Acceptable Use Policy

Acceptable Use Policy (AUP)

Last Updated: February 2026

1. Introduction

This Acceptable Use Policy ("AUP") defines prohibited uses of the web hosting, servers, network, and other services ("Services") provided by FluxIT Service ("FluxIT", "we", "us", "our"). This AUP is part of our Terms of Service and applies to all customers, users, and visitors.

By using our Services, you agree to comply with this AUP. Violations may result in suspension or termination of your account without refund, and may be reported to law enforcement authorities when appropriate.

The purpose of this AUP is to:

Protect the security and integrity of our infrastructure
Ensure fair resource allocation among all customers
Comply with applicable laws and regulations
Maintain a safe and secure hosting environment
Protect the rights and privacy of others

2. Scope and Application

2.1 Who Must Comply

This AUP applies to:

All FluxIT customers and account holders
End-users of customer websites and services
Resellers and their clients
Anyone accessing our network or infrastructure

2.2 Responsibility for Users

You are responsible for:

All activities conducted through your account
Actions of anyone using your services or credentials
Content hosted on your account, even if posted by third parties
Ensuring your users comply with this AUP

2.3 Reseller Obligations

If you are a reseller:

You must ensure your clients comply with this AUP
You must include substantially similar terms in your customer agreements
You are liable for your clients' violations
You must promptly address violations when notified

3. Prohibited Activities

3.1 Illegal Activities

ZERO TOLERANCE: The following activities will result in immediate account termination and reporting to law enforcement:

3.1.1 Child Sexual Abuse Material (CSAM)

Possession, distribution, or production of child sexual abuse imagery
Content depicting minors in sexually suggestive situations
Any content that sexualizes children
Links to CSAM or child exploitation websites

We actively scan for and report CSAM to the National Center for Missing & Exploited Children (NCMEC) and appropriate law enforcement agencies.

3.1.2 Terrorism and Extremism

Content promoting, encouraging, or facilitating terrorism
Terrorist recruitment or radicalization materials
Instructions for making weapons or explosives for terrorist purposes
Fundraising for designated terrorist organizations

3.1.3 Human Trafficking and Exploitation

Content facilitating human trafficking
Forced labor or modern slavery services
Non-consensual pornography or "revenge porn"
Sexual exploitation services

3.1.4 Intellectual Property Violations

Hosting pirated software, movies, music, books, or games (warez)
Distribution of cracked software or license key generators
Counterfeit goods or services
Trademark or copyright infringement
Unauthorized streaming or download services

3.1.5 Fraud and Financial Crimes

Phishing websites or email campaigns
Identity theft or credential harvesting
Credit card fraud or payment fraud
Ponzi schemes or pyramid schemes
Money laundering services
Counterfeit currency or documents
Investment scams or pump-and-dump schemes

3.1.6 Drug-Related Activities

Sale or distribution of illegal drugs or controlled substances
Websites facilitating illegal drug transactions
Instructions for manufacturing illegal substances
Unlicensed pharmacy operations (unless properly licensed)

3.1.7 Weapons and Dangerous Materials

Sale of illegal weapons or explosives
Instructions for making improvised explosive devices (IEDs)
Unregulated firearms sales
Chemical or biological weapons information

3.1.8 Gambling Violations

Unlicensed online gambling operations
Operating casinos without proper regulatory approval
Gambling services in jurisdictions where prohibited

3.2 Spam and Unsolicited Communications

3.2.1 Email Spam (UCE/UBE)

Strictly Prohibited:

Sending unsolicited commercial email (UCE)
Sending unsolicited bulk email (UBE)
Email harvesting or scraping email addresses
Using purchased or scraped email lists
Falsifying email headers or sender information
Operating email relay services for spammers

Permitted Email Marketing:

Opt-in mailing lists with confirmed consent
Transactional emails (order confirmations, shipping notices)
Relationship emails to existing customers
Compliance with CAN-SPAM Act, GDPR, and PECR

Email Sending Limits:

Shared Hosting: 500 emails per hour per account
VPS/Dedicated: Higher limits available (contact support)
Bulk email services: Must be pre-approved

3.2.2 Other Forms of Spam

SMS/text message spam
Social media spam or automated posting
Comment spam on blogs or forums
Instant messaging spam
Fax spam
Search engine spam or manipulation

3.3 Malicious Software and Hacking

3.3.1 Malware Distribution

Zero Tolerance:

Hosting or distributing viruses, trojans, or worms
Ransomware distribution or command & control servers
Keyloggers, spyware, or other surveillance malware
Exploit kits or vulnerability exploitation tools
Cryptojacking scripts or cryptocurrency miners (without explicit disclosure)
Botnet command and control (C&C) infrastructure
Remote access trojans (RATs)

3.3.2 Hacking and Unauthorized Access

Attempting to access accounts, servers, or networks without authorization
Port scanning or vulnerability scanning of third-party systems
Brute force attacks or password cracking
SQL injection, cross-site scripting (XSS), or other web application attacks
Exploitation of security vulnerabilities
Hosting hacking tools or exploit databases (except for legitimate security research)
Hosting stolen credentials or data dumps

3.3.3 Network Attacks

Distributed Denial of Service (DDoS) attacks
Denial of Service (DoS) attacks
SYN floods, UDP floods, or amplification attacks
Packet flooding or network congestion attacks
Operating attack tools or booter/stresser services

3.4 System and Network Abuse

3.4.1 Resource Abuse

Cryptocurrency mining without explicit authorization
Excessive CPU, RAM, or I/O usage that impacts other users
Running processes designed to consume excessive resources
Using shared hosting for high-performance computing
Operating file sharing services that violate fair use policies
Running game servers on shared hosting (unless explicitly allowed)

3.4.2 Proxy and Anonymization Services

Prohibited without explicit approval:

Public proxy servers or VPN exit nodes
Tor exit nodes
Anonymous remailers
Web proxy services designed to circumvent restrictions

Exceptions:

Private VPN for your own use (VPS/Dedicated only)
Legitimate business proxy services (pre-approved)

3.4.3 Network Protocol Violations

IP address spoofing
Packet sniffing or eavesdropping
Man-in-the-middle attacks
ARP poisoning or DNS spoofing
Broadcasting or multicasting without authorization

3.5 Prohibited Content

3.5.1 Hate Speech and Harassment

Content promoting hatred or violence against individuals or groups based on:
- Race or ethnicity
- Religion or beliefs
- National origin
- Gender or gender identity
- Sexual orientation
- Disability
- Age
Cyberbullying or harassment
Doxxing (publishing private information without consent)
Stalking or threats of violence
Inciting violence or harm

3.5.2 Adult Content

Prohibited on Shared Hosting:

Pornographic images or videos
Adult dating or escort services
Adult toys or products (with explicit imagery)

Allowed on VPS/Dedicated (with restrictions):

Legal adult content (18+) with age verification
Must comply with all applicable laws (2257 compliance for US content)
No extreme or illegal content (bestiality, necrophilia, etc.)
No content depicting minors in any context

3.5.3 Violent or Disturbing Content

Graphic violence or gore
Glorification of violence or mass killings
Self-harm or suicide promotion
Animal abuse or cruelty
Content designed to shock or disturb (shock sites)

3.5.4 Misinformation and Harm

While we support free expression, we prohibit:

Health misinformation that could cause immediate physical harm
COVID-19 misinformation that contradicts public health authorities
Election manipulation or voter suppression
Coordinated inauthentic behavior or fake social media campaigns

3.6 Privacy Violations

3.6.1 Unauthorized Data Collection

Installing tracking software without user consent
Harvesting personal data without authorization
Operating surveillance tools or spyware
Collecting biometric data without proper disclosure
Keystroke logging or screen recording without consent

3.6.2 GDPR and Privacy Law Violations

Processing personal data without legal basis
Failure to honor data subject rights (access, deletion, portability)
Inadequate data security measures
Unauthorized data transfers outside the EU
Missing or inadequate privacy policies

3.6.3 Data Breaches

Failure to notify us of security incidents
Inadequate security leading to customer data exposure
Selling or trading stolen personal data

3.7 Search Engine and SEO Manipulation

3.7.1 Black Hat SEO Techniques

Keyword stuffing or hidden text
Cloaking or doorway pages
Link farms or private blog networks (PBNs)
Automated link building or comment spam
Scraped or auto-generated content
Sneaky redirects
Negative SEO attacks against competitors

3.7.2 Search Engine Violations

Violating Google, Bing, or other search engine terms of service
Operating websites penalized for spam or manipulation
Mass website creation for SEO purposes only

3.8 Trademark and Brand Abuse

Typosquatting (registering domains similar to trademarks)
Cybersquatting (registering domains with intent to profit from trademarks)
Phishing websites impersonating brands
Hosting counterfeit goods or services
Unauthorized use of logos or branding

3.9 Cryptocurrency-Related Prohibitions

3.9.1 Mining

Cryptocurrency mining on shared hosting (zero tolerance)
Mining on VPS/Dedicated without explicit authorization
Hijacking user resources for mining (cryptojacking)
Mining malware or browser-based miners without disclosure

3.9.2 Crypto Scams

Ponzi schemes or pyramid schemes involving cryptocurrency
Fake initial coin offerings (ICOs)
Pump-and-dump schemes
Fraudulent trading platforms or exchanges

Allowed:

Legitimate cryptocurrency wallets or nodes (VPS/Dedicated only, pre-approved)
Educational content about cryptocurrency
Properly licensed exchanges or trading platforms

3.10 Government and Military Restrictions

Hosting content prohibited by government orders or court injunctions
Violating export control regulations
Operating services in sanctioned countries (per EU/US sanctions)
Hosting content targeting government infrastructure for disruption

4. Resource Usage Policies

4.1 Shared Hosting Fair Use

Shared hosting includes "unlimited" resources subject to fair use:

CPU Usage:

Average: Below 25% of one CPU core
Peak: No more than 80% for extended periods
If usage consistently exceeds limits, upgrade to VPS required

Memory (RAM):

Average: 2GB per account (varies by plan)
Processes consuming excessive RAM may be terminated

Disk I/O:

Average: 1 MB/s
Peak: 10 MB/s burst allowed
Sustained high I/O requires VPS upgrade

Inodes (File Count):

Maximum: 250,000 files per account
Includes all files, emails, and database entries

Email Sending:

500 emails per hour per account
100 recipients per email message
Mailing lists: Must use approved bulk email service

Bandwidth:

"Unlimited" subject to fair use
Sustained 95th percentile over 1 Mbps may require upgrade
Video streaming, file sharing, or download services prohibited

4.2 VPS and Dedicated Server Usage

While VPS and dedicated servers have dedicated resources, certain restrictions apply:

Network Usage:

No more than 80% sustained network utilization
Traffic spikes allowed, but sustained high usage requires notification

Neighbor Impacting Activities:

Activities that impact other customers on the same physical host prohibited
Excessive I/O on shared storage (VPS) may be throttled

Fair Use:

Backup traffic should be scheduled during off-peak hours
Large file transfers should be distributed over time when possible

4.3 Database Usage

Maximum database size: 1GB per database on shared hosting
Query optimization required for long-running queries
Connection pooling recommended to prevent connection exhaustion

4.4 Backup and Storage

Prohibited Storage Uses:

Backup storage for non-hosted systems
File hosting or distribution services
Long-term archival of inactive data
Media libraries for streaming services
Mirror sites or content distribution networks (unless approved)

Allowed:

Website files and databases
Email storage (counts toward quota)
Temporary file uploads (automatically cleaned)
Application data for hosted applications

5. Email Usage Policies

5.1 Email Sending Standards

Authentication Required:

SPF records must be configured
DKIM signing recommended
DMARC policy recommended

Bounce Handling:

Remove bouncing email addresses promptly
Bounce rate above 5% indicates list quality issues

Unsubscribe Mechanisms:

One-click unsubscribe required for all marketing emails
Honor unsubscribe requests within 24 hours
Maintain suppression lists

5.2 Email Receiving

Mailbox Size Limits:

Shared Hosting: 25GB total email storage per account
Individual mailboxes: 5GB recommended maximum

Email Retention:

We do not guarantee email retention beyond standard backup periods (7 days)
IMAP recommended over POP3 for better reliability

5.3 Email Forwarding

Forwarding to external addresses allowed
Catch-all addresses discouraged (can amplify spam)
Forwarding loops will be automatically broken

6. Domain Name Usage

6.1 Domain Registration

Required Accurate Information:

Registrant contact information must be accurate and current
Must respond to registrar verification emails
Must update WHOIS information within 30 days of changes

Prohibited Domain Uses:

Typosquatting or trademark infringement
Registering domains solely to resell at inflated prices
Registering domains for parking with intrusive ads
Domain tasting or dropping for profit

6.2 DNS Usage

Allowed:

Standard DNS records (A, AAAA, MX, CNAME, TXT, etc.)
DNS hosting for domains registered elsewhere

Prohibited:

Using our DNS servers for non-customer domains without authorization
DNS amplification attacks
Hosting malicious domains
Fast-flux DNS for malware distribution

7. Security Requirements

7.1 Software Updates

You Must:

Keep CMS software updated (WordPress, Joomla, Drupal, etc.)
Update plugins and themes regularly
Remove unused or abandoned software
Use strong, unique passwords

Outdated Software:

We may suspend accounts with severely outdated software if exploited
Notification provided when possible, immediate action for active threats

7.2 Vulnerability Management

If Your Site Is Compromised:

We will notify you and may temporarily suspend the account
You must clean the infection and secure the site
Repeated compromises may result in account termination

Malware Scanning:

We perform automated malware scanning
Detected malware may be quarantined automatically
Cleanup services available (fees may apply)

7.3 Access Control

Use strong passwords (minimum 12 characters, mixed case, numbers, symbols)
Enable two-factor authentication (2FA) when available
Limit administrative access to trusted IPs when possible
Do not share account credentials

7.4 Data Security

Encrypt sensitive data at rest and in transit
Use HTTPS (SSL/TLS) for all websites
Comply with PCI DSS if processing payment cards
Implement appropriate access controls

8. Reporting Violations

8.1 How to Report

If you become aware of AUP violations, report them to:

Email: abuse@fluxit.ro

Include:

Description of the violation
URLs or account details (if known)
Supporting evidence (screenshots, logs, etc.)
Your contact information

8.2 Report Handling

We review all abuse reports promptly
Critical issues (CSAM, active attacks) are addressed immediately
Response time: Typically within 24 hours for non-critical reports
We may request additional information

8.3 Anonymity

Anonymous reports accepted
We do not disclose reporter identities without consent
Legal process may compel disclosure in certain cases

9. Enforcement and Penalties

9.1 Violation Detection

We detect violations through:

Automated monitoring systems
Customer and third-party reports
Routine security scans
Law enforcement notifications
Trademark holder complaints

9.2 Enforcement Actions

Depending on severity, we may:

Warning (First Minor Offense):

Email notification with 24-48 hour correction period
No service interruption if promptly corrected

Suspension (Repeated or Moderate Violations):

Immediate suspension of services
Email notification explaining violation
Services restored upon correction and payment of reactivation fee (if applicable)

Termination (Severe Violations):

Immediate account termination without refund
Permanent ban from FluxIT services
Data deletion after 7-day grace period

Law Enforcement Referral:

Illegal activities reported to appropriate authorities
We cooperate fully with law enforcement investigations
Account preserved for evidence as required

9.3 Appeal Process

If you believe an enforcement action was in error:

Email abuse@fluxit.ro with "Appeal" in the subject line
Provide account details and explanation
We will review within 2-3 business days
Decision will be communicated via email

Appeals for illegal activities (CSAM, terrorism, etc.) will not be considered.

9.4 Repeat Offenders

Three AUP warnings within 12 months may result in termination
Repeated suspensions will result in permanent termination
Terminated customers may not create new accounts

10. Cooperation with Authorities

10.1 Legal Requests

We comply with valid legal process including:

Court orders and subpoenas
Search warrants
National security letters (where applicable)
EU and Romanian law enforcement requests

10.2 Emergency Disclosures

We may disclose account information without legal process when:

Immediate danger to life or safety exists
Child sexual abuse material is discovered
Terrorist activities are detected
Required by emergency circumstances

10.3 Transparency

We do not proactively monitor customer content (except for security/AUP compliance)
We notify customers of legal requests when legally permitted
We publish transparency reports annually (where permitted by law)

11. International Compliance

11.1 Sanctions Compliance

Our services cannot be used:

In countries subject to EU or US sanctions
By individuals on restricted party lists (OFAC, EU sanctions lists)
For transactions with sanctioned entities

Currently Restricted:

Russia (limited services)
North Korea
Iran
Syria
Crimea region

11.2 Export Controls

Certain technologies and software may not be exported to restricted countries or entities. You are responsible for compliance with export control laws.

11.3 Local Laws

You must comply with:

Laws of your jurisdiction
Laws of Romania (where our servers are located)
EU regulations and directives
International agreements applicable to your activities

12. Changes to This AUP

12.1 Amendment Rights

We reserve the right to modify this AUP at any time. Changes are effective:

Immediately for new customers
30 days after notice for existing customers

12.2 Notification

We will notify you of significant changes via:

Email to your registered address
Notice in the client portal
Announcement on our website

12.3 Acceptance

Continued use of services after the effective date constitutes acceptance of the revised AUP.

13. Contact Information

Abuse Reports: abuse@fluxit.ro

General Support: support@fluxit.ro

Security Issues: security@fluxit.ro

Legal/Compliance: legal@fluxit.ro

24/7 Emergency: +40 746 358 948 (critical issues only)

Office Hours: Monday - Friday: 9:00 AM - 6:00 PM EET

FluxIT Service Professional Hosting Solutions Bucharest, Romania https://gazduire.fluxit.ro

This Acceptable Use Policy is effective as of February 1, 2026.

By using FluxIT services, you acknowledge that you have read, understood, and agree to comply with this Acceptable Use Policy.

Violations of this AUP may result in suspension or termination of services, reporting to law enforcement, and/or legal action.