General Terms and Conditions of Services
Effective date: 2023.07.20.
By signing up for and/or otherwise accessing any of the services or products offered by ServerAstra Ltd. (hereinafter: Provider) you (hereinafter: Customer) agree to be bound by the terms of this Agreement. These terms and conditions supersede all earlier versions.
Please read through this document and all annexes carefully and thoroughly, as they describe your legal rights and obligations.
Annexes listed in section V. are an integral part of this agreement and are required to be interpreted, distributed, executed and/or signed with the contract.
I. General Provisions
I.I. The scope of this Agreement
This Agreement shall become effective as of the date of (1) your electronic signature or acceptance of this Agreement, (2) the activation of your account or (3) your receipt of an e-mail from the Provider confirming your order, whichever happens first.
This Agreement is effective for an undetermined term.
You may take obligation for one or multiple years of loyalty time contract, in which case you get a special discounted fee.
Either you or the Provider may terminate this Agreement (and your access to your account) at any time with 30 days written notice, or
The Provider may terminate this Agreement or suspend your account with no prior notice for a breach of this Agreement.
I.II. The subject of this Agreement
Regulation of relationship between the Provider and the Customer in case of dedicated server rental services, colocation services, domain registration and renewal, virtual private server (VPS) services, cloud and web hosting services.
I.III. Rights and obligations of the Contracting Parties
I.III.A./ Rights of the Provider
In relation to the current General Terms and Conditions (GTCs) and the Service Level Agreement (SLA), the Provider reserves the right:
- to suspend the provision of the Service temporarily or to terminate the contract with immediate effect and without any previous notification, in case the Customer breached obligations under the Agreement or these GTCs, especially when they failed to pay agreed Price in due period or when they breached obligations of this Agreement;
- to remove from their devices any data concerning the Customer and the Customer's domain, in case the Customer repeatedly or seriously breached their obligations under the Agreement or these GTCs;
- to restrict temporarily reserved disk space for the Customer, transfer speed for the Customer or other Customer's activities to a level defined in the SLA, in case previous Customer's activities would cause a threat or a substantial limitation of fluency or functionality of devices of the Provider, of their subcontractors or of activities of other Customers;
- to transfer off contractual rights and obligations of this Agreement to a third party at the same time with notice toward to the Customer;
- to establish additional forms of protection of the Service if it is necessary to enhance Service's or Customer's protection, unless establishing such protection creates additional costs to the Customer or unless the Customer agreed with these additional costs or asked for such establishment of additional protection of the Service;
- to change a time period for which invoices (tax documents) shall be issued to the Customer on a regular basis (hereinafter referred to as "the billing period");
- to additionally invoice items for the Service that could not be included in the invoice issued for the period in which these items were provided due to technical reasons or due to additional order by the Customer;
- to ex parte diversify or change the functional or technical specification of the Service or refine the Customer's interface to access the Service, if this diversification, change or refinement is in compliance with the latest expert knowledge in the relevant field or if it undoubtedly contributes to the Customer's comfort when using the Services;
- to suspend or limit the provision of the Service without prior notice under justified circumstances. These may include, but are not limited to, breaches of these Terms and Conditions, during scheduled maintenance, technical inspections, revisions, repairs of the technical equipment facilitating the Service, or due to power outages, emergencies, terrorist attacks, epidemics, and other unforeseen events beyond control.
- to refuse to provide the Service to the Customer, if the provision of the Service was temporarily suspended before or if the Provider or another service provider doing business in the same field withdraws from the contract for repeated or serious obligation default by the Customer;
- to conclude an out-of-court settlement or other settlement with a third party;
- to surrender the domain in favour of a third party, i.e. to transfer the domain to a person who made a lawful claim;
- to transfer the domain to any other third party at their discretion,
- to take other measures or to deal with the domain otherwise so that no damage could occur to the Provider;
- to withdraw from the Agreement with immediate effect, to terminate the Services immediately and to enforce Provider's compensation claim in a legal way for the losses and injuries caused by the Customer, if the Customer places prohibited content on the devices of the Provider and/or uses the Services to distribute, support or accommodate prohibited content (see I.III.D. article). In the case regulated in the present paragraph, the Customer does not receive any fee refund and is fined Terms of Service violation fine of €100 and clean-up fee of €50;
- to provide the Customer with a discounted fee or a preferential plan based on negotiations or contractual loyalty time.
- to adjust the price of active services with prior notice of at least 1 week
- to specifically request scan images of the following: for an individual, personal identification documents; for a legal entity, personal identification documents of the accountable individual, power of attorney, and corporate establishment documents (such as a certificate of good standing or business license). This is applicable when it is mandated by law or necessary to safeguard the Provider from monetary setbacks or legal complications.
The Provider does not knowingly provide or offer services to anyone under the age of 18. The Provider has the right to cancel and terminate services and withdraw from the Agreement with immediate effect at any time if the Provider possesses irrefutable evidence that the Customer is under the age of 18.
I.III.B./ Obligations of the Provider
The Provider is committed to:
- Offering comprehensive customer support, including technical assistance, through the Help Desk. This service center handles all Provider-related requirements, notifications, and claims from the Customer, including warranties and complaints.
- Responding to the Customer's requests within 15 days via the Help Desk, providing potential solutions in accordance with the Service Level Agreement (Annex 2).
- Ensuring the Service's functionality, availability, and access, which includes regular software updates to maintain security and performance (pursuant to the Service Level Agreement (Annex 2))
- Implementing preventive measures to minimize potential Service failures. This includes scheduled Service interruptions, known as "Service disconnection", for necessary maintenance, hardware replacements, or software updates.
- Providing advance notice of planned Service disconnections (at least 24 hours before) or any foreseeable changes that may affect the Service. This information will be shared on their website, possibly via email, or through any other appropriate means.
- Fulfilling all other obligations as outlined in the Agreement and these General Terms and Conditions (GTCs).
I.III.C./ Rights of the Customer
The Customer has specific rights, including:
- The right to utilize the Services provided by the Provider under the terms outlined in these GTCs, without interference from another Customer, third party, or the Provider.
- The right to reach out to the Help Desk with their inquiries, complaints, and suggestions.
- The right to select any domain from the Provider's offerings or from available domains, in line with relevant domain registration rules.
- The right to provide comprehensive and accurate information about any factors that could impact the quality and stability of the Services provided by the Provider, preferably well in advance, if such provision of information is feasible and anticipated given the circumstances and situation.
I.III.D./ Obligations of the Customer
1. The Customer is obligated to provide the following data to the Provider:
- if the Customer is a natural person: his full name, his permanent address, his postal address if it is not the same as permanent address and his e-mail address.
- if the Customer is a legal entity: the name of the organization, its registration number and/or its tax number, its official corporate seat, the name of its representative and the data of the representative like in section i. The representative must possess the necessary authority to enter this contract on the legal entity's behalf.
2. The Customer is fully liable for damages caused by inaccurate and out-of-date personal data.
3. The Customer is required to use the devices and the services of the Provider for legal purposes only. It is prohibited to use the Provider's services in a way that violates the Acceptable Use Policy (Annex 6)
4. The Customer is obligated
- to communicate with the Provider via the Help Desk or through the Customer's web interface provided by the Provider over the web for the Service during the duration of the contractual relationship. Specifically, the Customer must:
- Inform the Provider of any changes to the Contact name within 10 days of such change.
- Update the Provider on any changes to identification and billing information within 10 days of such a change.
- Promptly notify the Provider of any known factors that could negatively impact the Provider's ability to deliver the Services.
- to adhere to the terms of the current General Terms and Conditions (GTCs) for the duration of the contractual loyalty period. If they fail to do so, they are required to pay liquidated damages. The amount of these damages is the sum of the remaining expected payments under the loyalty contract, plus an additional €120 fee for early cancellation;
- to utilize the Service in a manner that does not hinder other Customers' use of the Service or the Provider's ability to deliver the Service;
- to remit payment for the Service provided, including all associated fees, in accordance with the Agreement and the Price list. This payment should be made based on a tax document (invoice) issued and delivered by the Provider, either via email or in written form.;
- to make use of the Services in accordance with the laws of Hungary, European Union, the Agreement and possible directions and instructions by the Provider;
- to restrict access to their services or website in any market or country where they conduct business activities that require specific permissions or licenses from local authorities, which they do not possess. This includes, but is not limited to, activities such as selling medication or organizing gambling.
5. The Customer may not resell the Services provided by the Provider to a third party without a written, signed and stamped consent of the Provider.
6. In case of violation of these Terms of Service or Acceptable Use Policy (Annex 6) by the Customer, the Customer agrees that the Provider has the right to:
- notify the Customer via support ticket system about violation and issue resolution proceedings
- suspend the service to prevent further abuse
- terminate the service in case of severe or systematic abuse or violation of terms of service resolution proceedings
- issue an invoice with a Terms of Service violation fine of €100 and clean-up fee of €50
- pursue recollection of the Terms of Service violation fine and clean-up fee using legal matters
- indemnify the Provider against any downtime reimbursement or refund
The Provider may execute these rights in any order it deems necessary.
The Customer is aware of their possible criminal liability under Act C. of 2012. Penal Code for a conduct contrary to the provisions of the stated act.
II. Special provisions
The minimum guaranteed yearly service availability excluding maintenance time is described in details in the Service Level Agreement (Annex 2). This Annex also includes SLA levels descriptions and formulas.
The subsections below contain description of several corrective actions. In the event that the Provider decides to take corrective action, the Customer shall not be entitled to a refund of any fees paid in advance prior to such corrective action.
The Customer shall be solely responsible for
- the development, operation, and maintenance of the internet resources, services and products and all content and materials appearing within or related to the aforementioned within the services provided by the Provider to Customer
- the accuracy and appropriateness of content and materials appearing within the services provided by the Provider to Customer or related to the Customer's products,
- ensuring that the content and materials appearing within the services provided by the Provider to Customer or related to the Customer's products do not violate or infringe upon the rights of any third party, are not libelous or otherwise illegal and are compliant with the Acceptable Use Policy (Annex 6)
- the final calculation and application of sales tax or any other tax
- compliance with laws of Customer's country and international community
- accepting, processing, and filling of any corporate secrets, private data and financial information and any other protected information of such type and for handling any inquiries or complaints arising therefrom
- the security of any corporate secrets, private data and financial information and any other protected information of such type that the Customer may use, generate or process as a result of conducting electronic commerce transactions while using Provider's services
II.I. Dedicated Server services
Dedicated Server (further: Server) is an industry standard computer system made specifically to process data in the datacenter environment
System provided by ServerAstra may or may not include IPMI interface to remotely control the system. In cases where it is available the service or category description mentions it.
This and any other agreement with the Provider does not grant or entitle, expressly or otherwise, any right, title or interest in the hardware (including, but not limited to any server) of the Provider.
The Customer shall not
- remove or alter settings of the Server IPMI processing unit. Any alteration of such kind will result in corrective action and recovery fee equal to 1 (one) monthly fee of the Server
- alter BIOS or other hardware firmware. Any alteration of such kind will result in corrective action and recovery fee equal to 3 (three) monthly fees of the Server
- overclock Server components. Any alteration of such kind will result in immediate termination in violation of these Terms according to I.III.D./ 6.
- use bandwidth or traffic in excess of the monthly amount ordered. The Customer acknowledges any violation of this policy may result in corrective action by the Provider, in its sole discretion, including assessment of additional charges or disconnection or discontinuance of any and all Services provided to the Customer.
- excessively power off, power on, reboot the Server or run diagnostics. The Customer acknowledges any violation of this policy may result in corrective action by the Provider, in its sole discretion, including assessment of additional charges or disconnection or discontinuance of any and all Services provided to the Customer.
II.II. Colocation Services
Colocation services provided by ServerAstra are governed by a separate Colocation Agreement
II.III. Cloud Instances and Virtual Private Servers (VPS)
The Provider will initially configure the Cloud or Virtual Private Server instance (further: Instance) for use. After the Instance is configured, the Customer will be solely responsible for all Instance content management.
Cloud Resource policy describes the guarantees of resources of the Instance in details with relevant formulas.
The Provider will initially configure the web server and the hosting account for use. After the hosting account is configured, the Customer will be solely responsible for all account content management.
The Customer shall not use bandwidth or disk usage in excess of the monthly amount ordered. The Customer acknowledges any violation of this policy may result in corrective action by the Provider, in its sole discretion, including assessment of additional charges or disconnection or discontinuance of any and all Services provided to the Customer.
The Customer grants the Provider a license to cache the entirety of the Customer's Web site (including content provided by third parties) hosted by the Provider and agrees such caching is not an infringement of any of the Customer's intellectual property rights or any third party's intellectual property rights.
II.V. IP Addresses
The Provider and/or the Provider's service providers shall maintain and control ownership of all IP numbers and addresses that may be assigned to the Customer by the Provider, and the Provider reserves in its sole discretion, the right to change or remove any and all such IP numbers and addresses.
The Customer shall not
- use IP addresses other than supplied by the Provider to the Customer. The Customer acknowledges any violation of this policy may result in corrective action by the Provider, in its sole discretion, including assessment of additional charges or disconnection or discontinuance of any and all Services provided to the Customer.
- circumvent or try to circumvent the limits setup to uphold the contractually provided IP addresses. Any action of such kind will result in immediate termination in violation of these Terms according to I.III.D./ 6.
II.VI. Data processing
If in connection with the performance of the service agreement you store and manage personal data at the server hosted by the Provider that shall qualify as personal data processing where you as the Customer shall qualify as controller of that personal data and the Provider shall be your data processor. The Provider shall process that personal data strictly for the purpose of performing the processing required for the performance of the services under the service agreement.
The sole purpose of the processing by the Provider will be the performance of the service agreement between the Customer and the Provider and the legal grounds of the processing is performance of contract [Regulation (EU) 2016/679 of the European Parliament and of the Council on April 27, 2016 on General Data Protection Regulation Article 6 subsection (1) point b)]. Processing shall last until the termination of the service agreement between the Customer and the Provider, or if in respect of certain personal data the Customer requests erasure or destroy earlier then the processing ends the date of erasure will end the processing. The Provider's tasks during processing shall be limited to the services defined in the service agreement concluded with the Customer. The personal data and data subjects affected by the processing shall solely to be determined by the Customer as data controller. Due to the nature of the processing - there is no actual hand over of personal data between the Customer and the Provider, but the Customer uploads the personal data himself on the Provider's servers, the Provider does not have access to that data - the Provider is unable to define the personal data and the data subjects affected by the processing and can only define that the Customer may upload and store personal data on the Provider's servers.
The Customer and the Provider shall fully cooperate with each other for the sake of compliance with the legal regulations on data processing - including, but not limited to the Hungarian Act CXII of 2011 on the right of informational self-determination and on freedom of information and the Regulation (EU) 2016/679 on General Data Protection Regulation - and to the extent required notify each other of all material circumstances in connection with the data processing (e.g. incidents, requests of data subject, etc.).
The Provider as data processor shall not pass any decision on the merits of the data processing, shall process personal data exclusively on written instructions from the Customer, including with transfer of personal data to a third country or to an international organization, unless processing is required by EU or Hungarian law applicable to the Provider; in such a case the Provider shall inform the Customer of that legal requirement before processing, unless the law prohibits such notification on grounds of public interest. During the data processing the instructions given by the Customer via e-mail shall be considered as written instructions.
The Customer is responsible for the lawfulness of its instructions related to the processing. The Provider will inform the Customer without delay if any of the Customer's instruction or the execution of it violates any mandatory legal act of the European Union and Hungary, or valid and legally binding resolutions, would aim the circumventing of law, jeopardize other persons or their assets, result in a disciplinary offence, simultaneously with the notification the Provider may suspend execution of the instruction while it has not been confirmed or changed by the Customer.
The Provider undertakes to ensure that the persons taking part in the data processing on its behalf (e.g. employees, other kind of contributors, etc.) are under confidentiality obligation set forth by the prevailing rules of law or will commit themselves within the frame of their relationship with the Provider (e.g. employment agreement, engagement agreement, etc.) to proper confidentiality obligations in respect of the processed personal data. Provider shall also make the necessary arrangements that its personnel shall only process personal data as instructed by the Customer.
The Provider will assist the Customer as a data controller in all suitable way to facilitate the performance of the Customer's obligations related to the rights of the data subjects.
The Provider adopted data security technical and organizational measures and procedures that meet the requirements of data security as set out in the regulations of the General Data Protection Regulation and the prevailing Hungarian law related to data management security, in particular, the Provider ensures the security of the data retained. Such technical and organizational measures are enclosed as Annex 4 to this Terms and Conditions.
The Provider will review the technical and organizational measures within reasonable periods in accordance with the current state of technology and the conditions of processing and must execute the necessary technical and organizational measures to ensure the proper level of data security.
The Provider undertakes to inform the Customer and the supervisory authority (Nemzeti Adatvédelmi és Információszabadság Hatóság; address: Hungary, 1125 Budapest, Szilágyi Erzsébet fasor 22/c; telephone: +36 1 391-1400; e-mail: firstname.lastname@example.org; web: https://naih.hu) as soon as possible but no later than 72 hours of all security incidents related to the personal data processed under the service agreement and record actions related to the circumstances of the incident, its effects and the actions taken for incident mitigation.
The Provider shall at the time of termination of the service agreement or upon a request of erasure by the Customer - the earliest date when one of these circumstances occur - erase, destroy both the hard copies and electronic copies of the personal data processed by the Provider under the service agreement unless required by law otherwise and ensure that the sub-processors to whom it has forwarded data hereunder also perform the same.
By concluding the service agreement as defined under Clause I.I of this Terms and Conditions the Customer:
- grants its written consent that the Provider may engage the sub-processors listed in List of Sub-processors (Annex 5) of this Terms and Conditions to take part in the data processing, and
- gives its general authorization to the Provider to engage further sub-processors if necessary or change the sub-processors involved in the data processing with the condition that the Provider must notify the Customer of such changes in prior by providing information on the identity of the new sub-processor and its planned tasks, and should the Customer object against the new sub-processor then Processor may only engage the objected sub-processor upon fulfilment of the Customer's requirements defined in its objection.
The Provider will ensure that all data protection requirements defined in this Terms and Conditions and the service agreement shall also be undertaken and performed by the sub-processors, especially the sub-processors shall give proper guarantees for performing proper organizational and technical measures required to ensure data processing harmonize with the General Data Protection Regulation and the prevailing Hungarian law. Should the sub-processor fail to perform its data protection obligations, then the Provider shall be liable for the performance of those.
Save for the sub-processors listed in List of Sub-processors (Annex 5) Provider shall not forward any of the processed personal data to any other persons, nor shall forward the processed personal data to third countries (countries outside the European Union and EEA).
The Customer is entitled to check the Provider's data processing on the dates mutually agreed upon with the Provider. The Provider shall ensure that the Customer may also exercise this right with the sub-processors after prior consultation. Provider shall supply the Customer with any information that is necessary to verify compliance with the relevant mandatory acts on data protection and contribute to audits, including inspections conducted by the Customer or auditors mandated by the Customer.
The Customer shall be liable as the data controller to perform the legal requirements towards the data subjects affected by the data processing (e.g. obligation to notify, restrict, erase, correct, etc.). Should any request of the data subject be received by the Provider instead of the Customer, then the Provider will as soon as possible forward all requests to the Customer for the purpose to be able to answer those requests.
III. Payment Processing
Paypal Online credit card payments are processed by Paypal system (https://paypal.com). Credit card details will not be sent to the Provider. Data entered on payment processor website will be visible to the Provider. The payments service provider PayPal (Europe) S.à r.l. et Cie, S.C.A. is an institution supervised by the CSSF (Commission de Surveillance du Secteur Financier), its license number is R.C.S. Luxembourg B 118 349.
Barion Online credit card payments are processed by Barion system (https://barion.com). Credit card details will not be sent to the Provider. Data entered on payment processor website will be visible to the Provider. The payments service provider Barion Payment Zrt. is an institution supervised by the Hungarian Central Bank (Magyar Nemzeti Bank), its license number is H-EN-I-1064/2013.
Bitpay Online cryptocurrency payments are processed by Bitpay system (https://bitpay.com). Data entered on payment processor website will be visible to the Provider. The payments service provider BitPay B.V. is an institution supervised by the Dutch Central Bank (De Nederlandsche Bank N.V.) pursuant to Section 23b(1) of the Wwft.
Coingate cryptocurrency payments are processed by Coingate (https://coingate.com). Data entered on payment processor website will be visible to the Provider. The payments service provider UAB "Decentralized" is a company whose activities are subject to the laws of the Republic of Lithuania.
Stripe Online credit card payments are processed by Stripe system (https://stripe.com). Credit card details will be saved to the Provider database. Data entered on payment processor website will be visible to the Provider. The payments service provider Stripe Payments Europe Limited - an institution supervised by the Central Bank of Ireland - for EEA and Stripe Payments UK, Ltd. - the e-money licensed entity with the UK FCA - for United Kingdom and Switzerland.
SEPA transfer payments and Revolut.pay are processed by Revolut Payments UAB/Revolut Bank UAB (https://revolut.com). Transfer details are visible to the Provider. Revolut Bank UAB is a bank incorporated and licensed in the Republic of Lithuania with company number 304580906 and authorisation code LB002119.
HUF (Hungarian Forint) transfer payments are processed by OTP Bank (https://otpbank.hu). Transfer details are visible to the provider. OTP Bank Plc. is licensed by the Hungarian Financial Supervisory Authority (PSZÁF) under operation licence No. 983/1997/F., dated 27 November 1997.
IV. Final provisions
GOVERNING LAWS: The agreement between you (the Customer) and ServerAstra Kft. (the Provider) shall be governed in all aspects by the laws of European Union and Hungary. The parties irrevocably submit to the jurisdiction of Budapest District Court for the IV. and XV. Districts. In case of a mutually agreed requirement the Parties may conclude a joint written agreement to make amendments or modifications to the aforementioned
This GTCs is executed and concluded in English language.
By signing this Agreement, the Contracting Parties affirm that they possess the legal authority to enter into this contract. They confirm that there are no restrictions on their contractual capacity, thereby validating their rights and obligations under this contract.