Acceptable Use Policy

You are prohibited from using our services to publish content or participate in activities that are illegal under applicable law, harmful to others, or could potentially expose us to liability. This includes, but is not limited to:

1.1 Security and Access Violations

• Unauthorised Network Scanning: Conducting port scans, vulnerability assessments, or security testing on systems or networks without explicit authorisation.
• Unauthorised Access: Attempting to gain unauthorised access to accounts, systems, or networks, or attempting to penetrate security measures.
• Identity Fraud: Engaging in phishing, spoofing, or any form of identity theft or fraudulent impersonation.
• Phishing and Social Engineering: Hosting phishing pages, distributing phishing kits, conducting credential harvesting, or facilitating social engineering attacks.

1.2 Malicious Software and Network Attacks

• Malicious Code: Distributing, uploading, or facilitating the spread of viruses, worms, Trojan horses, ransomware, or other malicious software.
• Botnet and Malware Distribution: Hosting, distributing, or operating command and control (C&C) servers for botnets, malware, or other malicious software.
• Network Attacks: Facilitating or conducting Denial of Service (DoS), Distributed Denial of Service (DDoS), or other attacks that disrupt network services.
• Unauthorised Security Testing: Testing third-party systems (including penetration testing, vulnerability scanning, or stress testing) without their explicit authorisation is prohibited. Testing against your own infrastructure is permitted only with prior written notice to noc@pdxnet.co.uk and within the agreed scope and window.

1.3 Communications and Spam

• Unsolicited Communications: Distributing spam, unsolicited bulk emails, or other unwanted communications.
• Spam and Email Abuse: Operating open relays, generating backscatter, harvesting email addresses, or engaging in email abuse practices that violate anti-spam regulations.
• Email Authentication: Customers sending email from our network are required to publish valid SPF, DKIM, and DMARC records for the sending domain. Outbound port 25 is blocked by default and unblock requests follow the process in our Terms of Service Section 10.

1.4 Intellectual Property and Content

• Copyright Infringement and Piracy: Distributing, downloading, or facilitating the distribution of copyrighted material without authorisation. Customers receiving copyright infringement notices must immediately cease the infringing activity. Continued infringement after notice may result in immediate service termination.
• Intellectual Property Infringement: Violating intellectual property rights, including copyright, trademark, or patent infringement.

1.5 Illegal Goods, Services, and Fraud

• Illegal Goods and Services: Facilitating the sale, distribution, or promotion of illegal goods or services, including drugs, weapons, stolen goods, counterfeit merchandise, or services that violate applicable law.
• Fraud and Scams: Engaging in or facilitating fraudulent schemes, including pyramid schemes, investment fraud, romance scams, advance-fee fraud, or other deceptive practices.

1.6 Illegal Content and Discrimination

• Illegal Content: Publishing, hosting, or distributing content that is illegal under applicable law, including illegal escort services and non-consensual intimate imagery. Adult content and pornography are permitted only when fully compliant with UK law, including the age assurance duties in Part 5 of the Online Safety Act 2023 and the consent of all participants.
• Hate Speech and Discrimination: Promoting, facilitating, or engaging in hate speech, discrimination, or harassment based on protected characteristics including race, ethnicity, religion, gender, sexual orientation, disability, or national origin.

1.7 Cryptocurrency and Resource Abuse

• Cryptocurrency Mining: Cryptocurrency mining of any form (including proof-of-work, proof-of-space, and similar resource-intensive consensus mechanisms) is prohibited on all VPS, dedicated, and shared services, regardless of whether the underlying resources belong to the customer. Mining within colocation services is permitted only where the customer's equipment stays within their committed power, cooling, and bandwidth allocations as set out in Section 7. Sustained overuse of these allocations will result in throttling, additional charges, suspension, or termination.

1.8 Customer Responsibility

• Third-Party Liability: Customers are responsible for the actions of all authorised users of their account. Customers may not resell, redistribute, or allow third parties to use services for prohibited activities.

ParadoxNetworks Limited has a zero-tolerance policy for child sexual abuse material (CSAM) and any content depicting the exploitation or abuse of minors. This is a serious criminal offence and a severe violation of this policy.

2.1 Prohibited Activities

• Publishing, distributing, possessing, or facilitating access to CSAM
• Creating, producing, or commissioning content depicting the exploitation or abuse of minors
• Grooming, soliciting, or facilitating the abuse of minors
• Any activity that sexualises, exploits, or harms children

2.2 Mandatory Reporting

ParadoxNetworks Limited will:

• Immediately suspend or terminate services upon discovery of CSAM or child exploitation
• Preserve all data and evidence for law enforcement, overriding any standard data deletion policies
• Report content to the Internet Watch Foundation (IWF) (the UK hotline at iwf.org.uk) and to the National Crime Agency (NCA) / CEOP as appropriate
• Where content concerns US-hosted infrastructure or US persons, also report to the National Center for Missing & Exploited Children (NCMEC)
• Report violations to other relevant law enforcement authorities
• Cooperate fully with investigations
• Not provide advance notice before reporting to authorities

Customers acknowledge that ParadoxNetworks Limited will not hesitate to report suspected child exploitation to law enforcement and will not provide warning or opportunity to delete evidence.

You are prohibited from utilising our services in a manner that results in us or our resources being subjected to blacklisting or blocking. We retain the right to suspend or terminate your services, account, and any access to our network or physical infrastructure. Engaging in operations or reselling services on behalf of or in connection with individuals or entities listed on Spamhaus lists (including SBL, XBL, DBL, ROKSO, and AS-DROP) will be regarded as a breach of this policy. We also rely on other widely-used reputation feeds (for example Spamcop and SORBS) and our own internal reputation data when evaluating abuse and reseller eligibility.

abuse@pdxnet.co.uk is our published abuse contact (RFC 2142) and is reflected in the abuse-c attribute of our RIPE objects.

3.1 Abuse Reporting and Customer Cooperation

Customers who discover abuse or violations occurring on their account must immediately report such activity to abuse@pdxnet.co.uk. Customers are required to:

• Promptly report any suspected abuse or policy violations
• Cooperate fully with ParadoxNetworks Limited investigations
• Preserve evidence and logs related to suspected abuse
• Implement reasonable security measures to prevent unauthorised use
• Notify ParadoxNetworks Limited immediately upon discovering account compromise

Failure to report known abuse or cooperate with investigations may result in service suspension or termination.

3.2 Monitoring and Logging

ParadoxNetworks Limited reserves the right to monitor network traffic, account activity, and service usage to detect and prevent violations. Customers acknowledge that:

• Account activity may be monitored for compliance purposes
• Logs may be retained for abuse investigation and law enforcement cooperation
• Monitoring may include automated detection systems and manual review
• Evidence of policy violations may be shared with law enforcement
• Customers have no expectation of privacy in activities that violate this policy

4.1 Tor Nodes

The use of Tor Exit, Tor Relay, and Tor Bridge nodes on our network using our IP address space is strictly prohibited. This restriction prevents abuse complaints, IP reputation damage, and blacklisting of our network resources. Violation will lead to the immediate suspension and/or termination of services.

BGP services are provided under strict compliance policies to ensure the stability and security of our network and the wider internet.

5.1 BGP Configuration and Use

5.1.1 Route Announcements

• All BGP route announcements must be accurate, necessary, and authorised. Only prefixes owned by the customer or explicitly allowed by the prefix owner should be announced.

5.1.2 Route Registry Accuracy and RPKI

• Customers must maintain accurate IRR records for all prefixes they announce.
• Customers must publish Route Origin Authorisations (ROAs) via RPKI for all announced prefixes. ParadoxNetworks Limited operates Route Origin Validation (ROV) and drops RPKI-invalid prefixes received from customers.

5.1.3 Prevention of Route Leaks

• Customers must implement appropriate prefix filters (incoming and outgoing) to prevent route leaks and mis-announcements.

5.1.4 Coordination and Notification

• Significant BGP changes or planned large-scale announcements must be pre-coordinated with our network operations team.

5.1.5 Downstream Network Restrictions

• Downstream transit for networks deemed bad (at our sole discretion) is not permitted, including any ASN listed on the Spamhaus AS-DROP list. Failure to comply may result in BGP session suspension or service termination.

5.2 BGP Community Usage

5.2.1 Community Support

• Community tags are provided for managing traffic flows and routing policies. Use must follow the published community guide.

5.2.2 Prohibited Uses

• Manipulating communities to circumvent traffic engineering, cause unnecessary route propagation, or otherwise destabilise the network is prohibited.

5.3 Monitoring and Compliance

5.3.1 Monitoring

• We actively monitor BGP sessions for anomalies, misconfigurations, and policy violations. Sessions in violation may be temporarily suspended pending resolution.

5.3.2 Compliance

• Failure to comply may result in temporary suspension or permanent termination of BGP services.

6.1 Fair Use of Resources

6.1.1 CPU and RAM Usage

• Activities that consistently consume excessive CPU or RAM may degrade performance for other users. We reserve the right to limit CPU resources for processes that negatively impact server performance.

6.1.2 Bandwidth

• Bandwidth is monitored monthly per customer using 5-minute samples across the calendar month.
• VPS and Bare Metal Fair Use: Unless the plan or order form specifically states otherwise, bandwidth on VPS and bare metal services is subject to a fair-use cap of 100 Mbps measured at the 95th percentile, applied to inbound and outbound traffic separately and evaluated against the higher of the two. Usage above this level may be throttled or, in cases of sustained abuse, result in suspension. Higher committed bandwidth is available on request.
• IP Transit (Committed): Transit customers on a committed plan are billed on the 95th percentile against the committed rate stated in their order form, with overage billed per Mbps over the commit at the rate in the order form (see also Section 8 and Terms of Service Section 6.2).
• IP Transit (Pay-As-You-Go): PAYG transit customers have no committed rate; usage is billed per Mbps on the 95th percentile measurement at the published PAYG rate.

6.2 Monitoring and Enforcement

6.2.1 Automated Monitoring

• Automated systems monitor and manage resource usage across all hosted services.

6.2.2 Notification of Excessive Use

• Customers whose usage threatens platform stability will be notified and offered options to reduce usage or upgrade.

6.2.3 Remedial Actions

• In significant overuse cases, we may temporarily suspend services or auto-upgrade to a higher plan with customer agreement.

7.1 Power Consumption

7.1.1 Power Allocation

• Each colocation customer is allocated a specific amount of power based on their service plan.

7.1.2 Monitoring and Compliance

• Power usage is monitored. Customers exceeding their allocation may be subject to additional charges or required to upgrade.

7.1.3 Energy Efficiency

• Customers are encouraged to use energy-efficient equipment to minimise consumption and support sustainability.

7.2 Cooling and Heat Density

• Customers must operate equipment within the cooling and heat-density envelope of the cabinet and facility. Heat output exceeding the rated kW per cabinet may require relocation to a higher-density configuration at additional cost.

7.3 Equipment Restrictions

• No equipment posing a fire, chemical, or electrical safety risk (including customer-supplied UPS units, standalone battery banks, lithium-ion energy storage, modified power supplies, or non-rack-mountable consumer hardware) may be installed without prior written approval. Embedded or manufacturer-supplied batteries integrated into standard server hardware (for example RAID controller battery backup units, NVRAM/RTC coin cells, and BBUs shipped as part of OEM enterprise equipment) are not affected by this restriction.
• Customer-supplied UPS units (battery-backed power) are not permitted in our colocation service. Power resilience is provided at the facility level. Customers requiring on-site backup power must arrange this with us in advance.

7.4 Cabling and Labelling

• All cabling must follow tidy cable management practices (front-to-back airflow preserved, no obstruction of perforated tiles).
• Each cable must be labelled at both ends with the customer name and circuit ID. Unlabelled cabling may be removed during housekeeping.

For further details on colocation access and additional terms, refer to the Terms of Service.

8.1 Usage and Bandwidth

• Fair Use: Customers are expected to use IP Transit within the allocated bandwidth limits and not exceed agreed-upon capacity without prior arrangement.
• Traffic Management: ParadoxNetworks Limited may implement traffic management policies to ensure equitable access and network efficiency.

8.2 Source Address Validation (BCP38)

• Customers must implement source address validation in line with BCP38 / RFC 2827. Only traffic with source addresses from prefixes the customer is authorised to announce will be accepted on transit links. Spoofed source traffic will be filtered or, in cases of sustained abuse, the session will be suspended.

8.3 Security and Compliance

• DDoS Protection: In the event of a DDoS attack, we will implement protective measures by blackholing traffic to the affected IPs down to the most specific /32 (IPv4) or /128 (IPv6) prefix.
• Lawful Use: All use of IP Transit must comply with applicable laws and regulations, including data protection and copyright.

9.1 Ofcom Compliance

ParadoxNetworks Limited operates in accordance with the Ofcom General Conditions of Entitlement and signs up to the Ofcom Voluntary Code of Practice on Broadband Speeds for residential and business broadband services.

9.2 Service Quality and Performance

• Reasonable Speeds: Broadband services are provided at speeds consistent with the purchased service plan. Actual speeds may vary due to network conditions, equipment, and usage patterns.
• Service Availability: We aim for 99.5% uptime, measured monthly. Scheduled maintenance is excluded.
• Performance Monitoring: Customers may request performance reports.

9.3 Fair Usage and Traffic Management

• Fair Usage Policy: All broadband services are subject to fair usage policies. Excessive usage that impacts network performance may result in traffic management or throttling.
• Traffic Management Transparency: Practices and impacts will be communicated transparently.
• Notification of Changes: Customers will be notified of policy changes with reasonable notice.

9.4 Complaints and Dispute Resolution

Complaints are handled per the procedures in our Terms of Service. If a complaint cannot be resolved or remains open after 8 weeks, customers may refer it to Ombudsman Services: Communications, the Ofcom-approved ADR provider for the communications sector (https://www.ombudsman-services.org/sectors/communications).

9.5 Service Suspension and Termination

• Suspension: Reasonable notice is provided before suspension for non-payment or policy violations, except in emergency or serious breach.
• Termination Notice: At least 30 days' written notice for material contract changes or termination, in line with Ofcom General Condition C1, except in cases of serious breach or emergency.
• Data Deletion: Service-related data is deleted immediately on termination per our Terms of Service.

9.6 Billing and Charges

• Transparent Pricing: Charges are clearly itemised. Customers receive detailed invoices.
• Price Changes: At least 30 days' notice. Customers may cancel without penalty if they do not accept increases.
• Billing Disputes: Customers may dispute charges within 30 days of invoice. Disputed amounts do not accrue interest pending resolution.

10.1 Adherence to Policies

Customers must use services in full compliance with our Terms of Service and this AUP. This includes maintaining the security of their systems and not engaging in activities that could harm our network, other customers, or the broader internet.

10.2 Responsibility for Compliance

It is the customer's responsibility to understand and adhere to all applicable policies and guidelines.

10.3 Consequences of Violation

Violations may lead to:

• Temporary suspension of services
• Permanent termination of services
• Other actions as deemed necessary to maintain integrity and security

11.1 How to Report

Misuse of services can be reported to abuse@pdxnet.co.uk. ParadoxNetworks Limited investigates reports and takes appropriate action.

We may not always be able to share investigation outcomes with reporters for privacy, security, or operational reasons. Where we are required to inform an affected data subject under UK GDPR, we will do so. Law enforcement requests should go to legal@pdxnet.co.uk.

11.2 Notice and Takedown (Hosting)

ParadoxNetworks Limited operates the hosting safe harbour set out in regulation 19 of the Electronic Commerce (EC Directive) Regulations 2002. To submit a notice (for example, copyright infringement, defamatory content, or other unlawful material), please email abuse@pdxnet.co.uk with the following:

• Your full name, organisation, and contact details
• A description of the work or right alleged to be infringed (or the law alleged to be breached)
• The URL or IP address of the material
• A statement made in good faith that you believe the material is unlawful, and that the information in your notice is accurate
• Where applicable, a statement that you are the rights holder or are authorised to act on their behalf

We aim to acknowledge notices within 2 business days and to act on valid notices promptly. Submission of false or abusive notices may itself give rise to legal liability.

Users must comply with all relevant laws and regulations, including data protection, copyright, and anti-spam regulations.

ParadoxNetworks Limited is not responsible for content transmitted or stored on its network by users. Users are solely responsible for their actions and content.

All terms and conditions in this AUP are subject to the fairness and liability provisions in our Terms of Service.

ParadoxNetworks Limited is registered as a service provider under the Electronic Commerce Regulations 2002. We maintain clear identification of our business, transparent pricing in line with Section 2.3 of our Terms of Service (consumer prices inclusive of VAT; business prices and stated fees exclusive of VAT), and accessible complaint handling procedures. Customers may refer unresolved complaints to an approved Alternative Dispute Resolution (ADR) provider.

Claims arising from this AUP are subject to the limitation period in our Terms of Service.

ParadoxNetworks Limited may update or modify this AUP at any time. Users will be notified of changes. Continued use after such changes constitutes acceptance.