SERVICE AGREEMENT (PUBLIC OFFER)

1. GENERAL PROVISIONS

“Service Provider”, “Provider” — IPHOSTER OÜ, registry code 14415348, a company registered in the Republic of Estonia.

“You”, “Client”, “Customer”, “User” — an individual or legal entity that has accepted this offer.

“IPHOSTER brand”, “iphoster.net”, “iphoster.ee” — trade names and domain names/websites through which the Client accesses the Provider’s services. Use of these domains does not constitute a separate legal entity.

Other terms are defined in the Appendices below.

1.2. This Agreement (public offer) governs the provision of services under the “IPHOSTER” brand. The contractual service provider under this Agreement is IPHOSTER OÜ, a company registered in Estonia (registry code 14415348).

1.3. Acceptance of the offer (acceptance) occurs upon registration in the billing system and/or payment of an invoice, and/or actual use of the services. From the moment of acceptance, the Agreement is deemed concluded.

1.4. The use of the domain iphoster.ee constitutes access to services under the “IPHOSTER” brand. All services under this Agreement are provided by IPHOSTER OÜ unless expressly stated otherwise in a separate agreement.

2. SUBJECT MATTER AND SERVICES

2.1. The Provider delivers hosting, reseller hosting, VPS/VDS, dedicated servers, domain registrations, SSL certificates, licences and other related services (the “Services”) as per the Client’s selected plans/orders.

2.2. The composition, scope, parameters and limitations of the Services are defined by the effective tariffs and descriptions published on iphoster.ee and/or in the Client’s invoice.

2.3. Services are rendered remotely, 24/7, except during maintenance windows, incidents and other circumstances provided for in this Agreement.

2.4. The Provider may use infrastructure resources, including but not limited to IP address blocks, hardware equipment, network facilities, data centre services and technical systems, owned or supplied by affiliated or third-party entities under internal agreements. Such arrangements do not create contractual relations between the Client and such entities.

3. RIGHTS AND OBLIGATIONS OF THE PARTIES

3.1. Provider’s Obligations

• Deliver Services of appropriate quality within the ordered/paid parameters.
• Maintain infrastructure operation and monitor equipment performance.
• Notify at least 24 hours in advance of scheduled maintenance (excluding emergencies/force majeure).
• Maintain confidentiality of the Client’s data and correspondence.
• Publish official notices on the website regarding tariffs, maintenance and material changes.
• Not interfere with the Client’s environment unless necessary, except in cases of security threats/abuse incidents/lawful requests.

3.2. Client’s Obligations

• Provide accurate data (including KYC documents upon request).
• Pay for the Services fully and on time.
• Use the Services lawfully and in good faith, and comply with the AUP (spam, phishing, malicious activity, intrusion, DDoS, resource abuse, IP infringements, fraud, crypto-mining on shared plans, Tor/proxy in breach of law/DC rules, etc. are prohibited).
• Arrange independent backups (unless included in the plan).
• Keep software/configurations up to date; possess basic admin skills for VPS/Dedicated.

3.3. Provider’s Rights

• Suspend Services for non-payment/AUP breaches/threats to infrastructure/lawful requests.
• Conduct KYC/technical checks without prior notice upon reasonable suspicion.
• Terminate this Agreement for repeated breaches by electronic notice.
• Propose upgrades/migration or temporarily limit service in case of excessive resource consumption.

3.4. Client’s Rights

• Receive Services in accordance with this Agreement and paid parameters.
• Submit comments/requests regarding service quality.
• Obtain consultations under first-line support.
• Terminate this Agreement under Section 7 subject to refund rules.

4. PRICES AND PAYMENT

4.1. Service fees are defined by the tariffs on the Provider’s official websites. Prices may be displayed in a chosen currency; if paying in another currency, the payment system/bank exchange rate applies.

4.2. Payments are accepted by IPHOSTER OÜ using the payment details and payment methods made available on the Provider’s official website and/or in the issued invoice. A payment is considered completed after confirmation by the relevant payment system.

4.3. The Client is responsible for accurate and timely payment. Unpaid services may be suspended/deleted after a grace period.

4.4. Payment system fees and interbank charges are non-refundable unless expressly provided by the refund policy.

4.5. Chargebacks/disputes: if a chargeback is initiated, service provision may be suspended until resolution; in case of an unfounded chargeback, incurred costs may be withheld.

4.6. Change of payment details: the Provider will notify by website publication and/or e-mail; payments to outdated details are at the payer’s risk.

4.7. Refunds: domains, SSL, licences, dedicated servers are generally non-refundable (pass-through cost), unless specified otherwise. For other services — partial refunds for unused periods (subject to no breaches) within 1–14 days; refunds are made to the original funding source, net of actual costs.

4.8. Taxes shall be applied in accordance with the legislation applicable to IPHOSTER OÜ and, where required, the Client’s jurisdiction.

4.9. The Provider may revise prices/introduce new plans by publishing changes. Termination does not relieve the Client from paying existing arrears.

5. DELIVERY TERMS

5.1. Most services are activated automatically; some are semi-automatic and may require manual confirmation.

5.2. The next billing period starts from the activation date/funds receipt (whichever occurs first, unless stated otherwise in the invoice/account).

5.3. Delays may occur due to resource shortages, holidays, registrar/vendor/DC actions; such delays are not a breach. The Provider will make reasonable efforts to minimise delays.

6. CLAIMS AND DISPUTE RESOLUTION

6.1. The Parties will endeavour to resolve disputes by negotiation via the ticket system/e-mail.

6.2. Claims relating to service quality shall be considered only where this Agreement has been validly accepted and the relevant payments have been confirmed.

6.3. To investigate incidents, the Provider may involve independent experts/vendors.

6.4. Upon an abuse notice, the Client must remedy violations within 24 hours; otherwise, the service may be limited/suspended.

6.5. E-mails with preserved technical headers may be used as evidence; without headers, an e-mail is not proper evidence.

7. FORMATION, TERM, AMENDMENTS AND TERMINATION

7.1. The Agreement is formed upon acceptance and remains in force indefinitely, subject to timely payment for the Services.

7.2. The Provider may amend this Agreement by publishing a new edition on the website and, where possible, notifying by e-mail. Continued use after publication constitutes consent to the changes.

7.3. The Client may terminate the Agreement at any time via the ticket system; refunds — see Section 4.7.

7.4. Termination does not release the Client from paying for services already rendered.

8. LIABILITY

8.1. The Provider is not liable for the quality of external communication channels, actions of third parties (registrars, data centres, ISPs, payment systems), third-party software errors, or downtime caused by force majeure/the Client’s actions.

8.2. The Provider is not liable for the content/legality of the Client’s data, loss of profit, indirect/consequential damages, or damage caused by unlicensed software or improper actions of the Client/third parties.

8.3. The Provider’s liability is limited to the amount actually paid by the Client for the relevant service for the last paid period.

8.4. SLA/uptime (where applicable for a specific service) and the amount of credits/compensation are defined by a separate policy and applied upon the Client’s request within the paid service cost.

8.5. IPHOSTER OÜ shall be the sole contractual counterparty responsible for the provision of the Services under this Agreement.

9. FORCE MAJEURE

9.1. Neither Party is liable for non-performance/improper performance caused by force majeure (natural disasters, wars, revolutions, strikes, terrorist acts, robberies, supplier bankruptcies, DC accidents, third-party software errors, legislative changes, government actions and other events).

9.2. A Party learning of the occurrence/approach of such circumstances shall notify the other Party within a reasonable time.

9.3. Performance is suspended for the duration of force majeure; if it lasts more than three months, either Party may terminate the Agreement.

10. FINAL PROVISIONS

10.1. This Agreement shall be governed by the laws of the Republic of Estonia.

10.2. The Service Provider shall comply with applicable data protection legislation, including the EU GDPR and other mandatory laws applicable in the Republic of Estonia.

10.3. Invalidity of any provision does not affect the validity of the remaining provisions.

10.4. The electronic form of this Agreement (website/billing publication) has full legal force.

10.5. Use of the “IPHOSTER” brand and the domain iphoster.ee signifies access to services provided by IPHOSTER OÜ under the IPHOSTER brand.

10.6. Nothing in this Agreement shall limit or exclude mandatory consumer protection rights applicable under the laws of the Client’s jurisdiction where such laws apply.

10.7. Any disputes arising out of or in connection with this Agreement shall be subject to the competent courts of the Republic of Estonia, unless mandatory consumer protection law provides otherwise.

Appendix 1. Domain Name Registration Rules

1. Each Client must review these rules before submitting a domain registration request.
2. The IANA (Internet Assigned Numbers Authority) manages top-level domains based on ISO 3166-1. Assignment is carried out in coordination with national internet communities and in accordance with their codes.
3. The Provider registers only those domain names listed as available on the Provider’s official website.
4. Domains are registered for a period starting from 1 year with yearly renewals; in some zones up to 10 years.
5. Domains registered via the Provider must be used exclusively for lawful purposes and must not violate the laws of any country.
6. The Client must read and comply with the registration/use policies of the relevant domain zones (registry/registrar rules).
7. Registering domains in violation of this Public Offer is prohibited.
8. To be registered, a domain name must be available.
9. Delegation, de-delegation, transfer and servicing of domains are carried out via the Provider’s website unless otherwise specified.
10. The Provider is not responsible for domain operation if it is served on third-party DNS servers.
11. The Provider is not responsible for registration delays caused by technical issues at registrars/registries.
12. Domain availability checks (“taken”, “available”, “error”) are indicative only.
13. The Provider is not responsible for the correct operation of WHOIS services.
14. The Provider does not perform drop-catching of expiring domains and is not obliged to register such domains.
15. The Client must provide accurate personal data when registering a domain (name, address, phone, e-mail, etc.).
16. Renewals should be made no later than 10 days before expiry. If payment is delayed by more than 20 days, the domain may be de-delegated and released for others to register.
17. A domain may be delegated to DNS servers of any hosting provider or registrar that supports DNS.
18. Personal data provided during registration may be publicly visible via WHOIS unless privacy is purchased.
19. The Provider does not guarantee instant DNS updates; technical delays are possible.
20. Domains are registered strictly to the data supplied by the Client, who bears responsibility for its accuracy.
21. To transfer a domain to the Provider the Client must provide the authorisation (EPP) code and pay any applicable transfer fee.
22. To transfer a domain away from the Provider the Client must pay for renewal if less than 60 days remain until expiry (as per registry policies).
23. This appendix may be amended by the Provider without prior consent; changes are published on the official website.
24. In case of violations of these rules or the Agreement, registration/renewal may be refused, suspended or cancelled.
25. Domain registration fees are non-refundable unless otherwise provided by the relevant registry’s policy.

Appendix 2. Support Service Regulations

Ticket, ticket system — a means of exchanging information between the Client and the Provider.

1. Support is provided via the Provider’s official website through the ticket system (single support centre).
2. Only Clients with active paid services may use support.
3. Support operates 24/7.
4. Sales, complaints and management are available daily from 10:00 to 23:00 (server time).
5. Average response time is 30 minutes to 12 hours depending on priority and workload. Instant responses are not guaranteed.
6. Support is provided upon a properly submitted ticket or an e-mail to the official support address.
7. Priorities: low (non-urgent), medium (important), high (critical/emergency).
8. Support is provided in writing via the ticket system or verbally via agreed channels.
9. The Client must provide complete and accurate information: access credentials, problem description, reproduction steps, etc.
10. Complaints about support are sent to the complaints department with details and the ticket number.
11. Support provides accurate information necessary to resolve issues related to the Provider’s services.
12. Setup/consulting for third-party software is outside the support scope and may be provided at the Provider’s discretion on a paid basis.
13. Support may be temporarily suspended for technical reasons (software updates, site unavailability, DC incidents, etc.) under the “Force Majeure” section.
14. Support is not responsible for the correct operation of the Client’s sites/applications.
15. FAQs may be answered with links to guides or official vendor documentation.
16. If no reply is received within the time in item 5, the Client may create an additional ticket referencing the previous one.
17. Prohibited: contacting while intoxicated, using obscene language (including veiled profanity), abusing duplicate tickets.
18. The regulations may be amended without prior consent; the current version is published on the website.
19. Violations may result in limited or disabled access to support.

Appendix 3. Affiliate Programme

Definitions: “Referrer” — a Client who attracts new Clients; “Referral” — a Client attracted by the Referrer; “Affiliate” — an active Client participating in the programme.

1. Only an Affiliate who has fulfilled clause 2.2.1 of the main Agreement may participate.
2. New Clients are attracted via a unique affiliate link from the personal account; other methods are not allowed.
3. Only lawful promotion methods are permitted. Prohibited: spam, aggressive marketing, cookie stuffing, incentivised traffic without consent, misleading users, using the Provider’s brand in ads without approval.
4. A percentage of paid orders of Referrals is credited to the affiliate account; refunds/trials/cancelled orders are excluded.
5. Affiliate rewards are calculated based on payments actually received by IPHOSTER OÜ.
6. The attracting Client automatically becomes the Referrer; the attracted Client becomes the Referral.
7. Minimum payout amount — 1.01 USD or equivalent.
8. Payouts are made within 72 working hours from the withdrawal request to the details specified in the account.
9. The Affiliate must not request the Referral’s personal/payment data.
10. The Provider may amend the terms by publishing on the website and/or notifying by e-mail; changes take effect upon publication.
11. For violations of the programme/Agreement, participation may be terminated; affiliate funds may be forfeited; the Agreement may be terminated without notice.

Appendix 4. Notice on Payment Providers’ Responsibility

1. Payments are processed by IPHOSTER OÜ, which acts as the merchant of record.
2. Service quality/scope disputes are resolved between the Client and the Provider.
3. Payment providers apply KYC/AML procedures and may limit/block transactions under their own rules.
4. Provider fees/charges may be withheld and are non-refundable unless provided by their policies.

Appendix 5. Privacy and Personal Data Processing Policy

1. The Service Provider processes personal data in accordance with applicable data protection legislation, including the EU GDPR and other mandatory laws applicable in the Republic of Estonia.
2. Personal data includes: name, surname, address, phone number, e-mail address, IP address, payment-related information, ID/KYC data, and other information necessary to provide the Services.
3. Purposes: identification, contract conclusion/performance, billing and payments, support, domain/service provisioning with suppliers, legal compliance (AML/KYC), service/change notifications.
4. Data may be shared with: payment systems; registrars/registries; data centres/licensors; public authorities upon lawful requests.
5. Retention: for the Agreement term and a reasonable period thereafter (at least 5 years for bookkeeping/KYC) unless otherwise required by law.
6. Data subject rights: access, rectification, erasure (where permissible), restriction, consent withdrawal, complaint to a supervisory authority.
7. IPHOSTER OÜ acts as the Data Controller for the purposes of applicable data protection legislation.
8. Contact details of the Data Controller are indicated on the official website and/or in the issued invoice.

Appendix 6. Consent to Personal Data Processing

1. By joining this Agreement and using the Services, the Client consents to the processing of personal data to the extent and for the purposes specified in Appendix 5.
2. Consent is granted for the Agreement term and the statutory data retention period.
3. Consent may be withdrawn by written request; withdrawal may result in inability to continue service provision.
4. Using the website, registering in billing and paying for services constitute full and unconditional consent to data processing.

Appendix 7. Cookie Notice

1. The Provider’s website uses cookies to ensure proper service operation and improve user experience.
2. Cookies are used for: session/authentication; language/currency/UI preferences; analytics; security and fraud prevention.
3. Both first-party and third-party cookies are used.
4. The Client may manage cookies via browser settings; restricting cookies may affect proper site operation.
5. Continuing to use the site signifies the Client’s consent to cookie use under this notice.

Appendix 8. Measures Against Terrorist Content (EU Regulation 2021/784)

1. Prohibition of terrorist content
   The Client is strictly prohibited from using the Services to store, publish, transmit or otherwise make available any content that constitutes terrorist content within the meaning of Regulation (EU) 2021/784.
2. Detection and prevention measures
   The Provider implements appropriate technical and organisational measures to detect, prevent and remove terrorist content, including manual review and, where appropriate, automated tools.
3. Contact point
   The Provider designates a clearly identifiable electronic contact point for communications with competent authorities regarding terrorist content removal orders under Regulation (EU) 2021/784.
   Contact: abuse@iphoster.net
   Languages: English, Estonian
   This contact point is publicly available on the Provider’s website and allows written communication.
   Removal orders from competent authorities shall be processed without undue delay and, where required by law, within one hour of receipt.
4. Ordinary abuse reports
   General abuse reports, customer complaints and service-related notices are processed in accordance with the Provider’s ordinary support and abuse handling procedures and may be subject to standard response times.
5. Removal of content
   Upon receipt of a valid removal order from a competent authority, the Provider shall remove or disable access to the identified content without undue delay in accordance with applicable law.
6. User notification
   Where content is removed or access is disabled, the Provider shall inform the Client, unless prohibited by law or a binding order of a competent authority.
7. Data retention
   The Provider shall retain removed or disabled content and related data for a period of up to six (6) months, unless a longer retention period is required by applicable law. Access to such data shall be restricted to competent authorities and courts.
8. Complaint mechanism
   The Client has the right to submit a complaint regarding removal or disabling of content via the Provider’s support system. The Provider shall review such complaints within a reasonable timeframe and may restore access where appropriate.