.

Violation of this AUP may result in suspension or termination of services without refund.

2. Prohibited Activities

2.1 Illegal Activities

You may not use our services for any illegal purpose or to violate any laws, including but not limited to:

• Distribution of copyrighted material without authorization
• Trademark or intellectual property infringement
• Fraud, identity theft, or financial crimes
• Child exploitation or illegal content
• Drug trafficking or illegal substance distribution
• Gambling services in prohibited jurisdictions
• Money laundering or financing terrorism

2.2 Network Abuse

Activities that harm or disrupt networks, systems, or other users:

• Denial of Service (DoS/DDoS): Launching attacks against any target
• Port Scanning: Unauthorized network scanning or probing
• Packet Sniffing: Intercepting network traffic
• IP Spoofing: Forging IP addresses or headers
• Brute Force Attacks: Attempting to crack passwords or break into systems
• Traffic Amplification: DNS, NTP, SSDP, Memcached, or other amplification attacks

2.3 Email and Messaging Abuse

• Spam: Sending unsolicited bulk email or messages
• Phishing: Deceptive attempts to obtain sensitive information
• Email Harvesting: Collecting email addresses without consent
• Email Bombing: Overwhelming mail servers or recipients
• Forged Headers: Falsifying email headers or sender information

2.4 Content Restrictions

Prohibited content includes:

• Child sexual abuse material (CSAM)
• Content promoting terrorism or violence
• Hate speech or content inciting discrimination
• Malware, viruses, or malicious code
• Pirated software, movies, music, or other media
• Leaked or stolen data

2.5 Resource Abuse

• Cryptocurrency Mining: Not permitted without explicit written approval. This includes connecting to mining pools (e.g., Stratum protocol) and running mining software of any kind
• BitTorrent and Peer-to-Peer (P2P) File Sharing: Running BitTorrent clients, seedboxes, or any P2P file-sharing software is strictly prohibited. This applies regardless of whether the content being shared is copyrighted
• Excessive Resource Use: Activities that unreasonably burden infrastructure
• Proxy/VPN Services: Public or open proxy services (SOCKS, HTTP proxy, etc.) are not permitted. Private VPN for your own use is allowed. Contact us for approval if you intend to run a proxy or VPN service for others
• Tor Exit Nodes: Running Tor exit nodes or relays is not permitted due to abuse potential and upstream provider restrictions

2.6 Security Violations

• Attempting to breach security measures
• Accessing other customers' systems or data
• Vulnerability scanning without permission
• Penetration testing without prior authorization
• Running malware or botnet command & control

3. Permitted Security Testing

Security testing is allowed on your own infrastructure with these conditions:

• Tests must be limited to your own systems
• Notify us at least 48 hours in advance
• Provide details of the testing scope and methodology
• Use moderate resource levels
• Follow responsible disclosure if vulnerabilities are found

4. Compliance with Third-Party Policies

You must comply with policies of third-party services you use, including:

• Payment processor terms (Stripe)
• Domain registrar policies
• SSL certificate authority requirements
• CDN and DNS provider terms

5. Reporting Violations

5.1 How to Report

If you become aware of AUP violations, report them to:

Email: abuse@danubedata.ro
Include: Detailed description, evidence, and your contact information

5.2 What We Need

• Specific details of the violation
• Relevant logs, screenshots, or evidence
• Date and time of the incident
• Your contact information for follow-up

6. Network Security Monitoring

6.1 Network-Level Abuse Detection

Like all hosting providers, DanubeData monitors network traffic at the infrastructure level to detect and prevent abuse. This is standard practice across the hosting industry.

Our network monitoring includes:

• Traffic pattern analysis: Detecting DDoS attacks, spam, port scanning, brute force attempts, and other network abuse
• Resource usage metrics: Monitoring CPU, memory, bandwidth, and disk I/O at the hypervisor level
• IP reputation monitoring: Checking our IP ranges against public blocklists and responding to abuse reports from third parties
• Upstream provider compliance: Responding to abuse notifications from our infrastructure provider (Hetzner)

6.2 What We Do Not Monitor

We do not access, scan, or inspect the contents of your VPS instances. This means:

• We do not read your files, databases, or application data
• We do not monitor your running processes or installed software
• We do not inspect your cron jobs, startup scripts, or configurations
• We do not browse your web directories or application content

Your VPS is your private environment. We only access your instance if you explicitly request support assistance, or if compelled by a valid legal order from a competent authority.

6.3 Infrastructure Access

As a virtualization provider, DanubeData has hypervisor-level access to the physical servers hosting your VPS. This is inherent to all virtualized hosting and is not unique to DanubeData. We use this access for hardware maintenance, emergency recovery at your request, and compliance with valid legal orders. We recommend full-disk encryption within your VPS if you require additional data isolation.

6.4 Abuse Report Response

When we receive an abuse report (from a third party, our upstream provider, or triggered by network monitoring), we will:

• Notify you of the report and provide relevant details
• Give you a reasonable deadline to investigate and resolve the issue
• Only suspend your service if the abuse is severe, ongoing, and you fail to respond

7. Investigation and Enforcement

7.1 Our Response

When we receive abuse reports or detect violations through automated scanning, we:

• Investigate promptly (typically within 24 hours)
• Contact the customer to address the issue
• Take appropriate action based on severity
• Cooperate with law enforcement when required

7.2 Enforcement Actions

Depending on severity, we may:

• Warning: First-time or minor violations
• Temporary Suspension: Serious or repeated violations
• Service Termination: Severe violations or non-compliance
• Legal Action: Criminal activities or significant harm

7.3 Appeal Process

If you believe enforcement action was taken in error:

• Contact abuse@danubedata.ro within 7 days
• Provide detailed explanation and evidence
• We will review and respond within 48 hours

8. Legal Compliance

8.1 GDPR and Privacy

You must comply with GDPR and other data protection laws when processing personal data.

8.2 Copyright (DMCA)

We comply with the Digital Millennium Copyright Act (DMCA). Copyright infringement reports should include:

• Your contact information
• Description of copyrighted work
• Location of infringing material
• Statement of good faith belief
• Statement of accuracy under penalty of perjury
• Physical or electronic signature

Send DMCA notices to: dmca@danubedata.ro

9. Resource Limits

9.1 Fair Use

While we provide generous resources, we expect fair use. Extreme cases may be subject to review.

9.2 Traffic Limits

Network traffic is generally unmetered, but abuse (DDoS amplification, etc.) will result in action.

10. Content Backup Responsibility

While we provide infrastructure backups, you are responsible for:

• Your application data backups
• Testing backup restoration
• Maintaining off-site copies of critical data

11. Changes to This Policy

We may update this AUP at any time. Continued use of services after changes constitutes acceptance. We will notify users of significant changes via email.

12. Examples of Acceptable Use

To clarify, the following ARE generally acceptable:

• Web hosting and application deployment
• Development and testing environments
• Database and cache services for your applications
• Private VPN for your personal or business use
• Legitimate email services with proper SPF/DKIM
• Security testing of your own systems (with notice)
• Media streaming of your own content
• Game servers for private use

13. Contact Information

For questions about this policy:

Abuse Department
Ifas Consult SRL
Email: abuse@danubedata.ro
DMCA: dmca@danubedata.ro
General: Contact Form