AXspace.com
ACCEPTABLE USE POLICY
By subscribing to, or utilizing,
AXSpace web hosting or any related services (
AXSpace and AXSpace.co.uk are websites working under MogTex Ltd.), you agree to abide by this Acceptable Use Policy. Your utilization of
AXSpace's
services constitutes your express agreement to abide by this Acceptable Use Policy the Rules, as the same may be changed from time-to-time by
AXSpace, at its sole and absolute discretion. These Rules are designed to enhance the quality
of our Web Hosting services and to protect our customers, and the Internet community as a whole, from illegal, irresponsible, or disruptive Internet activities. These Rules apply to all customers of
AXSpace. We hope and expect that
common sense and good judgment will guide all of our customers' use of our
AXSpace Services. Even with such Rules in effect, minors should be supervised when using the Internet. Adults and minors should be aware of what is on the Internet
and to understand the concept of what is accepted and what should be avoided. The following non-exhaustive list details the kinds of illegal or harmful conduct, which are prohibited.
AXSpace reserves the right to restrict or prohibit
any and all uses of its services or content on your Web site and to remove such materials, including your website, from its servers at any time
AXSpace determines in its sole discretion that such content or materials violates this
Agreement, is illegal, or is harmful to its servers, systems, network, reputation, good will, other
AXSpace customers, or any third party. Depending on the severity of the violation and the history of your account,
AXSpace may
take any reasonable disciplinary action it determines in its sole and absolute discretion, including, but not limited to, one or more of the foregoing or following actions: (a) issuance of a verbal or written warning; (b) suspension of
your account; (c) termination of your account. All of the foregoing rights are cumulative, and the exercise of any right at any time shall not preclude the exercise of any other right, or the same right, at any other time for the same
violation or any subsequent violation.
Illegal or Improper Activities: You may not use
AXSpace’s services in any manner in violation of any applicable local or national law of any country. Such violations and activities include, but are not limited
to, violations of applicable foreign export laws or restrictions and accompanying regulations, posting or trafficking in government secrets, providing any information to in any way assist or encourage any terrorist activities, providing
any information concerning nuclear or biological weapons or other weapons of mass destruction, posting or trafficking in obscene material, solicitation of a minor or others for illegal acts, dealing drugs, harassment, fraud, stalking,
abuse, or other subject matters that are prohibited under applicable local or foreign law.
Dangerous Activities: You may not use
AXSpace's services to post or disseminate in any manner, any information or material which may be dangerous, damaging or injurious to persons or property or which, directly
or indirectly, may be used to create danger, damage or injury to persons or property.
Infringement: You may not use
AXSpace's services in any manner which infringes the intellectual property rights or other proprietary rights of any third party including, without limitation, material protected by
copyright, trademark, patent, trade secret, or other intellectual property right used without proper authorization. Infringement may result from, among other activities, the unauthorized copying and posting of pictures, logos, software,
articles, musical works, and videos.
Fraudulent Activities: You may not offer or disseminate fraudulent goods, services, schemes, or promotions (i.e., make money fast schemes, chain letters, pyramid schemes, ponzi schemes), or furnish false data on any
signup form, contract or online application or registration, or fraudulently use any information obtained through the use of
AXSpace's servers or services, including without limitation use of credit card numbers.
Offensive Subject Matter: You may not use
AXSpace's services for transmitting, disseminating, sale, storage or hosting subject matter that is unlawful, libelous, defamatory, obscene, pornographic, indecent, lewd,
filthy, excessively violent, harassing, threatening, hateful, harmful, invasive of privacy or publicity rights, abusive, inflammatory or otherwise objectionable. You may not use
AXSpace's services to conduct any sexually oriented business
or disseminate pornographic pictures, videos, banners, text or any similar material. You may not use
AXSpace's services to threaten bodily harm or destruction of property.
Harmful Activities: You may not use
AXSpace's services for disseminating or hosting harmful content including, without limitation, viruses, Trojan horses, worms, time bombs, cancelbots or any other computer programming
routines that may damage, interfere with, surreptitiously intercept or expropriate any system, program, data or personal information.
Tortuous Activities: You may not use
AXSpace's services for any tortuous conduct, including, but not limited to, posting defamatory, libelous, slanderous, scandalous, or private information about a person or company
without their consent; intentionally inflicting emotional distress; making unlawful threats; stalking, interfering with any contract or prospective economic relations; engaging in fraud or deception; engaging in sexual or other harassment;
or for violating any patents, trademarks, copyrights, or other intellectual property rights.
Abusive Activities: You may not use
AXSpace's services for any abusive activities on the Internet, including, but not limited to, activities such as using a non-existent email return address, spamming sending
unsolicited advertising to numerous email addresses or newsgroups and/or generating a significantly higher volume of outgoing email than a normal user, or allowing spamming by third parties to promote a website, trolling posting outrageous
messages to generate numerous responses, mail-bombing sending multiple messages without significant new content to the same user, subscribing someone else to a mailing list without that person's permission, cross-posting articles to an
excessive number of newsgroups, hacking unauthorized access to or use of data, systems, server or networks, including any attempt to probe, scan or test the vulnerability of a system or to breach the security thereof, spoofing any attempt
to impersonate any person or otherwise deceive or mislead through alteration of headers; deletion of author attributions, legal notices, or proprietary designations in an effort to deceive or mislead; forging or altering any TCP-IP packet
header, email header or any part of a message header, using manual or electronic means to avoid any use limitations on you use of
AXSpace's servers such as timing out; sending or disseminating harassing email or chain letters; or use
of flames hostile attacks or invectives aimed at a group or an individual.
In general, transmission, storage, or presentation of any information, data or material in violation of any UK law is prohibited. This includes, but is not limited to: copyrighted material, material we judge to be threatening or obscene,
or material protected by trade secret and other statute. The subscriber agrees to indemnify and hold harmless AMS from any claims resulting from the use of the service which damages the subscriber and any other party. Also prohibited are
sites that promote any illegal activity or present content that may be damaging our servers or any other server on the internet. Links to such materials are also prohibited. Examples of unacceptable content or links: Pirated software hacker
programs or archives, warez sites, any Site that consumes more then 10% of system resources for a long period of time. Spamming, or sending of unsolicited e-mail, from any of our servers or using an e-mail address or domain that is maintained
on our server machine as reference is Strictly prohibited.
AXSpace will be the sole arbiter as to what constitutes a violation of this provision.
Bandwidth Usage: All account come with a predetermined amount of bandwidth. We will suspend any accounts exceed their allowed bandwidth and send them a notification e-mail. However customers can buy 5 gig extra bandwidth
for each month and their accounts will be resumed. Suspended accounts due to exceed bandwidth usage will be resumed the next month when their bandwidth usage renewed.
Programs running in background:
We do not install or allow
any programs required to run through root access on the servers. Most scripts can be run through the users own account and does not require root access.
Internet Rely Chatting: We cannot allow IRC or IRC BOTS to be operated on our servers at the moment, so we have blocked all ports for IRC through our servers.
Misuse of System Resources: Any attempt to undermine or cause harm to a server or customers of
AXSpace is strictly prohibited. Leeching (due to overloading servers and damaging hard drives and negatively affects
other clients) and sites that are dedicated to file distribution (e.g. file sharing programs) are also not permitted. Any web site found to contain any of these violations will be suspended and the owner will be wanted to remove the contents
from servers.
Making Backups: Any customer should backup his/her site. We do not backup sites of customers of free accounts. We also do not backup sites of paid customers unless they have bought our backup service. However, we recommend
that you backup your site as often as you see fit just in case there is some sort of corruption in our backup servers and we cannot retrieve the information properly.
AXSpace will not be responsible for any data loss.
Refusal of Service: We reserve the right to refuse, cancel, or suspend service at our sole discretion.
Recurring Billing: We do not send out invoices automatically. Our paid client would be active for a term of 1 year. We will NOT renew your account automatically; we just send you reminder e-mails. We will suspend
any account after its finish date unless you wanted us to renew your account. All extra features (such as extra bandwidth or extra MySQL and so on) will be terminated if a paid account expired.
Account Deactivation: It is your responsibility to ensure that you have sufficient credit to cover this transaction. In the event that there is insufficient credit, as a courtesy we will send an e-mail notification
at which point we will need to be provided with another credit card within 48 hours. If we do not receive a response within 48 hours the account will be automatically suspended.
Account Reactivation: Any account deactivated due to non-payment must contact the accounting department to reactivate it. We cannot guarantee that your account will be activated or that the data will be fully intact
for overdue accounts.
Cancellations: Cancellations can be sent to accounting@
AXSpace. Please make sure keep the ticket ID that is sent to you in the auto responder for future reference.
Limitation of Liability: AXSpace shall not be responsible for any claimed damages, including incidental or consequential damages, which may arise from
AXSpace servers going off-line or being unavailable for
any reason whatsoever. Furthermore,
AXSpace shall not be responsible for any claimed damages, including incidental or consequential damages, resulting from any corruption or deletion of any web site from one of our servers. All damages
shall be limited to the immediate termination of service.
AXSpace is not responsible for the client's web contents.
Violations of these acceptable user Policies should be referred to
AXSpace. All complaints will be investigated
promptly. Failure to follow any term or condition will be grounds for immediate account deactivation.
Disclaimer: AXSpace cannot be held liable for system downtime, crashes, or data loss. We cannot be held liable for any predicted estimate of profits in which a client would have gained if their site was functioning.
Thus, certain equipment, routing, software, and programming used by
AXSpace are not directly owned and written by
AXSpace. Moreover,
AXSpace holds no responsibility for the use of our clients accounts. If any terms or conditions
are failed to be followed, the account in question will be automatically deactivated. We reserve the right to remove any account without advanced notice for any reason without restitution as
AXSpace sees fit.
Notice: If you sign
up for an account and do not follow our terms, no refunds will be given. We will however let you know by e-mail or phone before any action is taken place and you will have a chance to solve the matter.
Furthermore: AXSpace retains the right to change any or all of the above Policies, Guidelines, and Disclaimers without notification.
30 Day Money Back Guarantee/Refunds: Customers may cancel at any time with seding a cancellation request to support@
AXSpace or accounting@axspace.com. AXSpace gives you an unconditional 30 day money back guarantee
on managed shared hosting for any customer.
There are no refunds on domain name purchases. Refund requests for shared accounts after the initial 30 days will be refunded.
Information Security Policy
MogTex Ltd
This Policy Document encompasses all aspects of security surrounding confidential company information and must be distributed to all company employees. All company employees must read this document in its entirety and sign the form confirming
they have read and understand this policy fully. This document will be reviewed and updated by Management on an annual basis or when relevant to include newly developed security standards into the policy and distribute it all employees
and contracts as applicable.
AXSpace (MogTex Ltd) handles sensitive cardholder information daily. Sensitive Information must have adequate safeguards in place to protect them, to protect cardholder privacy, to ensure compliance with various regulations and to
guard the future of the organisation.
AXSpace (MogTex Ltd) commits to respecting the privacy of all its customers and to protecting any data about customers from outside parties. To this end management are committed to maintaining
a secure environment in which to process cardholder information so that we can meet these promises.
Employees handling Sensitive cardholder data should ensure
- Handle Company and cardholder information in a manner that fits with their sensitivity;
- Limit personal use of AXSpace (MogTex Ltd) information and telecommunication systems and ensure it doesn’t interfere with your job performance;
- AXSpace (MogTex Ltd) reserves the right to monitor, access, review, audit, copy, store, or delete any electronic communications, equipment, systems and network traffic for any purpose;
- Do not use e-mail, internet and other Company resources to engage in any action that is offensive, threatening, discriminatory, defamatory, slanderous, pornographic, obscene, harassing or illegal;
- Do not disclose personnel information unless authorised;
- Protect sensitive cardholder information;
- Keep passwords and accounts secure;
- Request approval from management prior to establishing any new software or hardware, third party connections, etc.;
- Do not install unauthorised software or hardware, including modems and wireless access unless you have explicit management approval;
- Always leave desks clear of sensitive cardholder data and lock computer screens when unattended;
- Information security incidents must be reported, without delay, to the individual responsible for incident response locally – Please find out who this is.
We each have a responsibility for ensuring our company’s systems and data are protected from unauthorised access and improper use. If you are unclear about any of the policies detailed herein you should seek advice and guidance from
your line manager.
The Management’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to the company’s established culture of openness, trust and integrity. Management is committed to protecting the employees,
partners and AXSpace (MogTex Ltd) from illegal or damaging actions by individuals, either knowingly or unknowingly. The company will maintain an approved list of technologies and devices and personnel with access to such devices as
detailed in Appendix B
- Employees are responsible for exercising good judgment regarding the reasonableness of personal use.
- Employees should take all necessary steps to prevent unauthorized access to confidential data which includes card holder data.
- Keep passwords secure and do not share accounts. Authorized users are responsible for the security of their passwords and accounts.
- All PCs, laptops and workstations should be secured with a password-protected screensaver with the automatic activation feature.
- All POS and PIN entry devices should be appropriately protected and secured so they cannot be tampered or altered.
- Because information contained on portable computers is especially vulnerable, special care should be exercised.
- Postings by employees from a Company email address to newsgroups should contain a disclaimer stating that the opinions expressed are strictly their own and not necessarily those of the company, unless posting
is in the course of business duties.
- Employees must use extreme caution when opening e-mail attachments received from unknown senders, which may contain viruses, e-mail bombs, or Trojan horse code.
Violation of the standards, policies and procedures presented in this document by an employee will result in disciplinary action, from warnings or reprimands up to and including termination of employment. Claims of ignorance, good intentions
or using poor judgment will not be used as excuses for non compliance.
All sensitive cardholder data stored and handled by AXSpace (MogTex Ltd) and its employees must be securely protected against unauthorised use at all times. Any sensitive card data that is no longer required by AXSpace (MogTex Ltd) for
business reasons must be discarded in a secure and irrecoverable manner.
It is strictly prohibited to store:
- The contents of the payment card magnetic stripe (track data) on any media whatsoever.
- The CVV/CVC (the 3 or 4 digit number on the signature panel on the reverse of the payment card) on any media whatsoever.
- The PIN or the encrypted PIN Block under any circumstance
Data and media containing data must always be labelled to indicate sensitivity level:
- Confidential data might include information assets for which there are legal requirements for preventing disclosure or financial penalties for disclosure, or data that would cause severe damage
to AXSpace (MogTex Ltd) if disclosed or modified. Confidential data includes cardholder data.
- Internal Use data might include information that the data owner feels should be protected to prevent unauthorized disclosure;
- Public data is information that may be freely disseminated.
All Access to sensitive cardholder should be controlled and authorised. Any Job functions that require access to cardholder data should be clearly defined.
- Any display of the card holder should be restricted at a minimum of the first 6 and the last 4 digits of the cardholder data.
- Access to sensitive cardholder information such as PAN’s, personal information and business data is restricted to employees that have a legitimate need to view such information.
- No other employees should have access to this confidential data unless they have a genuine business need.
- If cardholder data is shared with a Service Provider (3rd party) then a list of such Service Providers will be maintained as detailed in Appendix B.
- AXSpace (MogTex Ltd) will ensure a written agreement that includes an acknowledgement is in place that the Service Provider will be responsible for the for the cardholder data that the Service Provider possess.
- AXSpace (MogTex Ltd) will ensure that a there is an established process including proper due diligence is in place before engaging with a Service provider.
- AXSpace (MogTex Ltd) will have a process in place to monitor the PCI DSS compliance status of the Service provider.
Access to sensitive information in both hard and soft media format must be physically restricted to prevent unauthorised individuals from obtaining sensitive data.
- Media is defined as any printed or handwritten paper, received faxes, floppy disks, back-up tapes, computer hard drive, etc.
- Media containing sensitive cardholder information must be handled and distributed in a secure manner by trusted individuals.
- Visitors must always be escorted by a trusted employee when in areas that hold sensitive cardholder information.
- Procedures must be in place to help all personnel easily distinguish between employees and visitors, especially in areas where cardholder data is accessible. “Employee” refers to full-time and part-time employees,
temporary employees and personnel, and consultants who are “resident” on AXSpace (MogTex Ltd) sites. A “visitor” is defined as a vendor, guest of an employee, service personnel, or anyone who needs to enter the premises for a short
duration, usually not more than one day.
- All computer that store sensitive cardholder data must have a password protected screensaver enabled to prevent unauthorised use.
All sensitive cardholder data must be protected securely if it is to be transported physically or electronically.
- Card holder data (PAN, track data etc) must never be sent over the internet via email, instant chat or any other end user technologies.
- If there is a business justification to send cardholder data via email then it should be done after authorization and by using a strong encryption mechanism (i.e. – AES encryption, PGP encryption).
- The transportation of media containing sensitive cardholder data to another location must be authorised by management, logged and inventoried before leaving the premises. Only secure courier services may be
used for the transportation of such media. The status of the shipment should be monitored until it has been delivered to its new location.
- All data must be securely disposed of when no longer required by the company, regardless of the media or application type on which it is stored.
- An automatic process must exist to permanently delete on-line data, when no longer required.
- All hard copies of cardholder data must be manually destroyed as when no longer required for valid and justified business reasons. A quarterly process must be in place to confirm that all non-electronic cardholder data has been appropriately
disposed of in a timely manner.
- AXSpace (MogTex Ltd) will have procedures for the destruction of hardcopy (paper) materials. These will require that all hardcopy materials are crosscut shredded, incinerated or pulped so they cannot be reconstructed.
- The Company will have documented procedures for the destruction of electronic media. These will require:
- All cardholder data on electronic media must be rendered unrecoverable when deleted e.g. through degaussing or electronically wiped using military grade secure deletion processes or the physical destruction of the media;
- If secure wipe programs are used, the process must define the industry accepted standards followed for secure deletion.
- All cardholder information awaiting destruction must be held in lockable storage containers clearly marked “To Be Shredded” - access to these containers must be restricted.
The policies and procedures outlined below must be incorporated into company practice to maintain a high level of security awareness. The protection of sensitive data demands regular training of all employees and contractors.
- Review handling procedures for sensitive information and hold periodic security awareness meetings to incorporate these procedures into day to day company practice.
- Distribute this security policy document to all company employees to read. It is required that all employees confirm that they understand the content of this security policy document by signing an acknowledgement
form (see Appendix A)
- All employees that handle sensitive information will undergo background checks (such as criminal and credit record checks, within the limits of the local law) before they commence their employment with the company.
- All third parties with access to credit card account numbers are contractually obligated to comply with card association security standards (PCI/DSS).
- Company security policies must be reviewed annually and updated as needed.
Employees of AXSpace (MogTex Ltd) will be expected to report to the security officer for any security related issues. The role of the security officer is to effectively communicate all security policies and procedures to employees within
AXSpace (MogTex Ltd) and contractors. In addition to this, the security officer will oversee the scheduling of security training sessions, monitor and enforce the security policies outlined in both this document and at the training
sessions and finally, oversee the implantation of the incident response plan in the event of a sensitive data compromise.
Incident Response Plan
- In the event of a suspected security breach, alert the information security officer or your line manager immediately.
- The security officer will carry out an initial investigation of the suspected security breach.
- Upon confirmation that a security breach has occurred, the security officer will alert management and begin informing all relevant parties that may be affected by the compromise.
If the data security compromise involves credit card account numbers, implement the following procedure:
- Shut down any systems or processes involved in the breach to limit the extent, and prevent further exposure.
- Alert all affected parties and authorities such as the Merchant Bank (your Bank), Visa Fraud Control, and the law enforcement.
- Provide details of all compromised or potentially compromised card numbers to Visa Fraud Control within 24 hrs.
- For more Information visit: http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp_if_ compromised.html
– Agreement to Comply Form – Agreement to Comply With Information Security Policies
________________
Department
I agree to take all reasonable precautions to assure that company internal information, or information that has been entrusted to AXSpace (MogTex Ltd) by third parties such as customers, will not be disclosed to unauthorised persons.
At the end of my employment or contract with the company, I agree to return all information to which I have had access as a result of my position. I understand that I am not authorised to use sensitive information for my own purposes,
nor am I at liberty to provide this information to third parties without the express written consent of the internal manager who is the designated information owner.
I have access to a copy of the Information Security Policies,
I have read and understand these policies, and I understand how it impacts my job. As a condition of continued employment, I agree to abide by the policies and other requirements found in AXSpace (MogTex Ltd) security policy. I understand
that non-compliance will be cause for disciplinary action up to and including dismissal, and perhaps criminal and/or civil penalties.
I also agree to promptly report all violations or suspected violations of information
security policies to the designated security officer.
________________________
Employee Signature
AXspace
MogTex Ltd.