Acceptable Use Policy

Last updated June 10th, 2020

THIS ACCEPTABLE USE POLICY (the “AUP”) sets forth activities and related rules for acceptable use of Prosper IT’s services and facilities. All clients of Prosper IT are required to comply with this AUP and for providing reasonable assistance to Prosper IT in investigating and resolving issues, problems, and/or complaints arising out of the services provided to such client. Clients must also comply with all terms and conditions of applicable agreements, and with any additional policies that may be applicable to a specific service offered by Prosper IT. Violation of this AUP is strictly prohibited. In the event of any deliberate actual or potential violations, Prosper IT reserves the right to suspend or terminate, either temporarily or permanently, any or all services provided by Prosper IT, to block any abusive activity, or to take any other actions as deemed appropriate by Prosper IT in its sole discretion. Clients that violate this AUP may incur criminal or civil liability. Prosper IT may refer violators to civil or criminal authorities for prosecution and will cooperate fully with applicable government authorities in connection with the civil or criminal investigations of violations.

Internet Connection and Web Hosting

For Subscription Services that provide a connection the Internet, Prosper IT neither controls nor accepts responsibility for the content of any communications that are transmitted or made available to clients, regardless of whether they originated from clients of the Prosper IT Network. In addition, Prosper IT expressly disclaims any responsibility for the accuracy or quality of information provided by third parties that may be obtained through the use of the Prosper IT Network. Each client is responsible for complying with this Acceptable Use Policy.

The examples of prohibited use set forth below and throughout this AUP are nonexclusive and are provided as minimum obligations of client’s use of the Prosper IT network. Prohibited uses include, but are not limited to, the following:

• Knowingly violating any law of any applicable jurisdiction, including, without limitation, laws governing advertising, alcohol, antitrust, child protection, drugs, encryption, exportation, food, financial services, firearms, gambling, importation, information systems, intellectual property, obscenity, privacy, securities, telecommunications and tobacco.
• Deliberately committing a wrongful act, including, and without limitation to, the posting or communication of libelous, defamatory, scandalous, threatening, harassing, or private information without the permission of the person(s) involved, or posting content that is likely to cause emotional distress, whether through content, frequency, or size.
• Engaging in or facilitating illegal gambling activities.
• Posting, sending, or seeking to receive any content that is obscene, pornographic, lewd, lascivious, or excessively violent.
• Offering, soliciting, selling, buying, renting, or licensing any goods, products, services, or information in, from, or to any location in which such activity is unlawful.
• Knowingly advocating, promoting, or otherwise encouraging violence against any government, organization, group, individual or property, or providing instruction, information, or assistance in causing or carrying out such violence.
• Knowingly posting, sending on, seeking to receive, displaying, distributing, or executing any content, including, without limitation, text, graphics, images, music, recordings, computer programs, links, frames, and "meta tags," that violate any copyright, right of publicity, patent, trademark, service mark, trade name, mask work, trade secret or intellectual property rights of others.
• Deleting or altering author attributions, copyright notices, or trademark notices, unless expressly permitted in writing by the owner.
• Effecting security breaches or disruptions of Internet communications. Security breaches include, but are not limited to, accessing data of which client is not an intended recipient or logging onto a server or account that client is not expressly authorized to access. For purposes of this section, "disruption" includes, but is not limited to, port scans, ping floods, packet spoofing, forged routing information, deliberate attempts to overload a service, and attempts to "crash" a host.
• Obtaining or attempting to obtain unauthorized access, such as attempting to circumvent or circumventing any authentication or other security feature of any system, network, or account. This includes accessing data not intended for the user, logging into a server or account the user is not authorized to access, or probing the security of any system, network, or account.
• Interfering or attempting to interfere with service to any user, host, or network by use of any program, script, command, or otherwise. This includes "denial of service" attacks, "flooding" of networks, deliberate attempts to overload a service or to burden excessively a service's resources, and attempts to "crash" a host.
• Willfully introducing viruses, worms, harmful code and/or “Trojan horses”.
• Attempting to circumvent the approval process for posting to a moderated newsgroup or bulletin board or attempting to evade spam filters.
• Cancelling or superseding posts other than your own, with the exception of official newsgroup or bulletin board moderators performing their duties.
• Sending or posting unsolicited messages or e-mail, whether commercial or not, a) to any recipients who have requested that messages not be sent to them, or b) to a large number of recipients, including users, newsgroups, or bulletin boards, at one time.
• Sending or posting a message whose subject or content is unrelated to the subject matter of the newsgroup or bulletin board to which it is posted.
• Sending or posting a message or e-mail with deceptive, absent, or forged header or sender identification information.
• Propagating chain letters and pyramid schemes, whether or not the recipient wishes to receive such mailings.
• Using Internet Relay Chat "bots".
• Holding Prosper IT, its affiliates, officers, employees and/or shareholders up to public scorn or ridicule; and/or misrepresent your relationship with Prosper IT.
• Engaging in deceptive online marketing practices.
• Falsifying identity or contact information (whether given to Prosper IT, to the InterNIC, or put in a message header) to circumvent this AUP.
• Willfully failing to secure open SMTP ports so as to prevent the unauthorized use of client resources for the purposes of sending unsolicited e-mail by a third party.

Storage of HIPAA Regulated Information

NO “PERSONAL HEALTH INFORMATION” (AS DEFINED IN 45 CFR SECTION 160.103) OR ANY OTHER INFORMATION REGULATED BY THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) ADMINISTRATIVE SIMPLIFICATION REGULATIONS, 45 CFR PARTS 160, 162 AND 164, SHALL BE STORED IN ANY PROSPER IT FACILITY, ON PROSPER IT COMPUTER EQUIPMENT OR ELECTRONIC MEDIA, OR TRANSMITTED TO OR FROM AN PROSPER IT FACILITY WITHOUT FIRST ENTERING INTO A BUSINESS ASSOCIATE AGREEMENT WITH PROSPER IT WITH MUTUALLY ACCEPTABLE TERMS. CLIENTS SHALL ENSURE THAT ANY AND ALL INFORMATION REGULATED BY HIPAA IS USED AND DISCLOSED ONLY AS PERMITTED UNDER HIPAA.

Conduct

All clients and client representatives must agree to adhere to the following client conduct guidelines while utilizing Prosper IT services and/or facilities:

• Conduct all activities in a professional and safe manner.
• Conform to all applicable Federal, State and Local laws and refrain from any activity that aids or assists criminal activity while within the Prosper IT facility or while utilizing Prosper IT services.
• Agree to follow all Safety, Security, Rules, Procedures, and Guidelines then in effect at Prosper IT facilities.
• not attempt to disable, breach, or otherwise circumvent security measures or devices in or around the Prosper IT facility.
• Do not handle, harm, damage, or otherwise interfere or interact with equipment belonging to Prosper IT or other Prosper IT colocation clients.
• Do not harass any individual, including other clients, Prosper IT employees, contractors, or vendors.
• Do not bring, or knowingly allow, any of the following materials to be brought onsite: firearms, explosives, toxic materials, flammable or combustible liquids, alcohol, illegal drugs, or other intoxicants.
• Do not bring any of the following into the colocation room: food, beverages, other liquids, or electro-magnetic devices that may interfere with computers or other electronic equipment.
• Keep all colocation rooms, hallways, aisle ways, and common areas free of debris, refuse and equipment at all times.
• Do not prop open doors leading to, or within, the Prosper IT facility.

Equipment

Unless covered by an agreement of Subscription Services, the client is considered the Maintaining Party for all equipment installed on their behalf within any Prosper IT facility. It is the responsibility of the Maintaining Party to ensure that their equipment is installed, maintained, and removed in a manner that facilitates its safe and reliable operation.

Equipment Installation and Conformance Guidelines

The Maintaining Party agrees to, at their expense, install, configure, and maintain all equipment housed at the colocation facility in conformance with the following guidelines:

• All equipment must comply with all applicable laws, health, fire, and safety codes.
• All equipment installed within the facility must carry either the Underwriters Laboratories (UL) or Conformity European (CE) Marks.
• All equipment must be grounded according to OEM specifications.
• All equipment must not pose a health or safety hazard.
• All equipment must not damage, impair, or otherwise negatively impact performance of equipment or facilities belonging to Prosper IT or other Prosper IT clients.
• All equipment installed onsite must be completely contained within the equipment cabinet.
• Modification of any Prosper IT supplied equipment or material is prohibited. This includes but is not limited to shelving, blanking panels, power distribution, cabinets, rails and floor tiles.
• Utilization of space under the floor is prohibited.
• Storage of paper, cardboard, or other combustible item within client cabinet or cage space is prohibited.

In order to facilitate communications and to prevent unwanted or unnecessary downtime, all equipment within the facility should be labeled with both the client name and the device name/identifier.

Any deviation from the above guidelines will require prior, written approval from Prosper IT. Any equipment found to be out of compliance with these guidelines must be removed, repaired, upgraded, replaced or otherwise brought into compliance by, and at the expense of, the Maintaining Party.

Conformance and Monitoring

It is the goal of Prosper IT to provide all clients with a highly reliable, stable, and secure colocation facility. To achieve that goal, Prosper IT reserves the right to periodically visually inspect or otherwise audit client-deployed equipment to ensure conformance with the client’s contract.

In the event client equipment is found to be out of compliance and is deemed to be an immediate threat to personnel or facility availability, Prosper IT reserves the right to immediately disconnect power and/or data communications services to client equipment. For all other out of compliance equipment, Prosper IT will make reasonable efforts to notify the client of the issue and to coordinate with the client a remedy to the situation.

Maintenance

Prosper IT carefully balances the need for periodic, routine maintenance against client needs for high-availability systems. When periodic maintenance is required, Prosper IT will coordinate with clients to ensure a minimum of service disruption. In return, Prosper IT expects that our clients will cooperate with Prosper IT in scheduling and implementing needed maintenance in a timely and expeditious manner.

Clients will be notified 24 hours in advance of any scheduled routine maintenance that is expected to result in service disruption. In the event that emergency non-scheduled maintenance becomes necessary, Prosper IT will attempt to provide 4 hours advance notice to all affected clients. Client notification of planned or emergency maintenance will be through client-designated emergency contact.

Clients should be aware that both planned service-affecting and emergency outages may result in temporary communications outages. During these outages, client equipment may not be able to transmit or receive data. Clients should also be aware that physical access to the Prosper IT managed equipment and/or within the Prosper IT colocation facility may be restricted or denied during the designated maintenance window(s).

System Access

For all Prosper IT managed systems, the client will provide Prosper IT with all needed physical and logical access required to effectively manage the device. Prosper IT requires remote-access capabilities into all managed systems to facilitate ongoing maintenance of these systems. The client agrees not to disable, tamper with, or otherwise disrupt Prosper IT’s remote login capabilities.

For equipment that is not located in the Prosper IT colocation facilities, the client agrees to provide on-demand dial-up or private line access capabilities.

System Access

Prosper IT requires that clients refrain from making changes to Prosper IT supported devices without first coordinating these changes with Prosper IT managed services personnel. Prosper IT reserves the right to reverse any changes that are inconsistent with established Prosper IT best-practices. By subscribing to Prosper IT’s managed services, the client grants Prosper IT permission to maintain all managed systems in accordance with Prosper IT’s established best-practices. Client agrees to allow Prosper IT to schedule and implement changes to all managed systems as necessary to ensure that the systems remain in conformance with Prosper IT’s established best-practices.

Ticketing Process

To ensure that all requests are handled and prioritized in a timely manner, all client-initiated requests pertaining to managed services must be coordinated through Prosper IT’s Service Desk. Prosper IT’s Service Desk will then open a service ticket and coordinate the process of allocating technical resources and personnel as needed. Contacts that are not initiated through Prosper IT’s Service Desk and/or attempt to bypass the Service Desk will be redirected to the Service Desk for processing. Prosper IT cannot guarantee timely processing of tickets that are not initiated with our Service Desk.

Scheduling

To effectively manage staffing levels, clients are required to provide a minimum of 24 hours advance notice for all change requests. Change requests that require extensive engineering resources must be scheduled at least 5 working days in advance. Prosper IT reserves the right to refuse service requests that do not conform to these scheduling timeframes. Prosper IT will make a good-faith effort to accommodate non-conforming change requests, subject to resource availability. For Prosper IT initiated routine system changes, clients must make good-faith efforts to schedule required outage windows within a reasonable amount of time.

Contacts

All managed services clients must provide Prosper IT with a list of designated system contacts which Prosper IT will use to contact the client in the event of a major system event. Complete contact information for multiple client personnel, including work, cell phone, and home numbers for each contact is encouraged. Clients may designate that a specific call order be established for all such emergency contacts. In the event of an emergency where Prosper IT is unable to reach any client-designated contact, Prosper IT will not be held liable for damages resulting from the changes made.

Monitoring

Prosper IT offers 24x7 performance and reliability monitoring of Prosper IT managed client equipment. In order to provide effective monitoring of these systems, the client agrees to conform to Prosper IT’s best practices for remote systems monitoring:

• SNMP Access – All devices which require SNMP monitoring must be configured to allow inbound SNMP access from Prosper IT’s monitoring systems.
• Designated Contact – All monitored devices must have designated contact(s) in case of a system outage or other emergency requiring client decision-making authority.
• Nuisance Alerts – Prosper IT responds to and performs live triage on all system alerts by utilizing a live NOC technician. Repetitive or nuisance alerts detract from our ability to effectively and expeditiously respond to the needs of other clients. Prosper IT reserves the right to temporarily disable further alerts if we are unable to reach any of the designated system contacts, and/or the alerts are a result of conditions that are beyond the control of Prosper IT managed services. Prosper IT reserves the right to charge clients for time and materials related to multiple faulty alarms established outside of monitoring parameters.
• Client Maintenance – All monitoring clients are provided with access into their own customized web-based monitoring portal. Clients are required to utilize this monitoring portal to schedule system downtime to prevent nuisance alerts.

Emergency Situations

In an emergency, Prosper IT may at its discretion and without prior notice, take emergency intervention steps in a manner deemed appropriate by Prosper IT to expeditiously terminate any threat posed by the emergency situation. Emergency situations that may require intervention may include, but are not limited to:

• Threats to the life, health, or safety of the public, Prosper IT employees, clients, contractors, vendors, or other personnel.
• Threats to the safety, stability, availability, or security of the Prosper IT facility, data communications infrastructure, or other Prosper IT client’s equipment or data.
• Client’s equipment found to be in violation of any applicable law.
• Lawful order(s) from a court, law-enforcement agency, government administrative agency, or other public safety agency with jurisdictional authority.

Prosper IT will respond to emergency situations as it deems prudent. Emergency intervention measures by Prosper IT personnel may include, but are not limited to, the following:

• Suspension of access privileges for Client and Client-authorized personnel.
• Mandatory evacuation and/or lock-out of client and client-authorized personnel already on site.
• Disconnection of data communications service to client equipment.
• Disconnection of electrical service to client equipment.
• Discharge of available fire suppression agent(s).
• Other actions, as specified by law-enforcement or public-safety personnel.

Reporting Complaints

Any complaints regarding prohibited use or other abuse of Prosper IT Facilities, including violations of this AUP, should be sent via e-mail to Prosper IT at: abuse@Prosper IT.com. Please include all applicable information that will assist Prosper IT in investigating the complaint. If you are unsure whether any contemplated use or action is permitted, please send questions or comments to Prosper IT at: abuse@Prosper IT.com.