Pomeroy Cloud Acceptable Use Policy

Introduction
This customer acceptable use policy defines Pomeroy’s policy that is designed to protect Pomeroy, its customers (“Customers”) and any other persons, parties or entities on the Internet from any negative impact caused by inappropriate activities. All Customers shall adhere to this policy and are subject to the terms and conditions herein. 

Pomeroy reserves the right to perform activities to audit, test, and investigate the security of Customer sites in an effort to ensure that security protections are maintained and that Customer sites do not bypass, or allow others to bypass, Pomeroy security controls.  

If, in its sole discretion, Pomeroy believes that systems located within Pomeroy facilities are being used in an unlawful or improper manner (whether civil or criminal) or for unlawful or improper activities, Pomeroy will fully cooperate with civil- and criminal-enforcement authorities conducting investigations of such use or activities. Pomeroy will also support the investigation of the prohibited activities listed below and any other activities that Pomeroy, in its sole discretion, believes impact the operation or security of Pomeroy, Customers or other systems accessible by Customers or Customers’ clients or users.  

Acceptable Use
Customers have access to and perform management activities on their systems, data and content. Customers are responsible for ensuring that these activities do not impose risks to, or negative impacts on, Pomeroy, Customers or other sites or systems. Customers are also responsible for adhering to all local, state, federal and international laws and regulations relating to Customer operations. 

Because Pomeroy relies on a shared infrastructure to support Customers, it is necessary that Pomeroy set policies and standards associated with how each site is secured and used. The compromise of one Customer site may result in an impact on Pomeroy or other Customers. Therefore, all Customers shall adhere to all applicable Pomeroy policies and standards. 

Prohibitied Activities

Each Customer is responsible for ensuring that it does not allow its systems hosted by Pomeroy to be used for any of the following purposes:

  • gaining, or attempting to gain, unauthorized access to any system that does not belong to the Customer; 

  • sending unsolicited e-mail or other messages or communication in any form (e.g., spam);

  • altering, defacing or otherwise causing any unauthorized or unapproved modification of any system belonging to Pomeroy, another Customer or any other system on the Internet; 

  • storing, transmitting or processing material in a manner that violates intellectual-property rights or laws or regulations, including, without limitation, those associated with trade secrets, copyrights, patents and trademarks; 

  • violating the privacy rights of others, including, without limitation, the collection of information about individuals without their knowledge or consent, except as allowed by applicable laws and regulations; 

  • transmitting or storing any material that is unlawful, obscene, harassing, libelous, abusive or hateful; that encourages unlawful acts; or that may be interpreted as violating the civil rights of others;

  • storing or transmitting material that violates local, state, federal or international laws or regulations;

  • engaging in, or permitting, any activity that leads to a degradation or denial of service for Pomeroy, another Customer or any other system or site on the Internet; 

  • violating the rules or policies of any other hosting provider, message service, chat room, bulletin board, newsgroup or similar system, service or provider; 

  • intentionally, recklessly or negligently omitting, forging, deleting or misrepresenting transmission information—including, without limitation, headers, return-address information and IP addresses—that is intended to cloak or hide the identity or source of information transmitted by the Customer’s systems, customers or users; or 

  • engaging in, or permitting, any activity that results in the overutilization of power circuits.

Customers are prohibited from assisting any persons in using Customer systems located at Pomeroy to engage in any of the activities listed above. If a Customer becomes aware of any such activity, the Customer must remedy the situation immediately. The Customer shall also notify Pomeroy, by telephone within four hours and in writing within 24 hours, of the detection of a violation by such Customer or its agents.

Each Customer is responsible for ensuring that security controls are not circumvented by way of actions taken by it or individuals accessing such Customer’s systems. 

Each Customer shall not: 

  • configure its systems to bypass security controls, including, without limitation, the installation of programs or services that allow the systems to be managed or accessed insecurely or through unauthorized means; 

  • conduct online security audits or tests against or through Pomeroy systems or networks without coordination with and the explicit, written consent of an authorized officer of Pomeroy; 

  • gain, or attempt to gain, unauthorized access to Pomeroy networking, security, management, backup, storage or monitoring systems; 

  • install programs or configure systems to allow the monitoring, or “sniffing,” of data traveling over a shared network; 

  • access, or attempt to access, security-relevant information, such as password files that may, among other things, be used to gain unauthorized access to system accounts;

  • install or use software for the purpose of cracking encrypted data, including, without limitation, stored passwords; or 

  • remove or disable security software or services, including, without limitation anti-virus software, logging utilities or authentication services. 

Each Customer is also responsible for any misuse of accounts on its systems located at Pomeroy. 

Each Customer must implement measures and procedures to ensure that its accounts are not accessed or used in an unauthorized manner, including, without limitation, the following. 

  • Each Customer must maintain, and provide Pomeroy with, a list of authorized individuals and accounts that are permitted to remotely access such Customer’s systems hosted by Pomeroy.

  • Each Customer must notify Pomeroy in writing if a user no longer requires remote access to such Customer’s site. To ensure that access is deleted on time, Pomeroy must receive this notification at least five business days in advance of the date that the access is no longer needed by that individual. 

  • Remote-access accounts shall not be transferred from one individual to another, nor shall they be shared between individuals. Each user shall have an individual remote-access account that uniquely and accurately identifies the owner of the account. 

Each Customer assumes all responsibility for the consequences of the use of its accounts by an unauthorized individual. 

Violations and Remedies
Pomeroy reserves the right to suspend or terminate at any time the account of any Customer that, in the sole discretion of Pomeroy, fails to adhere to any of these policies, as they are described from time to time at www.Pomeroy.com. Pomeroy has the right to seek legal remedies for any damages, costs or expenses that may be incurred as a result of a violation of any of these policies by or through a Customer. 

Depending on the nature of the violation or alleged violation, Pomeroy may be notified of violations in a number of ways, including by an external organization, agency, entity or individual that is affected by the activities of a Customer or, when a violation is detected internally, by a source within Pomeroy. 

Pomeroy retains the sole right to determine whether a violation of this policy has occurred. In general, Pomeroy will attempt to work with Customers to address violations of this policy in accordance with the steps outlined below but is not required to do so. However, based on the severity of the violation or the number or nature of complaints received, Pomeroy, in its sole discretion, has the absolute right to immediately terminate service.  

First Violation
Upon notification of a violation, Pomeroy will attempt to contact the Customer and describe the violation. In general, the Customer contact will be called by telephone with the information. Pomeroy and the Customer will define a specific timeframe within which the Customer must rectify the violation. A letter may be sent to the Customer contact formally notifying it of the violation and setting forth the time frame for the Customer to remedy the violation. If, in Pomeroy’s sole discretion, the violation or complained-of violation is such that Pomeroy elects not, or is unable, to contact the Customer, Pomeroy may take whatever steps it deems appropriate under the circumstances. 

Second Violation
If the same or similar violation occurs or is complained of a second time and the timeframe for remediation of the initial violation has expired, Pomeroy will again attempt to contact the Customer to describe the violation. In general, the Customer contact will be contacted by telephone with this information. If, in Pomeroy’s sole discretion, the violation or complained-of violation is such that Pomeroy elects not, or is unable, to contact the Customer, Pomeroy may take whatever steps it deems appropriate under the circumstances. Pomeroy and the Customer will again define a specific timeframe within which the Customer must rectify the violation. A letter will again be sent to the Customer contact notifying it that the violation has occurred again and setting forth the timeframe for the Customer to remedy the violation. Pomeroy will bill the Customer $1,000 to cover Pomeroy’s administrative costs associated with managing this effort. 

Third Violation
If the same or similar violation occurs or is complained of for a third time and the timeframe for addressing the second violation has expired, Pomeroy will again attempt to contact the Customer describing the violation. In general, the Customer contact will be called by telephone with this information. Pomeroy and the Customer will define a specific timeframe within which the Customer must rectify the violation. A letter will again be sent to the Customer contact notifying Customer that the violation has occurred again and setting forth the time frame for the Customer to remedy the violation. Pomeroy will bill the Customer $5,000 to cover Pomeroy’s administrative costs associated with managing this effort. If, in Pomeroy’s sole discretion, the violation or complained-of violation is such that Pomeroy elects not, or is unable, to contact the Customer, Pomeroy may take whatever steps it deems appropriate under the circumstances. If a third violation relates to the overutilization of power, then, in addition to all other remedies outlined in this policy, Pomeroy shall further bill the Customer an additional $100 per day per overutilized circuit. 

In all instances, each Customer remains responsible for performing all of its obligations under applicable Master Cloud Services Agreements and Schedules and for paying all fees billed by Pomeroy, including, without limitation, monthly service fees and termination fees. If the violation is not remedied by the agreed-upon timeframe, Pomeroy has the right to terminate or suspend services to the Customer. Pomeroy retains the sole right and discretion to permanently terminate services to the Customer or to resume service upon remedy of the violation and to obtain whatever assurances Pomeroy requires from Customer that the violation will not repeat. If, in Pomeroy’s sole discretion, the violation or alleged violation is such that Pomeroy elects not, or is unable, to contact the Customer, Pomeroy shall take the steps it deems appropriate under the circumstances without regard to whether the violation is a first, second or third violation. 

Notwithstanding anything to the contrary herein, Pomeroy reserves the right to immediately suspend any Services without notice to, or approval from, Customer if Pomeroy, in its sole discretion, deems such suspension necessary to protect its systems, facilities or interests or those of its customers or third parties, including, without limitation, in response to any perceived threat of a computer virus, exploit scripts or other malicious software or denial-of-service attack (in each case, from any source) on Pomeroy’s computer systems or network; provided, however, that Pomeroy will use commercially reasonable efforts to notify Customer prior to such suspension. 

General Terms and Conditions Regarding this Policy
THE CUSTOMER AGREES TO BE BOUND BY ALL OF THE TERMS AND CONDITIONS HEREIN. From time to time, Pomeroy may modify this policy. By using the Pomeroy services or facilities after any such modifications, the Customer agrees to those modifications. If at any time the Customer chooses not to accept this policy, the Customer agrees to discontinue use of such services or facilities. 

Please send reports of any violations of this acceptable-use policy to abuse@Pomeroy.com.