1. Purpose and Scope.
This Acceptable Use Policy (“AUP”) defines the standards that apply to the use of infrastructure, networks, and services that Gridprise LLC (“Gridprise,” “we,” “us,” or “our”) designs, provisions, manages, monitors, or supports on behalf of clients (“Client Systems”), and to the use of our website at gridprise.com.
This AUP is incorporated by reference into our Terms of Service and into every client engagement. It exists to protect our clients, our infrastructure and network partners, the stability of the systems we operate, and the internet community generally. Violations can result in the enforcement actions described in Section 13, up to and including immediate suspension and termination.
Where a client’s separate agreement with an underlying provider (for example, a data center, cloud platform, or carrier) imposes stricter requirements, those stricter requirements also apply.
2. Who This Policy Applies To.
This AUP applies to:
- Every Client and its employees, contractors, and agents.
- Every end user, customer, or downstream party to whom a Client resells, sublicenses, or otherwise provides access to Client Systems.
- Any party that accesses Client Systems with a Client’s permission or credentials.
Clients are responsible for the conduct of all such parties. Abuse originating from a Client’s users is treated as abuse by the Client. Clients who provide services to their own users must impose use restrictions at least as protective as this AUP and must enforce them.
3. Illegal Use.
Client Systems may not be used to engage in, promote, facilitate, or instruct others in any activity that is illegal under applicable local, state, national, or international law. Prohibited activities include, without limitation:
- Fraud, financial scams, pyramid or Ponzi schemes, and deceptive marketing practices.
- Theft, sale, or trafficking of stolen data, credentials, payment card information, or identities.
- Unlawful gambling operations.
- Distribution or sale of controlled substances, counterfeit goods, or other items in violation of law.
- Money laundering and violations of financial-services regulations.
- Violations of export control and sanctions laws, including providing services to embargoed persons or destinations.
- Any activity that would create legal liability for Gridprise or its infrastructure partners.
4. Prohibited Content.
Client Systems may not be used to create, store, host, publish, display, transmit, distribute, or link to content that:
- Constitutes child sexual abuse material (CSAM) in any form — we will report such material to the National Center for Missing & Exploited Children and law enforcement immediately and without notice, and will preserve evidence as required by law.
- Promotes, incites, or threatens violence or physical harm against any person or group, or glorifies acts of terrorism.
- Constitutes unlawful harassment, stalking, or credible threats.
- Is defamatory or maliciously false.
- Infringes any copyright, trademark, patent, trade secret, or other proprietary right — including hosting or distributing pirated software, media, warez, keygens, or license-circumvention tools.
- Violates the privacy or publicity rights of others, including doxxing, nonconsensual intimate imagery, and unlawful publication of personal data.
- Is obscene or unlawful under the laws applicable to the content’s storage location or intended audience.
We do not police lawful content on Client Systems and are not the arbiter of taste; this section is about content that is unlawful or that creates operational or legal risk to the platform and other clients.
5. Email, Messaging, and Anti-Spam.
Client Systems may not be used to send unsolicited bulk email or messages (“spam”) of any kind, in violation of the CAN-SPAM Act, CASL, the GDPR/ePrivacy rules, or equivalent laws. For any bulk or commercial messaging from Client Systems:
- Recipients must have given verifiable opt-in consent, and consent records must be retained.
- Messages must include accurate header information, a truthful subject line, a valid physical postal address where required, and clear sender identification.
- Every message must include a working unsubscribe mechanism, honored within the legally required period.
- Harvested addresses, purchased lists without verified consent, and dictionary or brute-force address generation are prohibited.
- Sending through third-party relays or providers without their authorization is prohibited.
- Operating an open mail relay, open proxy, or any unauthenticated relaying service is prohibited.
We may require senders of bulk mail to implement SPF, DKIM, DMARC, and feedback-loop processing, and to maintain bounce and complaint rates within industry norms. Persistent listing on major DNSBLs due to a Client’s sending practices is grounds for suspension of the affected service.
6. Network Abuse.
The following activities are prohibited on, from, or directed at Client Systems:
- Denial-of-service or distributed denial-of-service attacks of any kind, and the operation of or participation in botnets or DDoS-for-hire (“booter”/“stresser”) services.
- Unauthorized port scanning, network probing, ping floods, packet spoofing, or forged routing information.
- Vulnerability scanning or penetration testing of systems you do not own or lack written authorization to test.
- IP, ARP, or DNS spoofing; BGP hijacking; or announcement of IP prefixes or ASNs without authorization from the resource holder.
- Interception, monitoring, or capture of network traffic not intended for you.
- Circumventing bandwidth, rate, or quota limits, or manipulating usage-measurement mechanisms.
- Any activity that materially degrades the stability, performance, or security of any network — ours, our providers’, or third parties’.
7. Security Violations.
You may not use Client Systems to:
- Access or attempt to access any system, account, network, or data without authorization, or exceed authorized access.
- Circumvent or attempt to circumvent authentication, access controls, or security measures.
- Develop, host, distribute, or operate malware, ransomware, viruses, worms, rootkits, keyloggers, stealers, exploit kits, or command-and-control infrastructure.
- Host, operate, or link to phishing pages, credential-harvesting forms, or infrastructure that impersonates other organizations.
- Store or traffic in stolen credentials, session tokens, or authentication material.
- Conduct social-engineering attacks against third parties.
- Interfere with any system’s service to any user, host, or network, including mail bombing and deliberate crash attempts.
Authorized security research. Legitimate security research and testing against systems you own or are authorized in writing to test is permitted. If your testing may trigger our monitoring or affect shared infrastructure, notify us in advance so we can coordinate.
8. Resource and Platform Abuse.
Client Systems must be used within the capacity, purpose, and workload profile provisioned under the applicable engagement. Unless expressly agreed in writing, the following are prohibited:
- Cryptocurrency mining, including “burstable” or idle-cycle mining.
- Operating public or commercial proxy/VPN exit services, Tor exit nodes, or anonymization endpoints.
- Sustained resource consumption designed to exploit flat-rate, shared, or oversubscribed billing models.
- Running IRC servers or bots with a history of attracting attacks, without disclosure.
- Reselling raw capacity of managed infrastructure without disclosure and written agreement.
- Any workload that materially interferes with other tenants of shared infrastructure or destabilizes the underlying platform.
We may throttle, isolate, or migrate workloads that endanger platform stability while we contact you, and will restore normal operation once the risk is addressed.
9. DNS, Domains, and IP Space.
Domains, DNS services, and IP resources associated with Client Systems may not be used for:
- Fast-flux or double-flux hosting of abusive content.
- Domain-generation algorithms supporting malware distribution or command and control.
- Typosquatting or homoglyph domains intended to deceive users.
- DNS amplification, cache poisoning, or other DNS-based attacks.
- Falsified WHOIS/registrant information used to facilitate abuse.
- Announcement or use of IP space without the resource holder’s authorization.
Clients must maintain accurate reverse DNS and registration data for resources we manage on their behalf, and must respond to legitimate abuse contact requirements attached to those resources.
10. Responsibility for End Users and Resale.
If you resell, sublicense, white-label, or otherwise make Client Systems available to your own users or customers, you must:
- Bind those users to written terms at least as protective as this AUP.
- Maintain a working, monitored abuse contact and a documented abuse-handling process.
- Respond to abuse reports we forward within twenty-four (24) hours for critical issues (active attacks, phishing, CSAM, malware) and within three (3) business days for other issues.
- Take effective, timely corrective action, up to suspending or terminating the offending user.
- Keep records sufficient to identify the user responsible for activity from any resource assigned to you, and provide them to us when reasonably required to investigate abuse.
Failure to manage downstream abuse is itself a violation of this AUP.
11. Monitoring and Investigations.
We do not routinely monitor the content of data on Client Systems. However, we may investigate suspected violations of this AUP, including in response to abuse complaints, notices from upstream providers or law enforcement, security alerts, or anomalies detected by our operational monitoring. In connection with an investigation we may: review logs, traffic metadata, and system state; preserve evidence; and, where necessary and proportionate, inspect content associated with the suspected violation. We will conduct investigations in a manner consistent with our Privacy Policy and our contractual obligations.
12. Reporting Abuse.
To report suspected abuse involving systems managed by Gridprise, email hello@gridprise.com with “Abuse” in the subject line. Effective reports include:
- The source IP address, domain, or URL involved.
- Timestamps with time zone.
- Relevant log excerpts, message headers, or other evidence.
- Your contact information for follow-up.
We review all reports, prioritize by severity, and act on verified violations. We do not disclose reporter identities to the subject of a report except as required by law.
13. Enforcement.
Enforcement is proportionate to severity, history, and risk. Depending on the circumstances, actions may include one or more of:
- Notice and cure — a written request for corrective action with a deadline.
- Technical mitigation — filtering, rate-limiting, or isolating specific traffic, services, or workloads.
- Suspension — temporary suspension of the affected service or of all services.
- Termination — termination of the engagement for material breach, as provided in the Terms of Service.
- Referral — reporting unlawful activity to law enforcement and cooperating with lawful investigations, including preservation and disclosure of evidence where legally required.
Immediate action. For violations that pose an immediate risk to security, legal exposure, or network stability — including CSAM, active attacks originating from Client Systems, live phishing infrastructure, malware distribution, court orders, and credible upstream-provider ultimatums — we may suspend affected services immediately and without prior notice. We will notify you as soon as reasonably practicable and work with you to restore service once the risk is resolved.
Fees and liability. Fees remain payable during suspensions caused by your violation. You are responsible for costs we reasonably incur responding to your violation, including remediation labor and third-party penalties passed through to us. We are not liable for losses resulting from enforcement actions taken in good faith under this AUP.
No waiver. Our decision not to act on a violation is not a waiver of our right to act on that or any other violation.
14. Changes to This Policy.
We may update this AUP from time to time as threats, law, and industry practice evolve. The current version will always be posted at this page with an updated “Last updated” date. Material changes will be communicated to active clients with reasonable advance notice where practicable. Continued use of Client Systems after changes take effect constitutes acceptance.
15. Contact.
Questions about this policy, requests for clarification about whether a planned use is permitted, and abuse reports should be directed to:
Gridprise LLC — Abuse / AUP
Email: hello@gridprise.com
5900 Balcones Drive
STE 100
Austin, TX 78731
United States
See also our Terms of Service and Privacy Policy.