This Acceptable Use Policy ("Policy") governs all use of services, software, APIs, and infrastructure provided by Zoiko
Tech Inc. and its subsidiaries operating under the Zoiko Web Services brand (collectively "ZWS," "we," "our"). By
accessing or using any ZWS service, you ("Customer," "User") agree to comply with this Policy.
This Policy supplements and is incorporated into the ZWS Terms of Service and any applicable service agreement. In
the event of conflict, the more restrictive provision applies unless expressly stated otherwise in writing by ZWS.
This Policy applies to all users of ZWS services, including administrators, end-users, contractors, and third-party
integrations acting on your behalf.
This Policy applies to all ZWS products and services, including but not limited to:
• Managed cloud hosting and virtual machine environments
• Content delivery network (CDN) and edge services
• Managed databases and storage buckets
• Developer APIs and SDKs
• Email relay, transactional mail, and SMS gateway services
• DNS management and domain registration ancillary services
• Analytics, monitoring, and observability platforms
• ZWS customer portal, documentation sites, and support systems
The following activities are strictly prohibited on ZWS infrastructure:
ZERO TOLERANCE
The items in Section 3.1 result in immediate suspension without notice and may be referred to law enforcement.
3.1 Illegal and Harmful Activity
- Distributing, hosting, or transmitting child sexual abuse material (CSAM) or any content that exploits minors
- Facilitating terrorism, violent extremism, or activities designated as unlawful under applicable international or
domestic law - Engaging in human trafficking, forced labor, or slavery-related activities
- Unauthorized access to computer systems, networks, or data (hacking)
- Creating, distributing, or deploying malware, ransomware, spyware, or any malicious code
- Operating botnets or command-and-control infrastructure for malicious purposes
3.2 Network and Infrastructure Abuse
- Launching or facilitating denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks
- Conducting unauthorized port scans, vulnerability scans, or penetration tests against third-party systems
- Forging network packet headers (IP spoofing, ARP poisoning)
- Intercepting or monitoring network traffic without authorization
- Attempting to bypass network security measures, firewalls, or rate limits
- Operating open mail relays or anonymous proxy services used for abuse
3.3 Spam and Unsolicited Communication
- Sending unsolicited bulk email (spam) or SMS messages
- Harvesting or scraping email addresses or other personal data without authorization
- Operating phishing campaigns, spear-phishing infrastructure, or credential-harvesting pages
- Sending commercial electronic messages in violation of CAN-SPAM, CASL, PECR, or equivalent legislation
- Falsifying message headers or sender identity
3.4 Intellectual Property Infringement
- Hosting, distributing, or transmitting content that infringes copyrights, trademarks, patents, or trade secrets
- Operating piracy sites, torrent trackers, or similar platforms that facilitate infringement
- Circumventing digital rights management (DRM) or technological protection measures
3.5 Fraud and Deception
- Operating fraudulent websites, fake payment pages, or counterfeit storefronts
- Impersonating any person, entity, or ZWS itself
- Conducting investment fraud, pyramid schemes, or any form of financial deception
- Submitting false or misleading information to ZWS
You are responsible for all content stored, processed, or transmitted through ZWS services. Content must not:
- Incite hatred or violence against individuals or groups on the basis of protected characteristics
- Constitute defamation, harassment, or threats directed at identifiable individuals
- Violate any individual’s reasonable expectation of privacy (e.g., non-consensual intimate imagery)
- Contain misleading health claims or promote unlicensed pharmaceutical products
- Constitute unlawful gambling operations where prohibited by applicable law
All customers are expected to maintain reasonable security hygiene for their ZWS accounts and deployments, including:
- Enabling multi-factor authentication (MFA) on all administrative accounts
- Rotating API keys, secrets, and credentials at regular intervals and immediately upon suspected compromise
- Applying security patches and updates to software running on ZWS infrastructure in a timely manner
- Restricting access to the principle of least privilege
- Restricting access to the principle of least privilege
Customers who conduct authorized security research involving ZWS systems must first obtain written approval through
the ZWS vulnerability disclosure program.
ZWS services are shared infrastructure. Customers must not consume resources in a manner that materially degrades
service quality for other customers. Specifically:
- Shared hosting plans may not be used to run resource-intensive batch processing, cryptocurrency mining, or
sustained CPU-bound workloads; upgrade to dedicated compute plans for such workloads. - Bandwidth-intensive operations (large media delivery, software distribution) must use the CDN product rather than origin servers where that option is available.
- Automated API requests must implement exponential backoff and respect rate-limit response headers (429 Too Many Requests).
- Accounts exhibiting abusive resource patterns will receive notification and a reasonable remediation window before throttling or suspension is applied.
7.
Monitoring and Enforcement
ZWS monitors network-level activity (traffic patterns, metadata) for abuse signals. ZWS does not routinely inspect
customer content; however, ZWS may review content when:
- A credible abuse complaint is received
- Automated systems flag activity for human review
- Required to do so by valid legal process
- Necessary to protect the security or integrity of ZWS infrastructure
Enforcement actions are proportionate to the severity of the violation and may include a warning, content removal
request, traffic throttling, account suspension, or permanent termination.
- A description of the observed activity
- Relevant URLs, IP addresses, or account identifiers
- Date, time, and time zone of the observation
- Any supporting evidence (screenshots, log extracts)
ZWS acknowledges abuse reports within two business days and provides a final disposition within ten business days
where possible. ZWS does not publicly disclose enforcement actions.
9.
Suspension and Termination
For non-critical violations, ZWS will generally provide a written notice specifying the violation and granting a 48-hour
cure period before taking enforcement action. For violations listed under Section 3.1, ZWS reserves the right to suspend
services immediately and without prior notice.
Following termination for cause, ZWS may retain data for up to 30 days to facilitate legal holds or law enforcement
requests, after which it will be securely deleted in accordance with the Privacy Policy.
ZWS may amend this Policy at any time. Material changes will be communicated by email to the primary account holder
and by posting a notice on the ZWS status and blog pages at least 14 days before the effective date, except where
immediate amendment is required to respond to security threats or legal obligations.
Continued use of ZWS services after the effective date of an amendment constitutes acceptance of the revised Policy.
For questions about this Policy, contact the ZWS Trust and Safety team:
Contact Channels
LEGAL PORTAL
Submit inquiry
POSTAL ADDRESS
Zoiko Tech Inc., Legal Dept.
[Address — Placeholder]
