Abuse Handling Policy

1. Definitions

For the purposes of this Abuse Handling Policy, the following terms shall have the meanings ascribed below:

"Abuse Report" means a formal written complaint submitted through the designated channels described in Section 3, alleging that a client or user of BRHOSTING.COM services is engaging in activities that violate our Acceptable Use Policy, Terms of Service, or applicable law.

"Complainant" means the individual, organization, or authority submitting an Abuse Report.

"Respondent" means the client or user of BRHOSTING.COM services against whom an Abuse Report is filed.

"Abuse Review Committee" (ARC) means the internal panel composed of senior network engineers, legal compliance officers, and a designated Abuse Handling Officer responsible for adjudicating complex or escalated abuse cases.

"Evidentiary Threshold" means the minimum standard of proof required before any remedial action may be taken against a Respondent, as defined in Section 5.

"Proportionate Remedial Action" means the corrective measure applied to a Respondent that is commensurate with the severity, scope, and recurrence of the confirmed violation.

2. Scope

This policy applies to all abuse complaints received by BRHOSTING.COM relating to services provided on our infrastructure, including but not limited to: dedicated servers, colocation, cloud instances, managed hosting, email services, and ancillary products. This policy covers complaints related to spam, phishing, malware distribution, copyright infringement, denial-of-service attacks, unauthorized access, resource abuse, illegal content, and any other violations of our Acceptable Use Policy.

3. Submission of Abuse Reports

All abuse reports must be submitted through one of the following designated channels:

Primary Channel: Email to [email protected]

Secondary Channel: Written correspondence to our registered office address

Tertiary Channel: Through the abuse reporting form available in the Client Area portal (for existing clients only)

Reports submitted via social media, phone calls, or other informal channels will not be processed and must be resubmitted through a designated channel. Anonymous reports are accepted but may receive lower priority due to the inability to request supplementary evidence or clarification.

4. Required Information for Abuse Reports

To ensure efficient processing, all Abuse Reports must include the following mandatory information. Reports that fail to meet these requirements will be classified as "Incomplete" and held in a pending queue until supplementary information is provided:

4.1 Complainant Identification: Full legal name, organization name (if applicable), email address, phone number, and postal address. Government-issued identification may be requested for reports involving serious allegations.

4.2 Respondent Identification: IP address(es), domain name(s), URL(s), or other technical identifiers associated with the alleged abuse. Generic descriptions without specific technical identifiers will be returned for clarification.

4.3 Description of Alleged Abuse: A detailed, factual narrative of the alleged abuse, including: the nature of the violation, the specific Acceptable Use Policy or legal provision violated, and the impact on the Complainant or third parties.

4.4 Supporting Evidence: All claims must be substantiated with contemporaneous evidence, which may include but is not limited to: full email headers (for spam complaints), screenshots with timestamps and metadata, server logs, packet captures (PCAP format preferred), WHOIS records, DNS lookup results, notarized declarations, or court orders. Evidence must be provided in its original, unmodified form. Altered or redacted evidence may be deemed inadmissible.

4.5 Legal Basis: For reports alleging legal violations, the Complainant must specify the applicable jurisdiction and legal provision(s) allegedly violated, and provide evidence of standing (i.e., demonstrate how they are directly affected).

4.6 Declaration of Accuracy: A signed statement (digital signature accepted) affirming that the information provided is accurate and complete to the best of the Complainant's knowledge, and acknowledging that filing a knowingly false report may itself constitute abuse.

5. Evidentiary Standards

BRHOSTING.COM applies a graduated evidentiary standard based on the severity of the alleged abuse:

6. Investigation Process

Upon receipt of a valid Abuse Report, the following multi-stage investigation process is initiated:

Stage 1 — Intake and Triage (Business Days 1-3): The Abuse Handling Officer reviews the report for completeness per Section 4. Complete reports are assigned a unique Case Reference Number (CRN) and classified by severity tier (Section 5). Incomplete reports are returned to the Complainant with a detailed request for supplementary information. The Complainant has 14 business days to respond; failure to respond results in case closure.

Stage 2 — Preliminary Assessment (Business Days 4-10): The assigned investigator conducts an independent technical assessment, which may include: reviewing server logs, analyzing network traffic patterns, performing DNS and WHOIS lookups, examining cached content, and cross-referencing known threat intelligence databases. The investigator prepares a Preliminary Assessment Report summarizing findings and recommending either escalation, Respondent notification, or case closure.

Stage 3 — Respondent Notification and Response (Business Days 11-25): If the Preliminary Assessment indicates a potential violation, the Respondent is formally notified via email with: the nature of the allegation (without disclosing Complainant identity unless legally required), the specific evidence under review, the applicable policy provisions, and a request for a written response. The Respondent has 14 business days to submit a detailed written response, including any exculpatory evidence or mitigating circumstances. Extensions of up to 7 additional business days may be granted upon written request.

Stage 4 — Comprehensive Review (Business Days 26-35): The investigator evaluates all evidence from both parties, conducts any additional technical analysis deemed necessary, and prepares a Comprehensive Investigation Report. For Tier 2 and Tier 3 cases, this report is submitted to the Abuse Review Committee for deliberation.

Stage 5 — Abuse Review Committee Deliberation (Business Days 36-45): The ARC convenes to review the Comprehensive Investigation Report. The Committee may: request additional evidence from either party, commission independent third-party forensic analysis, consult with external legal counsel, or schedule a hearing (conducted via video conference) at which both parties may present their positions. The ARC issues a written determination with detailed reasoning.

Stage 6 — Determination and Remedial Action (Business Days 46-50): Based on the ARC's determination (or the investigator's recommendation for Tier 1 cases), the Abuse Handling Officer issues a formal Determination Notice to both parties, specifying: the findings of fact, the applicable policy provisions, and the remedial action to be applied (if any), per Section 7.

7. Remedial Actions

Where a violation is confirmed, the following graduated remedial actions may be applied, individually or in combination, based on severity and history:

Level 1 — Formal Warning: A written notice to the Respondent documenting the violation and requiring acknowledgment of the applicable policy. Applied for first-time Tier 1 violations.

Level 2 — Content Removal Directive: A requirement that specific content be removed or modified within a stated timeframe (typically 48-72 hours). Applied for content-related violations.

Level 3 — Service Restriction: Temporary limitation of specific service capabilities (e.g., outbound email throttling, port restrictions) for a defined period. Applied for repeated Tier 1 or confirmed Tier 2 violations.

Level 4 — Temporary Suspension: Suspension of the Respondent's services for a defined period (typically 7-30 days) pending compliance with remediation requirements. Applied for severe or repeated Tier 2 violations.

Level 5 — Contract Termination: Termination of the Respondent's service agreement with 72 hours' notice to retrieve data. Applied only for confirmed Tier 3 violations or persistent non-compliance following Level 4 suspension. Subject to ARC approval.

8. Appeals Process

The Respondent may appeal any determination within 21 business days of receiving the Determination Notice. Appeals must be submitted in writing to [email protected] and must include:

(a) The Case Reference Number; (b) A detailed statement of the grounds for appeal, specifying factual errors, procedural irregularities, or new evidence not previously available; (c) Any new supporting documentation.

Appeals are reviewed by an independent Appeals Officer who was not involved in the original investigation. The Appeals Officer may uphold, modify, or overturn the original determination. The appeals review process takes approximately 15-20 business days. The Appeals Officer's decision is final and binding.

9. Emergency Procedures

Notwithstanding the standard investigation timeline, BRHOSTING.COM reserves the right to take immediate protective action (including temporary service suspension) without prior notice in cases involving: (a) active, ongoing cyberattacks originating from our infrastructure; (b) confirmed distribution of child sexual abuse material (CSAM); (c) imminent threats to life or public safety; (d) court orders or law enforcement directives requiring immediate action. In such cases, the standard investigation process will be initiated simultaneously, and the Respondent will be notified within 24 hours of the emergency action.

10. DMCA / Copyright Complaints

Copyright infringement complaints are processed under the notice-and-takedown framework established by the Digital Millennium Copyright Act (DMCA), 17 U.S.C. § 512, and equivalent provisions under applicable law. DMCA notices must comply with the statutory requirements and must be submitted to our designated DMCA Agent at [email protected]. Respondents may submit a counter-notification in accordance with 17 U.S.C. § 512(g). The standard statutory waiting period of 10-14 business days applies before content may be restored following a counter-notification.

11. Record Keeping and Confidentiality

All Abuse Reports, investigation files, correspondence, and determinations are maintained in a secure, access-controlled case management system for a minimum of 5 years from case closure. Access is restricted to authorized Abuse Handling personnel and legal counsel. Complainant and Respondent identities are treated as confidential and are not disclosed to the opposing party unless: (a) legally required; (b) necessary for the Respondent to adequately respond to the allegation; or (c) the Complainant provides explicit written consent.

12. Cooperation with Law Enforcement

BRHOSTING.COM cooperates with law enforcement agencies in accordance with applicable law. We may disclose information to law enforcement without client consent only when: (a) compelled by a valid court order, subpoena, or warrant; (b) required to prevent imminent serious harm; (c) mandated by specific regulatory obligations. All law enforcement requests are reviewed by our legal compliance team before any disclosure. We maintain a transparency report and will notify affected clients of law enforcement requests unless prohibited from doing so by law.

13. Abuse Prevention Measures

BRHOSTING.COM proactively employs a range of technical and operational measures to prevent abuse on our network, including: real-time traffic analysis and anomaly detection systems; outbound spam filtering on mail-capable services; automated DDoS mitigation infrastructure; IP reputation monitoring via industry threat intelligence feeds; and periodic security audits of shared infrastructure. These preventive measures supplement, but do not replace, the reactive investigation process described in this policy.

14. Response Timelines Summary

Total estimated timeline for non-emergency Tier 3 cases with appeal: up to 70 business days (approximately 14 calendar weeks).

15. Policy Revisions

This Abuse Handling Policy is reviewed and updated at least annually by the Abuse Review Committee. Substantive revisions are published on our website and communicated to active clients via email notification. The version number and effective date are indicated at the top of this document.

16. Contact Information

For abuse-related inquiries: [email protected]
For appeals: [email protected]
For DMCA notices: [email protected]
General legal inquiries: [email protected]