Acceptable Use Policy

1. Introduction

This Acceptable Use Policy ("AUP") defines the rules and expected behaviors of all users of the services offered by BorealHost.ai, a web hosting company based in Quebec, Canada. This policy applies to all of our services, including shared hosting, managed WordPress hosting, virtual private servers (VPS), dedicated servers, artificial intelligence modules, domain name registration and any other related service.

By using our services, you agree to comply with this policy. The AUP supplements our Terms of Use and our Privacy Policy. In the event of a conflict between these documents, the more restrictive provisions shall apply.

BorealHost.ai reserves the right to take corrective measures, including the suspension or termination of your account, in the event of a violation of this policy.

2. Prohibited activities

The following activities are strictly prohibited on all of our services. This list is not exhaustive; BorealHost.ai reserves the right to determine, at its sole discretion, whether an activity constitutes a violation of this policy.

2.1 Illegal content

The hosting, distribution or promotion of any content that is illegal under Canadian federal laws, Quebec provincial laws or applicable international laws is prohibited. This includes, but is not limited to, the sale of controlled substances, fraudulent activities, unauthorized gambling and any content whose possession or distribution is illegal.

2.2 Copyright and intellectual property infringement

Hosting content that infringes copyright, trademarks, patents or any other intellectual property rights of third parties is prohibited. This includes the unauthorized distribution of software, music, movies, books, images or any other protected material. BorealHost.ai respects Canada's Copyright Act and will respond to takedown notices in accordance with established procedures.

2.3 Spam and unsolicited communications (CASL)

Sending unsolicited emails, text messages or any other form of mass commercial communication is strictly prohibited. Clients must comply with Canada's Anti-Spam Legislation (CASL), which provides for fines of up to $10 million per violation. Any detected spam activity will result in immediate account suspension.

2.4 Phishing and social engineering

Creating or hosting websites, emails or any content designed to fraudulently impersonate another entity in order to steal credentials, financial information or personal data is prohibited. This includes forged login pages, fake payment forms and any phishing schemes.

2.5 Malware and viruses

Distributing, hosting or developing malware, viruses, Trojan horses, ransomware, spyware or any other harmful code is prohibited. This also includes hosting compromised websites used to distribute malware.

2.6 Unauthorized cryptocurrency mining

Cryptocurrency mining on our servers is prohibited without prior written authorization from BorealHost.ai. This prohibition applies to all forms of mining, including browser mining via scripts embedded in web pages. Clients who wish to use our dedicated VPS services for mining must obtain explicit authorization and accept the applicable pricing terms.

2.7 Denial of service attacks (DoS/DDoS)

Initiating, coordinating or participating in denial-of-service attacks, whether distributed or not, is strictly prohibited. This includes using our services as a point of origin, relay or command and control infrastructure for such attacks.

2.8 Unauthorized access and hacking

Any attempt to access without authorization systems, networks, accounts or data belonging to BorealHost.ai, its clients or third parties is prohibited. This includes port scanning, vulnerability analysis, brute force attacks and any other form of unauthorized intrusion attempt. Penetration testing is only permitted on your own services and after prior notification to our security team.

2.9 Child exploitation material

The hosting, distribution or promotion of any child sexual exploitation material (CSAM) is absolutely prohibited and will be immediately reported to the competent authorities, including the Canadian Centre for Child Protection (Cybertip.ca) and the Royal Canadian Mounted Police. No warning will be issued; the account will be immediately terminated and evidence will be preserved for law enforcement.

2.10 Hate speech and discriminatory content

Hosting content that promotes hatred, violence or discrimination against individuals or groups based on their race, ethnicity, nationality, religion, sex, gender identity, sexual orientation, disability or any other characteristic protected by the Canadian Charter of Rights and Freedoms and the Quebec Charter of Human Rights and Freedoms is prohibited.

3. Compliance with Canada's Anti-Spam Legislation (CASL)

As a Quebec-based company, BorealHost.ai places particular importance on compliance with Canada's Anti-Spam Legislation (CASL). All clients who send commercial electronic messages (CEMs) from our services must comply with the following requirements.

3.1 Mandatory express consent

The client is entirely responsible for obtaining the express consent (opt-in) of each recipient before sending any commercial electronic message. Implied consent is only acceptable in cases provided by law (existing business relationship of less than two years, inquiry of less than six months). The client must retain verifiable proof of consent obtained.

3.2 Unsubscribe mechanism

Every commercial electronic message must include a functional, free and easy-to-use unsubscribe mechanism. Unsubscribe requests must be processed within a maximum of ten (10) business days. The unsubscribe mechanism must remain functional for at least sixty (60) days after the message is sent.

3.3 Sender identification

Each commercial electronic message must clearly identify the sender, include valid contact information (postal address, phone number or email address) and specify the purpose of the message. Identification information must be accurate and up to date.

3.4 Penalties

CASL violations can result in administrative monetary penalties of up to $10 million for businesses and $1 million for individuals. BorealHost.ai assumes no responsibility for fines imposed on clients due to their non-compliance. In the event of a substantiated complaint regarding spam originating from our servers, the client's account will be suspended until the issue is fully resolved.

4. Resource limits

4.1 Compliance with plan allocations

Each hosting plan includes specific allocations of CPU, RAM, storage space and bandwidth. Clients must respect the limits of their plan. Detailed resource usage is available in your control panel. If your needs exceed your current plan, we invite you to upgrade.

4.2 Fair resource usage

BorealHost.ai applies a fair use policy to ensure optimal quality of service for all of its clients. Processes that consume resources excessively or continuously to the detriment of other users may be limited or interrupted without notice.

4.3 Shared hosting specific rules

Shared hosting clients must follow the rules below to ensure server stability:

• No persistent background processes (daemons) without authorization
• No cron jobs running more frequently than once every fifteen (15) minutes
• Utilisation maximale de 25 % du CPU du serveur sur une période prolongée
• Maximum number of simultaneous database connections according to the plan
• Limit of 250,000 inodes per account (files, folders, emails)
• No storage of files unrelated to the hosted website (personal archives, external backups)

4.4 Abusive consumption

Abusive consumption is defined as any usage that significantly and repeatedly exceeds the typical resources for the subscribed plan type, or any usage that compromises the performance, stability or security of the server for other clients. If abusive consumption is detected, BorealHost.ai will contact the client to find a solution (optimization or plan upgrade) before taking restrictive measures.

5. Security responsibilities

Security is a shared responsibility between BorealHost.ai and its clients. BorealHost.ai is committed to maintaining the security of its infrastructure; clients must for their part follow the best practices below.

5.1 Software updates

Clients are responsible for keeping the software installed on their services up to date, including content management systems (WordPress, Joomla, etc.), extensions, themes and any third-party libraries. Outdated software represents a major security risk. BorealHost.ai reserves the right to temporarily disable a site with an unpatched critical vulnerability that endangers the infrastructure.

5.2 Strong passwords

Clients must use strong and unique passwords for all access to their services (control panel, FTP/SFTP, databases, administrator accounts). A strong password contains at least twelve (12) characters, including uppercase, lowercase, digits and special characters. The use of a password manager is strongly recommended.

5.3 Two-factor authentication (2FA)

BorealHost.ai offers two-factor authentication (2FA) via TOTP on all client accounts. We strongly recommend enabling this feature to protect your account against unauthorized access. VPS and dedicated clients should also enable 2FA on the administration panels of their web applications.

5.4 Vulnerability reporting

If you discover a security vulnerability in our systems, please report it responsibly to [email protected]. Do not attempt to exploit the vulnerability and do not disclose it publicly before it is fixed. We commit to processing all reports within forty-eight (48) hours and acknowledging the contribution of security researchers who follow this procedure.

5.5 Credential protection

Clients must never store credentials, API keys, passwords or access tokens in publicly accessible files. Configuration files containing sensitive information must be placed outside the public web directory or protected by appropriate web server rules. Credentials must never be included in source code versioned in public repositories.

6. Monitoring and enforcement

6.1 Compliance monitoring

BorealHost.ai may monitor the use of its services to verify compliance with this policy. This monitoring may include automated analysis of traffic patterns, resource usage and network behavior. All monitoring is conducted in accordance with our Privacy Policy and applicable personal information protection laws.

6.2 No proactive content monitoring

BorealHost.ai does not proactively monitor content hosted by its clients. We do not review, pre-approve or censor the content of websites hosted on our infrastructure. However, we will act promptly when we receive reports of violations or when our automated systems detect abusive activities.

6.3 Automated abuse detection

Our automated systems continuously monitor abuse indicators, including abnormal outgoing email volumes, intrusion attempts, known malware and suspicious traffic patterns. These systems may trigger temporary automatic actions (rate limiting, port blocking) pending manual evaluation.

6.4 Report processing

Any violation report received by BorealHost.ai will be evaluated within twenty-four (24) business hours. The concerned client will be contacted and given the opportunity to provide explanations before final measures are taken, except in cases of serious violations requiring immediate action.

7. Graduated consequences

BorealHost.ai applies a graduated process of consequences for violations of this policy, except in cases of serious violations justifying immediate action.

7.1 First offense — Email warning

For a first low to medium severity violation, BorealHost.ai will send a warning by email to the account holder. This warning will describe the nature of the violation, the expected corrective measures and the deadline for compliance (generally forty-eight (48) hours). The client must confirm receipt of the warning and the corrective actions taken.

7.2 Second offense — Temporary suspension

In the event of a repeat offense or failure to comply with the requested corrective measures, the affected service will be temporarily suspended for a period of twenty-four (24) to seventy-two (72) hours. During the suspension, the client retains access to the control panel to perform backups, but the website or service will be inaccessible to the public. Reactivation is conditional on the full resolution of the violation.

7.3 Third offense — Permanent termination

In the event of a third violation or repeated violations despite previous warnings and suspensions, BorealHost.ai will proceed with permanent termination of the account. The client will have a period of seven (7) days to retrieve their data before the permanent deletion of their account and all its content.

7.4 Immediate suspension for serious violations

BorealHost.ai reserves the right to immediately suspend any service, without prior warning, in the following cases:

• Confirmed illegal activity (including child exploitation material)
• Active threat to infrastructure security (malware, ongoing DDoS attack)
• Account compromise with ongoing malicious activity
• Active distribution of malware or phishing content
• Mass spam sending causing our IP addresses to be blocked
• Court order or request from a competent authority

7.5 No-refund policy

No refund will be granted for periods of suspension or termination resulting from a violation of this Acceptable Use Policy. Prepaid fees for the remaining period of the subscription will not be refunded. This provision also applies to domain names registered through our services.

8. Reporting violations

If you notice a violation of this policy or if you are a victim of abuse originating from our services, please inform us by sending an email to:

[email protected]

To facilitate the processing of your report, please include the following information:

• The URL or IP address involved
• The date and time of the incident
• A detailed description of the observed violation
• Any relevant evidence (screenshots, email headers, logs)
• Your contact information for follow-up

We commit to acknowledging receipt of all reports within twenty-four (24) business hours and to taking appropriate measures as soon as possible.

9. Policy modifications

BorealHost.ai reserves the right to modify this Acceptable Use Policy at any time. In the event of a substantial modification, clients will be notified by email at least thirty (30) days before the changes take effect. A notice will also be published on our website.

Continued use of our services after the changes take effect constitutes acceptance of the modified policy. If you do not accept the modifications, you must stop using our services and cancel your account before the effective date.

Previous versions of this policy are available upon request by writing to [email protected].

Dernière mise à jour : 20 février 2026