GARR Cloud Platform Terms of Service

25 May 2018

GARR Cloud Platform Licence Agreement

The GARR Cloud Platform (hereinafter referred to as “Platform”) is deployed by the Consortium GARR (“GARR”) to provide Cloud Services (the “Services”) to the GARR community, in order to support their academic, cultural, educational and research activities.

This GARR Cloud Platform License Agreement (the “Agreement”) is made and entered into by and between the Consortium GARR and the individual member or entity of the GARR community agreeing to these terms (“User” or “You”). This Agreement is effective as of the date User clicks to accept the Agreement (the “Effective Date”). By accepting the Agreement, User represents and warrants: (i) to have read and to understand this Agreement; and (ii) to agree to this Agreement. This Agreement governs User’s access to and use of the Services.

Provision of the Services

Dashboard. GARR will provide the Services to User and give access to an Admin Dashboard, through which User may administer the Services.

Security. All facilities used to provision the Platform will adhere to reasonable security standards, enforcing at least industry standards for systems and procedures to (i) ensure the security of the infrastructure and confidentiality of Application and User Data, (ii) protect against anticipated threats or hazards to the security or integrity of Application and User Data, and (iii) protect against unauthorized access to or use of Application and User Data.

Data Location. If requested, a User may be given the option to select a geographic region, among those made available, where the storage and compute infrastructure is located that hosts the Services provided to the User.

Accounts. Each User will be given an Account to use the Services, and Authorization Tokens for performing specific operations. The User is responsible for the security of the passwords for the Account, and for any use of its Account and the Token. If User becomes aware of any unauthorized use of its password, its Account or the Tokens, User shall notify GARR as promptly as possible.

Quotas. Each Project is subject to a limit on quota usage in terms of compute, memory, storage and networking resources assigned to the project. When the quota limit for a resource is reached, operations requiring additional amounts of that resource will be blocked. Each Project is owned by a single Administrator User, which is billed for the use of the Project resources.

Service Fees

Free Quota. Certain Services may be provided to User without charge up to a Free Quota Limit.

Billing. At the end of each Billing Period, GARR will issue an electronic bill to the Administrator of a Project for all charges accrued above the Free Quotas based on (i) Project’s use of the Services during the previous Billing Period; (ii) any Reserved Units selected. For use above the Free Quota, User will be responsible for all Fees up to the amount set in the Account and will pay all Fees.

Eligibility and Registration

The Services are targeted to the Italian Academic and Research community (students, professors, researchers, collaborators, etc.). The Services are offered only to eligible users who register for an account on the Platform (an “Account”), using one of the Identity Providers accepted by the Platform.

Users are solely responsible for the activity that occurs on their Account and for keeping the Account password secure without sharing it with anyone. User shall not use without permission somebody else’s Account for accessing the Services.

User must notify GARR immediately of any change in eligibility to use the Services (including any change of affiliation or revocation of permissions by employers or official authorities), breach of security or unauthorized use of his Account. Failure to comply with these regulations shall constitute a breach of these Terms of Service and shall constitute reason for immediate termination of the Account.

Proper Use

The Services are available to Users in order to support their educational, research and academic activities. Any use is expressly prohibited: - Which violates applicable laws. - Which is inappropriate, defamatory, insulting, harassing, threatening, or obscene. - Which infringes the patent, trademark, copyright, trade secrets or other proprietary rights of any party. - Which sends pyramid schemes, chain letters or unsolicited messages or advertisements. - Which promotes or favors illegal activities and/or instigates to violence against any group or people.

Any malicious use of the Services is forbidden that hinders the use of the Services themselves or any other third party services, or takes advantage of vulnerabilities for obtaining illegal access to systems by third parties or for stealing personal or private data. More specifically but not exclusively:

  • It is prohibited to act in any manner in order to inhibit or block the services, the servers or the networks interconnecting them as well as to violate the procedures, policies or regulations of those networks.
  • It is prohibited to hinder or inhibit the use of the Services.
  • It is prohibited any action or attempt to break the Platform authentication and authorization mechanisms.
  • It is prohibited to diffuse malware for malicious purposes such as exploiting vulnerabilities or hijacking data.
  • Port Scanning, Network Scanning, Denial of Service and Distributed Denial of Service attacks are prohibited.
  • It is prohibited to use the services for phishing activities.
  • It is prohibited to host servers that spread unauthorized traffic such as an open relays or TOR exit nodes.
  • Virtual Currency Mining and any long-running computational program are prohibited (BitCoin, etc.), except with special permission.
  • It is prohibited to operate/maintain any game server, except with special permissions.
  • It is prohibited to support third parties in breaking the Services in any illegal manner or in a manner that infringes the terms of use.
  • It is prohibited to remove any notice of copyright, trademark or other intellectual property rights for any content used in the Services.

Use of Allotted Resources

Users shall not use any method to circumvent the provisions of these Terms of Service, or to obtain Services in excess of those for which they contract with GARR. Users shall only use those compute, memory, storage resources and IP addresses that are assigned to them by GARR, and shall not use any IP addresses outside of their assigned range. Users shall not use any mechanism to exceed the amount of resources assigned to them through the Services, or to conceal such activities.

Suspension or termination

Suspension. If User becomes aware or is notified by GARR that any Application, Project, or User Data violates the AUP, User will immediately suspend the Application or Project and/or remove the relevant User Data (as applicable). If User fails to comply with GARR’s request to do so within twenty-four hours, then GARR may disable the Project or Application, and/or disable the Account (as may be applicable) until such violation is corrected.

Voluntary termination. Users may terminate this Agreement at any time by stopping using the Services and deleting their Account and any associated resources.

Termination for Breach. Either party may terminate this Agreement for breach if: (i) the other party is in material breach of the Agreement and fails to cure that breach within thirty days after receipt of written notice; or (ii) the other party is in material breach of this Agreement more than two times notwithstanding any cure of such breaches.

Termination for Inactivity. GARR reserves the right to terminate the Services for inactivity, if, for a period exceeding 180 days, User: (a) has failed to access the Admin Dashboard; (b) a Project has no active virtual machine or storage resources or an Application has not served any requests; and (c) no electronic bills are being generated.

Effect of Termination. If the Agreement is terminated, then: (i) the rights granted by one party to the other will immediately cease; (ii) all Fees owed by User to GARR are immediately due upon receipt of the final electronic bill; (iii) User will delete the Software, any Application, Instance, Project, and any User Data; and (iv) upon request, each party will use reasonable efforts to return or destroy all Confidential Information of the other party.

Privacy

GARR only collects from User directly, or from the Identity Provider indicated by him, his name, e-mail and affiliation. Such personal data is used for the sole purpose of providing the service or communicating with User and is not disclosed to any third party.

GARR may collect general statistical data regarding the flow and use of network and computer resources for the sole purpose of monitoring and optimizing the Services. These data might be published or distributed to third parties for research purposes after it has been suitably anonymized to avoid disclosure of personal or sensible data.

GARR will not access any data of the users or of the hosted services. GARR can disclose information regarding the use of the Services when requested by law enforcement authorities.

Processing of personal data is performed in full compliance with privacy regulations according to Italian and European applicable laws, in particular the General Data Protection Regulation (DPR – Regolamento UE 2016/67).

Further details on processig of personal data is desribed in the addendum Data Processing Agreement, which is to be considered part of this Agreement.

Warranties

GARR will take all necessary measures in order to achieve the greatest availability of the Services; however, GARR does not offer any guarantee of availability besides those stated in specific SLAs, nor it can be held accountable or responsible for direct or indirect damages due to the unavailability of Services for any time duration.

Disclaimer

EXCEPT AS EXPRESSLY PROVIDED FOR IN THIS AGREEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, GARR AND ITS SUPPLIERS DO NOT MAKE ANY OTHER WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR USE AND NONINFRINGEMENT. GARR AND ITS SUPPLIERS ARE NOT RESPONSIBLE OR LIABLE FOR THE DELETION OF OR FAILURE TO STORE ANY SUBSCRIBER DATA AND OTHER COMMUNICATIONS MAINTAINED OR TRANSMITTED THROUGH USE OF THE SERVICES. SUBSCRIBER IS SOLELY RESPONSIBLE FOR SECURING AND BACKING UP ITS APPLICATION, PROJECT, AND SUBSCRIBER DATA. NEITHER GARR NOR ITS SUPPLIERS, WARRANTS THAT THE OPERATION OF THE SOFTWARE OR THE SERVICES WILL BE ERROR-FREE OR UNINTERRUPTED. NEITHER THE SOFTWARE NOR THE SERVICES ARE DESIGNED, MANUFACTURED, OR INTENDED FOR HIGH RISK ACTIVITIES.

Limitation of liability

GARR does not bear any responsibility for content and data distributed through the Services. The responsibility on the legitimacy of the content/data or the means of their usage remains exclusively on the User.

GARR will take all necessary measures in order to prevent any abuse, arbitrariness, damage, content and data loss; however, GARR does not warrant that such a possibility does not exist in any case and does not bear any responsibility in such an event. Users must guard their data performing their own backups to deal with risks of losses.

GARR cannot be held accountable or responsible in any event for data lossage while using the Services nor for any consequential damage. Moreover, GARR does not guarantee nor bears any responsibility for the accuracy of the data available through the Services.

Opinions expressed in texts published through the Services do not represent the official opinions of GARR, which cannot be held responsible for their content.

According to personal data protection laws, GARR does not control or monitor in any way the content of the distributed information and of the distributed data, so GARR disclaims any kind of responsibility for eventual distribution on its network, products, services or through which the ownership or distribution constitutes copyright infringement or other offence.

GARR will make every possible effort to maintain the continued and reliable operation of the Services. Notwithstanding, GARR can stop providing the Services or modify their deployment configurations at any time without prior notification. Interrupting the provisioning of the Services immediately blocks their use by Users, without implying any rights to indemnification.

Confidentiality

User shall keep confidential any confidential information to which it is given access, and shall cooperate with GARR’s efforts to maintain the confidentiality thereof. User shall not publish to third parties or distribute information or documentation that GARR provides for purposes of operating and maintaining its systems, including material contained in estimates, invoices, work orders, or other such materials.

Applicable Law

The present terms of use supersede any verbal or written prior arrangement or other contract, convention, agreement related to the Services. User has the right to withdraw his consent to these terms of use, and in that case, GARR will discontinue the Services to him.

These Terms of Service provide that all disputes between you and GARR will be resolved by BINDING ARBITRATION. YOU AGREE TO GIVE UP YOUR RIGHT TO GO TO COURT TO ASSERT OR DEFEND YOUR RIGHTS UNDER THIS AGREEMENT (except for matters that may be taken to small claims court). Your rights will be determined by a NEUTRAL ARBITRATOR and NOT A JUDGE OR JURY and your claims cannot be brought as a class action.

Definitions

  • “Account” means GARR Cloud Platform account.
  • “Admin Dashboard” means the online console(s) and/or tool(s) provided by the Platform for administering the Services.
  • “Application(s)” means any web or other application User creates using the Services, including any source code written by User to be used with the Services, or hosted in an Instance.
  • “AUP” means the acceptable use policy set forth here for the Services: http://cloud.garr.it/terms/aup
  • “Committed Purchase(s)” have the meaning set forth in the Service Specific Terms.
  • “Confidential Information” means information that one party (or an Affiliate) discloses to the other party under this Agreement, and which is marked as confidential or would normally under the circumstances be considered confidential information. It does not include information that is independently developed by the recipient, is rightfully given to the recipient by a third party without confidentiality obligations, or becomes public through no fault of the recipient. Subject to the preceding sentence, User Data is considered User’s Confidential Information.
  • “User Data” means content provided to Platform by User (or at its direction) via the Services under the Account.
  • “User End Users” means the individuals User permits to use the Application.
  • “Data Processing and Security Terms” means the terms set forth at:
  • “Emergency Security Issue” means either: (a) User’s or User End Users’ use of the Services in violation of the AUP, which could disrupt: (i) the Services; (ii) other Users’ or their User end users’ use of the Services; or (iii) the GARR network or servers used to provide the Services; or (b) unauthorized third party access to the Services.
  • “Billing Period” means a calendar month or another period specified by GARR in the Admin Dashboard.
  • “Free Quota” means the amount of resources (as may be updated from time to
  • “Fees” means the applicable fees for each Service and any applicable Taxes. The Fees for each Service are set forth here: https://cloud.garr.it/skus/.
  • “High Risk Activities” means uses such as the operation of nuclear facilities, air traffic control, or life support systems, where the use or failure of the Services could lead to death, personal injury, or environmental damage.
  • “Indemnified Liabilities” means any (i) settlement amounts approved by the indemnifying party; and (ii) damages and costs finally awarded against the indemnified party and its Affiliates by a court of competent jurisdiction.
  • “Instance” means a virtual machine instance, configured and managed by User, which runs on the Services. Instances are more fully described in the Documentation.
  • “Intellectual Property Rights” means current and future worldwide rights under patent, copyright, trade secret, trademark, and moral rights laws, and other similar rights.
  • “Legal Process” means a data disclosure request made under law, governmental regulation, court order, subpoena, warrant, governmental regulatory or agency request, or other valid legal authority, legal procedure, or similar process.
  • “Package Purchase” has the meaning set forth in the Service Specific Terms.
  • “Project” means a grouping of computing, storage, and API resources for User, and via which User may use the Services. Projects are more fully described in the Documentation.
  • “Reserved Capacity Units” have the meaning set forth in the Service Specific Terms.
  • “Reserved Unit Term” has the meaning set forth in the Service Specific Terms.
  • “Reserved Units” have the meaning set forth in the Service Specific Terms.
  • “Services” means the services as set forth here: https://cloud.garr.it/terms/services (including any associated APIs); and TSS.
  • “SLA” means the Service Level Agreement as applicable to each service.
  • “Software” means any downloadable tools, software development kits or other such proprietary computer software provided by GARR in connection with the Services, which may be downloaded by User, and any updates GARR may make to such Software from time to time.
  • “Taxes” means any duties, customs fees, or taxes (other than GARR’s income tax) associated with the purchase of the Services, including any related penalties or interest.
  • “Term” has the meaning set forth in Section 9 of this Agreement.
  • “Terms URL” means the following URL set forth here: https://cloud.garr.it/terms/.
  • “Third-Party Legal Proceeding” means any formal legal proceeding filed by an unaffiliated third party before a court or government tribunal (including any appellate proceeding).
  • “Token” means an alphanumeric key that is uniquely associated with User’s Account.
  • “TSS” means the technical support service provided by GARR to the administrators under the TSS Guidelines.
  • “TSS Guidelines” means GARR’s technical support services guidelines then in effect for the Services.