Acceptable Use Policy

1. Purpose

This Acceptable Use Policy ("AUP") outlines prohibited uses of DanubeData's services. By using our services, you agree to comply with this policy.

Violation of this AUP may result in suspension or termination of services without refund.

2. Prohibited Activities

2.1 Illegal Activities

You may not use our services for any illegal purpose or to violate any laws, including but not limited to:

• Distribution of copyrighted material without authorization
• Trademark or intellectual property infringement
• Fraud, identity theft, or financial crimes
• Child exploitation or illegal content
• Drug trafficking or illegal substance distribution
• Gambling services in prohibited jurisdictions
• Money laundering or financing terrorism

2.2 Network Abuse

Activities that harm or disrupt networks, systems, or other users:

• Denial of Service (DoS/DDoS): Launching attacks against any target
• Port Scanning: Unauthorized network scanning or probing
• Packet Sniffing: Intercepting network traffic
• IP Spoofing: Forging IP addresses or headers
• Brute Force Attacks: Attempting to crack passwords or break into systems

2.3 Email and Messaging Abuse

• Spam: Sending unsolicited bulk email or messages
• Phishing: Deceptive attempts to obtain sensitive information
• Email Harvesting: Collecting email addresses without consent
• Email Bombing: Overwhelming mail servers or recipients
• Forged Headers: Falsifying email headers or sender information

2.4 Content Restrictions

Prohibited content includes:

• Child sexual abuse material (CSAM)
• Content promoting terrorism or violence
• Hate speech or content inciting discrimination
• Malware, viruses, or malicious code
• Pirated software, movies, music, or other media
• Leaked or stolen data

2.5 Resource Abuse

• Cryptocurrency Mining: Not permitted without explicit written approval
• Excessive Resource Use: Activities that unreasonably burden infrastructure
• Proxy/VPN Services: Public proxy or VPN services (contact us for approval)
• Tor Exit Nodes: Not permitted due to abuse potential

2.6 Security Violations

• Attempting to breach security measures
• Accessing other customers' systems or data
• Vulnerability scanning without permission
• Penetration testing without prior authorization
• Running malware or botnet command & control

3. Permitted Security Testing

Security testing is allowed on your own infrastructure with these conditions:

• Tests must be limited to your own systems
• Notify us at least 48 hours in advance
• Provide details of the testing scope and methodology
• Use moderate resource levels
• Follow responsible disclosure if vulnerabilities are found

4. Compliance with Third-Party Policies

You must comply with policies of third-party services you use, including:

• Payment processor terms (Stripe)
• Domain registrar policies
• SSL certificate authority requirements
• CDN and DNS provider terms

5. Reporting Violations

5.1 How to Report

If you become aware of AUP violations, report them to:

Email: abuse@danubedata.ro
Include: Detailed description, evidence, and your contact information

5.2 What We Need

• Specific details of the violation
• Relevant logs, screenshots, or evidence
• Date and time of the incident
• Your contact information for follow-up

6. Automated Security Monitoring

6.1 Proactive Abuse Detection

To protect our infrastructure, other customers, and comply with legal obligations, DanubeData employs automated security monitoring systems that proactively scan for policy violations.

Our automated systems may:

• Scan VPS instances for malware, cryptocurrency miners, phishing kits, botnets, rootkits, web shells, and other malicious software
• Monitor running processes to detect unauthorized applications or suspicious activity
• Analyze network connections for signs of botnet command & control, IRC abuse, or DDoS participation
• Check for persistence mechanisms including suspicious cron jobs, startup scripts, and SSH backdoors
• Inspect web directories for phishing pages, credential harvesting forms, and malicious scripts

6.2 Administrative Access

DanubeData maintains administrative console access to VPS instances. This access is used solely for:

• Automated abuse detection scanning
• Responding to security incidents and abuse reports
• Emergency maintenance when standard methods are unavailable
• Complying with legal obligations

We do not access customer data for any purpose other than security monitoring and abuse detection. Our scans are designed to detect malicious software and policy violations, not to read or collect personal data.

6.3 Scan Frequency and Triggers

Security scans may be triggered by:

• Routine periodic scanning
• Abuse reports from third parties
• Unusual resource usage patterns (e.g., sustained high CPU)
• Network anomalies or suspicious traffic
• IP reputation alerts

6.4 Your Acknowledgment

By using DanubeData services, you acknowledge and consent to this automated security monitoring. This is a condition of service use and is conducted under our legitimate interest to protect our infrastructure and other customers.

7. Investigation and Enforcement

7.1 Our Response

When we receive abuse reports or detect violations through automated scanning, we:

• Investigate promptly (typically within 24 hours)
• Contact the customer to address the issue
• Take appropriate action based on severity
• Cooperate with law enforcement when required

7.2 Enforcement Actions

Depending on severity, we may:

• Warning: First-time or minor violations
• Temporary Suspension: Serious or repeated violations
• Service Termination: Severe violations or non-compliance
• Legal Action: Criminal activities or significant harm

7.3 Abuse Handling Fee

In addition to enforcement actions, an abuse handling fee of up to €1,000.00 per incident may be charged to cover the administrative costs of investigating, responding to, and remediating abuse reports. This fee will be invoiced to the account holder and is due immediately upon issuance.

The abuse handling fee is non-refundable and applies regardless of whether the violation was intentional or the result of a compromised account. Account holders are responsible for maintaining the security of their infrastructure and are liable for any abuse originating from their resources.

7.4 Appeal Process

If you believe enforcement action was taken in error:

• Contact abuse@danubedata.ro within 7 days
• Provide detailed explanation and evidence
• We will review and respond within 48 hours

8. Legal Compliance

8.1 GDPR and Privacy

You must comply with GDPR and other data protection laws when processing personal data.

8.2 Copyright (DMCA)

We comply with the Digital Millennium Copyright Act (DMCA). Copyright infringement reports should include:

• Your contact information
• Description of copyrighted work
• Location of infringing material
• Statement of good faith belief
• Statement of accuracy under penalty of perjury
• Physical or electronic signature

Send DMCA notices to: dmca@danubedata.ro

9. Resource Limits

9.1 Fair Use

While we provide generous resources, we expect fair use. Extreme cases may be subject to review.

9.2 Traffic Limits

Network traffic is generally unmetered, but abuse (DDoS amplification, etc.) will result in action.

10. Content Backup Responsibility

While we provide infrastructure backups, you are responsible for:

• Your application data backups
• Testing backup restoration
• Maintaining off-site copies of critical data

11. Changes to This Policy

We may update this AUP at any time. Continued use of services after changes constitutes acceptance. We will notify users of significant changes via email.

12. Examples of Acceptable Use

To clarify, the following ARE generally acceptable:

• Web hosting and application deployment
• Development and testing environments
• Database and cache services for your applications
• Private VPN for your personal or business use
• Legitimate email services with proper SPF/DKIM
• Security testing of your own systems (with notice)
• Media streaming of your own content
• Game servers for private use

13. Contact Information

For questions about this policy:

Abuse Department
Ifas Consult SRL
Email: abuse@danubedata.ro
DMCA: dmca@danubedata.ro
General: Contact Form