legal — the operator-facing contractual surface. terms of service,
acceptable use policy, privacy policy (with the GDPR Article 15-22
rights enumeration for EEA users), service-level agreement with the
credit ladder, and the multi-crypto refund policy. no boilerplate
cribbed from a SaaS template; written against the actual operating
jurisdictions (Iceland, Romania) and the actual payment surface
(OxaPay processor, XMR / BTC / LTN / LTC / ETH / USDT, subaddress-keyed XMR refunds).
// SYNOPSIS
xmrhost-cli legal ls [--by=category|updated]
xmrhost-cli legal show --slug=<tos|aup|privacy|sla|refund>
// DESCRIPTION
The current set is 5 documents in the canonical
man-page order — tos, aup, privacy, sla, refund. Every document is
a sober first-draft revision authored against the operator's actual
stance: no DMCA process (legal complaints under
Iceland's Höfundalög nr. 73/1972 and Romania's Legea nr. 8/1996
are processed when served by a court of competent jurisdiction in
the operating jurisdictions; DMCA-format notices are not), no KYC
surface, no-KYC crypto billing via OxaPay.
// COUNSEL STATUS
[ ! ] all five documents are
pre-counsel MVP drafts. the prose is structurally complete and
cross-referenced; it has NOT been reviewed by an attorney
qualified in the operating jurisdictions. counsel review is a
hard precondition for commercial use. each doc carries the
mvpCopy: true frontmatter flag and surfaces the same
warning at the top of its page.
tos terms 2026-05-01 [pre-counsel] Terms of Service Contract between the operator and the customer for the supply of XMRHost hosting services. Defines the parties, the service scope, account terms, the no-KYC crypto payment requirement (XMR / BTC / Lightning / LTC / ETH / USDT via OxaPay; XMR recommended), the AUP / SLA / Refund cross-references, the suspension and termination triggers (the operative one is AUP violation), the dispute-resolution path (arbitration in either Iceland or Romania per the operator's election at the time the dispute is opened), and the governing law. Pre-counsel MVP draft. aup policy 2026-05-01 [pre-counsel] Acceptable Use Policy Workloads that are not allowed on XMRHost infrastructure, the operator's enforcement posture, and the procedural surface for abuse complaints. The hard-prohibition list is short and deliberately specific (CSAM, terrorism / mass-violence material, active malware command-and-control, phishing infrastructure, fraud and credential markets, non-consensual imagery). The operator does not process DMCA-format notices; intellectual-property complaints are addressed under the Operating Jurisdiction's substantive copyright law (Iceland Höfundalög nr. 73/1972, Romania Legea nr. 8/1996) when served by a court of competent jurisdiction. Pre-counsel MVP draft. privacy policy 2026-05-01 [pre-counsel] Privacy Policy What the operator collects, why, how long it is retained, and the data-subject-rights enumeration for users in the European Economic Area (Iceland, an EEA member state, makes the operator subject to GDPR for Iceland-hosted accounts; Romania, an EU member state, makes the operator subject to GDPR for Romania-hosted accounts as well). The operator runs no third-party trackers — no Google Analytics, no Facebook Pixel, no Hotjar, no Cloudflare-as-CDN, no Sentry-cloud telemetry, no Stripe / Shopify scripts. Self-hosted Plausible only. Pre-counsel MVP draft. sla agreement 2026-05-01 [pre-counsel] Service Level Agreement Uptime commitments per Service tier, the credit-ladder for breaches, the severity-tier response-time matrix for incidents, the exclusion list, and the credit-claim procedure. The baseline uptime commitment is 99.9% measured monthly per Service-instance against the operator's external monitoring; credits are issued as a percentage of the affected month's invoice. Pre-counsel MVP draft. refund policy 2026-05-01 [pre-counsel] Refund Policy When a refund is available, the conversion-rate convention used to compute the XMR amount payable, the per-tier restocking fee schedule, the Monero-only refund mechanics (subaddress request, view-key issuance, on-chain settlement), and the procedural surface for refund requests. The headline commitments are a 7-day no-questions-asked refund on a Customer's first-ever invoice, pro-rata refund on operator-initiated material-spec downgrades and on operator-acknowledged SLA breaches that exceed the credit ladder, and no refund on the AUP-suspension class. Pre-counsel MVP draft.
// every dispatch route opens a server-handled form at
/contact
— no email surface, no third-party captcha. PGP / age accepted via the form body.
// NOT processed: DMCA-format takedowns, third-party abuse reports, informal data-disclosure requests, voluntary law-enforcement cooperation. Court orders only, via counsel — see /legal/aup §7 + /contact "WHAT WE DO NOT PROCESS".
// SEE ALSO
/about — brand identity + operating practice + non-promises.
/about/team — editor masthead with Schema.org Person bylines.