Acceptable Use Policy (AUP)

1. Overview and Purpose

This Acceptable Use Policy ("AUP") defines prohibited activities and usage guidelines for all Pyro Inc. ("Pyro") cloud infrastructure and hosting services, including multiplayer server hosting, VPS hosting, web hosting, and related infrastructure services. This AUP is incorporated into and forms part of our Terms of Service and applies to all customers and their end users.

2. General Principles and Community Standards

2.1 Responsible Use Philosophy

All customers must use Pyro services in a lawful, responsible manner that:

Respects the rights and safety of other users and third parties
Maintains the security and integrity of our shared infrastructure
Complies with applicable laws, regulations, and industry standards
Preserves the reputation and business relationships of our community

2.2 Community Values

We strive to foster a welcoming, inclusive community by encouraging users to:

Treat all community members with respect, dignity, and professionalism
Create positive, constructive environments in hosted applications and communities
Report concerning behavior, security issues, or policy violations promptly
Contribute to a collaborative environment that benefits all users
Resolve conflicts through constructive dialogue and appropriate channels

2.3 Content Philosophy

While we generally do not restrict user-generated content, we encourage responsible content creation that:

Avoids promoting hatred, harassment, or discrimination against individuals or groups
Considers the impact on community members and the broader user base
Respects intellectual property rights and legal obligations
Maintains appropriate standards for diverse, global audiences

3. Prohibited Activities and Content

3.1 Illegal Content and Criminal Activities

Strictly Prohibited Criminal Content:

Child sexual abuse material (CSAM) or any content exploiting minors
Human trafficking, exploitation, or modern slavery content
Content promoting or facilitating terrorism, violent extremism, or hate crimes
Drug trafficking, illegal substance distribution, or controlled substance sales
Money laundering, fraud, identity theft, or other financial crimes
Content facilitating or promoting illegal weapons sales or trafficking

Unauthorized Access and Hacking:

Hacking, cracking, or unauthorized penetration testing of third-party systems
Distribution of malware, viruses, ransomware, or exploitation tools
Unauthorized access to systems, networks, accounts, or data
Social engineering, phishing, or credential harvesting attacks
Distribution or sale of stolen data, credentials, or personal information

Intellectual Property Violations:

Copyright infringement, including distribution of pirated software, media, or content
Trademark violations, counterfeiting, or brand impersonation
Trade secret theft or unauthorized disclosure of proprietary information
Patent infringement or unauthorized use of protected technologies
Circumvention of digital rights management (DRM) or copy protection systems

3.2 Network and Infrastructure Abuse

Denial of Service Attacks:

Distributed Denial of Service (DDoS) attacks against any target
Network flooding, bandwidth exhaustion, or protocol abuse
Botnet operation, coordination, command and control activities
Amplification attacks, reflection techniques, or attack infrastructure
Stress testing or load testing of third-party systems without authorization

Security Threats and Exploitation:

Vulnerability scanning or penetration testing without explicit authorization
Port scanning, network reconnaissance, or unauthorized system probing
Exploitation of security vulnerabilities for malicious purposes
Distribution of zero-day exploits or advanced persistent threat (APT) tools
Compromise of third-party systems or lateral movement activities

Network Infrastructure Abuse:

Excessive bandwidth usage that significantly impacts other customers
Network protocol manipulation, packet crafting, or traffic interception
Routing table manipulation, BGP hijacking, or network redirection
IP address spoofing, source address falsification, or traffic amplification
Unauthorized monitoring, interception, or analysis of network traffic

3.3 Communication and Spam Abuse

Email and Messaging Spam:

Sending unsolicited bulk email (spam) or commercial messages
Email harvesting, scraping, or automated address collection
Mail relay abuse or unauthorized use of third-party mail servers
Phishing, spoofing, brand impersonation, or deceptive messaging
Distribution of spam tools, services, or infrastructure

Multi-Platform Spam Activities:

SMS, social media, instant messaging, or forum spam
Comment spam, review manipulation, or artificial SEO enhancement
Automated posting, content generation, or engagement manipulation
Affiliate marketing abuse, deceptive advertising, or fraudulent promotions
Cross-platform spam campaigns or coordinated inauthentic behavior

3.4 Resource Abuse and Service Exploitation

Cryptocurrency and Computational Abuse:

Cryptocurrency mining on shared hosting infrastructure or servers
GPU mining, ASIC operation, or specialized mining hardware deployment
Mining pool participation from shared resources or bandwidth
Blockchain validation, consensus participation, or distributed computing abuse
Unauthorized use of computational resources for profit-generating activities

Excessive Resource Consumption:

CPU, memory, storage, or network usage that significantly impacts other customers
Resource-intensive processes designed to consume maximum available capacity
Inefficient applications, infinite loops, or deliberate resource exhaustion
Storage of excessive quantities of inactive, redundant, or unnecessary data
Fork bombs, process multiplication, or system resource exhaustion attacks

Service and Platform Abuse:

Creating multiple accounts to circumvent resource limits or usage restrictions
Reselling services without proper authorization or licensing agreements
Automation abuse of free trials, promotional offers, or service credits
Violation of service-specific usage quotas, rate limits, or fair use policies
Circumvention of security measures, access controls, or usage monitoring

3.5 VPS-Specific Usage Restrictions

Prohibited VPS Applications:

Open proxies, SOCKS proxies, or anonymous proxy services for third parties
VPN services that violate other providers' terms of service or legal requirements
TOR exit nodes, onion routing, or anonymization services
Illegal file sharing via BitTorrent, P2P networks, or similar protocols
Adult content hosting including pornography, escort services, or sexually explicit material
Unlicensed gambling services, casino operations, or betting platforms
High-frequency trading systems designed to manipulate financial markets

Root Access Responsibilities: Customers with administrative access are responsible for:

All system security, including patches, updates, and configuration management
Monitoring for compromise and immediate notification of security incidents
Compliance with this AUP despite having elevated privileges
Implementation of appropriate security controls and access management
Regular security assessments and vulnerability management

3.6 Server Hosting Content Guidelines

Prohibited Content Categories:

Hateful symbols, speech, imagery, or content promoting discrimination based on protected characteristics
Sexually explicit content accessible to minors or inappropriate for general audiences
Content glorifying real-world violence, terrorism, or promoting harmful activities
Harassment, doxxing, stalking, or targeted abuse of individuals or groups
Misinformation campaigns, coordinated inauthentic behavior, or deceptive practices

3.7 Artificial Intelligence and Automated Content

Prohibited AI Activities:

AI systems that violate applicable laws including EU AI Act requirements
Automated content generation that infringes copyright or violates platform terms
AI training on copyrighted material without proper licensing
Deepfakes or synthetic media designed to deceive or manipulate
AI systems that discriminate against protected classes or violate privacy laws
Automated decision-making systems affecting individuals without required transparency

Required for AI Deployments:

Compliance with applicable AI content labeling requirements
Implementation of appropriate safeguards for high-risk AI applications
Respect for robot.txt files and website terms when training AI models

Platform-Specific Violations:

Cheating tools, exploits, unauthorized modifications, or terms of service violations
Using hosting services for non-intended purposes or circumventing platform restrictions
Commercial use without appropriate licensing from content creators or platform holders
Modification of software to bypass publisher restrictions, DRM, or access controls
Distribution of unauthorized copies, cracks, or modified versions of proprietary software

Community Management Requirements:

Hateful content reported by users may be subject to removal requests with advance warning
Immediate action may be taken for severe violations involving illegal content or serious harm
Community moderators should implement appropriate content policies and enforcement
Server administrators are responsible for monitoring and managing user-generated content

4. Content Oversight and Monitoring

4.1 Content Review Approach

No Proactive Monitoring: We do not systematically monitor customer content or communications
Reactive Investigation: Content reviewed in response to abuse reports, legal requirements, or security concerns
Automated Detection: Limited automated systems may flag potential violations for human review
Manual Review: Trained staff review flagged content following established guidelines and legal requirements

4.2 Content Removal Procedures

DMCA Copyright Compliance: Copyright takedown requests processed according to Digital Millennium Copyright Act procedures
Abuse Report Investigation: Reported content investigated within 48 hours with appropriate follow-up actions
Legal Compliance: Immediate compliance with valid court orders, legal process, and regulatory requirements
Emergency Removal: Immediate action for content posing imminent harm, safety risks, or legal violations

4.3 Appeals and Dispute Resolution

Content Removal Appeals: Customers may appeal content removal decisions through our support channels
Counter-Notification Process: DMCA counter-notification procedures available for disputed copyright claims
Review Process: Appeals reviewed by senior staff with expertise in relevant legal and policy areas
Restoration Procedures: Legitimate content restored promptly following successful appeals

5. Enforcement Framework and Penalties

5.1 Violation Response Procedures

Initial Response (Minor Violations):

Warning notice with specific details about the violation and required corrective actions
Grace period of 24-48 hours to address violations and implement compliance measures
Guidance and support provided for achieving compliance with policies
Follow-up monitoring to ensure sustained compliance and prevent recurrence

Escalated Response (Moderate Violations):

Suspension of specific services or features while maintaining account access for resolution
Implementation of resource limitations, access restrictions, or enhanced monitoring
Required additional verification, compliance measures, or security improvements
Mandatory training, consultation, or compliance certification before service restoration

Severe Response (Critical Violations):

Immediate account suspension without prior notice for serious policy violations
Complete service termination and data deletion for ongoing or severe violations
Cooperation with law enforcement agencies when required by applicable law
Legal action for significant damages, ongoing violations, or criminal activities

5.2 Violation Severity Classification

Minor Violations (Warning and Correction):

Unintentional resource abuse or configuration issues without malicious intent
Accidental policy violations with quick resolution and customer cooperation
Minor community guideline violations with limited impact on other users
Technical misconfigurations causing issues but demonstrating good faith efforts to comply

Moderate Violations (Suspension and Remediation):

Repeated minor violations after warnings and opportunities for correction
Intentional resource abuse or service disruption affecting other customers
Spam, abuse, or inappropriate content affecting our services or user community
Non-compliance with content removal requests or policy guidance

Severe Violations (Immediate Termination):

Illegal content, particularly CSAM, terrorism-related material, or serious criminal activity
DDoS attacks, hacking attempts, or security threats against our infrastructure or third parties
Repeated moderate violations indicating a pattern of abuse or intentional non-compliance
Activities causing significant harm to other customers, our infrastructure, or public safety

5.3 Appeals and Remediation Process

Customers may appeal enforcement actions by:

Timely Appeal: Submit a ticket at portal.pyro.host or email support@pyro.host within 30 days of the enforcement action
Detailed Explanation: Providing comprehensive explanation of circumstances and planned corrective measures
Supporting Evidence: Submitting relevant documentation, evidence, or third-party validation
Compliance Commitment: Agreeing to enhanced monitoring, compliance measures, or policy training
Senior Review: Appeals reviewed by senior staff and legal counsel when appropriate

6. Resource Usage Guidelines and Fair Use

6.1 Computational Resource Standards

CPU Usage Guidelines:

Sustained high CPU usage should be proportional to your service tier and resource allocation
CPU-intensive processes should be optimized and not monopolize shared infrastructure resources
Background tasks and maintenance operations should be scheduled during low-usage periods
Mining, password cracking, brute force attacks, and similar intensive activities are strictly prohibited

Memory Usage Standards:

Memory allocation and usage should not exceed allocated limits or fair use guidelines
Memory leaks, inefficient usage patterns, and resource hoarding should be promptly addressed
Shared hosting customers should monitor memory consumption and optimize applications accordingly
Excessive swap usage should be minimized to prevent performance impact on shared infrastructure

Storage Usage Policies:

File storage should be used for legitimate business, personal, or application purposes
Backup data should be compressed, deduplicated, and efficiently managed when possible
Temporary files, logs, and cache data should be regularly cleaned and maintained
File sharing and distribution should comply with copyright laws and intellectual property requirements

Network Bandwidth Guidelines:

Bandwidth usage should be consistent with legitimate service purposes and allocated resources
Sustained maximum bandwidth usage may be subject to review and potential limitations
High-bandwidth applications should implement appropriate optimization and efficiency measures
Content distribution networks (CDNs) and optimization techniques are encouraged for high-traffic applications

6.2 Monitoring and Resource Management

Usage Alerts: Customers receive automated alerts when resource usage approaches allocated limits
Detailed Reporting: Comprehensive usage reports available through customer account dashboards
Automatic Scaling: Automatic scaling options available for supported services and configurations
Optimization Support: Technical support and guidance available for resource optimization and efficiency improvements

7. Third-Party Integration and API Usage

7.1 External Service Dependencies

When integrating third-party services, customers must ensure:

Terms Compliance: Full compliance with third-party terms of service and usage policies
Proper Licensing: Appropriate licensing for commercial use and distribution
Security Standards: Maintenance of security and privacy protections for integrated services
Policy Compatibility: Compatibility with our infrastructure policies and technical requirements

7.2 API and Automation Guidelines

Rate Limiting: API usage must comply with published rate limits and usage guidelines
Error Handling: Automated tools should implement appropriate throttling, retry logic, and error handling
Service Integration: Integrations should not compromise security, performance, or stability
Commercial Usage: Commercial API usage may require additional terms, licensing, or approval

7.3 Third-Party Content and Services

Content Responsibility: Customers responsible for all third-party content accessed through our services
Service Dependencies: Understanding and managing risks associated with third-party service dependencies
Compliance Coordination: Ensuring coordinated compliance across all integrated services and platforms
Impact Management: Managing potential impacts of third-party service changes or discontinuation

8. Reporting and Investigation Procedures

8.1 Violation Reporting Channels

Primary Reporting: Submit tickets at portal.pyro.host or email support@pyro.host with subject line "AUP Violation Report" Security Incidents: Submit urgent tickets at portal.pyro.host or email support@pyro.host marked as urgent
DMCA Copyright: dmca@pyro.host with complete DMCA takedown notice
Legal Matters: legal@pyro.host for law enforcement coordination and legal compliance
Emergency Issues: Phone support for immediate safety concerns (contact information provided to customers)

8.2 Required Reporting Information

Effective abuse reports should include:

Detailed Description: Comprehensive description of the suspected violation and its impact
Service Identification: Specific services, IP addresses, domains, or account information involved
Timeline Information: Date, time, duration, and frequency of observed activities
Supporting Evidence: Logs, screenshots, communications, or other relevant documentation
Reporter Information: Your contact information and relationship to the reported matter
Requested Action: Specific action requested and urgency level of the report

8.3 Investigation and Response Process

Initial Acknowledgment: Confirmation of report receipt within 24 hours
Preliminary Investigation: Initial assessment and response within 48 hours
Customer Notification: Notification to affected customers with opportunity to respond
Detailed Investigation: Comprehensive investigation with technical analysis and evidence review
Final Determination: Decision on enforcement action with clear explanation and next steps
Follow-Up Monitoring: Ongoing monitoring for compliance and prevention of recurrence

9. Legal Compliance and Regulatory Requirements

9.1 Multi-Jurisdictional Compliance

Customers must comply with applicable laws in:

Primary Jurisdiction: Country of residence, citizenship, or primary business operation
Content Jurisdiction: Jurisdiction where content is published, accessed, or distributed
Service Jurisdiction: United States federal law and Delaware state law governing our services
International Requirements: European Union regulations, international treaties, and cross-border legal obligations

9.2 Export Control and Sanctions Compliance

Export Regulations: Compliance with U.S. Export Administration Regulations (EAR) and International Traffic in Arms Regulations (ITAR)
OFAC Sanctions: Ongoing compliance with Office of Foreign Assets Control sanctions and screening requirements
Restricted Entities: Prohibition on providing services to sanctioned countries, individuals, or organizations
Technology Transfer: Restrictions on transfer of certain technologies, software, or technical data

9.3 Industry-Specific Regulations

Healthcare: HIPAA compliance for protected health information and medical data
Financial Services: SOX, PCI DSS, and banking regulations for financial data and transactions
Education: FERPA protections for student records and educational information
Government: FedRAMP, FISMA, and other security requirements for government contractors
International: GDPR, Data Protection Act 2018, and other international privacy regulations

10. Policy Updates and Communication

10.1 Policy Modification Process

This AUP may be updated to address:

Emerging Threats: New types of abuse, security threats, or technological risks
Legal Changes: Updates to applicable laws, regulations, or legal requirements
Industry Standards: Evolution of industry best practices and community standards
Technology Evolution: Changes in technology affecting service delivery or security
Customer Feedback: Input from customers and community regarding policy effectiveness

10.2 Change Notification Process

Material Changes: 30 days advance notice via email for changes affecting customer rights or obligations
Minor Clarifications: Implementation of clarifications and improvements without advance notice
Emergency Updates: Immediate implementation for urgent security, safety, or legal compliance requirements
Customer Acceptance: Continued service use constitutes acceptance of updated policies
Termination Rights: Customers may terminate services if policy changes are unacceptable

10.3 Policy Communication Channels

Email Notifications: Direct email communication to registered customer addresses
Website Updates: Policy changes posted prominently on our website and customer portals
In-Service Notifications: Account dashboard alerts and notifications for significant changes
Documentation Updates: Comprehensive documentation updates with change logs and effective dates

11. Education and Compliance Support

11.1 Customer Education Resources

Policy Documentation: Comprehensive documentation explaining policies and compliance requirements
Best Practices Guides: Educational resources covering security, compliance, and optimization
Webinars and Training: Regular educational sessions on compliance, security, and policy updates
Community Forums: Peer support and knowledge sharing platforms for customers
Technical Support: Expert guidance on compliance implementation and policy interpretation

11.2 Compliance Assistance Programs

Onboarding Support: Policy orientation and compliance guidance for new customers
Compliance Consultation: Expert consultation for complex compliance requirements
Security Assessment: Assistance with security reviews and vulnerability assessments
Policy Implementation: Guidance on implementing appropriate policies and procedures
Ongoing Monitoring: Tools and resources for continuous compliance monitoring

12. International Considerations

12.1 Cross-Border Data Transfer

Data Localization: Compliance with data residency and localization requirements
Transfer Mechanisms: Appropriate safeguards for international data transfers
Regulatory Coordination: Coordination with multiple regulatory frameworks and authorities
Customer Obligations: Customer responsibilities for cross-border compliance

12.2 Cultural and Regional Considerations

Local Laws: Recognition of varying legal requirements across different jurisdictions
Cultural Sensitivity: Consideration of cultural differences in content and communication standards
Language Support: Policy documentation and support available in multiple languages
Regional Adaptation: Adaptation of policies for specific regional requirements when necessary

13. Enforcement Coordination

13.1 Law Enforcement Cooperation

Legal Process Response: Prompt response to valid legal process and court orders
Criminal Investigation Support: Cooperation with legitimate criminal investigations
Information Sharing: Appropriate information sharing with law enforcement when legally required
Documentation Preservation: Preservation of evidence and documentation for legal proceedings

13.2 Industry Collaboration

Threat Intelligence Sharing: Participation in industry threat intelligence and security information sharing
Best Practices Development: Collaboration on industry best practices and standards development
Regulatory Engagement: Active participation in regulatory discussions and policy development
Community Standards: Support for industry-wide community standards and ethical practices

14. Privacy and Confidentiality

14.1 Investigation Privacy

Customer Privacy: Protection of customer privacy during investigations and enforcement actions
Confidential Information: Appropriate handling of confidential information during reviews
Data Minimization: Collection and review of only necessary information for investigations
Information Security: Secure handling and storage of investigation materials and evidence

14.2 Transparency and Communication

Process Transparency: Clear communication about investigation processes and procedures
Decision Explanation: Comprehensive explanation of enforcement decisions and rationale
Appeal Transparency: Clear information about appeal processes and requirements
Policy Clarity: Ongoing efforts to improve policy clarity and customer understanding

15. Contact Information and Support

For questions, reports, or assistance related to this Acceptable Use Policy:

General AUP Questions: legal@pyro.host
Abuse Reports: Submit tickets at portal.pyro.host or email support@pyro.host (subject: "AUP Violation Report") DMCA Copyright Claims: dmca@pyro.host Security Incidents: Submit urgent tickets at portal.pyro.host or email support@pyro.host (mark as urgent)
Emergency Situations: Contact information provided to active customers
Legal Matters: legal@pyro.host

Business Address:
Pyro Inc.
Attention: Legal Department
1604 Philadelphia Pike, Apt. 63
Wilmington, DE 19809
United States

Response Commitments:

General Inquiries: Response within 24 hours during business days
Abuse Reports: Initial response within 24 hours, investigation within 48 hours
Security Incidents: Immediate response for critical security issues (within 1 hour)
Legal Matters: Response within 48 hours or as required by applicable law
Emergency Situations: Immediate response for situations involving imminent harm or illegal activity

16. Effectiveness and Enforcement

16.1 Policy Scope and Application

This Acceptable Use Policy applies to all customers, their users, applications, content, and activities conducted through or in connection with Pyro services. Violation of this AUP constitutes a material breach of our Terms of Service and may result in immediate service suspension or termination.

16.2 Compliance Responsibility

Customer Responsibility: Customers are responsible for ensuring compliance by all users of their services
Education Obligation: Customers must educate their users about applicable policies and requirements
Monitoring Responsibility: Customers should implement appropriate monitoring and compliance measures
Reporting Obligation: Customers should report suspected violations and security incidents promptly

16.3 Continuous Improvement

We continuously review and improve this Acceptable Use Policy based on:

Performance Analysis: Regular analysis of policy effectiveness and enforcement outcomes
Customer Feedback: Input from customers about policy clarity, fairness, and effectiveness
Industry Evolution: Changes in technology, threats, and industry best practices
Legal Development: Evolution of legal requirements and regulatory expectations
Community Standards: Development of community standards and ethical expectations

This Acceptable Use Policy is incorporated into our Terms of Service and applies to all Pyro services and customer activities. By using our services, you agree to comply with all provisions of this policy.