1. Scope, services and covered users
1.1 Services covered by this AUP
Fastnode is a trading name of IMA IT B.V., registered with the Dutch Chamber of Commerce (KVK) under number 57741085. Where this AUP refers to "Fastnode", "we" or "us", this means IMA IT B.V.
Fastnode provides hosted IT services to business customers in the Netherlands and the European Union. This AUP applies to all services provided by Fastnode, including at least:
- Virtual Desktop environments (VDI) and hosted Windows workspaces;
- Virtual Private Servers (VPS) and hosted server infrastructure;
- the storage, network, backup and compute capacity associated with these environments;
- associated software, licences, integrations and support;
- the customer portal, the ordering process and all other systems operated by Fastnode.
1.2 Who this AUP applies to
This AUP applies to everyone who uses or has access to Fastnode's services, whether that use is direct or indirect. This includes:
- the customer: the organisation or person with whom Fastnode has an agreement;
- end users: employees, directors, contractors and any other individuals to whom the customer grants access;
- sub-users and third parties: the customer's own clients, guests, suppliers, managed service partners and any other party gaining access through the customer;
- visitors to Fastnode's websites and systems.
Where this AUP refers to "you" or "user", it means any of the parties listed above.
1.3 Relationship to other agreements
This AUP forms an integral part of the agreement between Fastnode and the customer and applies alongside the general terms and conditions and the data processing agreement. In the event of a conflict between this AUP and the general terms and conditions regarding acceptable use, this AUP prevails.
2. Permitted use
Fastnode's services are intended for normal, lawful business use. Permitted use includes:
- running regular office and business applications, such as word processing, email, accounting, industry-specific software and collaboration tools;
- storing and processing business data for which you have a valid legal basis;
- running business applications, databases and internal web applications within the agreed capacity;
- granting access to your own employees and to third parties, within the limits of section 7;
- use that stays within the agreed specifications, licence terms and a reasonable consumption of shared resources.
Guiding principle: use the service as a diligent professional would – lawfully, securely, and without harming others or placing a disproportionate load on shared resources.
3. Prohibited use
You must not use Fastnode's services for, or allow them to be used for, any of the activities set out below.
3.1 Unlawful and criminal activities
- any activity that breaches Dutch, European or other applicable law;
- storing, processing, distributing or making accessible child sexual abuse material (CSAM). A strict zero-tolerance policy applies;
- human trafficking, drug trafficking, illegal arms trading, or facilitating any of these;
- inciting, glorifying or supporting terrorism, extremist violence or other serious crimes;
- discrimination, hate speech, threats, stalking, harassment or defamation;
- infringing intellectual property rights, including distributing software, media or other protected works without the necessary rights or permission.
3.2 Fraud and deception
- phishing, spoofing, identity fraud, or impersonating individuals, brands or organisations;
- scams, pyramid and Ponzi schemes, fake webshops or fraudulent payment pages;
- processing, storing or reselling stolen data, leaked databases, stolen payment details or stolen credentials;
- money laundering, terrorist financing, or circumventing financial regulatory requirements;
- providing incorrect, outdated or misleading information when entering into or using the service.
3.3 Harmful content and software
- developing, storing, distributing or operating malware, ransomware, viruses, keyloggers, exploit kits or comparable harmful software;
- operating command-and-control infrastructure, botnets or drop zones;
- hosting content designed to damage or deceive third-party systems or users.
3.4 Attacks on networks and systems
- unauthorised access to systems, networks or data belonging to Fastnode or to third parties (hacking);
- carrying out or facilitating (D)DoS attacks, amplification attacks or other disruption attacks;
- port scans, vulnerability scans, brute-force attacks or penetration tests against systems for which you cannot demonstrate written authorisation;
- intercepting, manipulating or eavesdropping on other parties' network traffic;
- circumventing Fastnode's security measures, quotas, licence controls or access restrictions.
3.5 Unsolicited communications
- sending spam or other unsolicited bulk messages, through any channel;
- sending messages in breach of the Dutch Telecommunications Act, the GDPR or other rules on electronic communications;
- operating open mail relays, open proxies or open resolvers;
- using harvested, purchased or otherwise unlawfully obtained address lists;
- falsifying header, sender or routing information.
3.6 Abuse of resources
- cryptomining, cryptojacking and comparable activities that consume a disproportionate amount of compute or energy capacity, without prior written consent;
- use that demonstrably degrades performance, stability or availability for other customers;
- reselling, subletting or otherwise commercially making the service available to third parties without Fastnode's prior written consent;
- deliberately circumventing agreed usage limits, or sharing personal accounts between multiple individuals.
Zero tolerance. In cases involving child sexual abuse material, terrorist content, active attacks on third parties or large-scale fraud, we will suspend the service immediately and without prior warning, and report the matter to the competent authorities.
4. Restricted and high-risk activities
The following activities are not prohibited outright, but are permitted only with Fastnode's prior written consent. Without that consent, they qualify as prohibited use.
- Security research and penetration testing, including against your own environment, because this affects shared infrastructure and monitoring;
- Bulk and marketing email sent from the environment, including newsletters and high-volume transactional mail streams;
- VPN, proxy, Tor or anonymisation services that are accessible to third parties, including Tor exit nodes;
- Publicly accessible file serving, file-sharing or streaming services with high bandwidth consumption;
- Cryptomining or other structurally compute-intensive processing;
- Reselling or white-labelling the service to your own customers;
- Processing special categories of personal data (such as health or criminal data) without appropriate arrangements, including a data processing agreement;
- Regulated sectors subject to additional statutory requirements, such as financial services, gambling or healthcare.
Not sure whether your intended use falls into this category? Ask us in advance at info@fastnode.nl. Clarifying up front avoids suspension later.
5. Compliance with laws, regulations and sanctions
5.1 General compliance
You warrant that your use of the services complies with all applicable laws and regulations. These include the General Data Protection Regulation (GDPR), the Dutch Telecommunications Act, copyright and other intellectual property rights, consumer law and criminal law.
5.2 Data protection
If you process personal data via the services, you act as the controller and Fastnode acts in principle as the processor. You are responsible for having a valid legal basis for processing, for informing data subjects, and for entering into a data processing agreement with Fastnode. You must report data breaches without undue delay so that we can meet our statutory obligations.
5.3 Sanctions and export control
The services must not be used in breach of sanctions and export control regulations of the European Union, the Netherlands, the United Nations, the United Kingdom or the United States. In practice this means that you:
- do not use, resell or make the services available to persons, entities or countries appearing on an applicable sanctions list;
- do not use the services from or for the benefit of a sanctioned jurisdiction;
- do not act on behalf of a party subject to an asset freeze;
- do not export or make available technology in breach of export control rules.
Fastnode carries out screening where legally required and may refuse, suspend or terminate an agreement if a sanctions risk is identified.
6. Security, abuse and fraud prevention
To prevent abuse, fraud and harmful content, the following obligations apply:
- you secure accounts with strong, unique passwords and enable multi-factor authentication wherever it is available;
- you do not share credentials and issue accounts only to individually identifiable persons;
- you revoke access without delay for individuals who are no longer entitled to it;
- you keep any software that you install or manage within the environment up to date and free from known vulnerabilities;
- you report any suspected security incident, data breach or compromised account to Fastnode without delay;
- you cooperate with reasonable investigations into abuse that appears to originate from your environment;
- you check content that you receive from third parties or publish for unlawfulness, insofar as this can reasonably be expected of you;
- following notice from Fastnode, you act without delay to end the abuse or harmful content and to prevent recurrence.
7. Responsibility for sub-users and third parties
The customer is fully responsible and liable for all use of the services that takes place via its account, environment or access. This applies regardless of whether that use is by the customer itself, by its end users, by sub-users or by third parties, and regardless of whether the customer was aware of it.
In practice, this means the customer:
- makes this AUP known to every end user and sub-user and enforces compliance with it;
- imposes at least equivalent usage rules in its own terms where it offers the service to third parties with Fastnode's consent;
- remains responsible for the acts and omissions of managed service partners and suppliers it engages, as if they were its own;
- revokes a sub-user's or third party's access as soon as that party breaches this AUP;
- indemnifies Fastnode against third-party claims arising from use in breach of this AUP, including reasonable costs of defence, investigation and remediation.
Fastnode has no contractual relationship with the customer's end users or sub-users and can address them only through the customer. Where immediate action is required to limit damage, Fastnode may take measures that also affect sub-users.
8. Monitoring, enforcement and measures
8.1 Monitoring rights
Fastnode monitors its infrastructure to safeguard the availability, integrity and security of the services and to detect abuse. In doing so:
- we carry out automated monitoring of matters such as network traffic, system load, mail flows, attack patterns and abuse signals;
- we process log data and security events in accordance with our privacy statement and the GDPR;
- we do not routinely inspect the content of your files or communications. We do so only insofar as necessary and proportionate to investigate a specific suspicion of abuse, to avert damage, or to comply with a legal obligation or a lawfully issued order;
- we investigate reports from customers, third parties, law enforcement agencies and regulators;
- we may preserve evidence where this is necessary for an investigation or a legal obligation.
Monitoring is aimed at security and abuse prevention – not at inspecting your business data. We apply the principles of necessity, proportionality and data minimisation.
8.2 Measures in the event of a breach
In the event of a (suspected) breach of this AUP, Fastnode may – at its discretion and depending on the severity – take one or more of the following measures:
- issue a warning and request clarification or remediation within a set period;
- filter traffic, apply rate limiting, or block specific ports, protocols or destinations;
- make harmful or unlawful content inaccessible, or remove it;
- temporarily suspend an account, user, server or the entire environment;
- terminate the agreement in whole or in part, without any right to a refund of fees already paid;
- charge the costs of investigation, remediation and damages;
- report the matter to the police, the Public Prosecution Service, the Dutch Data Protection Authority or another competent body, and provide data where we are legally required to do so.
8.3 Proportionality and sequence
As a rule we choose the least intrusive appropriate measure and issue a warning where reasonably possible. Where there is an acute risk to third parties or to our infrastructure, or in the zero-tolerance categories listed in section 3, we intervene immediately and without prior warning.
8.4 Restoration and objection
Following a suspension, we restore the service once the breach has demonstrably ended and recurrence has been adequately prevented. If you disagree with a measure, you may submit a reasoned objection within 30 days at info@fastnode.nl. We will assess your objection and respond within a reasonable period.
9. Reporting abuse
Do you suspect that Fastnode's services are being abused, or are you experiencing nuisance originating from our infrastructure? Report it at info@fastnode.nl, quoting "Abuse".
Where possible, please include:
- the IP address, domain or URL concerned;
- the date, time and time zone of your observation;
- relevant log lines, headers or screenshots;
- your contact details for any follow-up questions.
We acknowledge receipt and investigate every report. Reports concerning child sexual abuse material and active attacks are handled with the highest priority.
10. Changes to this AUP
Fastnode may amend this AUP, for example in response to new legislation, new forms of abuse or changes to the services. The current version is always published on this page, with a version number and date. In the event of material changes we will inform customers in advance by email or via the customer portal. Continued use of the services after the effective date constitutes acceptance of the amended AUP.
For questions about this Acceptable Use Policy, to request consent for an activity listed in section 4, or to report abuse:
- Fastnode, a trading name of IMA IT B.V.
- Chamber of Commerce (KVK) number: 57741085
- Email: info@fastnode.nl
- Telephone: +31 85 080 8080
- Country: The Netherlands