Acceptable Use Policy
Last updated: 19 May 2026
This Acceptable Use Policy (the "AUP") governs what you can and cannot run on the Sinkron Service. It forms part of our Terms of Service; breaches of the AUP are breaches of the Terms.
A short note on the spirit of this policy: customer workloads on Sinkron run on hardware operated by independent Providers. What you do on the Service therefore has real consequences for third parties — Providers risk legal exposure, IP blocklists, and material damage to their hardware. The rules below exist to protect them and the people they serve, not to be authoritarian for its own sake.
1. Prohibited workloads
You must not run, or attempt to run, any of the following on the Service:
1.1 Cryptocurrency mining
Mining of cryptocurrencies (proof-of-work or other) is prohibited. Mining workloads run hardware at sustained 100% load, accelerate wear, distort the marketplace's price-discovery dynamics, and create electricity-cost issues for Providers. This includes "stealth" mining bundled inside another workload.
1.2 Malware, command-and-control, and offensive security tooling
You must not use the Service to host or operate malware, botnets, ransomware, command-and-control infrastructure, phishing kits, credential stuffers, or offensive security tooling targeting systems you don't own or have explicit written authorisation to test. Defensive security work (training labs, sandboxed analysis, IDS like Suricata or Snort, CTF infrastructure where participants opted in) is fine.
1.3 Denial of service, scanning, and network abuse
No DoS / DDoS originating from the Service. No bulk port scanning, vulnerability scanning, or credential brute-forcing of third-party systems. No high-volume mail relays or open proxies. No Tor exit nodes or other anonymity services that materially shift abuse complaints to the host Provider.
1.4 Illegal content
You must not use the Service to create, store, distribute, or operate anything that is illegal under the law of (a) England and Wales, (b) the jurisdiction in which the Provider hosting your workload is located, or (c) the jurisdiction in which the recipient of the workload's output is located. This includes child sexual abuse material (CSAM) without exception. We will report CSAM to the National Crime Agency's CEOP and to equivalent authorities in any other relevant jurisdiction.
1.5 Infringing or rights-violating content
You must not use the Service to distribute material that infringes copyright, trademark, patent, or other rights of any third party. You must not impersonate any person or organisation in a manner intended to deceive.
1.6 Spam, deception, and manipulation
No unsolicited bulk email, SMS, or messaging. No deceptive content (fake-news generators, fake-review farms, deepfake content of identifiable people without their consent). No workloads whose primary purpose is to deceive users of third-party services.
1.7 Personal data of third parties
If your workload processes personal data of individuals (in the GDPR sense) at any meaningful scale, you must have a lawful basis to do so and your own controller obligations in place. You represent and warrant that you do, and you indemnify us against claims arising from your failure. We are not a data processor for the contents of your containers — we host your compute, we don't look inside it. If your processing requires a Data Processing Agreement, contact us at privacy@sinkron.network before launching the workload.
1.8 Sanctions and restricted parties
You must not use the Service in or for the benefit of any jurisdiction, person, or entity subject to comprehensive UK, EU, or US trade sanctions, nor in contravention of any applicable export-control law.
2. Customer responsibilities
- You are responsible for the security of the container images you run, including for vulnerabilities introduced by their dependencies.
- You are responsible for the configuration and credentials embedded in your images. Don't bake long-lived secrets you wouldn't want a Provider to see.
- You are responsible for ensuring the workload's outbound network behaviour complies with this AUP — even when that behaviour is dynamic (e.g. driven by user input to the workload).
- You agree we may, at our discretion, throttle, suspend, or terminate any session that triggers credible abuse complaints, that we believe in good faith violates this AUP, or that is creating disproportionate operational burden.
3. Provider responsibilities
- You must keep the Sinkron agent installed and reasonably up to date. Out-of-date agents are kicked from the marketplace automatically.
- You must not inspect, exfiltrate, tamper with, or otherwise interfere with the contents or operation of customer workloads on your hardware. Routine operational metadata (resource usage, health status) is permitted; the contents of the customer's container are not.
- You must take reasonable physical and operational security measures around the hardware you list — disk encryption, OS patching, limited admin access, etc.
- You must report security incidents that affect customer workloads to security@sinkron.network promptly after discovery.
4. Reporting abuse
If you believe a Sinkron workload is violating this AUP — for example, scanning your network, sending spam, hosting infringing content, or generating CSAM —send a report to abuse@sinkron.network with as much detail as you can share (source IPs and timestamps in UTC are the most useful). We aim to acknowledge reports within one business day and to act on credible reports quickly.
Reports involving CSAM are escalated immediately to law enforcement and the affected workload is taken offline pending investigation.
5. Consequences of breach
- Single workload suspension — we may suspend or terminate the specific workload that breaches the AUP without notice.
- Account suspension — repeated breaches, serious breaches, or a single breach involving illegal content will suspend or terminate your entire account.
- No refund of disputed balance — Compute Credits associated with the breaching activity may be forfeited.
- Provider compensation — where your breach has caused identifiable harm to a Provider (e.g. IP blocklisting, regulatory exposure), we may withhold a portion of your balance for the Provider's recovery, in proportion to the harm and after notice to you.
6. Changes to this policy
We may update this AUP from time to time. Material changes will be announced in advance by email or in-product notice. The "Last updated" date at the top tells you when the current version took effect.
7. Contact
- Abuse reports: abuse@sinkron.network
- Security incidents: security@sinkron.network
- Privacy / DPA queries: privacy@sinkron.network
- General: info@sinkron.network