Acceptable Use Policy

This Acceptable Use Policy (“AUP”) sets out the rules governing use of the systems, networks, equipment, software and services provided by Techfident Limited (“the Company”). It applies to all customers, users, and any person accessing Company-managed infrastructure.

1. Permitted Use

Services and systems provided by the Company may be used only for:

• Legitimate business purposes consistent with the Customer’s agreement with the Company
• Activities that comply with all applicable UK and international laws and regulations
• Communications and data processing that respect the rights of third parties

2. Prohibited Activities

The following activities are strictly prohibited on any system, network or service provided or managed by the Company:

2.1 Illegal Activity

• Any activity that violates UK law, EU law, or the laws of any jurisdiction to which the Customer or their users are subject
• Transmission, storage or distribution of child sexual abuse material (CSAM) or any content that exploits minors
• Facilitating fraud, money laundering, terrorist financing or other financial crime
• Unlicensed distribution or reproduction of copyrighted material

2.2 Security Violations

• Unauthorised access to, or interference with, any computer system, network or data (Computer Misuse Act 1990)
• Deployment of malware, ransomware, spyware, trojans, or any other malicious code
• Port scanning, vulnerability scanning, or probing of networks without express written authorisation
• Denial of service (DoS/DDoS) attacks or participation in botnets
• Interception of data transmissions without lawful authority

2.3 Misuse of Systems

• Sending unsolicited bulk electronic communications (“spam”) in breach of PECR
• Activities that consume excessive system resources and adversely affect other users
• Operating open mail relays or proxies
• Circumventing security controls, authentication mechanisms or usage limits
• Mining cryptocurrency using Company-managed infrastructure without explicit written consent

2.4 Harmful Content

• Storing, transmitting or distributing content that is defamatory, harassing, threatening or abusive
• Content constituting hate speech under the Online Safety Act 2023 or Public Order Act 1986
• Deliberate transmission of content known to be false and likely to cause harm

3. Data Handling Obligations

Customers using Company-managed infrastructure for the storage or processing of personal data must:

• Comply with the UK GDPR and Data Protection Act 2018 at all times
• Notify the Company of any suspected data breach that may affect Company-managed systems within 24 hours
• Enter into a Data Processing Agreement with the Company where required by UK GDPR Article 28
• Not store special category data (as defined by UK GDPR Art. 9) without the Company’s prior written consent and appropriate safeguards

4. Monitoring & Enforcement

The Company reserves the right to monitor traffic and activity on its managed systems for security, compliance and operational purposes, to the extent permitted by law. Where the Company reasonably suspects a breach of this AUP, it may:

• Suspend or restrict access to services immediately without notice
• Investigate the suspected breach and request the Customer’s cooperation
• Terminate the Contract in accordance with its terms
• Report criminal activity to the police, National Cyber Security Centre (NCSC) or other relevant authorities

5. Customer Responsibility

Customers are responsible for ensuring that all end users of their systems comply with this AUP. The Customer shall indemnify the Company against all losses, costs, damages and expenses arising from the Customer’s or its users’ breach of this AUP.

6. Reporting Abuse

To report suspected abuse of Company systems or services, contact: security@techfident.co.uk or hello@techfident.co.uk.

7. Changes to This Policy

This AUP may be updated at any time. Continued use of Company services following notification of changes constitutes acceptance of the revised AUP.