Abuse Policy
This Abuse Policy explains how we handle reports of abuse involving services we host. Report abuse by sending an email to abuse@cyberfusion.io.
Is your report about unlawful content on a website we host? Follow our NTD procedure instead.
What this policy covers
This Abuse Policy applies to reports about:
- Abuse of our services (such as spam, phishing, DDoS, malware, brute force attacks)
- Publication or hosting of unlawful content (such as defamation, copyright infringement, fraud)
- Criminal content (such as CSAM or terrorist material)
- Reports from competent authorities (such as ATKM, Offlimits or the police)
We handle reports in three categories:
- NTD reports (Notice and Takedown) - handled via our NTD procedure
- Other abuse reports (operational abuse of our infrastructure)
- Reports from authorities (based on statutory powers)
Relation to our Acceptable Use Policy
This Abuse Policy sits alongside our Acceptable Use Policy (AUP). The AUP describes what customers may and may not do with our services. This Abuse Policy describes how we handle complaints and what actions we can take when the AUP is broken.
Include this information
- First and last name
- Email address and phone number
- Name of company or organisation (if applicable)
- A clear description of the problem
- Relevant technical data: IP address, domain name, URL, log lines or headers
- For email abuse: the full headers
- For an NTD request: what attempts you made to reach the content provider directly, and why you are approaching us as an intermediary
Your personal data is used to process the report. If you prefer, we keep your identity confidential towards the content provider, unless we are legally required to share it.
How we respond
- For a regular abuse report you'll receive a substantive response within 2 working days
- For an NTD report you'll receive an acknowledgement within 1 working day. Substantive timelines are in our NTD procedure.
- Reports from Trusted Flaggers (Digital Services Act art. 22) get priority
- If the nature of the content is unclear we may consult an independent third party. We do not share personal data without permission.
What we can do
Depending on the report, we may:
- Warn the customer
- Remove content or make it inaccessible
- Suspend the service temporarily
- Block an IP address, domain or server
- Terminate the service permanently and end the contract
- Refer the matter to a competent authority when legally required
For serious incidents we act without prior warning. Structural abuse, repeated breaches or refusal to help resolve a problem are grounds for terminating the service.
We verify who our customers are
To prevent abuse we run a Know Your Customer (KYC) policy. At signup or later on we may ask for verification, for example:
- Confirmation via chamber of commerce data, an ID document or an LEI number
- Verification via a payment (for example one cent from a bank account in your name)
- Checks on domain registration or WHOIS data
- Additional checks for high-risk services or payment in cryptocurrency
Changes to this policy
We update this policy when technical, social or legal developments call for it. The current version is always on this page.
Licence
This Abuse Policy is based on the policy of BIT B.V. and published under the Creative Commons Attribution-ShareAlike 4.0 International licence. You may reuse this policy under the same terms.
Questions about legal matters or privacy?
Send an email to info@cyberfusion.io.