Last update: 25 June 2026
This document sets out the actions and activities that are prohibited in connection with the services leased by the Customer from the Provider, and measures the Provider may take upon receiving complaints or identifying violations of these requirements.
For the purposes of this Agreement:
“Abuse” means any use of the Services which:
(a) violates any applicable law or regulation, including laws of the European Union or Member States;
(b) infringes the rights of any third party;
(c) breaches this Agreement or any applicable Acceptable Use requirements;
(d) threatens, degrades, or adversely affects the integrity, security, performance, or availability of the Provider’s systems, network, or Services; or
(e) exposes the Provider to legal, regulatory, or reputational risk.
Abuse may arise from intentional acts, negligence, omission, misconfiguration, or unauthorized access to the Customer’s systems.
The Customer shall not, and shall ensure that no third party using the Services shall:
2.1 Unsolicited Communications and Spam
(a) transmit or facilitate unsolicited bulk communications;
(b) send communications without valid, demonstrable consent where required by law;
(c) operate mailing systems without proper authentication or identification;
(d) use purchased, scraped, or otherwise unlawfully obtained contact lists;
(e) support, promote, or enable spam-related activities.
2.2 Malicious Software and System Compromise
(a) distribute, host, or operate malware, viruses, trojans, ransomware, spyware, or similar code;
(b) knowingly or negligently permit systems to be compromised;
(c) botnet-related services;
(d) exploit vulnerabilities in software, systems, or networks accessed without authorization.
2.3 Network Abuse and Interference
(a) engage in or facilitate denial-of-service (DoS/DDoS), or amplification attacks;
(b) conduct port scanning, network scanning, or probing without authorization;
(c) attempt unauthorized access to systems or data;
(d) intercept or monitor data traffic without lawful authority;
(e) disrupt or degrade network performance.
2.4 Fraud, Phishing, and Misrepresentation
(a) host or distribute phishing pages or fraudulent schemes;
(b) impersonate individuals, entities, or systems;
(c) engage in spoofing (including IP, DNS, or email spoofing);
(d) conduct financial fraud, identity theft, or deceptive practices.
2.5 Resource Misuse. This clause may be invoked only by third parties; however, it does not apply directly by the provider.
(a) operate services that negatively impact shared infrastructure;
(b) use the Services primarily for storage, backup, or file distribution unrelated to a legitimate website or application;
(c) operate unauthorized proxy services, anonymization networks, or public file exchange systems;
(d) create excessive numbers of files, processes, or connections impacting system stability.
2.6 Intellectual Property Infringement
(a) host, distribute, or make available content that infringes copyright, trademarks, patents, or other rights;
(b) provide access to pirated software, media, or counterfeit goods;
(c) circumvent technological protection measures.
2.7 Misuse of Communication Systems
(a) operate open relays, open proxies, or open recursive DNS resolvers;
(b) use messaging systems for harassment, abuse, or unlawful communication;
(c) send messages lacking required identification or opt-out mechanisms;
(d) manipulate communication systems to artificially inflate traffic or engagement.
2.8 Illegal or Harmful Activities
(a) use the Services for any unlawful purpose;
(b) promote or facilitate violence, illegal activities, or criminal conduct;
(c) distribute illegal content, including prohibited materials under applicable law;
(d) engage in activities that may harm minors or vulnerable individuals.
2.9 Data Protection and Privacy Violations
The Customer shall not:
(a) process personal data without a lawful basis as required under the General Data Protection Regulation or other applicable law if customer out of Europe;
(b) process personal data in violation of transparency, purpose limitation, or data minimisation principles;
(c) fail to implement appropriate technical and organisational measures;
(d) transfer personal data in violation of applicable cross-border transfer rules;
(e) engage in unauthorized surveillance, tracking, or profiling.
2.10 Circumvention and Evasion
(a) attempt to bypass or circumvent security measures, usage limits, or restrictions;
(b) use alternative accounts, IPs, or identities to evade enforcement actions;
(c) conceal or falsify identity information or service usage details.
(d) delete, alter, tamper with, suppress, conceal, destroy, or otherwise interfere with logs, records, data, configurations, audit trails, or other information relevant to an actual or suspected Abuse incident, security event, policy violation, or investigation;
(e) take any action intended to obstruct, hinder, delay, mislead, or frustrate an investigation conducted by the Provider, a data centre, network operator, competent authority, or other party with a legitimate interest in investigating an Abuse complaint or security incident;
(f) knowingly make false, misleading, incomplete, or deceptive statements concerning the origin, nature, or circumstances of any activity conducted through the Services.
2.11 Automated Abuse and Scraping
(a) deploy bots or automated systems that overload or disrupt services;
(b) scrape data in violation of applicable law or contractual restrictions;
(c) conduct credential stuffing or automated account attacks.
2.12 High-Risk or Regulated Activities
(a) use the Services for regulated activities without required licenses or approvals;
(b) operate financial schemes, including pyramid or Ponzi schemes;
(c) provide services requiring regulatory authorization without such authorization.
2.13. Brute-force
(a) conducting, facilitating, or participating in brute-force attacks, password spraying, credential stuffing, or similar activities intended to obtain unauthorized access to systems, services, accounts, applications, or data;
(b) performing repeated or automated authentication attempts against any service or protocol, including but not limited to:
(i) SSH;
(ii) RDP;
(iii) FTP or SFTP;
(iv) SMTP;
(v) IMAP or POP3;
(vi) webmail services;
(vii) APIs;
(viii) databases; and
(ix) any other authentication-protected service;
(c) attempting to guess, recover, crack, bypass, or otherwise obtain passwords, credentials, authentication tokens, or access mechanisms;
(d) attempting to gain unauthorized access to website administration panels, content management systems, customer portals, hosting control panels, server management interfaces, applications, or other restricted resources;
(e) operating, distributing, or utilizing software, scripts, tools, or infrastructure designed to facilitate brute-force attacks or unauthorized authentication attempts.
The Customer shall:
(a) be solely responsible for all activities under its account;
(b) maintain adequate security controls;
(c) ensure legal and regulatory compliance;
(d) maintain verifiable records where required (e.g., consent logs);
(e) promptly investigate and remediate Abuse;
(f) cooperate with the Provider
(g) provide requested information relevant to the complaint;
(h) implement corrective measures designed to prevent recurrence;
(i)The Customer is responsible for regularly monitoring and reviewing communications sent by the Provider, including but not limited to emails, support tickets, account notifications, control panel messages, and other communication channels designated by the Provide;
(j) Any notice, Abuse complaint, security notification, request for action, deadline, warning, suspension notice, or other communication sent by the Provider to the Customer’s registered contact details or Personal account shall be deemed received upon successful transmission by the Provider, regardless of whether the Customer actually reads, accesses, acknowledges, or responds to such communication.
4.1. The Provider may receive Abuse complaints from, including but not limited to:
(a) data centres, hosting providers, upstream networks, or infrastructure partners;
(b) third parties alleging violations of rights or applicable law;
(c) governmental, regulatory, or law enforcement authorities;
(d) automated monitoring or detection systems.
4.2. Upon receipt of a complaint, the Provider may:
(a) verify the factual basis of the complaint;
(b) assess the credibility and technical validity of the allegations;
(c) request additional information or supporting evidence from the complainant; and
(d) evaluate the associated operational, legal, or security risks.
The Provider shall not be obligated to disclose internal investigative methods or security procedures.
4.3. The Provider shall notify the Customer of the complaint within a reasonable timeframe, unless prohibited by applicable law, legal process, or legitimate investigative necessity.
Such notification may include:
(a) the nature of the complaint;
(b) the affected Services or resources;
(c) corrective actions requested from the Customer;
(d) the deadline for response or remediation; and
(e) possible consequences of non-compliance.
In case of revealing the fact of receiving complaints (abuse) on the services leased by the Customer, the Provider gives time (6 hours from the moment of informing the Customer) to resolve this complaint, or at least provide an answer with a detailed plan with a time schedule what measures will be taken to resolve abuse. The customer agrees that the timeframes specified in such a response may not exceed the reasonable timeframes for resolving such abuse as provided by the provider.
The Provider may determine the appropriate communication channel in its reasonable discretion.
4.4. Where no external deadline has been imposed, the Provider may grant the Customer a reasonable remediation period, taking into account:
(a) the severity of the issue;
(b) infrastructure and security risks;
(c) obligations toward upstream providers; and
(d) operational feasibility.
Where a deadline is imposed by a third party or competent authority, the Provider may establish a shorter internal deadline for the Customer to allow sufficient time for review, mitigation, and response.
Failure to respond within the specified period may result in immediate enforcement actions.
The Provider may, without prejudice to other remedies:
(a) suspend or restrict Services or access to them;
(b) block traffic, ports, or IP addresses;
(c) remove or disable content;
(d) terminate the Agreement;
(e) delete or retain data as necessary;
(f) report to authorities where required.
Fees may be non-refundable where permitted by applicable law.
The Provider may immediately suspend or restrict the Services without prior notice where:
(a) the Abuse presents an immediate threat to infrastructure, security, or third parties;
(b) immediate action is required by an upstream provider or competent authority;
(c) delay could result in escalation, sanctions, blacklisting, or irreversible damage; or
(d) notification to the Customer could compromise an investigation or legal process.
Repeated Abuse complaints, repeated failure to remediate violations, or repeated conduct creating operational or legal risk may result in escalated enforcement measures, including:
(a) extended suspensions;
(b) permanent restrictions on Services;
(c) termination of the Agreement; and/or
(d) refusal to provide future services.
The Provider reserves the right to cooperate with competent authorities, regulators, courts, law enforcement agencies, data centres, and network providers in connection with Abuse complaints, including disclosure of information where legally required or reasonably necessary for compliance purposes.
8.Limitation of Liability
The Provider shall not be liable for interruptions, restrictions, data loss, or damages resulting from actions reasonably taken in good faith pursuant to this Section, including measures implemented to protect infrastructure, comply with legal obligations, or mitigate Abuse-related risks.
The Provider may amend this Policy from time to time, with notice provided where required by law.
+44 20 4591 3913 
Telegram Live Chat 
sales@unihost.com 
