Acceptable Use Policy

1. Introduction.

This document sets forth the principles, guidelines and requirements of the Acceptable Use Policy of ContractDesk, Inc. and its direct and indirect wholly-owned subsidiaries (collectively and individually, the "Company") governing the use by the customer ("Customer") of the Company's services and products ("Services and Products"). The Acceptable Use Policy has been created to promote the integrity, security, reliability and privacy of Company's Web Site Management Facility, network, and Customer data contained within. Company retains the right to modify the Acceptable Use Policy at any time and any such modification shall be automatically effective as to all customers when adopted by the Company.

     
Questions or comments regarding the Acceptable Use Policy should be forwarded to the
Company via:
E-mail: abuse (at) ContractDesk.com
Telephone: 1.877.TRY.DESK

2. Compliance With Law.

Customer shall not post, transmit, re-transmit or store material on or through any of Services or Products which, in the sole judgment of the Company (i) is in violation of any local, state, federal or non-United States law or regulation, (ii) threatening, obscene, indecent, defamatory or that other-wise could adversely affect any individual, group or entity (collectively, "Persons") or (iii) violates the rights of any person, including rights protected by copyright, trade secret, patent or other intellectual property or similar laws or regulations including, but not limited to, the installation or distribution of "pirated" or other software products that are not appropriately licensed for use by Customer. Customer shall be responsible for determining what laws or regulations are applicable to its use of the Services and Products.

3. Prohibited Uses of Services and Products.

In addition to the other requirements of this Acceptable Use Policy, the Customer may only use the Services and Products in a manner that, in the Company's sole judgment, is consistent with the purposes of such Services and Products. If the Customer is unsure of whether any contemplated use or action is permitted, please contact the Company as provided above. By way of example, and not limitation, uses described below of the Services and Products are expressly prohibited.

Note: If ContractDesk investigates an abuse complaint, and determines at its sole discretion, that Customer is in violation of one or more violations of the Acceptable Use Policy, ContractDesk may charge a fee of no less than US$90 and no more than US$270 for time spent on such investigation. This fee will be charged for each investigation.

     3.1. General.

           3.1.1.    Resale of Services and Products, without the prior written consent of the Company.
           3.1.2.    Deceptive on-line marketing practices.
           3.1.3.    Violations of the rights of any Person protected by copyright, trade secret, patent or other intellectual property or similar laws or regulations, including, but not limited to, the installation or distribution of "pirated" or other software products that are not appropriately licensed for use by Customer.
           3.1.4.    Actions that restrict or inhibit any Person, whether a customer of the Company or otherwise, in its use or enjoyment of any of the Company's Services or Products.

     3.2. System and Network.

           3.2.1.    Introduction of malicious programs into the network or server (e.g., viruses and worms).
           3.2.2.    Effecting security breaches or disruptions of Internet communication. Security breaches include, but are not limited to, accessing data of which the Customer is not an intended recipient or logging into a server or account that the Customer is not expressly authorized to access. For purposes of this Section 3.2.2., "disruption" includes, but is not limited to, port scans, flood pings, packet spoofing and forged routing information.
           3.2.3.    Executing any form of network monitoring which will intercept data not intended for the Customer's server.
           3.2.4.    Circumventing user authentication or security of any host, network or account.
           3.2.5.    Interfering with or denying service to any user other than the Customer's host (for example, denial of service attack).
           3.2.6.    Using any program/script/command, or sending messages of any kind, designed to interfere with, or to disable, a user's terminal session, via any means, locally or via the Internet.
           3.2.7.    Creating an "active" full time connection on a Company-provided dial-up account for Internet access by using artificial means involving software, programming or any other method.
           3.2.8    Utilizing a Company-provided dial-up account for purposes for Internet access other than facilitating connectivity to the Services and Products provided by the Company. This includes copying or creating files utilizing more than 5MB of disk space on the dial-up account servers.
           3.2.9.    Failing to comply with the Company's procedure relating to the activities of customers on the Company's premises.

     3.3. Billing.

           3.3.1.    Furnishing false or incorrect data on the order form, contract or online application, including fraudulent use of credit card numbers.
           3.3.2.    Attempting to circumvent or alter the processes or procedures to measure time, bandwidth utilization, or other methods to document "use" of the Company's Services and Products.

     3.4. Mail.

           3.4.1.    Sending unsolicited mail messages, including the sending of "junk mail" or other advertising material to individuals who did not specifically request such material, who were not previous customers of the Customer or with whom the Customer does not have an existing business relationship ("E-mail spam").
           3.4.2.    Harassment, whether through language, frequency or size of messages.
           3.4.3.    Unauthorized use, or forging, of mail header information.
           3.4.4.    Solicitations of mail for any other E-mail address other than that of the poster's account or service with the intent to harass or to collect replies.
           3.4.5.    Creating or forwarding "chain letters" or other "pyramid schemes" of any type.
           3.4.6.    Use of unsolicited E-mail originating from within the Company's network or networks of other Internet Service Providers on behalf of, or to advertise, any service hosted by the Company, or connected via the Company's network.

     3.5. Usenet Newsgroups.

           3.5.1.    Posting the same or similar messages to large numbers of Usenet newsgroup ("Newsgroup spams").
           3.5.2.    Posting chain letters of any type.
           3.5.3.    Posting encoded binary files to newsgroups not specifically named for that purpose.
           3.5.4.    Cancellation or superseding of posts other than your own.
           3.5.5.    Forging of header information.
           3.5.6.    Solicitations of mail for any other E-mail address other than that of the poster's account or service, with intent to harass or to collect replies.
           3.5.7.    Use of unsolicited E-mail originating from within the Company's network or networks of other Internet Service Providers on behalf of, or to advertise, any service hosted by the Company, or connected via the Company's network.

Please note that the following only apply if the Customer uses the relevant platform and has purchased web site hosting services and/or products.

     3.6. Roles Regarding UNIX Managed Server.

           3.6.1.    Customer may not create/update/delete accounts created and maintained by the Company. Specifically, the Company account may not be altered in any manner nor may any account with a UID of less than 1000 be altered.
           3.6.2.    Customer may not change the partitioning or mount points of any drive.
           3.6.3.    Customer may not create/update/delete any file in the /usr directory tree.
           3.6.4.    Customer may not install Microsoftİ FrontPage Extensions unless updated on the /usr directory tree.
           3.6.5.    Customer may not create .rhosts or /etc/.host.equiv files.
           3.6.6.    Customer may not implement any procedure or process that would allow one to login as root without using the root password. Customer may not create suid scripts or programs.
           3.6.7.    Customer may not alter the system kernel.
           3.6.8.    Customer may not alter the /sys or /etc/system directory trees or any files contained therein.
           3.6.9.    Customer may not apply operating system and application patches to software not installed and solely maintained by the Customer, unless notification is given to the Company.
           3.6.10.    Customer may not change the root shell.
           3.6.11.    Customer may not alter the contents of /.k5login.
           3.6.12.    Customer may not alter /etc/fstab or /etc/vfstab.
           3.6.13.    Customer may not share or export file systems. This includes modifying /etc/exportfs, /etc/dfs/sharetab, and /etc/netgroup.
           3.6.14.    Customer may not modify the decode or root alias in the /etc/aliases file.
           3.6.15.    Customer may not change the 'identity' of the system.
This includes modifying /etc/hosts, /etc/hostname.*,
/etc/defaultrouter, /etc/networks and /etc/ethers.
           3.6.16.    Customer may not modify the system in any manner that restricts or alters access to the system by the Company's employees
           3.6.17.    Customer may acquire root privileges after successful login of a valid non-root userid and using su to gain access as root.
           3.6.18.    Customer may create/update/delete all aspects of Customer created user accounts. This may include modifying home directory permissions, user passwords, etc.
           3.6.19.    Customer may use FTP to create/update/delete files and directories.
           3.6.20.    Customer may add to, but may not modify,
existing data in the following configuration files:
/etc/aliases, /etc/group, /etc/rc.local,
/etc/sendmail.cf file and root crontab.
           3.6.21.    Customer may install software on the server provided the installation meets all of the criteria detailed above, and the Company is notified of such installation.

     3.7. Roles Regarding Windows Managed Server.

           3.7.1    Customer may not create/update/delete accounts created and maintained by the Company. Specifically, Company account may not be altered in any manner.
           3.7.2    Customer may not install software that does not execute as a service.
           3.7.3    Customer may not install software that does not have a remote administration capability.
           3.7.4    Customer may not install applications that do not run within a logon account different from that of the installing user.
           3.7.5.    Customer may not install applications which must be restarted when one user logs off and another user logs on.
           3.7.6.    Customer may not install applications that do not execute when an individual is not logged on to the server.
           3.7.7.    Customer may not modify the network and system settings of the server.
           3.7.8.    Customer may not apply operating system and application patches to software not installed and solely maintained by the Customer, unless notification is given to the Company.
           3.7.9.    Customer may use FTP to create/update/delete files and directories.
           3.7.10.    Customer may create/update/delete all aspects of Customer created user accounts. This includes modifying home directory permissions, user passwords, etc.
           3.7.11.    Customer may start and stop all Windows Services, including the WWW and FTP services.
           3.7.12.    Customer may install software on the server provided the installation meets all of the criteria detailed above, and the Company is notified of such installation.

     3.8 Abuse of bandwidth during a Web Site Management Beta Period will result in termination of applicable network discounts and commencement of billing based upon normal network recurring charges.

4. Abusable Resources.

Upon notification of the existence of an abusable resource, for example, and without limitation, an open newsserver, an unsecured mail relay or a smurf amplifier, Customer shall immediately take all necessary steps to avoid any further abuse of such resource. Any abuse of an open resource that occurs after Customer has received such notification shall be considered a violation of this Acceptable Use Policy and enforced as such.

5. Enforcement.

Company may immediately suspend and/or terminate the Customer's service for violation of any provision of the Acceptable Use Policy upon verbal or written notice, which notice may be provided by voicemail or E-mail. However, the Company attempts to work with the Customer to cure violations of the Acceptable Use Policy and to ensure that there is no re-occurrence of violations prior to suspension and/or termination.

GLOSSARY