Migração 100% grátis + 1 mês grátis com cupom MIGRAR1MES · novos clientes em planos até R$ 200/mês Migrar agora

Acceptable Use Policy (AUP)

Convenience translation. This is a courtesy translation of the original Portuguese version. In case of any discrepancy, the Portuguese version prevails for all legal purposes.
Version 1.0 ·

1. Scope

This Acceptable Use Policy ("AUP") defines what is permitted and what is prohibited in the use of services provided by Rollin Servicos Digitais e Tecnologia LTDA (CNPJ 64.204.851/0001-39), hereinafter referred to as Rollin Host, including, without limitation: shared hosting, VPS, dedicated servers, GPUs, corporate email, domain registration, proprietary SaaS tools and any related services.

This AUP is part of and supplements the Terms of Service and the Privacy Policy. By contracting any Rollin Host service, the Customer represents that they have read, understood and accepted this AUP.

2. Definitions

  • Customer: the individual or legal entity contracting the services.
  • User: any person who accesses, directly or indirectly, the infrastructure or services, including visitors to the Customer's websites.
  • Content: data, files, messages, software, emails, media, code, databases or any other material stored, transmitted or processed.
  • Resources: CPU, memory, storage, network, processes, connections and other technical limits of the contracted plan.
  • Abuse: any use that violates this AUP, applicable law or that compromises the security and availability of the services.

3. Prohibited conduct

The Customer may not, either directly or through third parties:

  1. Engage in or facilitate illegal activities under applicable Brazilian or international law.
  2. Send spam or unsolicited commercial emails — see Anti-Spam Policy.
  3. Conduct phishing, fraud, identity impersonation or social engineering schemes.
  4. Distribute malware, viruses, trojans, ransomware, exploits or any malicious software.
  5. Launch cyberattacks (DDoS, brute force, port scanning, exploitation of vulnerabilities) against third parties, even if originating from Rollin infrastructure.
  6. Circumvent technical limits, billing mechanisms, authentication or third-party software licensing.
  7. Host open proxies, VPNs or TOR exit nodes without prior written authorization.
  8. Infringe intellectual property rights (trademark, copyright, patent).
  9. Collect personal data from third parties without a legal basis under Brazil's LGPD (Law 13,709/2018).
  10. Resell services in violation of the Reseller Terms.

4. Prohibited content

It is expressly prohibited to store, host, transmit or link to:

  • Child sexual abuse material (CSAM) — immediately reported to competent authorities (Brazilian Federal Police, SaferNet) in accordance with Law 13,441/2017.
  • Content inciting terrorism, violence or genocide.
  • Hate speech based on race, ethnicity, religion, gender, sexual orientation, gender identity, age or disability.
  • Content that infringes copyright without the rights holder's authorization (DMCA / Law 9,610/1998).
  • Forged documents, false identities, banking credentials or other instruments of fraud.
  • Pornography involving minors or produced without the consent of those depicted.
  • Sites selling illicit drugs, weapons, prescription medications without prescription, protected species.
  • Materials classified as state secrets or that compromise national security.
  • Pyramid schemes, Ponzi-type scams and other fraudulent schemes.
  • Content promoting or facilitating self-harm, self-mutilation or eating disorders.

5. Technical limits and fair use

On plans with shared resources (shared hosting, shared email), fair use applies. The Customer agrees not to:

  • Sustain consumption of more than 25% of CPU or 50% of disk I/O over any 90-second period.
  • Maintain more than 30 simultaneous processes on shared plans.
  • Run cron jobs at intervals of less than 5 minutes.
  • Maintain persistent connections exceeding 20 simultaneous connections per origin.
  • Store files unrelated to website operation (external backups, personal media, download repositories).

For resource-intensive workloads, the Customer must contract a VPS, dedicated server or enterprise plan with a specific SLA.

Technical notice: Rollin Host monitors aggregate resource consumption, not individual content. When a shared plan consumes resources that affect neighboring accounts, we notify the Customer with a 48-hour window to resolve the issue before any restrictive action is taken (except in confirmed abuse cases, where action may be immediate).

6. Cryptocurrency mining and intensive activities

Cryptocurrency mining (Bitcoin, Ethereum, Monero, Helium and similar) is prohibited on shared hosting and standard VPS plans. It may be authorized only on dedicated servers or dedicated GPU, through a specific contract with an express mining authorization clause.

AI workloads (model training, inference, fine-tuning) are permitted on GPU plans and GPU-enabled VPS. Blockchain nodes (validators, RPC nodes) require prior notice via juridico@rollinhost.com.br to avoid false positives in our anti-fraud system.

7. Network, security and responsibility

The Customer is solely responsible for the security of the applications they host, including: strong passwords, keeping CMS software updated (WordPress, Joomla, plugins), patching vulnerabilities in proprietary code and backing up critical data (without prejudice to our operational backup).

Rollin Host may, without prior notice in the event of imminent risk:

  • Block IPs originating attacks.
  • Suspend services compromised by malware until remediation is complete.
  • Apply rate limiting or firewall rules to contain incidents.
  • Perform automated vulnerability scans of hosted files (without accessing personal content in databases or emails).

8. How to report a violation

Anyone may report a suspected violation of this AUP through:

The report must include, at a minimum: the URL/domain/IP involved, a description of the problem, the approximate time and supporting evidence (screenshots, email headers, logs). DMCA requests must follow the procedure set out in section 11 of the Terms of Service.

9. Investigation and due process

Upon receipt of a report, Rollin Host will:

  1. Triage within 24 business hours (4 hours for urgent cases — CSAM, active phishing, malware with active C&C).
  2. Notify the investigated Customer by their registered email, providing an opportunity to respond before any permanent suspension (except in cases of imminent risk, where suspension occurs first and notification follows).
  3. Document every step (logs, evidence, communications) for audit purposes.
  4. Take the measure proportionate to the identified risk, as described in section 10.

10. Sanctions and consequences

Depending on the severity, recurrence and impact, Rollin Host may apply, individually or cumulatively:

  • Notice with a deadline to remediate (24-72 hours).
  • Temporary suspension of the service, with reinstatement after remediation.
  • Immediate indefinite suspension in cases posing risk to third parties or the infrastructure.
  • Contract termination, with cancellation of plan(s) and deletion of data after the retention period.
  • CPF/CNPJ block for future contracts.
  • Notification of competent authorities in cases of criminal offense (Federal Police, Public Prosecutors, ANPD, SaferNet).
  • Recovery of damages caused to Rollin Host or third parties through misuse.

In the event of termination for a serious violation, the Customer is not entitled to a proportional refund of amounts paid in advance.

11. Cooperation with authorities

Rollin Host cooperates with lawful requests from competent Brazilian authorities (Judiciary, Public Prosecutors, Federal Police, ANPD), in accordance with the Brazilian Internet Civil Rights Framework (Law 12,965/2014) and other applicable regulations. Data is provided pursuant to a specific court order, except in cases where the law provides otherwise.

For CSAM cases, Rollin Host preserves evidence and immediately forwards it to the Federal Police and SaferNet, pursuant to art. 13 of Law 13,441/2017.

12. Changes to this policy

Rollin Host may update this AUP at any time. Material changes (that restrict rights or impose new obligations) will be communicated to active customers by email and within the control panel with at least 30 days' advance notice. Previous versions are archived at /contratos/historico.

13. Contact