Acceptable Use Policy
Last updated: 2026-06-10. This Acceptable Use Policy ("AUP") is incorporated into the Synsmarts Terms of Service. It applies to every customer, end user, application, and workload running on the Synsmarts managed hosting platform.
Plain-English version: don't do illegal stuff with our infrastructure, don't run anything that wrecks other people's experience on the platform or on the internet, don't make our abuse desk's life worse than it has to be, and tell us when you find a problem instead of exploiting it.
1. Illegal and Harmful Activity
You may not use the Services to host, transmit, or facilitate:
- Activity that violates US, EU, UK, or other applicable law in the jurisdictions where you, your end users, or our infrastructure operate.
- Content that is defamatory, fraudulent, deceptive, or that infringes another person's intellectual property, privacy, publicity, or contract rights.
- Threats, harassment, stalking, doxxing, or incitement to violence.
- Hate speech that targets a protected class in a way that constitutes harassment, incitement, or unlawful discrimination under applicable law.
- Financial fraud, including unauthorized credit-card processing, money laundering, sanctions evasion, or operating an unlicensed money-transmission business.
- Adult content depicting non-consenting parties, non-consensual intimate imagery ("revenge porn"), or content that violates 18 U.S.C. §2257 record-keeping requirements.
2. Child Safety (Zero Tolerance)
Child sexual abuse material ("CSAM") is absolutely prohibited. We will (a) suspend the offending account immediately on credible report or detection, (b) preserve evidence in line with our legal obligations, (c) report to the National Center for Missing & Exploited Children ("NCMEC") CyberTipline as required by 18 U.S.C. §2258A, and (d) cooperate with law enforcement. We use industry-standard hash-matching technology where applicable. We do not require a court order before acting on credible reports.
Report suspected CSAM to [email protected] with subject line "CSAM REPORT — URGENT". Do not include the material itself; describe the location and how to access it.
3. Security, Integrity, and Abuse of the Platform
You may not:
- Probe, scan, or test the vulnerability of any Synsmarts system or network, or breach any security or authentication measures, except through our coordinated disclosure process (§9).
- Access an account, tenant environment, or resource that you are not authorized to access, including through credential stuffing, brute force, session hijacking, or exploitation of another tenant's vulnerability.
- Interfere with another customer's use of the Services, including by exhausting shared resources beyond your plan's documented allocations.
- Distribute or store malware, ransomware, rootkits, keyloggers, spyware, worms, viruses, or other malicious code (including in source form, except for legitimate, contained security research under §9).
- Use the Services as a command-and-control endpoint, botnet master, drop site, phishing kit host, or any infrastructure that supports an attack on a third party.
- Circumvent or attempt to disable any usage limit, billing system, rate limit, or access control.
- Reverse-engineer, decompile, or disassemble the platform except where this right cannot be excluded by applicable law.
4. Network Abuse
You may not use the Services to send traffic that:
- Constitutes a denial-of-service attack, traffic amplification (DNS, NTP, memcached, CLDAP), or reflection attack against any target.
- Forges source IP addresses, email headers, or other identifying information.
- Performs unsolicited port scanning, vulnerability scanning, or network mapping of third-party networks.
- Operates open mail relays, open SOCKS/HTTP proxies for unsolicited traffic, or open DNS resolvers.
5. Email and Messaging
You may not use the Services or any Synsmarts-provided email infrastructure (AWS SES via transactional-email relay) to send:
- Unsolicited bulk email, in violation of the US CAN-SPAM Act, Canada's CASL, EU/UK ePrivacy Directive, or any equivalent law.
- Email that misrepresents the sender, lacks a working physical postal address (where required), or lacks a working unsubscribe mechanism for marketing mail.
- Email that violates the suppression lists you are required to maintain, or that targets recipients who have unsubscribed from your prior mailings.
- SMS or any messaging that violates the US Telephone Consumer Protection Act ("TCPA"), CTIA Messaging Principles & Best Practices, or A2P 10DLC carrier rules.
We may set per-tenant outbound email and SMS limits, throttles, and quality thresholds (bounce rate, complaint rate). Repeated breach of carrier or ESP thresholds is a material AUP violation.
6. Cryptocurrency, Mining, and High-Resource Workloads
The Services are intended for managed application hosting (WordPress, Magento, and related stacks), not for general-purpose compute. The following are prohibited unless expressly agreed in your Order Form:
- Cryptocurrency mining, proof-of-work hashing, or any workload primarily designed to generate cryptocurrency.
- Cryptocurrency exchanges, custodial wallets, or tumbling services hosted on the platform.
- Use of platform compute, storage, or network as a general-purpose IaaS substrate (e.g., reselling compute to third parties, hosting unrelated workloads inside your tenant).
- Workloads whose primary purpose is to stress, benchmark, or load-test third-party services.
Legitimate ecommerce sites that accept cryptocurrency as a payment method are not prohibited by this section, provided the payment-processing integration is performed off-platform or via an approved payment processor.
7. Content Moderation and Notice-And-Takedown
We are a hosting provider; we are not the publisher of customer content and do not pre-moderate it. We will respond to compliant legal notices (DMCA, court orders, valid law-enforcement requests) as described in the ToS. For content that violates this AUP, we may, after appropriate review, require you to remove the content, suspend access, or terminate your account.
Report AUP violations or abuse you observe on the Services to [email protected]. We aim to acknowledge reports within one business day and provide a substantive response within five business days; CSAM and active security incidents are handled immediately.
8. Enforcement
We may take any combination of the following actions when we determine, in our reasonable judgment, that you have violated this AUP:
- Notice and cure. Email notice describing the violation and a window to remediate (typically 72 hours for non-urgent cases). This is the default for first-time, non-urgent violations.
- Rate-limiting or feature restriction. Reduction of outbound email, SMS, or other capabilities pending remediation.
- Suspension. Partial or full suspension of the Services per ToS §10.
- Termination. Termination of your account per ToS §6, with no refund of prepaid Fees for the period after termination becomes effective.
- Legal action and law-enforcement referral where the violation involves criminal conduct, fraud, or significant third-party harm.
Where the violation poses an active threat (in-progress attack, CSAM, network abuse causing collateral damage, ransomware C2), we may act immediately without prior notice and provide notice promptly thereafter. We will limit the scope of any action to what is reasonably necessary to address the cause.
9. Security Research and Coordinated Disclosure
We welcome reports from security researchers acting in good faith. If you have discovered a vulnerability in the Synsmarts platform, the website, or any Synsmarts-operated service, report it to [email protected] (PGP key on request). Good-faith research that:
- Is limited to your own tenant or a test account you have created,
- Does not access, modify, exfiltrate, or destroy another tenant's data,
- Does not degrade availability for other customers (no stress tests, no large-scale fuzzing of production endpoints),
- Gives us a reasonable disclosure window (typically 90 days, or sooner if you believe active exploitation is occurring), and
- Does not violate applicable law,
will not be treated as an AUP violation, and we will not pursue legal action against the researcher for the research itself. If you are unsure whether your planned testing fits within this safe harbor, contact us first. Vulnerability rewards, where offered, are at our discretion and described separately at /security when in effect.
10. Tenant Responsibilities for End-User Content
Your end users' content runs on your tenant under your control. You are responsible for your end users' compliance with this AUP. We expect you to publish and enforce your own end-user terms (consistent with this AUP) and to maintain your own takedown process. AUP violations originating from your end users are attributed to you for enforcement purposes; however, we will work with you to address them collaboratively before escalating to suspension or termination where the violation does not pose an active threat.
11. Changes to This Policy
We may update this AUP. The "last updated" date above reflects the most recent change. Material changes will be notified per the ToS notice procedure. Continued use of the Services after the effective date constitutes acceptance.
Contact
Abuse and AUP reports: [email protected]
Security vulnerabilities: [email protected]
DMCA: [email protected]
General: [email protected]