• +44 (0) 191 825 0808
  • contact@aoitnetworks.com
Contact us

Acceptable Use Policy

AOIT Networks Ltd – Acceptable Use Policy

Effective Date: January 2026
Version: 1.0

1. Introduction

This Acceptable Use Policy (“AUP”) defines the acceptable and prohibited uses of services provided by AOIT Networks Ltd (“AOIT”, “we”, “us”, or “our”) to our partners and their authorized users. This AUP forms part of the Master Services Agreement between AOIT and the Partner.

By using AOIT’s services, you agree to comply with this AUP. Violations of this AUP may result in suspension or termination of services as outlined in Section 7.

1.1 Purpose

This AUP is designed to:

  • Protect AOIT’s network, systems, and infrastructure from abuse
  • Protect other AOIT partners from harmful activities
  • Comply with legal and regulatory requirements
  • Maintain the security, reliability, and performance of AOIT’s services
  • Establish clear expectations for appropriate use of services

1.2 Scope

This AUP applies to:

  • All services provided by AOIT under the Master Services Agreement
  • All users authorized by the Partner to use AOIT’s services
  • All devices, systems, and networks managed or monitored by AOIT
  • All data transmitted through or stored on AOIT’s infrastructure
  • All use of AOIT’s support services, portals, and communication channels

1.3 Changes to This Policy

AOIT may update this AUP from time to time to reflect changes in technology, legal requirements, or security best practices. Material changes will be communicated at least 30 days in advance via email and posted to www.aoitnetworks.com/acceptable-use-policy. Continued use of services after changes take effect constitutes acceptance of the updated AUP.

2. General Acceptable Use

2.1 Permitted Uses

AOIT’s services are provided for lawful business purposes only. Permitted uses include:

Business Operations:

  • Conducting normal business operations and communications
  • Accessing and sharing business information and documents
  • Communicating with employees, customers, suppliers, and business partners
  • Managing business applications and workflows
  • Storing and processing business data
  • Collaborating on business projects and initiatives

Reasonable Personal Use:

  • Limited personal use of email and internet during breaks or outside business hours
  • Brief personal communications (email, messaging) that do not interfere with work
  • Personal research or learning related to professional development
  • Reasonable use that does not consume significant resources or pose security risks

Authorized Technical Activities:

  • Legitimate security testing or penetration testing with AOIT’s prior written approval
  • Authorized system administration and maintenance activities
  • Approved development and testing activities
  • Network diagnostics and troubleshooting with AOIT guidance

2.2 Partner Responsibilities

The Partner is responsible for:

User Management:

  • Ensuring all users authorized to use AOIT’s services are legitimate employees, contractors, or authorized representatives
  • Providing accurate and current contact information for all users
  • Promptly notifying AOIT when users leave the organization or no longer require access
  • Implementing appropriate user access controls and permissions
  • Training users on this AUP and enforcing compliance

Security Practices:

  • Maintaining strong passwords and protecting credentials
  • Not sharing user accounts or credentials with others
  • Enabling multi-factor authentication where required or recommended by AOIT
  • Promptly reporting suspected security incidents or policy violations
  • Following AOIT’s security recommendations and best practices
  • Protecting devices with appropriate security controls (antivirus, firewalls, encryption)

Data Management:

  • Ensuring data stored or processed using AOIT’s services is lawfully obtained and used
  • Complying with data protection laws and regulations (GDPR, DPA 2018, etc.)
  • Maintaining appropriate backups and not relying solely on AOIT’s backup services
  • Classifying sensitive data appropriately and applying appropriate protections
  • Not storing illegal, harmful, or inappropriate content on AOIT’s systems

Monitoring and Compliance:

  • Monitoring user activities for compliance with this AUP
  • Investigating and addressing policy violations promptly
  • Cooperating with AOIT in investigations of suspected violations
  • Taking corrective action when users violate this AUP

Resource Usage:

  • Using resources reasonably and not engaging in activities that consume excessive bandwidth, storage, or computing resources
  • Monitoring resource usage and responding to AOIT notifications about excessive usage
  • Planning for capacity needs and communicating requirements to AOIT in advance

3. Prohibited Activities

The following activities are strictly prohibited when using AOIT’s services. This list is not exhaustive, and AOIT reserves the right to determine whether activities not explicitly listed violate the spirit and intent of this AUP.

3.1 Illegal Activities

Absolutely Prohibited:

  • Any activity that violates UK law, EU law, or the laws of any applicable jurisdiction
  • Fraud, theft, embezzlement, or misappropriation of funds or property
  • Money laundering or terrorist financing
  • Distribution, possession, or production of child sexual abuse material (CSAM)
  • Human trafficking or exploitation
  • Drug trafficking or illegal sale of controlled substances
  • Illegal gambling or gaming operations
  • Copyright infringement, piracy, or distribution of counterfeit goods
  • Identity theft or impersonation of others for fraudulent purposes
  • Market manipulation, insider trading, or securities fraud
  • Tax evasion or filing false tax returns
  • Bribery, corruption, or illegal kickbacks
  • Stalking, harassment, or threats of violence
  • Any activity that assists or facilitates illegal activities

3.2 Security Violations and Network Abuse

Prohibited Security Activities:

  • Attempting to gain unauthorized access to AOIT’s systems, networks, or other partners’ systems
  • Attempting to bypass, disable, or circumvent security controls, authentication mechanisms, or monitoring systems
  • Port scanning, vulnerability scanning, or penetration testing without AOIT’s prior written approval
  • Intercepting, monitoring, or analyzing network traffic without authorization
  • Packet sniffing, eavesdropping, or wiretapping
  • Exploiting security vulnerabilities in systems or applications
  • Distributing or using hacking tools, exploit code, or malicious software
  • Password cracking, brute force attacks, or credential stuffing
  • Social engineering attacks against AOIT staff or other partners
  • Attempting to disrupt or interfere with AOIT’s services or other partners’ use of services

Prohibited Network Activities:

  • Launching denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks
  • Flooding networks with excessive traffic to degrade performance
  • Engaging in activities that consume excessive bandwidth or resources
  • Operating botnets or command-and-control infrastructure
  • Cryptocurrency mining using AOIT’s infrastructure (unless explicitly authorized)
  • Running unauthorized servers or services that violate AOIT’s infrastructure policies
  • Using AOIT’s network as a relay or proxy for malicious activities
  • Spoofing IP addresses, MAC addresses, or other network identifiers
  • Broadcasting unsolicited packets or engaging in network flooding
  • Operating open proxies, open relays, or other services exploitable by third parties

3.3 Malicious Software and Content

Prohibited:

  • Creating, distributing, or hosting malware, viruses, worms, trojans, ransomware, spyware, or any malicious code
  • Hosting or distributing exploit kits or malicious code repositories
  • Operating command-and-control servers for malware or botnets
  • Distributing tools designed to compromise security or facilitate unauthorized access
  • Hosting or distributing rootkits, keyloggers, or other surveillance software
  • Creating or distributing phishing websites, fake login pages, or credential harvesting tools
  • Hosting or distributing pirated software, cracked applications, or key generators
  • Distributing adware, potentially unwanted programs (PUPs), or deceptive software
  • Intentionally introducing viruses, malware, or harmful code into AOIT’s systems

3.4 Spam and Unsolicited Communications

Prohibited Email Activities:

  • Sending unsolicited bulk email (spam) or unsolicited commercial email
  • Operating email lists without proper opt-in consent from recipients
  • Purchasing or using purchased email lists without verified opt-in consent
  • Sending emails with deceptive subject lines or forged headers
  • Email address harvesting or scraping without permission
  • Operating email bombing or mailbombing attacks
  • Relaying spam through AOIT’s mail servers or infrastructure
  • Using AOIT’s email services to promote illegal products or services
  • Sending phishing emails or emails designed to harvest credentials
  • Using distribution lists to send unsolicited messages to large groups

Prohibited Messaging Activities:

  • Sending unsolicited bulk messages via SMS, instant messaging, or social media
  • Using AOIT’s services to operate spam or telemarketing campaigns
  • Automated posting or spamming on forums, comment sections, or social media
  • Operating click farms, fake accounts, or engagement manipulation services

3.5 Intellectual Property Violations

Prohibited:

  • Copyright infringement, including uploading, downloading, or sharing copyrighted content without authorization
  • Operating file-sharing services primarily used for copyright infringement (torrents, piracy sites)
  • Hosting or distributing pirated movies, music, software, books, or other copyrighted materials
  • Trademark infringement or passing off goods or services as those of another party
  • Distributing counterfeit goods or products
  • Patent infringement through unauthorized manufacturing or distribution
  • Trade secret misappropriation or industrial espionage
  • Removing, altering, or obscuring copyright notices or digital rights management (DRM) systems
  • Creating or distributing tools designed to circumvent DRM or copy protection

3.6 Harmful or Offensive Content

Prohibited Content:

  • Child sexual abuse material (CSAM) or content sexualizing minors in any way
  • Content promoting, glorifying, or facilitating terrorism or violent extremism
  • Content inciting violence, hatred, or discrimination based on race, ethnicity, religion, gender, sexual orientation, disability, or other protected characteristics
  • Graphic violence, gore, or extreme brutality content
  • Content promoting self-harm, suicide, or eating disorders
  • Doxing (publishing private personal information without consent with intent to harm)
  • Revenge pornography or non-consensual intimate images
  • Content facilitating or promoting human trafficking or exploitation
  • Hate speech or content designed to harass, threaten, or intimidate individuals or groups
  • Defamatory or libelous content intended to harm reputation
  • Content promoting or facilitating illegal activities

Note: This section applies to content stored on or transmitted through AOIT’s infrastructure. AOIT does not proactively monitor content but will investigate reported violations.

3.7 Privacy Violations and Data Misuse

Prohibited:

  • Unauthorized collection, use, or disclosure of personal data
  • Violating data protection laws (GDPR, DPA 2018, PECR, etc.)
  • Operating services that collect personal data without appropriate legal basis or consent
  • Failing to provide required privacy notices or disclosures
  • Failing to honor data subject rights (access, deletion, portability, etc.)
  • Selling or sharing personal data without appropriate legal basis
  • Using AOIT’s services to operate surveillance or monitoring without consent
  • Installing spyware, stalkerware, or monitoring software without consent
  • Operating services designed to track individuals without consent
  • Unauthorized access to others’ email, files, or communications

3.8 Fraudulent or Deceptive Practices

Prohibited:

  • Operating phishing websites or services designed to deceive users
  • Creating fake websites impersonating legitimate organizations
  • Operating investment scams, pyramid schemes, or Ponzi schemes
  • Operating advance-fee fraud schemes (419 scams, lottery scams, etc.)
  • Operating fake e-commerce sites or fraudulent online marketplaces
  • Engaging in credit card fraud, payment fraud, or chargeback fraud
  • Operating tech support scams or fraudulent technical support services
  • Creating or distributing misleading or deceptive advertisements
  • Operating fake review sites or manipulating online reviews
  • Impersonating individuals, organizations, or AOIT staff

3.9 Resource Abuse

Prohibited:

  • Cryptocurrency mining using AOIT’s infrastructure (unless explicitly authorized in writing)
  • Operating services that consume excessive CPU, memory, storage, or bandwidth beyond allocated limits
  • Using AOIT’s services for purposes other than those agreed upon in the service agreement
  • Reselling AOIT’s services without authorization
  • Operating competing managed service provider (MSP) services using AOIT’s infrastructure
  • Using services to provide services to third parties without AOIT’s knowledge and consent
  • Operating high-volume services (video streaming, file hosting, gaming servers) without appropriate service tier
  • Using backup or disaster recovery services for archival or long-term storage beyond intended use

3.10 Interference with Services

Prohibited:

  • Intentionally disrupting or degrading AOIT’s services or other partners’ use of services
  • Attempting to gain access to other partners’ data, systems, or accounts
  • Interfering with AOIT’s monitoring, management, or security systems
  • Disabling or tampering with security software, agents, or monitoring tools installed by AOIT
  • Modifying or interfering with AOIT-managed infrastructure without authorization
  • Making unauthorized changes to firewalls, routers, switches, or network configurations
  • Removing or disabling AOIT’s management agents or remote access tools
  • Refusing to cooperate with AOIT’s security investigations or incident response
  • Providing false or misleading information to AOIT staff

4. Email and Communication Policies

4.1 Email Usage

Acceptable Email Use:

  • Business communications with employees, customers, suppliers, and partners
  • Subscribing to business-related newsletters, industry updates, and professional content
  • Reasonable personal email use that does not interfere with work
  • Legitimate marketing campaigns with proper opt-in consent and unsubscribe mechanisms

Prohibited Email Practices:

  • Sending spam or unsolicited bulk email (see Section 3.4)
  • Using purchased email lists without verified double opt-in consent
  • Sending emails with forged sender addresses or misleading headers
  • Email bombing or flooding individual inboxes
  • Using email to distribute malware or phishing links
  • Sending threatening, harassing, or abusive emails
  • Excessive personal email use that impacts productivity or consumes significant resources

Email List Management: If operating email marketing campaigns:

  • Maintain proper opt-in consent records for all recipients
  • Provide clear and easy unsubscribe mechanisms in all marketing emails
  • Honor unsubscribe requests within 10 business days (as required by PECR)
  • Do not purchase email lists unless you can verify double opt-in consent
  • Include accurate sender information and physical mailing address in commercial emails
  • Monitor complaint rates and bounce rates; high rates may indicate list quality issues
  • Comply with all applicable email marketing laws (PECR, GDPR, CAN-SPAM if applicable)

4.2 Internet and Web Usage

Acceptable Internet Use:

  • Business research and information gathering
  • Accessing business applications and cloud services
  • Professional development and online learning
  • Reasonable personal browsing during breaks or outside business hours

Prohibited Internet Activities:

  • Accessing illegal content (child abuse material, illegal drugs, pirated content, etc.)
  • Visiting websites known to host malware or engage in phishing
  • Streaming high-bandwidth content (video, music) excessively during business hours
  • Using AOIT’s network for torrenting or peer-to-peer file sharing
  • Accessing content that violates this AUP (see Section 3.6)
  • Bypassing web filtering or security controls implemented by AOIT
  • Using proxies or VPNs to circumvent monitoring or content filtering (except authorized business VPNs)

4.3 Telecommunications Usage

Acceptable VoIP and Phone Use:

  • Business calls to customers, suppliers, and partners
  • Internal communications between employees
  • Reasonable personal calls that do not interfere with work or consume excessive resources

Prohibited Telecommunications Activities:

  • Using AOIT’s phone systems for illegal activities (threatening calls, harassment, fraud)
  • Operating telemarketing or robocalling services without proper authorization and compliance
  • Making excessive personal calls, especially international calls, at the Partner’s expense
  • Call flooding, phone bombing, or denial-of-service attacks against phone systems
  • Using AOIT’s telecommunications services for purposes not agreed upon in the service agreement

5. Data Security and Protection

5.1 Data Classification and Handling

Partners are responsible for classifying their data and applying appropriate protections:

Public Data:

  • Information intended for public disclosure
  • No special protections required
  • Can be shared freely

Internal Data:

  • Information for internal use within the organization
  • Should not be shared externally without authorization
  • Standard security controls apply

Confidential Data:

  • Sensitive business information, trade secrets, proprietary data
  • Limited access on need-to-know basis
  • Additional security controls required
  • Encryption recommended for transmission and storage

Restricted Data:

  • Personal data, financial information, health information, legal documents
  • Strict access controls required
  • Encryption required for transmission and storage
  • Must comply with relevant regulations (GDPR, PCI DSS, etc.)

5.2 Data Protection Requirements

Partners Must:

  • Comply with all applicable data protection laws and regulations
  • Maintain appropriate technical and organizational measures to protect personal data
  • Only process personal data for lawful purposes with appropriate legal basis
  • Provide privacy notices to data subjects as required
  • Honor data subject rights (access, rectification, deletion, etc.)
  • Report data breaches to AOIT and relevant authorities as required
  • Not store excessive personal data or retain data longer than necessary
  • Implement appropriate access controls and user permissions
  • Use encryption for sensitive data in transit and at rest where appropriate

Partners Must Not:

  • Store or process illegal data using AOIT’s services
  • Store special category personal data (health, biometric, genetic, etc.) without appropriate safeguards
  • Share personal data with unauthorized third parties
  • Transfer personal data outside UK/EEA without appropriate safeguards
  • Process personal data in ways incompatible with data protection laws

5.3 Password and Authentication Security

Password Requirements:

  • Use strong, unique passwords for all accounts (minimum 12 characters, mix of character types)
  • Never share passwords with others
  • Never write down passwords in unsecured locations
  • Change passwords immediately if compromise is suspected
  • Use password managers to generate and store strong passwords
  • Enable multi-factor authentication (MFA) where available or required

Prohibited Password Practices:

  • Sharing accounts or credentials with others
  • Using the same password across multiple systems or services
  • Writing passwords in plain text emails, documents, or messaging systems
  • Storing passwords in browsers on shared computers
  • Using easily guessable passwords (names, dates, dictionary words)
  • Disabling or bypassing MFA without authorization

5.4 Device Security

Required Device Security Practices:

  • Install and maintain up-to-date antivirus/anti-malware software
  • Keep operating systems and applications updated with latest security patches
  • Enable firewalls on all devices
  • Use full disk encryption on laptops and mobile devices
  • Lock screens when devices are unattended
  • Do not disable security software or agents installed by AOIT
  • Report lost or stolen devices immediately to AOIT and employer
  • Do not connect unauthorized devices to AOIT-managed networks without approval

Prohibited Device Practices:

  • Disabling antivirus, firewall, or security software
  • Connecting infected or compromised devices to AOIT-managed networks
  • Using personal devices for business purposes without approval (BYOD policy)
  • Jailbreaking or rooting mobile devices used for business purposes
  • Installing unauthorized or pirated software on business devices
  • Connecting to untrusted or public Wi-Fi networks without VPN protection

6. Monitoring and Privacy

6.1 AOIT’s Monitoring Rights

AOIT reserves the right to monitor use of its services to:

  • Ensure compliance with this AUP
  • Protect the security and performance of AOIT’s network and systems
  • Investigate suspected policy violations or security incidents
  • Comply with legal obligations or law enforcement requests
  • Troubleshoot technical issues and optimize performance
  • Generate usage statistics and analytics

What May Be Monitored:

  • Network traffic patterns and bandwidth usage
  • System logs and access logs
  • Security events and alerts
  • Email headers and metadata (not content without justification)
  • Internet usage patterns (websites visited, protocols used)
  • Application usage and performance metrics
  • Backup success/failure rates and data volumes
  • Resource utilization (CPU, memory, disk, bandwidth)

Content Monitoring: AOIT does not proactively monitor the content of emails, files, or communications except:

  • When investigating specific security incidents or policy violations
  • When required by law or court order
  • When automated security scanning detects potential threats (malware, phishing)
  • With prior notice when troubleshooting specific technical issues

6.2 Partner’s Privacy Obligations

Partners are responsible for:

  • Providing appropriate privacy notices to users about AOIT’s monitoring
  • Ensuring users consent to monitoring where required by law
  • Maintaining privacy of user communications in accordance with UK law
  • Not using AOIT’s systems to conduct unauthorized surveillance of employees
  • Complying with employment law regarding monitoring of employee communications

6.3 Data Retention

AOIT retains certain data for security, troubleshooting, and legal compliance purposes:

  • System logs: Typically 90 days to 12 months
  • Email logs and metadata: Typically 90 days
  • Security event logs: Up to 12 months
  • Backup data: According to agreed retention policy
  • Billing and account records: 6 years (UK legal requirement)

7. Enforcement and Consequences

7.1 Violation Investigation

When AOIT becomes aware of potential AUP violations (through monitoring, reports, complaints, or other means), AOIT will:

  1. Initial Assessment:
    • Gather information about the suspected violation
    • Assess severity and immediate risk
    • Determine if immediate action is required to protect systems or other partners
  2. Partner Notification:
    • Contact the Partner to notify them of the suspected violation
    • Provide details of the activity in question
    • Request explanation or clarification
    • Allow reasonable time for Partner to investigate and respond (typically 24-48 hours for serious violations)
  3. Investigation:
    • Work with the Partner to investigate the violation
    • Gather additional information if needed
    • Determine whether violation occurred and severity
    • Identify root cause and responsible party
  4. Resolution:
    • Determine appropriate response based on severity, intent, and Partner cooperation
    • Document findings and actions taken
    • Implement corrective measures
    • Monitor for recurrence

7.2 Consequences of Violations

Consequences for AUP violations depend on the severity of the violation, whether it was intentional, whether it’s a repeat violation, and the Partner’s cooperation in resolving the issue.

Minor or First-Time Violations:

  • Warning notice sent to Partner
  • Request for immediate cessation of violating activity
  • Guidance on how to prevent recurrence
  • Monitoring for compliance
  • No service suspension if promptly corrected

Moderate Violations or Repeat Violations:

  • Formal notice of violation
  • Requirement for corrective action plan within specific timeframe
  • Temporary suspension of specific capabilities (e.g., email sending, internet access) until resolved
  • More frequent monitoring or reporting requirements
  • Warning that further violations may result in service suspension

Serious Violations:

  • Immediate suspension of affected services or accounts
  • Formal notice of violation and required corrective actions
  • Mandatory meeting with AOIT management to discuss resolution
  • Service restoration contingent on implementing corrective measures
  • Possible requirement for additional security controls or monitoring
  • Possible termination of service agreement if not resolved

Severe Violations or Criminal Activity:

  • Immediate suspension of all services
  • Preservation of evidence for potential legal proceedings
  • Notification to law enforcement if activity is illegal
  • Termination of Master Services Agreement
  • No refunds for prepaid services
  • Partner remains liable for all fees through end of contract term
  • Possible legal action for damages to AOIT or other partners

Examples by Category:

Minor Violations:

  • Single instance of excessive personal email use
  • Accidental sending of email to large distribution list
  • Brief periods of excessive bandwidth usage
  • Minor configuration changes without AOIT approval

Moderate Violations:

  • Repeated excessive personal internet use after warning
  • Operating unauthorized services on AOIT-managed infrastructure
  • Repeated failure to patch systems despite AOIT recommendations
  • Multiple instances of poor password practices

Serious Violations:

  • Sending spam or bulk unsolicited email
  • Attempting to access other partners’ systems or data
  • Intentionally circumventing security controls
  • Storing illegal content on AOIT’s systems
  • Operating services in violation of Section 3.9 (resource abuse)

Severe Violations:

  • Child sexual abuse material (CSAM)
  • Launching attacks against other systems or networks
  • Hosting malware or command-and-control servers
  • Major security incidents caused by negligence
  • Fraud, theft, or other criminal activity
  • Repeated serious violations after multiple warnings

7.3 Suspension and Termination

Temporary Suspension:

  • AOIT may suspend services immediately without prior notice if:
    • Activity poses immediate risk to AOIT’s systems, network, or other partners
    • Activity is illegal or violates Section 3.1
    • Activity constitutes a serious or severe violation as described above
    • Partner fails to respond to violation notices within required timeframe
    • Continuation of service would expose AOIT to legal liability
  • During suspension:
    • Partner is notified immediately of suspension and reason
    • Access to services is blocked or restricted
    • Data remains accessible to Partner for retrieval (unless illegal content)
    • Partner continues to be billed for suspended services
    • Service is restored only after violation is resolved and corrective measures implemented

Service Termination:

  • AOIT may terminate services if:
    • Severe violations as described in Section 7.2
    • Partner fails to remedy serious violations within required timeframe
    • Repeated violations despite warnings and corrective actions
    • Partner refuses to cooperate with investigations
    • Partner provides false information during investigations
    • Relationship becomes untenable due to continued policy violations
  • Upon termination:
    • All services are immediately discontinued
    • Partner must immediately cease all use of AOIT’s services
    • Data is made available for Partner to retrieve for up to 30 days
    • Partner is responsible for all fees through end of contract term per Master Services Agreement
    • No refunds for prepaid services
    • Partner remains liable for any damages caused to AOIT or other partners

7.4 Appeals Process

If a Partner disagrees with AOIT’s determination of an AUP violation or the consequences imposed:

  1. Submit Appeal:
    • Email support@aoitnetworks.com with “AUP VIOLATION APPEAL” in subject line within 5 Business Days of receiving violation notice
    • Include detailed explanation of why Partner believes determination is incorrect
    • Provide any supporting evidence or documentation
  2. Review:
    • Appeal reviewed by AOIT management (person not involved in initial decision)
    • Additional investigation conducted if warranted
    • Decision made within 10 Business Days
  3. Final Decision:
    • Partner notified of appeal decision in writing
    • Decision includes explanation of reasoning
    • If appeal is successful, services restored and records updated
    • If appeal is denied, original decision stands
    • AOIT’s decision on appeal is final

Note: Appeals do not suspend enforcement actions. If services have been suspended, they remain suspended during the appeals process unless AOIT determines otherwise.

8. Reporting Violations

8.1 How to Report Violations

If you become aware of activities that violate this AUP, please report them promptly to AOIT:

Email: abuse@aoitnetworks.com (monitored 24/7)
Phone: 0191 825 0808 (business hours: 08:00-17:00 Mon-Fri)
Emergency: For critical security issues outside business hours, call 0191 825 0808 and select option for emergency support

What to Include in Reports:

  • Your contact information (name, organization, email, phone)
  • Detailed description of the violation or suspicious activity
  • Date and time of observed activity
  • Any relevant evidence (email headers, screenshots, logs, etc.)
  • How the activity affects you or your organization
  • Any other relevant information

8.2 AOIT’s Response to Reports

Upon receiving a report:

  • AOIT will acknowledge receipt within 1 Business Day (or immediately for critical security issues)
  • AOIT will investigate the report and determine appropriate action
  • AOIT will keep reporters informed of general status (while protecting confidential details)
  • AOIT will take appropriate action if violation is confirmed

Confidentiality: Reporter information will be kept confidential to the extent possible under the circumstances. However, AOIT may need to disclose reporter information to law enforcement or if required by legal process.

8.3 False Reports

Submitting false reports or deliberately wasting AOIT’s time with frivolous complaints may itself be considered a violation of this AUP and may result in consequences as outlined in Section 7.

9. Legal and Regulatory Compliance

9.1 Applicable Laws

Partners must comply with all applicable laws and regulations, including but not limited to:

UK and EU Laws:

  • Computer Misuse Act 1990
  • Data Protection Act 2018
  • UK General Data Protection Regulation (UK GDPR)
  • Privacy and Electronic Communications Regulations (PECR)
  • Copyright, Designs and Patents Act 1988
  • Fraud Act 2006
  • Serious Crime Act 2007
  • Terrorism Act 2000 and subsequent amendments
  • Investigatory Powers Act 2016
  • Online Safety Act 2023
  • Human Rights Act 1998
  • Equality Act 2010

Industry Regulations (if applicable):

  • Payment Card Industry Data Security Standard (PCI DSS)
  • Financial Conduct Authority (FCA) regulations
  • Information Commissioner’s Office (ICO) guidance
  • National Cyber Security Centre (NCSC) guidance
  • Industry-specific regulations applicable to Partner’s business

9.2 Law Enforcement Cooperation

AOIT cooperates with law enforcement and regulatory authorities as required by law. This may include:

  • Responding to lawful requests for information or data
  • Reporting illegal activity to appropriate authorities
  • Preserving evidence at the request of law enforcement
  • Testifying in legal proceedings if required
  • Providing technical assistance with investigations

AOIT will notify Partners of law enforcement requests unless:

  • Notification is prohibited by law or court order
  • Notification would impede a criminal investigation
  • Immediate action is required to prevent harm

9.3 Legal Process

If AOIT receives legal process (subpoena, warrant, court order) related to a Partner’s use of services:

  • AOIT will review the legal process for validity and scope
  • AOIT will notify the Partner unless prohibited by law
  • AOIT will provide only information specifically required by the legal process
  • AOIT will object to overly broad or improper requests where appropriate
  • Partner has the right to challenge legal process in court (AOIT is not responsible for Partner’s legal costs)

10. General Provisions

10.1 Relationship to Other Agreements

This AUP is incorporated into and forms part of the Master Services Agreement between AOIT and the Partner. In the event of conflict between this AUP and the Master Services Agreement, the Master Services Agreement controls except where this AUP is more specific.

10.2 No Waiver

AOIT’s failure to enforce any provision of this AUP in a particular instance does not constitute a waiver of that provision or AOIT’s right to enforce it in the future. AOIT reserves the right to enforce this AUP selectively in its discretion.

10.3 Severability

If any provision of this AUP is found to be invalid, illegal, or unenforceable, the remaining provisions will continue in full force and effect. The invalid provision will be modified to the minimum extent necessary to make it valid and enforceable while preserving its intent.

10.4 Entire Agreement

This AUP, together with the Master Services Agreement and other referenced policies, constitutes the entire agreement regarding acceptable use of AOIT’s services and supersedes all prior understandings or agreements regarding acceptable use.

10.5 Governing Law

This AUP is governed by the laws of England and Wales. Any disputes arising from this AUP will be subject to the exclusive jurisdiction of the courts of England and Wales.

10.6 Contact Information

For questions about this AUP or to report violations:

General Inquiries:
Email: support@aoitnetworks.com
Phone: 0191 825 0808

Abuse Reports:
Email: abuse@aoitnetworks.com

Mailing Address:
AOIT Networks Ltd
Jarrow Business Centre
Rolling Mill Road
Jarrow, Tyne and Wear
NE32 3DT
United Kingdom

Company Information:
Company Number: 10450071
VAT Number: GB 253 424 912