Acceptable Use Policy

This Acceptable Use Policy ("AUP") governs your use of the Kapsule Cloud Services and forms part of our Terms of Service. By using the Services you agree to this AUP. Capitalised terms used but not defined here have the meanings given in the Terms of Service.

The AUP exists to keep the platform safe, reliable, and lawful for everyone. We enforce it firmly. Where we identify a serious breach, we may suspend or terminate Services with little or no notice. Where the breach is less serious, we will typically contact you first and ask you to remedy the issue.

If you become aware of a breach of this AUP by another customer or by any person using our Services, please report it to [email protected]. We treat all reports seriously and confidentially.

You must not use the Services to host, store, transmit, distribute, link to, advertise, or facilitate access to any content that:

a. Child safety. Exploits, abuses, endangers, or sexualises children, including any child sexual abuse material (CSAM). We have a zero-tolerance policy. CSAM is reported immediately to the New Zealand Department of Internal Affairs and, where applicable, to the National Center for Missing and Exploited Children (NCMEC).

b. Violent extremism and terrorism. Promotes, glorifies, recruits for, finances, or coordinates terrorism, violent extremism, or genocide, including content prohibited by the New Zealand Films, Videos, and Publications Classification Act 1993 (Objectionable Material) or by the Christchurch Call to Action.

c. Incitement to violence or hatred. Incites violence or hatred against an individual or group on the basis of race, ethnicity, national origin, religion, sex, gender identity, sexual orientation, disability, age, or other protected characteristic.

d. Defamation, harassment, and privacy violations. Is defamatory, libellous, threatening, harassing, stalking, or a serious invasion of privacy, including content prohibited by the Harmful Digital Communications Act 2015 or the Privacy Act 2020.

e. Intellectual property infringement. Infringes any copyright, trademark, patent, trade secret, moral right, publicity right, or other intellectual property right of any person.

f. Misleading or deceptive commercial conduct. Breaches the Fair Trading Act 1986, including false or misleading representations about products, services, or affiliations.

g. Unsolicited electronic messages. Breaches the Unsolicited Electronic Messages Act 2007, including unsolicited commercial email and spam.

h. Malware and exploit content. Contains or distributes viruses, worms, trojans, ransomware, spyware, stalkerware, keyloggers, browser exploit kits, drive-by-download payloads, or any other malicious code.

i. Non-consensual intimate imagery. Including "revenge porn" and any imagery of a sexual or intimate nature shared without the depicted person's consent.

j. Fraud and financial crime. Facilitates fraud, identity theft, money laundering, financing of terrorism, sanctions evasion, or any other financial crime.

k. Weapons and controlled substances. Facilitates the manufacture, distribution, or unlawful sale of weapons (including firearms, explosives, and 3D-printed weapons), controlled drugs, counterfeit goods, or other prohibited items.

l. Adult content. On shared Plans the following are prohibited regardless of legality elsewhere: content depicting minors or persons appearing to be minors, non-consensual content, bestiality, content lacking age verification, and any content that breaches the Films, Videos, and Publications Classification Act 1993. Certain forms of legal adult content may be permitted on dedicated Plans where you have informed us in writing.

m. Other unlawful content. Any content that is unlawful in New Zealand or in any jurisdiction in which the content is or may be accessed.

You must not: (a) conduct, facilitate, or participate in denial-of-service or distributed denial-of-service (DDoS) attacks; (b) scan, probe, or test the vulnerability of any system, network, or application without explicit prior written authorisation from the owner; (c) interfere with, intercept, or expropriate any system, network, data, or communications; (d) circumvent, disable, or attempt to defeat any security, authentication, rate-limiting, monitoring, or access-control mechanism (whether ours or another party's); (e) gain or attempt to gain unauthorised access to any account, computer, network, or data; (f) operate an open relay, open proxy, open recursor, anonymising gateway, or similar service that may be abused by third parties; or (g) attempt to reverse engineer, decompile, or extract the source code of the Services, except as expressly permitted by law.

You must not: (a) send unsolicited bulk email (UBE), unsolicited commercial email (UCE), or messages of any kind in breach of the Unsolicited Electronic Messages Act 2007 or any equivalent law in the recipient's jurisdiction (including the U.S. CAN-SPAM Act and the Australian Spam Act 2003); (b) forge, falsify, conceal, or remove headers, return paths, source IP addresses, or sender identification; (c) harvest, scrape, or generate email addresses without consent; (d) operate mailing lists where the recipients have not given express or inferred consent to receive your messages; (e) send mail without a clear and functional unsubscribe mechanism where required by law; (f) use the Services as a relay for, or destination for, spam originating elsewhere; or (g) sustain a hard-bounce rate above 5% or a spam-complaint rate above 0.1% over any rolling seven-day period.

You must not: (a) host, operate, or facilitate phishing pages, scam pages, or pages impersonating other brands or persons without authorisation; (b) misrepresent the source, identity, or affiliation of any communication or content; (c) distribute malware, drive-by-download payloads, fake software updates, or browser exploit kits; (d) operate "tech support scams", lottery scams, romance scams, fake job scams, advance-fee fraud, or any similar scheme; or (e) operate or facilitate financial scams, including pump-and-dump schemes, fake investment platforms, or fraudulent cryptocurrency token sales.

You must not: (a) run cryptocurrency mining workloads on shared hosting Plans (Cloud Start, Cloud Pro, Cloud Scale), with or without disclosure; (b) operate stratum proxies, mining pools, mining bots, or other persistent high-CPU mining-related processes on shared Plans; (c) operate workloads designed to circumvent or game fair-use limits on shared Plans (for example, multi-tenant Plans masquerading as a single-customer site); (d) operate any workload that consumes shared resources in a manner materially disproportionate to your Plan, including persistent 100% CPU usage, unbounded memory consumption, or unbounded disk-write rates; (e) train, fine-tune, or run inference for machine learning models on shared Plans without our prior written consent; or (f) abuse free Trials by creating multiple Accounts, by using disposable or temporary payment methods, or by other means.

You must not: (a) operate any service that constitutes a "snowshoe" sender (low-volume from many domains and IPs designed to evade reputation systems); (b) send messages with deceptive subject lines or bodies; (c) send transactional messages with no relationship to the underlying transaction; (d) operate "email validation as a service" using our infrastructure; (e) operate "warm-up as a service" or any service designed to circumvent sender reputation systems; or (f) send to purchased, scraped, or co-registration lists.

You must not: (a) collect personal information without a lawful basis and a clear privacy notice to the people whose information is collected; (b) operate, host, or facilitate surveillance, stalkerware, or "spouseware" services; (c) operate unauthorised geolocation, tracking, or behavioural-monitoring services; or (d) host or distribute personal information of any person without their consent in a manner intended to harass or expose them (doxxing).

You must not: (a) operate illegal gambling, illegal pharmacies, illegal weapons sales, illegal pornography, illegal escort services, or any other service unlawful in New Zealand; (b) operate businesses that target sanctioned jurisdictions or sanctioned persons in breach of New Zealand sanctions law; or (c) operate businesses prohibited by our payment processor's restricted-business list (currently Stripe's), in respect of which we may be required to terminate.

You must not: (a) resell our Services to third parties without explicit reseller terms with us; (b) provide hosting, email, or other infrastructure to third parties using our shared Plans (a personal staging site for a friend is fine; a hosting business is not); or (c) onboard your customers to our systems without making them aware of, and bound by, our Terms of Service and AUP to the extent applicable.

#3.1 Shared hosting Plans (Cloud Start, Cloud Pro, Cloud Scale) are subject to fair use. Fair use means that no single Plan may consume sustained resources that materially degrade service for other customers, regardless of whether the Plan documentation states a hard limit.

#3.2 Examples of conduct that is not fair use include: (a) sustained CPU usage above the Plan's allocated share for more than a continuous 30-minute period; (b) sustained memory consumption above the Plan's allocated share; (c) sustained outbound bandwidth that materially exceeds typical use for the relevant Plan; (d) sustained inbound bandwidth that floods the network or affects other tenants; (e) excessive process count, fork rate, or thread count; (f) excessive number of files (inodes) that affects backup or filesystem operations; (g) high-frequency cron jobs running more often than every five minutes that materially consume shared resources; or (h) running long-lived persistent connections (such as websockets, IRC bots, or game servers) at scale on shared Plans.

#3.3 Where your usage exceeds fair use, we may apply remedies in the order of severity: (i) automated throttling, (ii) contact and a request to upgrade or remediate, (iii) automatic upgrade to a Plan that fits your usage, (iv) suspension, and (v) termination. We will use commercially reasonable judgment about which remedy is appropriate.

#3.4 Cloud Power and any future dedicated Plans have higher allowances set out on the relevant order page.

#4.1 You must not use the Services as primary off-site backup storage for unrelated systems, or as bulk file storage for content that is not part of your hosted website, application, or email.

#4.2 You must not store on the Services any content that has not been accessed by a website visitor or application in the preceding six months, except where you have a documented business reason and the storage is reasonable in the context of your Plan.

#4.3 The off-site backups we maintain are for disaster recovery only. They are not a substitute for your own backups. You must maintain your own independent backups of any content that is material to you.

#5.1 You must comply with all ICANN, Registry, and dispute-resolution policies applicable to your domain (including the UDRP and, for .nz domains, the Domain Name Commission's policies).

#5.2 You must not engage in domain name cybersquatting, typosquatting, name reservation in bad faith, hoarding, or warehousing.

#5.3 You must respond promptly to Registry, Registrar, or our enquiries regarding WHOIS Data accuracy or domain use.

#6.1 We respect intellectual property rights. We respond to credible reports of copyright infringement on the Services in accordance with the Copyright Act 1994 (New Zealand) and equivalent laws where applicable.

#6.2 Notice. If you believe Customer Content hosted on the Services infringes your copyright, send a written notice to [email protected] with: (a) your full name, address, telephone number, and email address; (b) identification of the copyright work (including title, author, date, and where published); (c) identification of the material on the Services that is claimed to be infringing, with the specific URL or sufficient detail to allow us to locate it; (d) a statement of good-faith belief that the use is not authorised by the copyright owner, its agent, or the law; (e) a statement, under penalty of perjury, that the information is accurate and that you are the copyright owner or authorised to act on the owner's behalf; and (f) your physical or electronic signature.

#6.3 Action by us. On receipt of a valid notice, we will investigate and, where the claim appears substantiated, remove or disable access to the material and notify the affected customer.

#6.4 Counter-notice. If you are a customer whose content has been removed and you believe the removal was a mistake or misidentification, submit a counter-notice to [email protected] with: (a) your full name, address, telephone number, and email address; (b) identification of the material that was removed and the URL where it appeared; (c) a statement, under penalty of perjury, of good-faith belief that the material was removed by mistake or misidentification; (d) a statement that you consent to the jurisdiction of the courts of New Zealand; and (e) your physical or electronic signature.

#6.5 Reinstatement. On receipt of a valid counter-notice, we will forward it to the original complainant and may restore the material unless the complainant notifies us within ten business days that they have commenced legal action against you.

#6.6 Repeat infringers. We will terminate the Accounts of customers who are determined, in our reasonable judgment, to be repeat infringers.

#6.7 False notices. Sending a notice or counter-notice that materially misrepresents the position may make you liable for damages and costs under the Copyright Act 1994 and other law. We may refer false notices to relevant authorities.

#7.1 We may investigate suspected breaches of this AUP and may, in our reasonable discretion, remove or disable any content, suspend Services, or terminate Accounts.

#7.2 We will cooperate with lawful requests from New Zealand law enforcement, regulators, and courts, and with requests from foreign law enforcement where authorised by New Zealand law or by mutual legal assistance treaty.

#7.3 We may disclose Customer Content or Account information to law enforcement or other authorities (i) where required by law, (ii) where we receive a credible request with valid legal authority, or (iii) where we believe in good faith that disclosure is necessary to prevent imminent harm to any person.

#8.1 Depending on the nature and severity of the breach, we may: (a) contact you and ask you to remedy the breach; (b) issue a written warning; (c) remove or disable specific content; (d) throttle, rate-limit, quarantine, or otherwise restrict your usage; (e) suspend the Services in whole or in part; (f) terminate the Account; (g) report the matter to law enforcement, regulators, anti-abuse networks (such as Spamhaus, NCSC-NZ, NCMEC, and CERT NZ), and to our Sub-processors; and (h) preserve evidence of the breach for our own use or for disclosure to authorities.

#8.2 No refund is payable for Fees forfeited because of an AUP breach, except where a refund is required by the Consumer Guarantees Act 1993 or other law that cannot be excluded.

#8.3 You will indemnify us for any cost, loss, or damage we suffer as a result of your breach of this AUP, in accordance with clause 17 of the Terms of Service.

We may update this AUP from time to time. Material changes will be notified by email or KPanel notice at least thirty days before they take effect. Material changes do not retroactively apply to conduct that occurred before they took effect. Non-material changes (typographical corrections, contact updates, clarifications) take effect on posting.

Kapsule Group Limited, Christchurch, New Zealand.

Abuse reports: [email protected]

Copyright notices: [email protected] (mark "Copyright")

Security: [email protected]