Acceptable Use Policy

Effective date: February 4, 2026

This Acceptable Use Policy (“AUP”) governs use of redu.cloud, a public cloud infrastructure service operated by Redu Cloud Ltd (Company No. 17013438, registered office: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ) (“we”, “us”, “our”). This AUP is incorporated by reference into our Terms of Service.

You agree to comply with this AUP when accessing or using the Services. Failure to comply may result in restriction, suspension, or termination of Services, and we may report illegal activity to law enforcement where required.

1. General Principles

You must use the Services responsibly and in compliance with applicable laws, regulations, and industry standards. You are responsible for all activity originating from your account, projects, users, and resources, including actions by anyone you authorize.

2. Prohibited Activities

The following activities are strictly prohibited:

  • Illegal activities: Hosting, transmitting, distributing, or facilitating content or activity that violates applicable laws or regulations, including intellectual property infringement, unlawful personal data processing, or content that is illegal in the relevant jurisdiction.
  • Fraud, deception, and scams: Phishing, social engineering, impersonation, fake login pages, scam operations, card testing, credential stuffing, ad/click fraud, affiliate fraud, or services designed to deceive or unlawfully obtain funds, credentials, or personal data.
  • Malware & exploitation: Creating, distributing, or operating malware, botnets, ransomware, spyware, keyloggers, droppers, cryptojacking scripts, exploit kits/frameworks, or running “command and control” infrastructure.
  • Unauthorized access: Attempting to gain unauthorized access to systems, networks, accounts, or data; bypassing authentication; or probing for vulnerabilities without authorization.
  • Network abuse & disruption: Distributed denial-of-service (DDoS) attacks, traffic flooding, spoofing, reflection/amplification, port scanning that targets third parties without authorization, or any activity that disrupts the integrity or performance of the Services or networks of others.
  • Spam & unsolicited messaging: Sending bulk or unsolicited email/messages; operating open relays or spam services; or any activity that materially increases abuse complaints or blocklisting risk.
  • Abuse of resources / evasion: Activities intended to evade usage limits, quotas, billing mechanisms, promotional credits, identity checks, or to create multiple accounts to circumvent restrictions.
  • Cryptocurrency mining: Mining cryptocurrencies or operating mining pools without explicit written permission from us (we may permit it only in limited cases and may revoke permission).
  • Harm to minors: Content or activity that exploits or harms minors (including CSAM). We have zero tolerance and will take immediate action and report as required by law.
  • Regulated or high-risk activities without approval: Using the Services to offer regulated financial services, gambling, or other regulated activities unless you can demonstrate you hold all required licenses and you have our prior written approval (where applicable).
  • Interference & abuse of platform security: Interfering with security controls, abusing APIs, attempting to compromise the Platform, or reverse engineering platform components beyond what mandatory law permits.
  • Illegal content distribution: Hosting or distributing content that is clearly illegal (for example, non-consensual intimate content, stolen personal data dumps). We also prohibit providing services primarily intended to facilitate cybercrime.

3. Security Responsibilities

You are responsible for securing your applications, operating systems, access credentials, and data. This includes implementing reasonable safeguards such as firewalls, least-privilege access controls, secure key management, encryption where appropriate, and timely patching.

3.1 Vulnerability testing and security research

You may not perform penetration testing, vulnerability scanning, or security research against the Platform or other customers without our prior written permission. If you discover a vulnerability, please report it responsibly to office@redu.cloud.

4. Monitoring, Abuse Prevention & Enforcement

We may review usage patterns, metadata, and traffic signals to maintain platform security, prevent abuse, and enforce this AUP. Any monitoring is performed in accordance with our Privacy Policy.

We may take action we reasonably consider necessary to protect the Services, customers, and third parties, including rate limiting, blocking, quarantining, disabling public access, suspending resources, or terminating accounts.

4.1 Notice and urgency

Where practical, we may provide notice and an opportunity to remedy. However, we may take immediate action without prior notice if we reasonably believe (a) there is ongoing abuse, (b) there is a security risk, (c) continued operation could cause harm, (d) we must comply with law, or (e) it creates payment, chargeback, fraud, or compliance risk.

5. Incident Response & Cooperation

In the event of suspected abuse or security incidents, you agree to cooperate with reasonable requests for information and remediation, including taking corrective actions (e.g., patching, rotating keys, disabling compromised services). Failure to cooperate may result in additional enforcement actions.

6. Reporting Abuse

If you become aware of abuse, security vulnerabilities, or policy violations, please report them to office@redu.cloud.

7. Changes to this Policy

We may update this AUP from time to time. Changes will be posted on this page with an updated effective date. Continued use of the Services after the effective date constitutes acceptance of the updated AUP.

8. Relationship to Other Policies

This AUP should be read together with our Terms of Service and Privacy Policy. In the event of a conflict, the Terms of Service shall prevail.

9. Additional business verification (risk-based)

To protect the Platform and reduce fraud/chargeback risk, we may apply risk-based checks before enabling payments or lifting certain limits (for example: requiring a valid payment method, basic business details for invoicing, confirmation of domain email, or additional verification for high-risk use cases). We will request only what is reasonably necessary in the circumstances.

10. Restricted industries (examples)

The Services are not intended for certain high-risk uses. We may restrict, refuse, or require prior written approval for use cases that create elevated legal, fraud, or safety risk, including (non-exhaustive examples):

  • Illegal drugs marketplaces or facilitation of illegal drug distribution
  • Unlicensed gambling operations
  • Unlicensed financial services or “get rich quick” scams
  • Adult content businesses that materially increase fraud/chargeback risk
  • Any service primarily designed to facilitate cybercrime