$ less /etc/internalhost/aup

Acceptable Use Policy

Version 1.0 · Last updated: 2026-05-03

Short version

Don't be a jerk.

(The long version below is for lawyers and compliance officers, and for anyone interested in the details.)

1. What is allowed

Practically anything legal in the Netherlands and the EU. You get root access — you are admin on your own server. We don't proactively inspect your workloads.

  • Websites, web apps, APIs, databases, mail servers, game servers, etc.
  • Self-hosted AI, automation, machine learning training
  • VPNs, mesh networks, Tor relays (no exit nodes — see below)
  • Crypto wallets and (limited) crypto nodes — no mass mining

2. What is not allowed

Things that are illegal, or that harm others:

  • Spam. Bulk email without verifiable opt-in. We monitor outbound mail rates.
  • Phishing, fraud, scam pages, fake shops.
  • Malware distribution and C&C servers.
  • DDoS, port scans, brute-force attacks from our infrastructure.
  • Child exploitation in any form. Reported directly to authorities and EOKM.
  • Tor exit nodes. Available on request in an isolated network segment — not on shared infrastructure.
  • Copyright infringement that directly generates traffic and/or complaints on our infrastructure.
  • Activities undermining democratic states.

3. Crypto / mining

A moderate validator node or light node is fine. Bulk mining on shared infrastructure is not allowed. On dedicated hardware and colocation it's your call, as long as you stay within your power allocation.

4. AI usage

Running self-hosted AI models is fine. Not fine: bot farms for synthetic content aimed at deception, deepfakes of real people without consent, training on stolen datasets.

5. Not sure?

Ask. Send a Signal or email with your use case. We'd rather have a conversation about a grey area upfront than deal with an abuse report after the fact.

6. What happens if we find something

On abuse reports or self-detected violations:

  1. We send you a notice with the details.
  2. You get a reasonable window (usually 24–48h) to respond or resolve it.
  3. For serious violations (child exploitation, active DDoS, malware C&C) the service is suspended immediately without prior warning.
  4. On refusal or repeat offence: account termination without refund.

7. Backups and data

Backups are your responsibility, unless you have a managed package where they are included (see product description or EASEO). Data loss through your own fault cannot be undone by us.

8. Questions?

Contact us via Signal or email.