Acceptable Use Policy

1. Acceptable Use Policy

By using the Services, the Client agrees to comply with this Acceptable Use Policy. This policy constitutes a legally binding agreement between the Client and Senko Digital LLC, a company registered in Georgia.

2. General Principles

2.1. The Client shall use the Services responsibly, without degrading performance, stability, or security for other Clients.

2.2. The Client shall comply with all applicable laws, regulations, and industry standards.

2.3. The Client is responsible for securing their systems, software, and access credentials. This includes maintaining appropriate security measures such as firewalls, updated software, and secure passwords.

2.4. The Client shall report any security incidents or suspicious activity promptly to the Company's support team.

2.5. The Client must ensure the legality of all hosted content and software, including compliance with copyright laws, data protection regulations, and other applicable legal requirements. Content must also comply with the laws of the jurisdiction in which the server hosting the content is physically located, in addition to the laws of Georgia and the European Union.

2.6. The Client must not use rented services for bulk email campaigns (spam), phishing, or other abusive activities.

2.7. In certain cases, bulk email campaigns may be allowed after prior written agreement with the Company; however, approval is not guaranteed. The Client must provide full details of the campaign, including the nature of the content, the intended recipient list, and evidence of recipient consent.

3. Prohibited Content and Activities

The following content and activities are prohibited on the Company's servers. Violations are categorized by severity:

Category A — Immediate Account Suspension

The following violations result in immediate and permanent account termination without refund.

Any content or activities prohibited by applicable laws of the EU, Georgia, the jurisdiction in which the server is physically located, or other relevant jurisdictions
Software for creating botnets, ransomware, phishing, or other malicious software designed to compromise systems or networks
Tools for bruteforcing, DDoS attacks, network scanning, proxy checking, and similar utilities designed to disrupt or compromise systems
Creating, distributing, or facilitating access to tools primarily designed for unlawful activities
Running services that facilitate tax evasion, money laundering, or other financial crimes
Operating cybercrime forums, including hacking communities, exploit development forums, or other services that facilitate illegal activities
Content that incites violence, terrorism, or other illegal activities
Content or activities that promote, support, or facilitate the actions of any government, military, or intelligence body subject to sanctions under the laws of the European Union, Georgia, United States, United Nations, or other applicable jurisdictions
Phishing, impersonation, identity theft, or use of false identities
Using the Company's services to host, operate, or facilitate access to darknet markets, Tor exit nodes, or similar services used primarily for anonymous access to illegal content or services
Software for mass email campaigns (spam)
Interfering with or bypassing usage limits, monitoring, or security controls
Hosting unauthorized streaming or content distribution services that violate media licensing agreements
Operating unlicensed financial services, including but not limited to payment processors, payment gateways, or other financial services
Operating unlicensed gambling services, including but not limited to sports betting, casino games, or other gambling services
Child sexual abuse material (CSAM), including but not limited to the creation, distribution, storage, or facilitation of access to such content
Vulnerability scanning, penetration testing, or other security testing of third-party systems without explicit permission from the target. This restriction does not apply to security testing performed by the Client on their own Services, provided such testing does not impact shared infrastructure or other clients
Deliberately fabricated content presented as factual that poses a clear and demonstrable risk of harm
Engaging in activities that fraudulently misrepresent an affiliation with or endorsement by the Company
Hosting or operating command and control (C2) infrastructure for malware, botnets, or other malicious networks
Operating SEO spam networks, link farms, doorway pages, or similar schemes designed to manipulate search engine rankings
Doxxing, swatting, or publishing private information with the intent to endanger, harass, or intimidate others
Content that has been the subject of a formal removal request issued by a competent governmental or regulatory authority in the Client's jurisdiction, where such content is determined to violate the laws of that jurisdiction. The Company will notify the Client of the request and provide a reasonable opportunity to comply before taking enforcement action, unless immediate removal is required by the nature of the violation or by the terms of the request.

Category B — Warning and Cure Period

The following violations will result in a written warning from the Company requiring the Client to remedy the source of the issue within a twenty-four (24) hour cure period. If the violation is not remedied within the cure period, the associated service will be suspended until the matter is resolved. In the event of an excessive number of violations by the Client, the service may be suspended prior to the expiry of the cure period. The service may also become permanently ineligible for reinstatement, which may lead to full termination of the Client's account due to the number of abuse points accrued.

Content that violates EU, Georgia, and/or other applicable copyright laws
Mining cryptocurrency without explicit permission from the Company. Permission for cryptocurrency mining, if granted, will be documented in writing and subject to specific resource allocation limits and additional fees as determined by the Company
Running high-intensity CPU tasks that significantly impact the Company's infrastructure
Running automated scraping operations that violate third-party terms of service
Torrenting or other peer-to-peer file sharing services that violate copyright laws
Hosting deepfakes, AI-generated content, or other content that violates the rights of others, including but not limited to intellectual property rights
Running passive income services, such as bandwidth sharing, disk rental, or other services that do not comply with the terms of service
Pornographic content, including but not limited to links to such materials
Ad fraud, click fraud, or other deceptive schemes designed to artificially inflate advertising metrics or generate fraudulent revenue
Running open DNS resolvers, open SMTP relays, or other misconfigured services that can be exploited for amplification attacks or abuse
Content subject to valid DMCA or equivalent copyright takedown reports

The Company reserves the right to escalate any Category B violation to Category A based on the severity, intent, or repeated nature of the violation.

Notwithstanding the foregoing, the Company reserves the right, at its sole discretion, to modify the prescribed enforcement action on a case-by-case basis in accordance with its internal policies. In particular, where a violation constitutes a first-time occurrence, does not involve conduct that is inherently illegal under applicable law, and is not of an exceptionally severe nature, the Company may, but is not obligated to, issue a warning, impose a temporary suspension, or apply a reduced sanction in lieu of immediate termination. This provision is intended to afford reasonable consideration to Clients whose services may have been compromised by unauthorized third-party access, misconfiguration, or other circumstances beyond the Client's direct control. The exercise of such discretion in any individual case shall not constitute a waiver of the Company's right to enforce the full terms of this policy in any subsequent or concurrent matter.

4. Fair Use of Server Resources

4.1. The Company's infrastructure utilizes shared CPU resources across VPS instances on the same hypervisor node, as most virtual servers typically operate below full capacity. This allows for efficient resource allocation.

4.2. Short-term bursts and sustained workloads are allowed, but continuously running all allocated vCPU cores at or near 100% for prolonged periods is not permitted.

4.3. For purposes of this section, 'prolonged periods' means sustained usage exceeding 90% of allocated vCPU capacity for more than 12 consecutive hours, or more than 72 cumulative hours within a 7-day period.

4.4. If usage threatens platform stability or materially degrades service for others, the Company may temporarily limit resources, request workload changes, propose an upgrade, or take reasonable actions to restore normal operation.

4.5. The Client shall cooperate with reasonable optimization requests related to CPU, memory, disk I/O, and network usage.

4.6. The Client shall maintain reasonable I/O operations within the allocated resources and implement appropriate caching and optimization strategies for high-traffic applications.

4.7. While the Company has fair use guidelines in place, temporary exceedance of these limits is permitted for brief periods without penalty, as the Company maintains flexibility in enforcement to support the Client's workload needs.

4.8. For purposes of the preceding subsection, 'brief periods' typically means occasional bursts not exceeding 4 hours in a 24-hour period.

5. Network and Traffic Policy

5.1. Network Performance

The Company provides network connectivity to virtual servers at speeds of 10 Gbps (shared), unless otherwise specified in the plan's specifications. Network speeds are not guaranteed and may vary depending on network conditions, infrastructure load, geographic routing, and other factors beyond the Company's control.

5.2. Traffic Allowance

Each virtual server plan includes a specific monthly traffic allowance, as detailed in the plan's specifications and in Section 5.3 below. Once the allowance is exceeded, the server's network speed is limited to 25 Mbit/s until the 1st of the next month. No overage fees are charged automatically — the speed limitation is applied instead of additional charges. The Client may restore full speed at any time by purchasing additional traffic or upgrading their plan, as described in Section 5.5.

5.3. Fair Use Traffic Policy

Each plan includes a monthly traffic allowance. This allowance is granted per calendar month and does not carry over between months. The traffic allowance is individually determined by the plan tier selected by the Client, the plan's price, and the server's geographic location, and is always mentioned on the Company's website in the plan's specifications. Higher-tier plans include larger traffic allowances. Both inbound and outbound traffic are counted by the Company toward the allowance. The applicable traffic allowances by product line are as follows:

(a) Budget VPS: from 3 TB (for the cheapest plan in the lineup) to 12 TB (for the most expensive plan in the lineup) per month.
(b) Virtual Servers: from 4 TB (for the cheapest plan) to 96 TB (for the most expensive plan) per month, depending on the plan and location chosen.
(c) Dedicated Servers: unlimited traffic allowance; network speed is capped at the speed specified in the plan, except for individual server orders where terms may differ.
(d) Storage VPS: from 10 TB (for the cheapest plan in the lineup) to 20 TB (for any other plan in the lineup) per month.

If usage during the calendar month exceeds the allowance, the network speed will be limited to 25 Mbit/s, or as otherwise defined by the Company in the support ticket.

5.4. Network Speed Limitation Upon Exceeding the Allocated Traffic Volume

If a virtual server's combined inbound and outbound traffic exceeds its full-speed traffic allocation during a given calendar month, the Company will apply the following measures:

(a) Notification. The Client will be notified via a support ticket in the Client Area that the server has reached or is approaching its traffic allocation threshold. Where possible, this notification will be issued prior to the application of any speed limitation.
(b) Reduction of Network Speed. The server's network speed will be reduced to 25 Mbit/s until the 1st of the following month. The reduced speed will be communicated to the Client in the notification issued under subsection (a). During the speed limitation period, no restriction is placed on traffic volume; only the inbound and outbound speed of the affected virtual server is reduced.
(c) Automatic Network Speed Restoration. On the first day of the following calendar month, the speed limitation is automatically removed without any action required from the Client.

5.5. Remedies Available to the Client

A Client whose server is subject to a speed limitation under Section 5.4 may pursue any of the following options:

(a) Await the Network Speed Limitation Reset. The speed limitation is lifted automatically on the first day of the next calendar month.
(b) Upgrade to a Higher Plan. The Client may upgrade to a plan with a larger traffic allocation through the Client Area. If the upgraded plan's allocation covers the server's traffic consumption for the current calendar month, the speed limitation will be removed automatically within 30–60 minutes of the plan change taking effect. Available plans and pricing are listed on the Company's website and in the Client Area.
(c) Purchase Additional Traffic. The Client may purchase additional traffic volume at a rate of €1 per 1 TB per month. The additional traffic increases the plan's allowance, and the speed limitation is lifted once the new allowance covers the server's current monthly usage. Additional traffic can be purchased by the Client at any time — during ordering the service or by upgrading an existing service — both in the Client Area. The Client's existing plan and server files remain unchanged; only the existing traffic limitation is removed and the full network speed is restored.
(d) Purchase Dedicated Bandwidth. For servers running high-traffic applications — in particular commercial VPN services, proxy servers, streaming platforms, and content delivery networks (CDN) — it is recommended to purchase dedicated bandwidth per Mbit/s at a rate of the Client's choosing, with options up to 1 Gbps in Germany and the Netherlands and up to 500 Mbps in Finland. Dedicated bandwidth is billed on a 95th percentile basis. The Client may request dedicated bandwidth by replying to the notification ticket or by submitting a support ticket through the Client Area. The Client's existing plan and server files remain unchanged; only the existing traffic limitation is removed and the applicable dedicated network speed is applied.

All available options will be outlined in the notification ticket issued under Section 5.4(a).

For the purposes of this section, 95th percentile billing means a method under which the server's bandwidth usage is sampled at regular intervals throughout the billing period, the top 5% of peak measurements are discarded, and the highest remaining measurement is used as the basis for calculating the applicable fee.

5.6. Traffic Monitoring

The Company performs thorough monitoring of traffic usage per VM for the purposes of enforcing this policy, maintaining quality network performance for all clients, and preventing abuse by individual clients. Monitoring data includes only the aggregate traffic volumes consumed by the Client's virtual server during the calendar month and does not collect any personal or identifying information. Monitoring is used to identify servers that have exceeded their full-speed traffic allocation provided under their plan and to apply or remove speed limitations in accordance with Section 5.4.

5.7. Abuse or Bad-Faith Usage

The Company reserves the right to apply additional traffic management measures — including but not limited to traffic shaping, reprioritization of bandwidth for specific servers, or temporary suspension of network access — where a server's usage constitutes abuse or places a bad-faith burden on the Company's network infrastructure. Such usage includes, but is not limited to:

(a) traffic consumption significantly and persistently exceeding the full-speed allocation provided under the server's plan;
(b) sustained maximum-bandwidth utilization that measurably degrades service quality for other clients;
(c) usage patterns that systematically consume a disproportionate or excessive share of shared network resources on the VM node.

Except in cases of immediate security threats — including but not limited to DDoS attacks or network-level abuse — the Company will endeavor to provide advance notice before applying measures under this section.

6. Software Licensing

6.1. The Company does not sell or provide software licenses. Clients must independently procure and maintain valid licenses for all software installed on their Services.

6.2. Unless expressly stated as 'SPLA Licensed' on the invoice, all software is provided on a 'Bring Your Own License' (BYOL) basis.

6.3. The Client represents and warrants that they possess valid, legal licenses for any software running on the Service.

6.4. Any unactivated OS images or installation media provided by the Company are for convenience and testing purposes only. The Client is solely responsible for activation with valid license keys.

6.5. The Client agrees to indemnify and hold the Company harmless from any claims, penalties, or audit costs arising from failure to properly license software.

7. Commercial VPN, Proxy, and Tunnel Services

Operating a commercial VPN, proxy, tunnel broker, or similar service that routes, forwards, or relays third-party internet traffic on a commercial basis requires individual terms agreed with the Company. For purposes of this section, 'commercial basis' includes any operation that generates revenue directly or indirectly, including through advertising, donations, subscriptions, freemium models, or as part of a broader commercial offering. Clients must contact the support team prior to deployment to discuss and arrange the following:

IP Transit provided by the Company with a dedicated bandwidth allocation, separate from shared network capacity. IP Transit is not subject to the Fair Use Policy outlined in this document, and allows unmetered usage within the agreed speed (Mbit/s or Gbit/s). Traffic is measured using the 95th percentile method, which excludes the top 5% of peak samples, allowing for more flexible usage patterns.
Dedicated IP addresses provided by the Company and assigned exclusively to the Client's service. Shared IP address pools may not be used.

Clients operating commercial VPN or proxy services without individually agreed terms will be notified and given twenty-four (24) hours to either contact support to arrange qualifying infrastructure or cease the operation. Failure to comply will result in an indefinite network speed limitation to 10 Mbps or 100 Mbps for all affected services that carry high-volume traffic and/or severely impact network stability. This policy is in place to ensure stable operation of the Company's network and to prevent losses incurred from high traffic loads.

This restriction does not apply to: (i) personal or internal-use VPN connections (e.g., connecting to a corporate network); (ii) SSH tunnels for system administration; or (iii) non-commercial privacy tools operated for personal use only. These exempted use cases remain subject to the Fair Use Policy for network traffic as defined in Section 5 of this document, but are not required to purchase IP Transit from the Company.

The Company reserves the right to determine, at its reasonable discretion, whether a service constitutes a commercial traffic relay operation based on traffic patterns, bandwidth consumption, connection volume, and other relevant indicators.

8. Email, Anti-Spam, and Port Policies

8.1. To enforce anti-spam measures, outbound port 25 (SMTP) is closed on all plans by default.

8.2. For EP-0, BUDGET-1, BUDGET-2, BUDGET-3, BUDGET-4 plans in all locations: port 25 cannot be opened. Reverse DNS (rDNS, PTR) management is unavailable, default records will be used instead.

8.3. All other plans: the Client may request opening of port 25 by creating a support request in the Client Area. Approval is discretionary and may incur additional fees of up to 20 EUR, as well as require additional verification and compliance with anti-abuse conditions.

8.4. The Client must comply with applicable anti-spam laws (e.g., consent, opt-out, identification). The Company may require proof of consent and acceptable complaint rates.

8.5. The Client must maintain SPF, DKIM, and DMARC records for email authentication.

8.6. The Client must regularly monitor email sending patterns for abuse prevention and compliance with anti-spam laws.

9. Contact Information and Account Integrity

9.1. The Client shall ensure all contact information provided to the Company is accurate and up-to-date, including during signup and in the service management interface.

9.2. For continuity of communications, the use of Disposable Email Addresses (DEA) as contact email addresses is not permitted. A DEA is any temporary or unmonitored email address used to bypass the Company's registration requirements.

9.3. The Company will notify the Client before suspending an account due to a suspected disposable email address and provide an opportunity to update their contact information within forty-eight (48) hours. Privacy-focused email services (e.g., ProtonMail) with permanent mailboxes are not considered DEAs.

9.4. The Client must maintain alternative contact methods that remain continuously accessible for emergency notifications.

9.5. Any changes to contact information must be promptly updated in the Client's account within 7 days of the change occurring.

10. Security and Incident Response

10.1. If the Client's service is compromised or participates in abuse, the Company will notify the Client when practicable and may take enforcement actions as described in the Enforcement section of this policy.

10.2. The Client must promptly remediate vulnerabilities, remove malware, re-install the operating system, and rotate credentials as requested.

10.3. The Client agrees to cooperate in good faith with investigations and provide relevant logs or details as legally permitted.

10.4. The Company may comply with lawful requests from regulatory, law enforcement, or judicial authorities in applicable jurisdictions.

11. Enforcement

11.1. The Company may warn, throttle, filter, temporarily suspend, or terminate Services for policy violations, depending on severity and impact.

11.2. The Company may act immediately without notice where necessary to protect the network, other Clients, or third parties, or to comply with legal obligations.

11.3. If the Client believes enforcement was made in error, the Client may contact support with relevant evidence for review.

11.4. Multiple violations may result in permanent service termination.

12. Abuse Handling & Reporting

12.1. Report abuse to abuse@senko.digital with details including timestamps, logs, and affected IPs/domains. Abuse can also be reported via the support ticket system in the Client Area if the email channel is unavailable.

12.2. The Company will acknowledge and begin investigating abuse reports within 24 hours for standard cases, or within 48 hours for cases requiring advanced technical analysis.

12.3. If the reported Client fails to respond or remedy the issue within the investigation timeframe, the affected service — or, in cases of severe violations, the entire account with all associated services — will be suspended until the matter is resolved.

12.4. Malicious abuse reports are prohibited and may result in account suspension.

12.5. The Client must assist with abuse investigations involving their services and implement requested remediation measures.

12.6. Abuse reports generated solely by generative AI, large language models (LLMs), or other automated content generation tools will not be accepted. Such reports frequently contain fabricated evidence, inaccurate technical details, and hallucinated claims that waste investigative resources and may constitute malicious reporting. All abuse reports must be prepared, reviewed, and substantiated by a natural person with direct knowledge of the alleged violation. The Company reserves the right to disregard any report it reasonably determines to have been produced without meaningful human review.

12.7. The Company is not obligated to respond to every abuse report and may, at its discretion, decline to provide a reply. Furthermore, the Company is under no obligation to disclose the findings, outcomes, or details of any internal investigation conducted in connection with an abuse report. Requests for disclosure of investigation results will only be considered if submitted as a formal legal request through the appropriate legal channel at legal@senko.digital.

13. Changes to this policy

Continued use of the Services constitutes the Client's agreement with this policy. All Clients will be notified of changes to this policy within their Client Area. In the event of a material change, Clients will be required to review and explicitly accept the updated terms by activating a confirmation checkbox within the Client Area before continuing to use the Services. The activation of such checkbox shall constitute the Client's electronic signature and express consent to be bound by the amended policy, equivalent in legal force to a handwritten signature under applicable electronic signature and electronic commerce legislation.