BareMeta — Terms of Service

00 — Overview

The short version

✅ We provide cloud infrastructure. You use it responsibly. We keep it running. Simple.

These Terms of Service ("Terms") govern your use of BareMeta's cloud infrastructure platform ("Service"), operated by BAREMETA LTD, registered in England and Wales (company number 17142694), with registered address at 124-128 City Road, London, England, EC1V 2NX ("we", "us", "our"). By creating an account or using our services, you agree to these terms.

If you're using BareMeta on behalf of a company or organisation, you're agreeing to these terms on their behalf too.

We've tried to write these in plain English. If something isn't clear, please email us at hello@baremeta.cloud and we'll explain it.

01 — Accounts

Your account

To use BareMeta you need to create an account with a valid email address. Here's what you need to know:

You must be 18 or over to create an account and use our services.
One account per person. Creating multiple accounts to abuse free trials or avoid a suspension is not allowed.
Keep your password safe. You're responsible for everything that happens under your account. If you think someone else has accessed your account, contact us immediately.
Accurate information. Please provide accurate details when registering. Don't impersonate anyone else.
Email verification. You'll need to verify your email address before you can use the service. This helps us keep the platform secure.

ℹ️ If you notice any suspicious activity on your account, contact us at support@baremeta.cloud straight away.

02 — Acceptable Use

What you can and can't do

Our servers are shared infrastructure. What you do on your server can affect others. Here's the deal:

You can use BareMeta to:

Host websites, web apps, APIs, and databases
Run game servers, development environments, and personal projects
Run legitimate business workloads and services
Test software, run experiments, and learn
Host VPN services for personal or business privacy

You cannot use BareMeta to:

Send spam — bulk unsolicited email, SMS, or messages of any kind
Launch attacks — DDoS attacks, port scanning, hacking, or attempting to compromise other systems
Host illegal content — including but not limited to child sexual abuse material, content that violates copyright, and content illegal under UK law
Mine cryptocurrency — without our prior written permission
Host malware or botnets — viruses, ransomware, phishing pages, or any malicious software
Abuse our network — generating excessive traffic that impacts other customers
Resell our services — without a separate reseller agreement
Circumvent security measures — attempting to access other customers' resources or our infrastructure

⚠️ Violations of the Acceptable Use Policy may result in immediate suspension without refund. We take abuse seriously and act quickly to protect other customers and our network.

If you're unsure whether something is allowed, just ask us first. We're reasonable people.

03 — Payment & Billing

How billing works

We charge by the hour. Your server starts accumulating charges when it's created and stops when it's deleted — not when it's powered off. A powered-off server still occupies resources (disk space, IP addresses) so billing continues.

Key billing points:

Prices shown include VAT where applicable for UK customers.
Payment is collected monthly via the payment method on your account.
Usage is billed in arrears — you pay at the end of the month for the previous month's usage.
Failed payments — if a payment fails, we'll retry and notify you. After 7 days of non-payment, your account may be suspended.
Suspended accounts — your data is retained for 14 days after suspension, after which it may be deleted.
No refunds on used compute time — once a server has run, that time cannot be refunded. If you have a genuine billing dispute, contact us.
Price changes — we'll give you at least 30 days notice of any price increases.

💳 If you have a billing question or dispute, please contact us at billing@baremeta.cloud before raising a chargeback. Chargebacks without prior contact may result in account suspension.

04 — Service Levels

What uptime can you expect?

We aim to keep the platform running reliably. Here's our commitment:

Target uptime: 99.5% measured monthly, excluding scheduled maintenance.
Planned maintenance — we'll give at least 24 hours notice via email for any maintenance that may affect your service.
Emergency maintenance — occasionally we may need to act quickly to address security issues. We'll notify you as soon as possible.
Service credits — if we fall below 99.5% uptime in a month (excluding maintenance), we'll credit your account with a proportional amount for the affected period.

⚠️ We are not responsible for downtime caused by: your own software, DDoS attacks against your services, third-party services your application depends on, or force majeure events (power outages, natural disasters, etc.)

During our current early access period, our SLA is offered in good faith. Formal SLA guarantees will be confirmed once the platform reaches general availability.

05 — Your Data & Privacy

Your data belongs to you

We're a UK-based company and take data protection seriously. Here's our commitment:

Your data is yours. We don't sell it, share it with advertisers, or use it for anything other than running your services.
We don't access your data unless required by law, to resolve a support issue you've asked us about, or to investigate an Acceptable Use Policy violation.
GDPR compliance. We comply with UK GDPR. You have the right to access, correct, and delete your personal data.
Data location. Your data is currently stored in the United Kingdom.
Data on termination. When you close your account, we'll retain your data for 30 days in case you change your mind, then permanently delete it.
Backups. We perform infrastructure-level backups for disaster recovery. These are not a substitute for your own backups — please back up your important data.

🔒 You are responsible for backing up your own data. We provide the infrastructure — it's your responsibility to ensure your data is backed up appropriately for your needs.

For full details on how we handle personal data, see our Privacy Policy.

06 — Security

Shared responsibility

Security is a two-way responsibility:

We're responsible for:

Physical and network security of our infrastructure
Isolation between customer environments
Keeping the platform software up to date
Responding to security incidents affecting our infrastructure
Notifying you within 72 hours if we become aware of a breach that affects your data

You're responsible for:

Securing the software running on your servers
Keeping your operating system and applications updated
Managing access to your servers (SSH keys, passwords, firewalls)
Ensuring your applications don't expose sensitive data
Reporting any suspected security vulnerabilities to us promptly

🛡️ Found a security vulnerability in our platform? Please report it responsibly to support@baremeta.cloud. We take all reports seriously and will respond within 48 hours.

07 — Liability

Limitations on liability

We work hard to keep the platform running reliably, but cloud infrastructure is complex. Here's what we can and can't be held responsible for:

We are not liable for:

Loss of data due to hardware failure (please back up your data)
Downtime caused by events outside our control
Loss of revenue or profits resulting from service interruption
Actions taken by other customers on the platform
Third-party services your applications depend on
Damage caused by your own software or configuration

Our maximum liability to you in any month is limited to the amount you paid us in that month. This limitation applies to the fullest extent permitted by law.

⚠️ The service is provided "as is". While we make every effort to maintain reliability, we cannot guarantee uninterrupted service. Please design your systems with resilience in mind.

08 — Termination

Closing your account

You can leave any time. Delete your servers and close your account from the dashboard. You'll be billed for usage up to that point.

We may suspend or terminate your account if:

You violate the Acceptable Use Policy — immediate suspension, possible permanent ban
You fail to pay after 7 days of notice — account suspended until payment
We receive a valid legal order requiring us to do so
We're shutting down the service — 30 days notice minimum

What happens to your data:

On suspension — your servers are stopped but data is retained for 14 days
On termination — your data is retained for 30 days, then permanently deleted
You can request an export of your data before deletion

📧 If you believe your account was suspended in error, contact us at support@baremeta.cloud. We'll review and respond within 2 business days.

09 — Changes

When we update these terms

We may update these terms from time to time. Here's our commitment:

Minor changes (typos, clarifications) — updated without notice
Significant changes (pricing, liability, new restrictions) — 30 days notice via email
If you disagree with changes, you can close your account before they take effect
Continuing to use the service after changes take effect means you accept the new terms

The current version and date are always shown at the top of this page.

10 — Bandwidth

Bandwidth policy

Every server — Starter, Small, Medium, Large, and Custom — includes a flat 10 TB of outbound data transfer per month. Inbound data transfer is always free and does not count against the allowance.

What happens if you exceed your allowance:

Your server's port speed is throttled to 10 Mbps for the remainder of the billing cycle
Your server remains online and accessible — the throttle affects outbound transfer speed only
On the first of the following month, your port speed is automatically restored to full speed
No overage charges apply. Exceeding the allowance does not produce an invoice line item

ℹ️ We will notify you by email when you reach 80% of your bandwidth allowance so you're never caught by surprise.

11 — Port Restrictions

Blocked ports

Certain ports are blocked by default across all BareMeta servers to protect the platform and other customers:

Port 25 (SMTP outbound) — blocked by default on all servers to prevent spam and protect our IP reputation. If you have a legitimate need to send email from your server, contact us to discuss options.
Port 465 / 587 — available by default for authenticated SMTP submission

⚠️ Attempts to bypass port restrictions via tunnelling or other means are a violation of our Acceptable Use Policy and may result in immediate suspension.

12 — Refunds

Refund policy

We want you to be happy with BareMeta. Here's our refund policy:

7-day money back — if you're not satisfied within the first 7 days of your first server, contact us for a full refund. This applies to new accounts only.
After 7 days — no cash refunds on used compute time. We may offer pro-rata account credit at our discretion.
Commitment periods — if you've paid upfront for 3, 6 or 12 months, we'll refund the unused portion as account credit.
No refunds — for accounts suspended due to Acceptable Use Policy violations.

To request a refund, email billing@baremeta.cloud with your account details and reason. We'll respond within 2 business days.

✅ We're reasonable people. If something goes wrong that's our fault, we'll always make it right.

markers). 4. Add a TOC entry for each activated section in the

at the top of the file. 5. Renumber "13 — Contact" to sit after the new sections (becomes "19 — Contact" if all six are activated). 6. Bump version + effective date in the hero block (currently "v1.0 · Effective 1 April 2026"). 7. Re-deploy. Gaps these close: A. Proprietary rights / IP ownership B. Export controls & sanctions C. Beta / early access disclaimer D. Customer indemnification E. Force majeure F. General legal boilerplate (severability, entire agreement, assignment, no waiver, third-party rights) Written to match the existing plain-English tone. Solicitor may want to tighten wording or add/remove clauses. That's expected. ==========================================================================

13 — Our Platform

What's yours vs what's ours

The BareMeta platform — the dashboard, control panel, API, documentation, and underlying software — is owned by BAREMETA LTD. Your data and what you run on the platform belongs to you. Here's how that split works:

Your data is yours. Everything you put on the platform (your servers, files, configurations, code) stays yours. See Section 05 for details on how we handle it.
Our platform is ours. The dashboard UI, the control system that runs it, our logos, and our brand are ours. You get a limited, non-exclusive licence to USE them while your account is active — you don't get to copy them, rebrand them, or use them outside our service.
What you CAN do: use the platform freely within these terms, write your own code that calls our API, talk about BareMeta online, link to us, request features.
What you CAN'T do: reverse-engineer the platform, scrape our dashboard to build a competing product, remove BareMeta branding from pages we serve, or claim our service as your own.
Open source. Parts of our platform use open-source software (Linux, libvirt, nginx, and others) licensed under their own terms. Nothing in these terms restricts your rights under those open-source licences.
Feedback. If you send us feedback, bug reports, or feature suggestions, we can use them freely to improve the service. No attribution needed, no payment owed. Please keep them coming — most of our improvements start as customer suggestions.

💡 This clause covers IP. It doesn't change anything about how you USE the service — you can still do anything this TOS allows.

14 — Export Controls & Sanctions

Who we can and can't serve

BareMeta is a UK company and must comply with UK and international sanctions laws. By using our services, you warrant that:

You are not located in or a resident of a country subject to UK or international comprehensive sanctions (currently including, but not limited to: Iran, North Korea, Syria, Cuba, Crimea, Donetsk/Luhansk).
You are not listed on the UK Sanctions List (OFSI), the EU Consolidated Financial Sanctions List, the US Treasury's OFAC Specially Designated Nationals List, or equivalent international sanctions lists.
You will not use the service to provide services to anyone on those lists, and will not use it to export or re-export technology, software, or data in violation of UK export control laws.

If we become aware that you're in breach of this section, we must suspend or terminate your account immediately. This is a legal obligation under UK law, and we can't waive it.

⚠️ This isn't our policy — it's law. UK cloud providers are required to screen for sanctioned parties. If you're unsure whether your use is affected, check the UK Sanctions List at gov.uk/government/publications/the-uk-sanctions-list or ask us before signing up.

15 — Beta & Early Access Features

Things we're still building

Some parts of our platform are in 'beta' or 'early access' — features we've released to learn from real customer use before fully launching them. We think you'll like getting early access, but we need to be clear about what beta means:

Beta features are clearly marked in the dashboard or documentation.
No uptime SLA applies to beta features. Our Section 04 uptime target is for generally-available features only.
Beta features are provided 'as is' — we don't warrant they'll work as described, be free of bugs, or become generally available.
Data in beta features may be lost if the feature is reset, redesigned, or discontinued. Back up anything important.
We may end beta access at any time with or without notice, including if a beta feature isn't working out.

During our overall early-access period — until we formally announce General Availability — the platform as a whole is offered in this spirit: in good faith, with best-effort support, but without the full formal guarantees of a post-GA service.

🚧 We'll announce General Availability clearly, with plenty of notice, once we're confident the platform is ready. You'll see a banner in the dashboard and an email.

16 — Your Responsibility for Your Use

When you're responsible for us

You're using our infrastructure to run your own software for your own users. That creates a few situations where things you do (or that your users do) could cause legal problems for us. This section covers the split.

You'll defend us and cover our legal costs if a third party sues or makes a claim against us because of:

Content you or your users put on your servers (defamatory posts, copyright-infringing files, illegal material)
Applications you build that cause harm to others (security breaches, data leaks, abusive messages, spam campaigns)
Your breach of these terms, the Acceptable Use Policy, or any applicable law
Your use of AI features in the dashboard in a way that causes third-party harm

In practice this almost never happens — most customers run legitimate workloads. But the clause has to exist because we can't police every server, and if a third party sues us over something a customer did, we can't be the ones eating the legal fees.

What this does NOT cover: situations where we're genuinely at fault (we leaked data, our platform failed and caused yours to fail, we breached our own promises to you). Those stay our responsibility per Section 07.

⚖️ If we ever need to invoke this clause, we'll tell you immediately, share the claim documents, and work with you on the defence. We don't surprise customers with indemnity demands.

17 — Things Outside Our Control

When it genuinely isn't our fault

No matter how hard we work, some things genuinely aren't in our power to prevent. This section is about them.

We won't be held responsible for failure or delay in performing our obligations when caused by events beyond our reasonable control, including:

Infrastructure outside our datacentre — upstream transit carrier outages, core internet routing issues, DNS root failures
Physical disasters — fires, floods, earthquakes, pandemics, war, civil unrest
Utility failures — mains power cuts, cooling failures, water damage at the datacentre
Legal or governmental action — court orders, sanctions, emergency legislation, mandatory takedowns, telecoms licensing changes
Critical supplier failures — a payment processor going offline, a required upstream service failing
Targeted cyber attacks against your service — DDoS at the volume or sophistication that overwhelms edge protection

When something in this list happens, we'll communicate as quickly as we reasonably can, work to restore service as fast as possible, and waive SLA credits that would otherwise apply for the affected period. But we won't owe damages for events genuinely in this category.

This is called a 'force majeure' clause. It's standard across the cloud industry.

🌍 We design the platform to be resilient against as many of these as we can (we have DDoS protection upstream, redundant power, off-host backups). Force majeure kicks in only when those protections themselves fail.

18 — General

Legal housekeeping

A few legal points that don't fit in the other sections but matter:

These are the whole agreement. These terms (together with our Privacy Policy and any separate written contract we sign with you) are the complete agreement between you and BareMeta. Statements made in marketing, emails, chats, or sales calls don't override what's written here.
If one part is unenforceable, the rest survives. If any court or regulator finds a clause of these terms invalid or unenforceable, the rest of the terms remain in full effect. We don't lose the whole agreement over one bad sentence.
Not enforcing doesn't mean giving up. If we don't immediately act on a breach of these terms, we don't lose the right to act on it later, or to act on similar breaches in future.
We can transfer these terms; you can't. If BareMeta is acquired, restructured, merged, or sold, we may transfer these terms to the new entity. You can't transfer your account or the benefit of these terms to anyone else without our written consent.
UK law applies. These terms are governed by the laws of England and Wales. Any disputes go to the courts of England and Wales.
No third-party rights. These terms don't create rights for anyone except you and BareMeta. A third party can't sue under the Contracts (Rights of Third Parties) Act 1999 as a result of this agreement.

========================================================================== -->

13 — Contact

Get in touch

Questions about these terms? Something not clear? Just want to chat? We're real people and we're happy to help.

BAREMETA LTD

Company number: 17142694

124-128 City Road, London, England, EC1V 2NX

General enquiries: hello@baremeta.cloud

Billing questions: billing@baremeta.cloud

Security reports: support@baremeta.cloud

Abuse reports: support@baremeta.cloud

We aim to respond to all emails within 1 business day.

🇬🇧 These terms are governed by the laws of England and Wales. Any disputes will be resolved in the courts of England and Wales.