NetJett LTD - Terms of Service and Privacy Policy

NetJett LTD Terms of Service and Privacy Policy

(Effective Date: 2024-10-25 | Data Storage Default: EU)

Part I: Account and Service Usage Regulations
1.1 Account Creation and Verification
- Basic Requirements: Users must provide a valid, unregistered email address. Enterprise users must submit a scanned copy of their business license; individual users must provide their real name and address.
- High-Risk Verification: For purchasing dedicated servers, users must provide government-issued ID and credit card scans (with CVV hidden). The review period is 1-3 working days, and non-compliant orders may be rejected due to fraud risks.
- Information Liability: Users must update contact information in real time. Risks caused by incorrect information (e.g., failed domain registration) are the user’s responsibility.

1.2 Prohibited Activities List (Full List)
- Prohibited on Shared/Reseller Servers: Topsites, IRC bots, proxy servers, pirated software hubs, image hosting scripts, commercial audio streams exceeding 2 concurrent streams, illegal investment/gambling websites.
- Prohibited on VPS/Dedicated Servers: IRCD abuse, pirated software, IP scanning tools (e.g., Nmap/AWVS), spam tools, illegal investment/gambling platforms.
- Universal Prohibitions: Child pornography, terrorist content, HIPAA-protected health information, EU GDPR special category data, unauthorized network scanning.
- Resource Abuse Limits: CPU usage exceeding 50% of package limits for over 600 seconds continuously, Swap memory usage >50% for 24 consecutive hours, P2P file sharing.
- Penalty Tier: First violation: account freeze for 48 hours + rectification report; second violation: permanent ban; criminal offenses: referral to judicial authorities.

1.3 Sub-Accounts and Permission Management
- Enterprises may create up to 100 sub-accounts with three permission levels: Read-Only, Management, and Full Control (Full Control requires secondary confirmation by the primary account).
- Deletion of sub-accounts will permanently destroy associated data (e.g., disk snapshots, custom images) and cannot be recovered.

1.4 Dedicated IP Allocation Rules
- Applications for dedicated IPs outside hosting packages must comply with ARIN/APNIC norms and submit a business necessity statement + current IP utilization report. The company may reject requests for insufficient reasons or utilization below 50%.

1.5 Third-Party Transaction Liability
- Risks of transactions with third-party providers (e.g., domain registrars) are borne by users. NetJett does not act as an agent or guarantor and is not liable for third-party service disruptions.

Part II: Service Definition and Resource Management
2.1 Resource Measurement Details
- CPU/Memory: Averaged per 5-minute sampling point, with burst loads allowed up to 150% of package limits (cumulative ≤2 hours daily); Swap usage >50% for 24 hours triggers a system warning, requiring user optimization within 48 hours.
- Disk I/O: System disk (e.g., /boot) writes are not billed; data disk usage is charged by actual read/write volume. Snapshot storage is billed separately at €0.1/GB/month.
- Bandwidth Measurement: Monthly traffic caps apply. Excess traffic is charged at 1.5x the package rate per GB or throttled to 1Mbps until reset, with unused bandwidth not carried over.

2.2 Service Level Agreement (SLA)
- Virtual servers: 99.5% uptime commitment (monthly downtime ≤216 minutes). Dedicated servers: 99.9% uptime commitment (monthly downtime ≤43.2 minutes).
- Compensation for SLA breaches: Calculated as (downtime duration/committed duration) × monthly fee, issued as account credit valid for 6 months (force majeure excluded).

2.3 Backup Policy
- Default Backups: Daily full backups for EU servers (retained 30 days), 12-hour incremental backups for Hong Kong servers (retained 14 days), stored in a Canadian data center.
- Custom Backups: Dedicated server users may request weekly full + daily incremental backups for an additional 10% monthly fee.

Part III: Multi-Jurisdictional Compliance Rules
3.1 EU GDPR Special Provisions
- Right to Data Erasure: The company will respond to data deletion requests within 30 days (excluding legally retained data); marketing opt-outs will take effect within 48 hours.
- Data Cross-Border Transfer: Written user consent + Standard Contractual Clauses (SCCs) are required for transfers to non-EU regions.

3.2 China Cybersecurity Law Adaptation
- ICP Filing Assistance: Chinese users must complete ICP filing independently; the company provides server IP certification documents (€50 per service, including electronic seal).
- Security Incident Response: Users will be notified within 72 hours of discovering illegal content/vulnerabilities, with disposal reports submitted to CNCERT within 48 hours.
- Password Requirements: 8+ character mixed passwords (letters + numbers + symbols), mandatory change every 90 days.

3.3 US CFAA Compliance
- Unauthorized system scanning (e.g., port probing, vulnerability scanning) is prohibited. Violators will cooperate with FBI investigations, face permanent account bans, and may be liable for civil claims.

Part IV: Privacy Policy and Data Protection
4.1 Data Collection Scope
- Necessary Information: Name, email, phone number, IP address, payment records (individual users); business license, legal representative ID, tax registration number (enterprise users).
- Third-Party Sharing: Data is shared only with payment/cloud service providers (e.g., Stripe, AWS) via Data Processing Agreements (DPAs), strictly limited to service-related purposes.

4.2 Minor Protection
- Age Restrictions: EU ≥16 (guardian consent required), China ≥18 (face recognition verification), US ≥13 (guardian email verification).
- Misregistration Handling: Minor accounts will be frozen immediately, with data deleted and guardians notified within 72 hours, accompanied by technical deletion proof (hash value verification).

Part V: Fees, Refunds, and Dispute Resolution
5.1 Billing Details
- Base Fees: Virtual servers from €20/month, dedicated servers from €200/month (including 500GB monthly traffic).
- Hidden Fees: Custom ISO upload (€50 per time), priority technical support (20% monthly surcharge), compliance audit reports (€200 per copy).
- Invoicing: EU enterprises receive VAT-inclusive invoices (19% Germany, 20% France); Chinese users may apply for VAT special invoices (6% rate).

5.2 Refund Policy
- Virtual Servers: Refundable within 60 days if unused (CPU ≤3.6 hours, traffic ≤500MB, no domain binding).
- VPS: Refundable within 7 days if no VMs/containers created and Swap usage ≤3% of package memory.
- Dedicated Servers: Refundable within 1 day if not powered on and no IP assigned.
- Non-Refundable Scenarios: Termination for violations, domain renewals, manual configuration services (e.g., script debugging), account balance consumption, and transactions made via cryptocurrency payment methods are all non-refundable.

5.3 Dispute Resolution Process
1. Primary Consultation: Disputes submitted via ticket system will receive a response within 72 hours.
2. Advanced Review: If unresolved, referred to the compliance team within 5 working days with a written report.
3. Mediation: Parties may apply for ICC mediation, with costs shared equally.
4. Legal Jurisdiction: EU users – Luxembourg courts (EU law); China users – Beijing Internet Court (Chinese law); others – Singapore International Arbitration Centre (SIAC, English law).

Part VI: Other Key Provisions
6.1 Spam Policy
- Unsolicited bulk email is prohibited. Violators will face immediate service termination and bear IP blacklist cleanup fees (€500 per time).

6.2 Reseller Responsibilities
- Resellers must independently handle customer support and content compliance. Direct customer inquiries to NetJett will result in main account suspension for 7 days, with permanent disqualification after 3 suspensions.

6.3 Liability Limitations
- The company is not liable for indirect losses (e.g., data loss, business interruption). Users must backup data and purchase commercial insurance independently.

6.4 Policy Update Mechanism
- Users will be notified via email 30 days before policy updates. Major changes (e.g., data storage location adjustments) require separate user confirmation; continued service use indicates acceptance of new terms.

User Acknowledgment and Updates: Checking "I agree" constitutes acceptance of all terms. Continued service use after updates indicates acceptance of revised terms.