Acceptable Use Policy

General Prohibitions

The Customer shall not use the Services for any unlawful, abusive, or fraudulent purpose, or in any manner that violates the laws of the Republic of Estonia, the European Union, or any other applicable jurisdiction. The following activities are strictly prohibited:

Malicious Activities

• Distribution, hosting, or transmission of malware, viruses, worms, trojans, ransomware, spyware, adware, botnets, or any other malicious code
• Operating or controlling botnets, command and control servers, or other malicious infrastructure
• Launching or facilitating denial-of-service (DoS) attacks, distributed denial-of-service (DDoS) attacks, or any other attacks against third-party systems or networks
• Port scanning, network probing, vulnerability scanning, or penetration testing of third-party systems without explicit written permission from the target
• Brute-force attacks, password cracking attempts, or unauthorized access attempts against any system
• Exploitation of software vulnerabilities for malicious purposes

Spam and Unsolicited Communications

• Sending unsolicited bulk email (spam), including but not limited to commercial advertisements, promotional materials, or chain letters
• Sending unsolicited SMS messages, instant messages, or other forms of electronic communication
• Operating or facilitating email relay servers, open proxies, or other systems used for sending spam
• Harvesting email addresses or other contact information from websites or online services without permission
• Using purchased, rented, or scraped email lists for unsolicited marketing. Such lists, including so-called "safe lists", are treated as spam regardless of their origin
• Spoofing or forging email headers, sender addresses, or other identifying information to conceal the origin of communications
• Hosting websites that are advertised via spam ("spamvertised" sites). This prohibition applies regardless of whether the spam itself was sent from Core Hosting's infrastructure, and covers spam distributed via email, SMS, instant messaging, fax, postal mail, or any other channel
• Use of Services by any organization or entity listed in the Spamhaus Register of Known Spam Operations (ROKSO) is prohibited. Core Hosting reserves the right to verify Customers against the ROKSO database at any time and to suspend Services upon confirmation of a listing

Illegal Content and Activities

• Hosting, distributing, or linking to child sexual abuse material (CSAM) or any content depicting minors in sexual or exploitative contexts
• Hosting, distributing, or promoting content that glorifies, incites, or facilitates terrorism, as defined in Regulation (EU) 2021/784
• Hosting or distributing content that promotes, facilitates, or glorifies violence, hate speech, discrimination, or harassment based on race, ethnicity, national origin, religion, gender, sexual orientation, disability, or other protected characteristics
• Hosting or facilitating illegal gambling, betting, or gaming operations without proper licenses
• Hosting or facilitating the sale of illegal drugs, controlled substances, counterfeit goods, stolen property, or other illegal products
• Hosting or facilitating human trafficking, prostitution, or other forms of exploitation
• Hosting or distributing copyright-infringing content, pirated software, illegal music or video files, or other materials that violate intellectual property rights
• Hosting or facilitating fraud, phishing, identity theft, financial scams, pyramid schemes, or other deceptive practices
• Hosting or distributing instructions or tools for creating weapons, explosives, or other dangerous devices
• Any activity that violates export control laws, sanctions, embargoes, or trade restrictions

Network Abuse

• Consuming excessive bandwidth, CPU, memory, or other server resources in a manner that negatively impacts other customers (resource abuse)
• Operating cryptocurrency mining operations on shared hosting or VPS services (unless explicitly permitted in the Service plan)
• Operating file-sharing, torrent, or peer-to-peer (P2P) networks on shared hosting services (unless explicitly permitted)
• Operating public proxy servers, VPN services, or Tor exit nodes on shared hosting services (unless explicitly permitted)
• Operating IRC (Internet Relay Chat) servers, bots, or bouncers on shared hosting services
• Generating excessive traffic that saturates network links or impacts network performance
• Interfering with or disrupting Core's systems, networks, or other customers' services
• Any Customer activity that causes Core Hosting's IP addresses, network ranges, or domains to be listed in public blocklists or reputation databases (including but not limited to Spamhaus, SORBS, Barracuda, or similar services). Accounts whose activity results in such listings will be immediately suspended pending investigation

Intellectual Property Violations

• Hosting, distributing, downloading, or selling content that infringes on trademarks, copyrights, patents, trade secrets, or other intellectual property rights
• Operating websites that facilitate copyright infringement, such as torrent indexing sites or direct download link aggregators
• Distributing software keygens, cracks, patches, or license key generators
• Reproducing, distributing, or publicly performing copyrighted works without proper authorization or licensing

Privacy Violations

• Collecting, storing, or processing personal data without proper legal basis or in violation of GDPR and other data protection laws
• Sharing, selling, or distributing personal data without consent or legal authorization
• Operating surveillance systems, spyware, or keyloggers that violate individuals' privacy
• Scraping or harvesting personal data from websites or online services without permission
• Using the Services to stalk, harass, or monitor individuals without their consent

Unauthorized Access and Security Violations

• Attempting to gain unauthorized access to Core Hosting's systems, networks, servers, or other customers' accounts
• Circumventing, disabling, or interfering with security features, access controls, or authentication mechanisms
• Sharing or distributing account credentials, API keys, or other authentication tokens
• Reverse engineering, decompiling, or attempting to extract source code from Core Hosting's software or services
• Accessing or attempting to access data, systems, or networks that the Customer is not authorized to access

Phishing and Deceptive Practices

• Operating phishing websites that impersonate legitimate businesses, financial institutions, or government agencies
• Creating fake login pages designed to steal credentials or personal information
• Distributing deceptive emails, messages, or content designed to trick recipients into disclosing sensitive information
• Operating investment scams, Ponzi schemes, or other fraudulent financial schemes
• Creating misleading or deceptive websites, advertisements, or content

Service-Specific Restrictions

The following content types, activities, and service configurations are prohibited across Core Hosting services unless explicitly permitted in the applicable service plan. Where a restriction applies only to a specific service type, this is noted inline.

• Image hosting scripts that allow anonymous users to upload images for display on third-party websites (similar to Photobucket or Tinypic)
• Banner ad rotation services for display on other websites or devices
• File dump or mirror scripts that allow anonymous users to upload files for others to download (similar to file sharing services)
• BitTorrent trackers or file-sharing sites
• Commercial audio streaming exceeding one or two concurrent streams
• Push-button mail scripts that allow specifying arbitrary recipient email addresses
• Anonymous or bulk SMS gateways
• Using hosting accounts as a general-purpose data repository or for storing backups from another computer or website unrelated to the hosted project. Core Hosting reserves the right to remove such files without prior notice
• Cryptocurrency mining operations
• Proxy or VPN services for public use
• IRC (Internet Relay Chat) servers or bots
• Public recursive DNS resolvers (recursive DNS must be restricted to internal network access or a limited set of IP addresses)
• Open email relays or similar amplification services
• Anonymous gateway services
• Mail bombs, Internet packet flooding, packet corruption, or denial-of-service attacks originating from Core Hosting infrastructure
• Gaming servers, voice chat servers, or high-traffic streaming on shared hosting (dedicated resources required)
• Automated website scraping, data mining, or web crawling that generates excessive server load on shared hosting
• Long-running background processes, daemons, or cron jobs that consume excessive resources on shared hosting
• Commercial resale of hosting or email services except through Core Hosting's designated reseller programs, dedicated server plans, or managed server solutions
• Adult content websites, except on services explicitly designated for such use and in compliance with all applicable laws
• Any script or application that causes measurable degradation in server or network performance for other customers

Core Hosting actively scans for prohibited services and reserves the right to remove any server from the network that violates these restrictions. The Customer acknowledges that all websites associated with a hosting account may be suspended if any one website on that account is found to be in violation.

Compliance with Laws and Regulations

• The Customer must comply with all applicable laws and regulations of the Republic of Estonia, the European Union, and any other relevant jurisdictions
• The Customer must comply with all applicable industry-specific regulations (e.g., financial services, healthcare, telecommunications)
• The Customer must comply with all applicable licensing requirements for software, content, and services
• The Customer must obtain all necessary permits, licenses, and approvals before conducting regulated activities (including unlicensed gambling, sale of restricted goods, or activities requiring special permits)

Reseller Responsibility

Customers who resell Core Hosting's Services to their own end users ("Resellers") are responsible for ensuring that their end users comply with this Acceptable Use Policy. Resellers must incorporate equivalent use restrictions into their own agreements with end users.

When Core Hosting identifies or receives a report of an AUP violation by an end user of a Reseller, Core Hosting will, where practicable, suspend the affected end user account and notify the Reseller so that the Reseller can address the matter directly. However, Core Hosting reserves the right to act without prior notification to the Reseller where the violation is severe or time-critical (e.g., malware distribution, DDoS attacks, CSAM, or active phishing).

Repeated or unresolved AUP violations within a Reseller's customer base may result in suspension or termination of the Reseller's account in its entirety, in addition to the actions taken against the individual end user accounts.

Reporting Violations

If the Customer becomes aware of any violation of this Acceptable Use Policy by another Core Hosting customer, the Customer should report it to the appropriate contact:

• General abuse reports: abuse@core.hosting
• Terrorist content (EU Regulation 2021/784): tco-contact@core.hosting
• Digital Services Act matters: regulatory-contact@core.hosting
• Law enforcement and legal requests: compliance@core.hosting

For detailed information on how we handle abuse reports and the actions we take, please refer to our Abuse Handling Policy.

Consequences of Violations

Violations of this Acceptable Use Policy may result in:

• Immediate suspension of Services without prior notice for zero-tolerance violations (deliberate SPAM, phishing, malware distribution, child abuse content, terrorist content, or other serious violations)
• Notification and requirement to remediate the violation within 7 days for compromised accounts or first-time minor violations
• Removal or deletion of offending content
• Reporting to law enforcement authorities where illegal activities are detected
• Cooperation with law enforcement investigations
• Legal action to recover damages or costs incurred by Core Hosting
• Permanent termination of Services following suspension according to section 8.9 of our Terms of Service

Effect on refunds: If Services are suspended or terminated due to AUP violations, no refunds will be issued for any prepaid fees. For details, refer to the Core Hosting Refund Policy.

Services suspended for zero-tolerance violations will not be reactivated and remain suspended until automatic termination occurs. For detailed information on suspension, reactivation procedures, and timelines, please refer to our Abuse Handling Policy.

Failure to respond to a communication from Core Hosting's compliance team within 48 hours of receipt, or within any shorter timeframe specified in the communication, may result in immediate suspension of Services pending resolution of the matter.

No Monitoring Obligation

Core Hosting is not obligated to monitor Customer use of the Services for violations of this Acceptable Use Policy. However, Core Hosting reserves the right to investigate suspected violations and take appropriate action. Core Hosting may use automated security scanning tools (including ImmunifyAV+), manual review, third-party abuse reports, or automated blocklist notifications to detect violations. For more information on our investigation procedures, please refer to our Abuse Handling Policy.