Master customer terms for Gewape Cloud Group and its brands

Terms of Service

These Terms of Service govern access to and use of services provided by the applicable Gewape Cloud Group entity under Megabit Cloud, Metal on Cloud, Gewape Cloud Infrastructure, or any other Gewape Cloud Group brand, portal, trade name, or service line. By using the services, you agree to be bound by this policy framework. If you do not agree, you must not access or use the services.

1. Scope of Services

Gewape Cloud Group delivers commercial services through specialised brands, including Megabit Cloud for affordable hosting and digital services, Metal on Cloud for bare-metal and high-performance compute, and Gewape Cloud Infrastructure for enterprise cloud infrastructure. Covered services include but are not limited to:

• Cloud servers and virtual machines for application hosting, databases, development, testing, and production workloads.
• Block storage, snapshots, images, backups where ordered, and related persistent storage services.
• Object storage, file storage, DNS, virtual networks, routers, security groups, load balancing, public IP addresses, and private networks.
• Managed Kubernetes, container infrastructure, managed databases, secrets management, monitoring, metrics, audit logs, and security services.
• Wallet, billing, invoices, usage reports, support, onboarding, and account management services.

2. Account Registration and Management

You must create and maintain an account to access the services. You agree to provide accurate, complete, and up-to-date registration, billing, legal, tax, contact, and operational information. You are responsible for the confidentiality of account credentials and for all activity under your account, including activity by invited users, automation, API keys, and service accounts.

Gewape Cloud Group may monitor account activity for compliance, abuse prevention, billing integrity, fraud prevention, service reliability, and security. Gewape Cloud Group may suspend or terminate services if irregularities, abuse, security risk, non-payment, or material breach are detected.

3. Order Process and Contract Formation

To order services, you must select the desired resource, review the monthly commitment and estimated hourly equivalent, maintain sufficient wallet balance or approved credit terms, and complete the order flow. A contract is formed when Gewape Cloud Group accepts the order, activates the service, confirms the order, or makes the resource available in the platform.

4. Usage Guidelines

You may use Gewape Cloud Group services only for lawful purposes. You are responsible for compliance with all applicable laws, regulations, licensing terms, export controls, sanctions rules, data protection requirements, and industry obligations that apply to your workloads, users, customers, and data.

5. Fees and Payment

Prices and rates are displayed in the platform or in an agreed order form. The base currency is USD. Gewape Cloud Group may support additional payment currencies and payment methods, and the billing system may convert supported currencies using the applicable exchange rate at the time of payment, invoice, or posting.

Every billable service requires a minimum one-month prepaid commitment unless otherwise agreed in writing. Occupancy billing applies whether a committed resource is switched on or off. If the resource exists, is allocated, reserved, or committed to the customer, it remains billable until released, deleted, cancelled, or terminated according to these terms.

6. Service Availability and Data Loss

Gewape Cloud Group works to provide reliable services, but does not guarantee that every service will be uninterrupted or error-free. Customers must keep appropriate backups unless a managed backup service is ordered and confirmed. Gewape Cloud Group is not responsible for data loss caused by customer deletion, misconfiguration, compromised credentials, unsupported images, customer applications, or customer-controlled infrastructure.

7. Privacy and Data Protection

Use of the services is subject to the Privacy Policy and the General Data Processing Agreement in this policy framework.

8. Intellectual Property

Gewape Cloud Group retains all rights in its platform, software, systems, documentation, workflows, brands, designs, and service materials. You retain rights in your data, workloads, images, code, and content, and grant Gewape Cloud Group the limited rights necessary to provide, secure, support, troubleshoot, bill, and improve the services.

9. Termination

Gewape Cloud Group may terminate or suspend services for breach, abuse, non-payment, legal requirement, sanctions exposure, security emergency, risk to the platform, or discontinuation of a service. You may request cancellation through the platform or support channel. Some fees remain payable after cancellation, including committed monthly charges, outstanding usage, restoration fees, collection costs, and charges for services consumed before termination.

10. Dispute Resolution and Governing Law

The governing law and dispute forum may depend on the contracting Gewape Cloud Group entity and the customer's billing jurisdiction. If not otherwise specified in an order form or service agreement, the parties will first attempt to resolve disputes amicably through written notice. If unresolved after 30 days, the dispute may be escalated to arbitration, court, or another agreed forum under the applicable law of the contracting entity.

11. Amendments

Gewape Cloud Group may update these terms to reflect changes in services, law, operations, security, pricing, or platform practices. Continued use of the services after changes take effect constitutes acceptance of the updated terms.

Privacy Policy

1. Introduction

Gewape Cloud Group is committed to protecting privacy. This Privacy Policy explains how Gewape Cloud Group collects, uses, discloses, safeguards, and retains personal information when customers apply for, purchase, access, or use Gewape Cloud Group services.

2. Information We Collect

Gewape Cloud Group may collect personal information when you register, apply for onboarding, place an order, make a payment, contact support, use the platform, or interact with security and compliance workflows.

• Names, emails, phone numbers, job titles, identity and authorisation details.
• Organisation, registration, tax, billing, address, currency, and payment information.
• Account identifiers, project identifiers, service usage, IP addresses, logs, support records, KYC or KYB materials, and compliance documents.
• Any other information you submit to Gewape Cloud Group or generate through use of the services.

3. How We Use Information

Gewape Cloud Group uses information to review applications, create accounts, provide and improve services, process transactions, issue invoices, post wallet credits, communicate with customers, prevent fraud and abuse, secure the platform, comply with legal obligations, and protect Gewape Cloud Group's rights.

4. Sharing Information

Gewape Cloud Group does not sell customer personal information. Gewape Cloud Group may share information with payment processors, finance and accounting systems, infrastructure providers, support providers, security tools, professional advisers, regulators, law-enforcement authorities where legally required, and service providers bound by confidentiality and security obligations.

5. Data Retention

Customer account data is retained only as long as necessary for the purposes collected, including legal, accounting, tax, security, contractual, audit, and dispute requirements. Financial records may be retained for up to 10 years or longer where required by applicable law. Backup data is normally retained for a limited period and may be overwritten through normal backup cycles.

6. Your Rights

Depending on applicable law, you may request access, correction, deletion, restriction, portability, objection, or withdrawal of consent. Some records may be retained where required for billing, security, contracts, compliance, or legal claims.

7. Security

Gewape Cloud Group applies administrative, technical, and organisational measures to protect personal information. No method of transmission or storage is completely secure, so customers must also protect their own accounts, users, credentials, workloads, and configurations.

Acceptable Use Policy

1. Purpose and Scope

This Acceptable Use Policy (AUP) protects the integrity of Gewape Cloud Group's network, services, customers, partners, upstream providers, and the public internet. It applies to all customers, users, contractors, systems, workloads, and any other person or service that accesses Gewape Cloud Group.

2. Acceptable Uses

Customers may use Gewape Cloud Group services for legitimate business operations, application hosting, data storage, development, testing, research, education, internal systems, customer platforms, and lawful cloud infrastructure workloads.

3. Prohibited Uses

The following activities are strictly prohibited:

• Fraud, phishing, credential theft, malware, botnets, spam, unsolicited bulk messaging, or deceptive activity.
• Unauthorised scanning, intrusion, denial-of-service attacks, exploitation, or attempts to gain unauthorised access.
• Hosting, distributing, or linking to illegal, harmful, obscene, defamatory, threatening, or abusive content.
• Intellectual property infringement, piracy, sanctions evasion, export-control violations, or unlawful financial activity.
• Resource abuse, noisy-neighbour behaviour, or activity that degrades Gewape Cloud Group services or third-party networks.
• Attempts to bypass billing, quotas, security controls, network abuse controls, or identity checks.

4. Content Uploaded

Customers are responsible for content, data, images, workloads, software, and traffic generated or uploaded through their accounts. By using Gewape Cloud Group services, you confirm that you have the necessary rights to your content and that it complies with this AUP.

5. Enforcement

Violations may result in rate limiting, filtering, port blocking, null-routing, quarantine, evidence preservation, suspension, termination, reporting to authorities, or other protective action.

Cookie Policy

Cookies are small text files stored on your device when you visit a website or portal. Gewape Cloud Group uses cookies and similar technologies to enable essential site functionality and security, measure and improve performance, remember preferences, and support consent selections.

Types of Cookies

• Strictly necessary cookies required for the portal and authentication to work.
• Analytics cookies that help Gewape Cloud Group understand and improve site usage.
• Preference cookies that remember choices such as language, region, or consent settings.

You can control and delete cookies through your browser settings. Disabling certain cookies may affect portal functionality.

Service Level Agreement

This Service Level Agreement (SLA) defines service expectations for production Gewape Cloud Group services unless a separate written agreement applies.

1. Availability

Gewape Cloud Group targets 99.9% monthly availability for generally available production control-plane and infrastructure services, excluding scheduled maintenance, emergency maintenance, customer-caused outages, third-party failures outside Gewape Cloud Group control, force majeure events, unsupported configurations, beta services, and suspended accounts.

2. Maintenance

Gewape Cloud Group will make reasonable efforts to notify customers at least 48 hours before scheduled maintenance that may materially affect availability. Emergency maintenance may be performed with shorter notice where required to protect security, reliability, data, or the network.

3. Support Response Targets

• Critical: target initial response within 1 hour for severe production outage or security emergency.
• High: target initial response within 2 hours for major production degradation.
• Medium: target initial response within 4 hours for minor issues or limited impact.
• Low: target initial response within 6 hours for general questions or non-urgent requests.

4. Service Credits

Where Gewape Cloud Group fails to meet an applicable uptime commitment, eligible customers may request service credits within 30 days and must provide relevant documentation. Credits may be 10% of the affected monthly service fee for 99.0%-99.8% uptime, 25% for 95.0%-98.9% uptime, and 50% for below 95.0% uptime, subject to SLA exclusions and approval.

Support Policy

Gewape Cloud Group provides customer support through the platform, support portal, email, and approved customer channels. Support is prioritised by urgency, impact, customer tier, service status, and operational risk.

Scope of Support

Gewape Cloud Group support may assist with service availability, account and billing questions, platform usage, service provisioning issues, incident triage, abuse reports, and guidance on using Gewape Cloud Group services.

Support does not generally include customer application debugging, customer operating system administration, customer code, customer internal networks, third-party software support, or managed services not ordered by the customer.

Escalation and Feedback

Complex incidents may be escalated to engineering, security, finance, network operations, or management teams. Customers may provide feedback through the support channel to help improve the service.

Pricing Policy

1. Purpose

This Pricing Policy explains Gewape Cloud Group's pricing structure and billing practices so customers can understand costs before creating or consuming resources.

2. Currency and Invoices

Gewape Cloud Group's base currency is USD. Customers may select or be assigned a billing currency during onboarding. Invoices, wallet postings, and account records may use the selected currency, with conversion performed by the billing system where supported. Applicable taxes are calculated based on customer billing details and the contracting entity.

3. Resource-Sized Pricing

Prices are not flat per service when resource size matters. Cloud servers, storage, managed Kubernetes, databases, public IPs, and other resources may be rated by size, quantity, region, vCPU, RAM, disk, allocated IP, transfer, object storage, database size, node count, control-plane commitment, or other billing dimensions shown in the platform.

4. Minimum Monthly Commitment

Gewape Cloud Group requires a minimum one-month prepaid commitment for every billable service unless otherwise agreed in writing. The platform may display an hourly equivalent for transparency, but the charge is collected as a monthly commitment in advance. Occupancy billing applies whether the committed service is powered on, powered off, idle, or actively used.

5. Payment Methods

Gewape Cloud Group may accept card payments, mobile money, bank transfers, and other approved local payment methods. Successful card payments may be posted automatically after payment provider confirmation. Manual payments, including bank transfer and mobile money proof-of-payment submissions, require finance review before credit is posted.

6. Price Revisions

Prices may be reviewed periodically based on market conditions, exchange rates, taxes, upstream costs, operational costs, and service changes. Active customers should receive at least one month's notice before material price changes take effect, unless the change is driven by tax, law, security, abuse, or an urgent upstream cost event.

Cancellation Policy

Customers may request cancellation of services through the platform or support channel. Cancellations may take up to 24 hours or longer where operational review, data export, finance review, fraud review, or dependency cleanup is required.

Because Gewape Cloud Group uses a minimum one-month prepaid commitment, cancellation does not automatically refund the committed month. Resources remain billable until properly deleted, released, cancelled, or terminated. Customers should export data and remove dependencies before cancellation.

Gewape Cloud Group may terminate services for violation of terms, non-payment, illegal or abusive activity, security risk, sanctions exposure, or any other reason required to protect Gewape Cloud Group, customers, providers, or the public internet. Outstanding fees remain due after termination.

Data Retention Policy

1. Purpose and Scope

This policy establishes retention, storage, and disposal rules for customer information, transaction records, operational records, backup data, support records, security logs, and compliance records.

2. Retention Periods

• Customer account data may be retained for 6 months after account or service inactivity unless longer retention is required.
• Financial, tax, billing, wallet, and invoice records may be retained for 10 years or longer where required by law.
• Backup data may be retained for up to 30 days after service termination, unless a different retention period applies to a managed backup product.
• Security logs may be retained as needed for abuse prevention, investigations, compliance, and platform protection.

3. Storage, Security, and Disposal

Data is protected through appropriate access controls, encryption features where available, monitoring, audit controls, and operational procedures. When retention periods expire, data may be securely deleted, overwritten, anonymised, or destroyed using methods suitable for the record type.

Intellectual Property Rights Policy

All intellectual property created or uploaded by a customer remains the property of the original owner. Customers retain rights to their workloads, software, designs, documentation, data, and content.

By using Gewape Cloud Group services, customers grant Gewape Cloud Group a non-exclusive, worldwide, royalty-free licence to host, store, reproduce, process, transmit, display, and modify customer content only as necessary to provide, secure, troubleshoot, bill, support, and improve the services.

Customers must ensure that uploaded content, software, images, and data do not infringe third-party rights. Customers agree to indemnify and hold harmless the applicable Gewape Cloud Group entity, affiliates, officers, directors, employees, and agents from claims arising from customer use, customer content, policy violations, or infringement.

Gewape Cloud Group services are provided on an "as is" and "as available" basis to the fullest extent permitted by law. Gewape Cloud Group disclaims implied warranties and limits liability as set out in the applicable service agreement, order, or law.

Refund and Billing Dispute Policy

1. Refunds

Prepaid monthly commitments, allocated resources, public IP addresses, software licences, third-party services, taxes, and consumed usage are generally non-refundable unless Gewape Cloud Group approves a refund, a billing error is confirmed, or applicable law requires otherwise.

2. Billing Disputes

Customers must raise billing disputes within 30 days of the relevant charge, invoice, wallet posting, or usage record. Gewape Cloud Group will review the dispute and may issue a wallet credit, invoice correction, refund, or explanation. If charges are valid, the customer remains responsible for payment.

3. Manual Payments and Proof of Payment

Bank transfer and mobile money payments are posted only after finance review. A proof of payment submission does not by itself create wallet credit. Card payments that are successfully confirmed by the payment provider may be posted automatically.

4. Non-Payment

Non-payment may result in service suspension, termination, collection activity, and recovery of collection costs, including legal fees where permitted by law.

General Data Processing Agreement

This General Data Processing Agreement applies across all jurisdictions in which any Gewape Cloud Group entity or brand receives, stores, hosts, transmits, accesses, analyses, secures, supports, bills, or otherwise processes Customer Data. It is intended to operate as a general contractual data-processing covenant, without limiting or excluding any mandatory privacy, cybersecurity, banking, telecommunications, consumer, tax, records-retention, national-security, sectoral, or data-protection law that may apply in a customer's or Gewape Cloud Group entity's jurisdiction.

Definitions

Customer Data means data, records, files, metadata, content, credentials, logs, configurations, images, communications, billing records, usage records, support materials, and other information submitted to, generated by, stored on, transmitted through, or derived from use of the services. Personal Data means Customer Data relating to an identified or identifiable natural person to the extent recognised by applicable law. Service Provider, Processor, Operator, Custodian, or Sub-Processor means any Gewape Cloud Group entity, affiliate, supplier, or third party that processes Customer Data for the purpose of delivering, securing, supporting, billing, or administering the services.

Roles and Processing Instructions

Unless a separate written instrument provides otherwise, the customer determines the purpose, legality, authority, accuracy, and content of Customer Data, and Gewape Cloud Group processes Customer Data for the limited purposes of providing the ordered services, observing customer configurations, performing support, protecting platform integrity, preventing fraud and abuse, complying with law, issuing invoices, maintaining records, and enforcing applicable terms. Gewape Cloud Group may decline, suspend, or require amendment of any instruction that is unlawful, technically impracticable, abusive, insecure, inconsistent with the service, or likely to prejudice third-party rights.

Confidentiality and Security

Gewape Cloud Group will treat Customer Data as confidential and will require personnel and authorised service providers with access to Customer Data to observe confidentiality or equivalent professional obligations. Gewape Cloud Group will maintain administrative, technical, physical, and organisational measures appropriate to the nature of the service, including access control, privileged access governance, monitoring, logging, incident response, encryption features where available, backup controls where ordered, change management, and operational safeguards.

Sub-Processing

The customer authorises Gewape Cloud Group to appoint affiliates, infrastructure providers, payment processors, finance, accounting, and account administration providers, communication providers, monitoring tools, security tools, professional advisers, and other service providers where reasonably necessary for service delivery. Gewape Cloud Group will require such parties to process Customer Data under appropriate contractual, confidentiality, security, and data-handling obligations.

Data Breach Notification

If Gewape Cloud Group becomes aware of a confirmed security incident affecting Customer Data on systems managed by Gewape Cloud Group, it will notify the customer without undue delay using the registered account contact or another appropriate channel, taking account of the nature of the incident, law-enforcement restrictions, containment requirements, and the information then available. Failed login attempts, pings, scans, blocked attacks, unsuccessful exploitation attempts, or events that do not compromise Customer Data are not, by themselves, reportable data breaches.

Data Subject Rights, Transfers, and Audits

Gewape Cloud Group will provide reasonable assistance with lawful data subject, regulator, audit, and security documentation requests where required by applicable law and subject to reasonable notice, confidentiality, security, availability, and frequency limitations. Customer Data may be processed in the customer's selected regions and in other jurisdictions where necessary for support, billing, security, resilience, legal compliance, payment processing, incident response, or operation of globally interoperable services.

Return or Deletion

Following termination or expiry of the relevant service, Gewape Cloud Group will delete, isolate, overwrite, anonymise, retain, or return Customer Data in accordance with service functionality, backup cycles, data-retention rules, legal requirements, billing and audit obligations, security needs, and technically feasible customer instructions.

Network and Public IP Policy

Gewape Cloud Group operates public IP and network controls to protect customers, upstream providers, local networks, and the public internet. Public IP addresses, floating IPs, routers, security groups, DNS, virtual networks, and related network services must not be used for abuse, scanning, spam, credential attacks, malware, unauthorised access, or unlawful activity.

Public IP Abuse Guard

Gewape Cloud Group may block or restrict high-risk ports on public IP traffic, including ports commonly used for spam, credential abuse, exposed databases, remote administration attacks, file-sharing abuse, and unauthorised network activity. Local management networks, approved WireGuard ranges, internal VLANs, and non-tenant administrative systems may be handled under separate internal security rules.

Exceptions

Exceptions may be approved for verified customers with a legitimate business need, security controls, abuse contacts, and written approval. Gewape Cloud Group may revoke exceptions if risk, abuse, or non-compliance is detected.

Customer Responsibility

Customers must configure security groups, operating systems, firewalls, secrets, keys, applications, and logs responsibly. Gewape Cloud Group may suspend or filter traffic to protect the platform even if traffic originates from a customer-controlled workload.

Acknowledgement

By using Gewape Cloud Group services, you acknowledge that you have read, understood, and agree to the applicable policies in this policy pack. If you have questions, contact the Gewape Cloud Group support or account team before ordering or continuing to use the services.