Legal, AUP & TOS

DEFINITION USER PRIVACY DMCA, COPYRIGHT, FREEDOM OF EXPRESSION & APPLICABLE LAW PROHIBITED CONTENT CONTENT RESPONSIBILITY DOMAIN NAMES SPAM & UCE ABOUT SECURITY RESOURCES USAGE DEDICATED / VPS SERVERS WEBSITE MIGRATION, BACKUPS & DATA-LOSS SERVICE UPTIME SUPPORT CANCELLATION & REFUNDS PAYMENTS & TERMINATION RESELLERS & PARTNERS AFFILIATE PROGRAM INDEMNIFICATION FORCE MAJEURE FAILURE TO COMPLY

Last updated: 22 May 2026

This Service Agreement (the "Agreement") sets out the Terms of Service ("TOS"), Acceptable Use Policy ("AUP") and Privacy Policy that govern your use of all services and infrastructure provided by HOSTCAY — including, but not limited to, bandwidth, transport networks, servers, switches, IP addresses, storage, and any other equipment used to transmit, receive, store or process data.

By creating an account, placing an order, or otherwise using our services, you confirm that you have read, understood and agreed to this Agreement in full. You are responsible for all activity conducted through your account, whether performed by you or by anyone else (authorised or not). In the event of a security breach, you remain liable for any resulting violations of this Agreement.

We reserve the right to enforce, update, modify, amend or replace any part of this Agreement at any time. Material changes will be reflected by updating the "Last updated" date above and, where appropriate, posting a notice in the client area. Continued use of the services after a change constitutes acceptance of the revised Agreement.

SERVICE PROVIDER

Netacel Inc. — an International Business Company (IBC), Company No. 245535, incorporated in the Republic of Seychelles, trading as HOSTCAY.

Registered mailing address:

306 Victoria House
Victoria
Mahé
Seychelles

General contact: office[at]hostcay[dot]com
Client support: via tickets at https://my.hostcay.com

1. DEFINITIONS

"We" / "Us" / "Our" / "HOSTCAY" / "HOSTCAY.COM" refers to HOSTCAY and any of its parent companies, subsidiaries and affiliates involved in providing the Services.

"You" / "Your" / "User" / "Client" / "Customer" refers to the individual or entity that accesses the Website and/or uses the Services.

"End Users" refers to any individual or entity that, directly or indirectly — including through another User — (a) accesses or uses Your Services Content, or (b) otherwise accesses or uses the Services under your account.

"Services" refers to all products and services offered by HOSTCAY through its Website, including but not limited to web hosting, reseller hosting, VPS hosting, storage VPS, dedicated servers, domain registration, VPN, infrastructure management and related ancillary services.

"Services Content" refers to all source code, files, software, processes, interfaces, data, text, configuration settings, media and other materials stored, hosted or processed by the Services on your behalf.

"Website" refers to https://hostcay.com, https://my.hostcay.com and any sub-domain or localised version (e.g. ru., ro., de., fr.).

2. USER PRIVACY

Our Privacy Commitment: HOSTCAY is committed to protecting your privacy. All information you provide is held securely within our offshore billing infrastructure and treated as confidential. We will never sell, rent, lease or disclose your personal information to any third party for marketing purposes, and we share data only where strictly required by registry rules (see Section 6) or by valid legal process directed at us (see Section 3).

What We Collect: Depending on the nature of your enquiry — service, support or sales — we may collect your name, address, telephone number, email address, payment history and method, payment amounts and dates, order details and the domain names registered through your account. We do not store or process credit card or PayPal account data directly; all sensitive payment data is transmitted to and held by our PCI-compliant payment processors over encrypted connections.

How We Use It: Information you provide is used to: (i) deliver and operate the Services; (ii) bill you and prevent fraud; (iii) send transactional notices such as invoices, alerts, abuse notifications and service announcements; and (iv) where you have opted in, occasional product news. You must keep your contact information accurate so we can reach you in a timely manner.

Cookies: HOSTCAY uses cookies and similar technologies on its main marketing website to remember your preferences, measure traffic and serve relevant content. Our client portal at https://my.hostcay.com does not use marketing cookies. A cookie is a small piece of data stored on your device by a website and returned to that website on subsequent visits. You can configure your browser to refuse cookies, but some features of the Website may not function correctly without them. Learn more at cookiesandyou.com/about-cookies. By continuing to browse our Website, you consent to our use of cookies.

Your Rights (GDPR & Equivalent): You have the right to access, correct, port or delete the personal data we hold about you, and to object to or restrict certain processing. To exercise these rights, contact office[at]hostcay[dot]com from the email address on file. We will respond within thirty (30) days. Deletion requests cannot remove data we are legally required to retain (for example, invoices for tax purposes or registrant data the registry obliges us to keep).

Data Location: Customer billing data is held within our offshore jurisdiction. Hosted content resides on the data centre and region you select at checkout.

3. DMCA, COPYRIGHT, FREEDOM OF EXPRESSION & APPLICABLE LAW

Governing Law: This Agreement is governed by the laws of the Republic of Seychelles, where HOSTCAY's parent company Netacel Inc. is incorporated. Operational compliance is also subject to the laws of the jurisdiction in which the relevant data centre is located.

DMCA Notices: The Digital Millennium Copyright Act ("DMCA") is United States federal law and does not directly apply to infrastructure operated outside the United States. Our data centres operate primarily within the European Union and other offshore jurisdictions, where the EU Directive on Copyright in the Digital Single Market and equivalent local laws apply. We process well-formed copyright complaints in line with the laws of the data centre's jurisdiction; frivolous, abusive or jurisdictionally inapplicable notices may be declined.

Freedom of Expression: HOSTCAY upholds Article 10 of the European Convention on Human Rights and supports lawful free speech, open-source software, privacy, anonymity and network neutrality. We do not censor lawful customer content. There is, however, a clear line between lawful speech and material that violates this Agreement (see Section 4) — our commitment to free expression does not authorise prohibited activity.

Not Bulletproof: HOSTCAY is a privacy-focused offshore hosting provider; we are not a "bulletproof" host. Malicious activity is strictly prohibited.

Law Enforcement: Where a valid legal instrument recognised by the competent authorities of the relevant jurisdiction is presented to us, HOSTCAY will cooperate to the extent required by law. Law enforcement may contact us at office[at]hostcay[dot]com.

For copyright or rights-related enquiries, please contact office[at]hostcay[dot]com.

4. PROHIBITED CONTENT & ACTIVITIES

While we operate an open and permissive hosting environment, the following content and activities are strictly prohibited on any HOSTCAY infrastructure:

• Child sexual abuse material (CSAM) of any kind
• Content promoting illegal drugs or the abuse of controlled substances
• Content involving animal exploitation, including zoophilia and bestiality
• Threatening, racially motivated, discriminatory or otherwise abusive content directed at individuals or groups
• Fraud, multi-level marketing ("MLM"), pyramid schemes or other deceptive practices
• Phishing, scam pages, fake bank/payment/government portals or credential-harvesting sites
• Distributed Denial of Service ("DDoS"), packet flooding, amplification or reflection attacks
• Ransomware, botnets, viruses, malware, stealers, RATs, IRC bots or any similar malicious software
• Unsolicited Commercial Email ("UCE" / spam) — see Section 7
• Any activity likely to result in our network being listed by Spamhaus or similar reputation services
• Network abuse, IP spoofing, ARP/route manipulation or unauthorised traffic interception
• Infringement of intellectual-property or authors' rights (where applicable in the data centre jurisdiction)
• Unauthorised access to computers, networks or surveillance systems ("hacking")
• Content promoting or supporting terrorism

Permitted with caveats: Legal adult (18+) content and lawful gambling are permitted, provided they comply with the laws of the jurisdiction in which the content is hosted and with any age-verification or licensing obligations that apply. Anything not listed above is considered permitted, subject to applicable local laws.

Immediate Action: If your use of the Services endangers the health, safety or financial security of any person (for example active phishing of a real bank), we reserve the right to suspend the affected service immediately and without prior notice.

Customer Liability: HOSTCAY is not responsible for legal issues arising from data hosted by customers. The legality and legitimacy of hosted content is the sole responsibility of the customer.

5. CONTENT & NETWORK-USE RESPONSIBILITY

You bear full responsibility for all Services Content stored on, and all activity conducted through, your account — including activity by your End Users, sub-users, resellers' clients or any third party you grant access to. HOSTCAY upholds anti-censorship principles and intervenes only when content or activity violates this Agreement. HOSTCAY accepts no liability for the use of domain names registered through our Services, nor for the content published on websites associated with those domains. If you become aware of unlawful activity hosted on our infrastructure, please report it to office[at]hostcay[dot]com.

6. DOMAIN NAMES

Our Role — Privacy-Oriented Reseller, Not an Accredited Registrar: HOSTCAY is not an ICANN-accredited registrar and is not directly accredited with any ccTLD registry. We operate as an offshore intermediary between you and the relevant registry/registrar. Our domain service is privacy-oriented by design: instead of registering your domain directly with an upstream registrar that logs and retains your personal information under its own jurisdiction, we hold your registration data within our offshore billing infrastructure and pass only the minimum information required by the registry to keep the domain valid. This is a privacy enhancement, not a guarantee of anonymity — we still must comply with the rules of every registry we use.

Domain Ownership & WHOIS Data: When you register or transfer a domain through HOSTCAY, the domain is registered under your registrant data — the information you provide in your billing account. You are the legal registrant and owner of the domain from the moment of registration. HOSTCAY does not register domains under its own corporate details on your behalf.

Accurate Data Is Mandatory (ICANN / ccTLD Compliance): ICANN's Registrar Accreditation Agreement and every ccTLD registry contract we operate under require that registrant WHOIS data be accurate, complete and verifiable. By registering a domain through us, you represent and warrant that the name, address, email and phone number you provide are true and current, and that you will update them within a reasonable time if they change. Inaccurate, falsified or unverifiable WHOIS data is grounds for the registry to suspend, lock or delete the domain, and HOSTCAY is obligated to forward verification requests from the registry to you. Failure to respond to a registry verification request (typically within 15 days) will result in the domain being suspended by the registry, and we cannot reverse such action. HOSTCAY is not liable for any loss of service, traffic or business arising from a domain suspension caused by inaccurate or unverified WHOIS data.

How Your Data Is Protected: We protect your registration data in two ways: (1) it is held securely within our offshore billing system, rather than being indexed and retained by an upstream registrar in their jurisdiction; and (2) for TLDs that support it, free WHOIS privacy is applied by default so that your personal details are not publicly visible in WHOIS lookups. WHOIS privacy hides your data from the public — it does not hide it from the registry, ICANN, or from lawful legal process directed at the registry or at us. WHOIS privacy is not available for every ccTLD; where the registry mandates public registrant disclosure, your data will appear in WHOIS and no privacy service can override that rule.

Registry Rules Override Our Terms: Every TLD and ccTLD has its own registration policy (residency requirements, trademark rules, dispute procedures such as UDRP/URS, takedown and abuse policies, redemption and renewal grace periods, transfer locks, and more). By registering a domain through HOSTCAY, you agree to comply with the policies of the relevant registry in addition to this Agreement. Where the registry's rules conflict with anything stated here, the registry's rules prevail and we are required to enforce them.

Suspensions, Locks & Takedowns: A domain registered through HOSTCAY may be suspended, locked, transferred or deleted by the registry in response to: a valid court order; a UDRP/URS or ccTLD dispute decision; a registry-issued abuse, phishing, malware or trademark complaint; failed WHOIS verification; or non-payment. We do not have the authority to override registry decisions. We will notify you of any registry action against your domain using the contact details on file.

Renewals, Expiry & Recovery: Domain renewals are billed in advance. If a domain is not renewed before expiry, it enters the registry's standard lifecycle (auto-renew grace, redemption period, then deletion). Redemption fees set by the registry apply and are non-negotiable. Once a domain has fully expired and been released by the registry, recovery is no longer possible.

Transfers: You may transfer your domain away from HOSTCAY at any time to another registrar, subject to ICANN/ccTLD transfer rules (typically a 60-day post-registration / post-transfer lock and provision of an auth code by us). We will not unreasonably withhold or delay an outbound transfer.

Special Characters & IDNs: Domain names must adhere to registry rules: between 3 and 63 characters, consisting only of letters (a–z), numbers (0–9) and hyphens (not at the beginning or end). Characters such as "&" and "#" are prohibited. Internationalized Domain Names ("IDNs") are not supported on our platform; our system strips IDN and special characters upon activation to comply with registry standards, which may result in a registered domain with missing characters. Refunds will not be issued for domains affected by special-character stripping. Our margin on domain registrations is minimal as the majority of the fee is paid to the registry.

Limited Liability: Our liability is strictly limited to the registration and renewal service itself. We are not liable for the content hosted on any domain registered through us, nor for any registry-initiated action against a domain.

Content-Related Suspension: We do not suspend a domain based on website content where that content is not hosted on our servers. Where content is hosted on our servers and violates our AUP, only the hosting service is affected — the domain itself remains under your control unless a registry action is also issued.

Reporting Illicit Content: Users who encounter illicit content are encouraged to report it to the hosting provider responsible for that content. In most cases, illicit content is hosted on third-party servers, and those providers have the authority to act.

7. SPAM & UCE

Zero Tolerance: HOSTCAY enforces a strict zero-tolerance policy against Unsolicited Commercial Email ("UCE" / spam) across all services. You may not use our network to send UCE, nor host websites that are promoted via UCE originating from any network. Violations may result in immediate suspension or termination. On receipt of a credible spam report we open an investigation within 48 hours; during that period your service may be restricted to prevent further infractions. If the report is confirmed, we may suspend or terminate the offending service without further notice and may pursue civil remedies to recover our investigation and enforcement costs.

Outbound Email on Shared Hosting & Email Plans: Shared Web Hosting and Email Hosting are for personal or legitimate small-business mail via webmail or IMAP/POP3 only. SMTP via port 25 is blocked by default and these plans are not suitable for newsletters, bulk mail or PHP-based mailers (e.g. WordPress mail). Because our network is privacy-oriented and offshore, our outbound IPs have no established mail reputation. All outbound mail must be routed via Mail.baby, our integrated third-party relay (enabled by default on shared and email plans). You are responsible for keeping your domain off the Spamhaus DBL and for configuring SPF, DKIM, DMARC, MX and PTR records using our designated nameservers. Third-party DNS providers (e.g. Cloudflare) may break email delivery and are not supported for mail purposes. We strive for good deliverability but cannot guarantee inbox placement, especially for new domains or domains showing spam-like patterns. DBL-listed domains must first implement DKIM, PTR and MX correctly before submitting a delisting request to Spamhaus; delisting is not guaranteed.

Outbound Email on VPS & Dedicated Servers: Port 25 is disabled by default on all VPS and Dedicated Servers to prevent abuse. Our servers are optimised for web and application workloads, not for mail delivery. Because of the offshore nature of our IP ranges, addresses are commonly listed on the Spamhaus PBL (non-mail-server designation) and frequently re-listed, so we keep outbound mail ports closed by default. If you need to send mail, use an established third-party SMTP service such as Mail.baby (from approximately €0.20 per 1,000 emails), MailJet, MailChimp, SendGrid or SendinBlue. Sending bulk or transactional mail directly from our IPs is not supported and delisting requests are not guaranteed to succeed.

Use of any service that involves outbound mail constitutes acceptance of this section.

8. ABOUT SECURITY

• Account credentials: Your password and authentication tokens are the keys to your account. You are responsible for keeping them secure and confidential, and for all activity carried out under your account — including activity by anyone you grant access to or anyone who obtains your credentials through your negligence.
• No circumvention: You must not attempt to bypass authentication or security on any host, network or account — including accessing data not intended for you, logging into accounts you are not authorised to use, or probing the security of other networks (whether on or off our infrastructure).
• No service disruption: You must not interfere with the service available to any user, host or network through denial-of-service attacks, deliberate overloading or any attempt to crash, degrade or destabilise a host or network segment.
• Customer-side hardening: You are required to implement reasonable security measures on your own software stack (strong passwords, software updates, two-factor authentication where offered, restricted SSH keys, file-permission hygiene, etc.) to prevent unauthorised use of your account or server.
• Consequences: Violations of system or network security may attract criminal prosecution and/or civil liability in addition to suspension or termination of the offending service.

9. RESOURCES USAGE (SHARED HOSTING)

Shared and Reseller Hosting accounts share underlying server resources with many other accounts. To keep the platform stable for everyone, the following activities are prohibited on Shared and Reseller plans:

• Consuming 20% or more of system resources for longer than 120 seconds in any single process (including CGI, FTP, PHP, HTTP and similar processes)
• Running standalone, long-running, unattended server-side processes or daemons
• Running any BitTorrent application, tracker or client
• File-sharing, peer-to-peer activity or use of the account primarily as a file dump
• Running cron jobs at intervals shorter than 10 minutes
• Generating more than 300 HTTP (Port 80/443) requests per 30 seconds
• Using the account for primary off-site backup storage of unrelated services

CloudLinux LVE limits: HOSTCAY uses CloudLinux LVE to ensure fair resource distribution across Shared Hosting accounts. LVE is a kernel-level container technology built on cgroups; it operates transparently with minimal overhead and prevents any single website from monopolising CPU, I/O, memory or Apache worker processes. If your site displays a "Resource Limit Reached" error, the account has hit the LVE limits associated with your plan. Per-plan limits are published on our pricing page. Persistently exceeding your LVE limits is a sign that you have outgrown shared hosting and should upgrade to a VPS or dedicated server.

10. DEDICATED SERVERS & VPS SERVERS

Unmanaged by default: Unless explicitly purchased as a managed service, all Dedicated Servers and VPS Servers are unmanaged. HOSTCAY provisions the server to the specifications you ordered (CPU, RAM, disk, network) and installs the operating system of your choice (or our recommended default). After OS installation, our support responsibility ends and full responsibility for the server passes to you — including configuration, software installation, updates, security hardening, performance tuning, troubleshooting and the protection of your data.

Credentials: Root or administrator credentials are delivered once, in the activation email, to the address on file. You must change the password on first login. We do not retain a copy of your server credentials. If you lose them, we can reset the password via a rescue/recovery procedure but cannot recover the previous one.

Control panel: VPS Servers are delivered with our VPS control panel (start/stop/reboot, reinstall, console, network and backup management). Dedicated Servers are delivered without a hosting control panel by default; you may install cPanel, DirectAdmin or any other licensed product yourself.

Customer-controlled VPS operations: Via the VPS control panel you may reboot, reinstall the OS from a template or ISO, mount a rescue image and otherwise manage your VM at will. Frequent reinstalls or stuck operations may, in rare cases, require us to clear a hung task — open a ticket if needed.

OS reinstalls & reboots: You may contact us for support concerning network-related issues, server hardware faults, VPS control-panel problems and OS templates / ISO images. Customer-induced issues are not covered.

Mail on VPS & Dedicated Servers: Port 25 is closed and our IPs are typically PBL-listed by Spamhaus. See Section 7.

Backups on VPS & Dedicated Servers: VPS plans include free automated daily backups for disaster recovery — see Section 11 for the full backup policy. Dedicated Servers are not covered by the automated backup service; additional backup storage can be purchased from our Storage Servers page or you may use any external solution (Google Drive, S3-compatible storage, Backblaze B2, FTP/SFTP off-site, your own backup software).

Dedicated Server Cancellations: To cancel a Dedicated Server you must submit a cancellation request through the client area at least 7 days before the billing due date. Dedicated Servers are auto-renewed monthly under our data-centre contracts; without timely notice you remain liable for the next month's power, hardware-rental and rack-space charges. Late or missing payments on one server may also affect the status of other servers on the same account — e.g. if you have two servers and fail to give timely cancellation notice for one, the other may be suspended until all outstanding balances are cleared.

11. WEBSITE MIGRATION, BACKUPS & DATA LOSS

General: All Services are provided on an "as is" and "as available" basis. HOSTCAY is not liable for data loss, data corruption or business interruption resulting from the Services. You are ultimately responsible for your own data.

Website Migration: We offer a complimentary migration service for new Shared Web Hosting customers, on a best-effort basis. We cannot guarantee feasibility, completeness or a specific timeframe. Eligibility:

• Shared Web Hosting only — VPS and Dedicated Servers are not eligible.
• Must be requested within 30 days of signup; requests after 30 days are billed at our standard migration fee.
• Source must use cPanel or DirectAdmin.
• Per-file size limit: 5 GB. Per-database size limit: 2 GB. Larger sites are quoted on a case-by-case basis — please open a ticket.

Free Automated Daily Backups (Shared Hosting & VPS): All Shared Hosting plans and all Linux VPS, Storage VPS and Windows VPS plans include free automated daily backups as a complimentary service. Backups are taken on a best-effort schedule and retained for a rolling window determined by us. This service exists solely as a disaster-recovery safety net for infrastructure-level failures that are our responsibility — specifically: physical hardware failure, storage-medium corruption due to wear, RAID/array failure, hypervisor or filesystem corruption originating from our infrastructure.

Self-Service Restoration via Control Panel: Where the underlying technology supports it, you can browse and initiate restoration of available backups directly from your control panel (cPanel / DirectAdmin / VPS panel) without needing to open a ticket. Self-service restoration is provided as a convenience and on a strictly best-effort, no-guarantee basis: a backup may be missing, partial, out-of-date, corrupted or unrestorable, and a restore may fail or only partially complete. You accept all risks of initiating a self-service restore, including the risk that the restore may overwrite newer data with older data. We strongly recommend taking a fresh manual backup of your current data before starting any self-service restore.

What Our Backups Are NOT For: The automated backup service is not intended for and will not be restored to address:

• User error, accidental file deletion or accidental database drops
• Configuration mistakes, broken updates, failed plugin/theme installs or botched migrations performed by the customer
• Compromised accounts, defacements, malware infections or ransomware caused by weak credentials or insecure customer code
• Rollback of legitimate content changes, A/B testing or "undo" operations
• Recovery of data on services that have been suspended, terminated or cancelled (see Section 15)
• Dedicated Servers (excluded from the automated backup service — see Section 10)
• Data that exceeds the backup-size limits applied to your plan

You may still attempt a self-service restoration in these scenarios via the control panel where the feature is exposed, but support is not provided for issues caused by such restores, and a successful outcome is not guaranteed.

No Guarantee, No SLA: Automated backups are provided strictly on a best-effort basis with no guarantee of completeness, integrity, frequency, retention or recoverability. HOSTCAY makes no commitment as to RPO (recovery-point objective) or RTO (recovery-time objective). The backup service is not an SLA-backed product and no service credits will be issued for failed, missing or unavailable backups, or for unsuccessful restorations.

You Must Still Maintain Your Own Backups: Our complimentary backup service is an additional safety layer for catastrophic infrastructure failure — it is not a replacement for your own backup strategy. You are required to maintain independent, off-site backups of all data you cannot afford to lose, using a solution under your own control (Google Drive, S3-compatible storage, Backblaze B2, FTP/SFTP off-site, rsync, your own backup software or any external method) and to test your restore procedures regularly. HOSTCAY accepts no liability for data loss where the customer has relied solely on our complimentary backup service.

Assisted Restoration (Ticket): Where self-service restoration is unavailable or unsuccessful and a qualifying disaster-recovery event has occurred, open a ticket and our team will attempt to restore from the most recent usable backup. If a usable backup does not exist or restoration fails, we will, where reasonable and at our discretion, provision a replacement service and extend your subscription by 7 additional days at no extra cost on top of the remaining period — but we cannot recreate lost data.

By using our Services you confirm that you have read and understood this section and that your own off-site backups remain your responsibility.

12. SERVICE UPTIME

HOSTCAY targets a minimum network uptime of 99.9% per calendar month. In the rare event we miss this target, you may request a service credit proportional to the network downtime attributable to us during the affected month. Service credits are applied to the next invoice and are non-refundable.

The uptime commitment applies only to our network connectivity. The following are excluded from the SLA and do not generate service credits:

• Internal application stacks such as MySQL/MariaDB, Apache, Nginx, PHP, mail daemons and similar software (whether managed by you or by us)
• DDoS attacks, flooding or other volumetric/protocol attacks against your service or infrastructure
• Scheduled maintenance announced at least 24 hours in advance, and emergency maintenance
• Service interruptions caused by unpaid invoices, abuse handling or breach of this Agreement
• ISP, last-mile, route-flap or local connection issues on the customer's side
• Customer-caused downtime (misconfiguration, exhausting plan resources, broken updates, etc.)
• Events of force majeure (see Section 19)
• Domain-level issues (DNS misconfiguration, registry suspensions, expired domains)

HOSTCAY reserves the right to modify this SLA at its sole discretion. Changes will be posted on the Website and take effect seven (7) days after publication.

13. SUPPORT

Channels: Customer support is provided exclusively through tickets submitted via our billing portal at https://my.hostcay.com. Tickets are handled in the order received; opening multiple tickets or sending duplicate replies will not speed up the response. Support is provided in English only.

Scope: Shared Hosting includes managed OS, web server, mail and control-panel maintenance, performed by us. VPS and Dedicated Servers are unmanaged by default and are intended for experienced Linux/Windows administrators — we do not provide application-level configuration, software troubleshooting or in-server tuning on these plans unless a managed add-on has been purchased. You may always contact us for:

• Network-related issues attributable to us
• Server hardware faults
• VPS control-panel issues
• OS templates and ISO images
• Billing, account and provisioning matters

Where a disruption is caused by hardware, infrastructure, network or virtualisation issues for which HOSTCAY is responsible, we will provide assistance free of charge. For work outside that scope we may quote a separate, mutually agreed fee.

Conduct: Abusive, threatening, defamatory or otherwise inappropriate language is prohibited in all communications with HOSTCAY (tickets, live chat, email, social channels). Breaches may result in a written warning, restriction or termination of access to support and, in serious cases, termination of your services without refund.

14. CANCELLATIONS & REFUNDS

How to Cancel: Cancellation requests must be submitted via the client area at https://my.hostcay.com — navigate to the service in question and submit the cancellation form. Cancellations are not accepted through support tickets, email or live chat.

Notice Period: Submit your cancellation request at least 7 days before the next renewal date. For Dedicated Servers the 7-day notice is mandatory; without it you remain liable for the next month's data-centre charges and missed payments on one server may affect the status of other servers on the same account.

Our Right to Terminate: HOSTCAY may suspend or terminate any account at any time, with or without prior notice, where there is a breach of this Agreement, abusive behaviour toward staff, non-payment, or activity that endangers our infrastructure or other customers.

Refund Policy — General Rule: HOSTCAY operates a no-refund policy by default. The following exceptions apply:

• Shared Hosting: 15-day money-back guarantee for first-time customers, excluding payments made via Bitcoin or other cryptocurrencies.
• Within 72 hours of payment: a refund may be considered where the failure to deliver is attributable to HOSTCAY (e.g. we cannot provision the service ordered).
• Erroneous recurring charges: see "Recurring Payment Subscriptions" below.

Always Non-Refundable: Dedicated Servers, Virtual Private Servers, SSL Certificates, VPN services, administrative and setup fees, processing fees, custom software installation fees, domain name registrations and renewals, transactions paid via Bitcoin or other cryptocurrencies, "Add Credit" / account-balance deposits, and non-refundable third-party licensing fees (e.g. cPanel, DirectAdmin, Plesk, Windows, control-panel add-ons).

Administrative Fee: Where a refund is approved, an administrative fee of 1% of the refundable amount (minimum €2.00 EUR) is deducted from the refunded total.

Chargebacks: Initiating a dispute or chargeback with your payment processor instead of contacting us first may result in immediate suspension or termination of all services on your account, plus a chargeback handling fee. Any breach of this Agreement voids all refund entitlement.

Eligibility: Refunds are available to first-time customers only. Customers who previously held an account (cancelled, suspended, terminated or otherwise closed) and re-register, or who open a secondary account, are not eligible.

Working Services: Refund requests for services that are functioning as ordered, or experiencing issues caused by the customer, will not be accepted.

Recurring Payment Subscriptions: It is your responsibility to cancel any active payment subscription directly with PayPal or your chosen payment provider. HOSTCAY does not have access to your payment profile and cannot cancel recurring subscriptions on your behalf — only the account holder can do that through the payment provider's platform. If you do not cancel your subscription, you will continue to be billed and any overpayments will be applied as non-refundable credit to your account balance for use against future invoices. Where multiple months have been charged in error, refunds may be issued only for payments made within the last 30 days and only to the original payment method.

Discretion: HOSTCAY reserves the right to decline any refund request at its sole discretion.

15. PAYMENTS, SUSPENSION, TERMINATION & DATA RETENTION

Invoicing: Invoices for all hosting services are generated 7 days before the due date. Our billing system sends multiple reminders for outstanding invoices. Keep your contact details accurate so you receive these reminders on time.

Payment Methods: We accept Credit Card, PayPal, Cryptocurrency (BTC, LTC, XMR, DASH, DOGE, USDT), PerfectMoney and Wire Transfer. For PayPal payments we may request verification of the PayPal email address used. For maximum buyer privacy, cryptocurrency payments are converted to XMR (Monero) on receipt.

Suspension & Termination Timeline:

• Shared Hosting: Suspended 1 day after the invoice due date if payment is not received. After 4–5 days of suspension the account is automatically cancelled and permanently removed from our servers. Once the service is terminated, any associated automated backups are also purged and data recovery is no longer possible.
• VPS Servers: Suspended 1 day after the invoice due date. After 4–5 days of suspension the service is terminated and all data is permanently wiped. Once the service is terminated, any associated automated backups are also purged and data recovery is no longer possible.
• Dedicated Servers: Suspended on the invoice due date if unpaid. If the invoice remains unpaid for 4–5 days and we receive no communication from you — not even a request for a payment extension — the server is terminated and may be re-provisioned to another customer. Once terminated or recycled, all data on the server is permanently lost.

If you anticipate a payment delay, notify us through a billing ticket before the due date and we will, where reasonable, hold the service while you sort it out.

Data Retention After Termination: Once a service is terminated, the data on that service cannot be recovered (see Section 11). Maintain your own backups and pay your invoices on time to avoid data loss.

16. RESELLERS & PARTNERS

First-line support: Resellers are responsible for providing first-line support to their own end-clients. HOSTCAY does not provide support directly to a reseller's clients. If a reseller's client contacts HOSTCAY directly, we may temporarily suspend the client's account until the reseller assumes responsibility. For security and chain-of-custody reasons, all support requests for a reseller account must be initiated by the reseller on behalf of their client.

Accountability: Resellers are responsible for all content stored or transmitted under their reseller account and for the actions of their clients. HOSTCAY will hold the reseller accountable for any client activity that violates applicable law or this Agreement. In such cases we will contact the reseller and work cooperatively to resolve abuse issues.

17. AFFILIATE PROGRAM

Commission Rate: 20% on every qualifying first-time order placed via your affiliate link. Commissions apply to initial purchases only, not to renewals.

Cookie Tracking: A 2-year cookie tracks referred visitors. You earn a commission if the referred visitor makes a qualifying first-time purchase at any point within that window.

Excluded From Commission:

• Addon configurations (extra IPs, software licences, custom installs, checkout add-ons)
• Domain name registrations and renewals
• SSL certificates
• Service renewals of any kind
• "Add Credit" / account-balance top-ups

If an affiliate order contains add-ons, the displayed order value may look higher than the commissionable amount. The matured payout will reflect the correct commission excluding add-ons.

Withdrawals:

• Minimum withdrawal: €10 EUR. Maximum per withdrawal: €100 EUR.
• Commissions mature 35 days after the qualifying order, to allow for chargebacks, cancellations and TOS violations.
• Affiliates with a positive track record may request an expedited payout via support ticket; we will review your history and may shorten the waiting period.
• Payout methods: PayPal, Bank Transfer or Cryptocurrency.
• Approved payouts are processed on the same day.

Requesting a Payout: We recommend opening a support ticket when you submit a payout request, since we do not receive automatic notifications for payout requests in the affiliate panel. Mention that you have already submitted the request — this helps us prioritise and dispatch your payout without delay.

18. INDEMNIFICATION

You agree to defend, indemnify and hold harmless HOSTCAY, its officers, directors, employees, agents and third-party service providers from and against any and all claims, demands, costs, expenses, losses, liabilities and damages (including reasonable legal fees) arising out of or related to: (i) your use of, or access to, this Website or any of the Services; (ii) your breach of this Agreement or any policy incorporated into it; (iii) your violation of any third-party rights, including intellectual-property or proprietary rights; and (iv) any activity carried out under your account, whether or not authorised by you. These indemnification obligations survive the termination or expiration of this Agreement and of your use of the Website and Services.

19. FORCE MAJEURE & LIMITATION OF LIABILITY

"As is" disclaimer: All Services are provided on an "as is" and "as available" basis, without warranties of any kind, express or implied. HOSTCAY expressly disclaims all warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy and uninterrupted operation.

Limitation of liability: To the maximum extent permitted by applicable law, HOSTCAY shall not be liable for any indirect, incidental, special, consequential, exemplary or punitive damages — including loss of profits, loss of revenue, loss of business, loss of goodwill, loss of data, loss of use, or the cost of substitute services — arising out of or in connection with the Services, server downtime, service unavailability, data corruption or deletion, regardless of the legal theory under which such damages are sought and even if HOSTCAY has been advised of the possibility of such damages. To the extent any liability cannot be excluded, HOSTCAY's aggregate liability to you in respect of any single event or series of related events shall not exceed the total fees paid by you to HOSTCAY for the affected service in the three (3) months preceding the event giving rise to the claim.

Force majeure: HOSTCAY shall not be liable for any failure or delay in performance caused by events beyond its reasonable control, including but not limited to: acts of God, natural disasters, war, terrorism, riots, civil unrest, government action, sanctions, embargoes, pandemics or epidemics, labour disputes, fibre cuts, upstream network outages, large-scale DDoS attacks, data-centre power or cooling failures, cyber-incidents affecting upstream providers, and failure of telecommunications or internet infrastructure.

HOSTCAY reserves the right to amend its policies at any time.

20. FAILURE TO COMPLY

Failure to adhere to any term of this Agreement may result in a written warning, suspension or termination of the affected Services without prior notice. Where HOSTCAY terminates your account due to a policy violation, all fees previously paid are forfeited and no refund is due. The following conduct constitutes grounds for immediate termination:

• Violation of this Agreement, the AUP or any incorporated policy
• Any attempt to discredit, defame or extort HOSTCAY or its services — including threats, coercion of staff, public smear campaigns or baseless legal threats
• Use of the Services for any illegal activity under the law of the data centre's jurisdiction
• Use of the Services to store, host or distribute illegal or harmful material (see Section 4)
• Repeated abuse complaints from third parties that you fail to resolve
• Non-payment of invoices after the suspension/termination timeline in Section 15

You are responsible for the actions of all users under your account and for any content they create, modify or control. These terms apply to all content hosted under your account, even where it was not directly uploaded by you.

21. GENERAL PROVISIONS

Entire Agreement: This Agreement, together with any policy referenced from it, constitutes the entire agreement between you and HOSTCAY in relation to the Services and supersedes all prior agreements, communications, proposals or representations (oral or written) between the parties on the same subject matter.

Severability: If any provision of this Agreement is held to be invalid, illegal or unenforceable by a court of competent jurisdiction, that provision will be modified to the minimum extent necessary to make it enforceable, or, if that is not possible, severed from the Agreement — the remaining provisions will continue in full force and effect.

No Waiver: Failure or delay by HOSTCAY to enforce any right under this Agreement does not constitute a waiver of that right.

Assignment: You may not assign or transfer this Agreement, in whole or in part, without our prior written consent. HOSTCAY may assign this Agreement at any time, including in connection with a merger, acquisition or sale of assets.

Notices: Notices to HOSTCAY must be sent to office[at]hostcay[dot]com. Notices to you will be sent to the email address on file in your billing account — it is your responsibility to keep that address current.

Updates: HOSTCAY may update this Agreement at any time by posting a new version on the Website and updating the "Last updated" date at the top. Continued use of the Services after a change constitutes acceptance of the revised Agreement.

Headings: Section headings are for reference only and do not affect the interpretation of this Agreement.