Terms of Service

The short version

These Terms of Service ("Terms") govern your use of BareMeta's cloud infrastructure platform ("Service"), operated by BAREMETA LTD, registered in England and Wales (company number 17142694), with registered address at 124-128 City Road, London, England, EC1V 2NX ("we", "us", "our"). By creating an account or using our services, you agree to these terms.

If you're using BareMeta on behalf of a company or organisation, you're agreeing to these terms on their behalf too.

We've tried to write these in plain English. If something isn't clear, please email us at hello@baremeta.cloud and we'll explain it.

Your account

To use BareMeta you need to create an account with a valid email address. Here's what you need to know:

• You must be 18 or over to create an account and use our services.
• One account per person. Creating multiple accounts to abuse free trials or avoid a suspension is not allowed.
• Keep your password safe. You're responsible for everything that happens under your account. If you think someone else has accessed your account, contact us immediately.
• Accurate information. Please provide accurate details when registering. Don't impersonate anyone else.
• Email verification. You'll need to verify your email address before you can use the service. This helps us keep the platform secure.

What you can and can't do

Our servers are shared infrastructure. What you do on your server can affect others. Here's the deal:

You can use BareMeta to:

• Host websites, web apps, APIs, and databases
• Run game servers, development environments, and personal projects
• Run legitimate business workloads and services
• Test software, run experiments, and learn
• Host VPN services for personal or business privacy

You cannot use BareMeta to:

• Send spam — bulk unsolicited email, SMS, or messages of any kind
• Launch attacks — DDoS attacks, port scanning, hacking, or attempting to compromise other systems
• Host illegal content — including but not limited to child sexual abuse material, content that violates copyright, and content illegal under UK law
• Mine cryptocurrency — without our prior written permission
• Host malware or botnets — viruses, ransomware, phishing pages, or any malicious software
• Abuse our network — generating excessive traffic that impacts other customers
• Resell our services — without a separate reseller agreement
• Circumvent security measures — attempting to access other customers' resources or our infrastructure

If you're unsure whether something is allowed, just ask us first. We're reasonable people.

How billing works

We charge by the hour. Your server starts accumulating charges when it's created and stops when it's deleted — not when it's powered off. A powered-off server still occupies resources (disk space, IP addresses) so billing continues.

Key billing points:

• VAT is not currently charged because BareMeta is not VAT registered. If that changes, prices and invoices will show VAT clearly.
• Payment is collected monthly via the payment method on your account.
• Usage is billed in arrears — you pay at the end of the month for the previous month's usage.
• Failed payments — if an invoice remains unpaid, we'll send reminder emails. After 14 days overdue, your account may be suspended and servers throttled until payment is resolved.
• Suspended accounts — your data is retained for 14 days after suspension, after which it may be deleted.
• No refunds on used compute time — once a server has run, that time cannot be refunded. If you have a genuine billing dispute, contact us.
• Price changes — we'll give you at least 30 days notice of any price increases.

What uptime can you expect?

We aim to keep the platform running reliably. Here's our commitment:

• Target uptime: 99.5% measured monthly, excluding scheduled maintenance.
• Planned maintenance — we'll give at least 24 hours notice via email for any maintenance that may affect your service.
• Emergency maintenance — occasionally we may need to act quickly to address security issues. We'll notify you as soon as possible.
• Service credits — if we fall below 99.5% uptime in a month (excluding maintenance), we'll credit your account with a proportional amount for the affected period.

During our current early access period, our SLA is offered in good faith. Formal SLA guarantees will be confirmed once the platform reaches general availability.

Your data belongs to you

We're a UK-based company and take data protection seriously. Here's our commitment:

• Your data is yours. We don't sell it, share it with advertisers, or use it for anything other than running your services.
• We don't access your data unless required by law, to resolve a support issue you've asked us about, or to investigate an Acceptable Use Policy violation.
• GDPR compliance. We comply with UK GDPR. You have the right to access, correct, and delete your personal data.
• Data location. Your data is currently stored in the United Kingdom.
• Data on closure. Self-service user account deletion is processed promptly. Before closing, you must delete or export servers and transfer or delete any organisations where you are the sole owner. Billing records, audit logs, and legally required records are retained as described in our Privacy Policy.
• Backups. We perform infrastructure-level backups for disaster recovery. These are not a substitute for your own backups — please back up your important data.

For full details on how we handle personal data, see our Privacy Policy.

Shared responsibility

Security is a two-way responsibility:

We're responsible for:

• Physical and network security of our infrastructure
• Isolation between customer environments
• Keeping the platform software up to date
• Responding to security incidents affecting our infrastructure
• Notifying you within 72 hours if we become aware of a breach that affects your data

You're responsible for:

• Securing the software running on your servers
• Keeping your operating system and applications updated
• Managing access to your servers (SSH keys, passwords, firewalls)
• Ensuring your applications don't expose sensitive data
• Reporting any suspected security vulnerabilities to us promptly

Where the platform runs

BareMeta's datacentre-hosted services use UK-based datacentre infrastructure. Our upstream datacentre provider operates UK facilities with 24/7 onsite operations, controlled physical access, resilient rack power, fire detection and suppression, redundant cooling, diverse network connectivity, and provider-level network protection.

These datacentre controls support the resilience and security of the platform, but they do not replace your own application security, server hardening, monitoring, or backups. Exact network protection, capacity, routing, and availability commitments depend on the active service package and are governed by the Service Levels section of these terms and any separate written agreement with us.

Limitations on liability

We work hard to keep the platform running reliably, but cloud infrastructure is complex. Here's what we can and can't be held responsible for:

We are not liable for:

• Loss of data due to hardware failure (please back up your data)
• Downtime caused by events outside our control
• Loss of revenue or profits resulting from service interruption
• Actions taken by other customers on the platform
• Third-party services your applications depend on
• Damage caused by your own software or configuration

Our maximum liability to you in any month is limited to the amount you paid us in that month. This limitation applies to the fullest extent permitted by law.

Closing your account

You can leave any time. Delete your servers and close your account from the dashboard. If you are the sole owner of an organisation, you must transfer ownership or delete that organisation first. You'll be billed for usage up to the point the relevant services are deleted.

We may suspend or terminate your account if:

• You violate the Acceptable Use Policy — immediate suspension, possible permanent ban
• You fail to pay after 14 days overdue — account suspended until payment
• We receive a valid legal order requiring us to do so
• We're shutting down the service — 30 days notice minimum

What happens to your data:

• On voluntary account closure — your active user account is removed promptly, subject to sole-owner checks and required billing, audit, security, and legal retention
• On billing suspension — your servers may be throttled or access-restricted, but VM data is retained for at least 14 days unless legal, security, or abuse obligations require faster action
• On termination by us — customer data is normally retained for up to 30 days before deletion, unless law, security, abuse handling, or unpaid-service recovery requires a different period
• You can request an export of your data before deletion where the account is not suspended for abuse or legal reasons

When we update these terms

We may update these terms from time to time. Here's our commitment:

• Minor changes (typos, clarifications) — updated without notice
• Significant changes (pricing, liability, new restrictions) — 30 days notice via email
• If you disagree with changes, you can close your account before they take effect
• Continuing to use the service after changes take effect means you accept the new terms

The current version and date are always shown at the top of this page.

Bandwidth policy

Each server includes the outbound transfer allowance shown at purchase. Current standard allowances are: Starter 1 TB/month, Small 1 TB/month, Medium 2 TB/month, Large 3 TB/month, and Custom 1 TB/month unless agreed otherwise. Inbound data transfer is always free and does not count against the allowance.

The included server port speed depends on the selected plan. Current standard plan speeds are: Starter 100 Mbps, Small 250 Mbps, Medium 500 Mbps, Large 1 Gbps, and Custom 1 Gbps unless agreed otherwise. 10 Gb-capable networking is a paid upgrade and is only available when it is explicitly shown in the launch flow or agreed in writing. 10 Gb-capable service is best-effort unless a separate written agreement says otherwise.

What happens if you exceed your allowance:

• Your server's outbound throughput is throttled to 10 Mbps for the remainder of the billing cycle
• Your server remains online and accessible — the throttle affects outbound transfer speed only
• On the first of the following month, the allowance throttle is automatically removed
• No overage charges apply. Exceeding the allowance does not produce an invoice line item

Blocked ports

Certain ports are blocked by default across all BareMeta servers to protect the platform and other customers:

• Port 25 (SMTP outbound) — blocked by default on all servers to prevent spam and protect our IP reputation. If you have a legitimate need to send email from your server, contact us to discuss options.
• Port 465 / 587 — available by default for authenticated SMTP submission

Refund policy

We want you to be happy with BareMeta. Here's our refund policy:

• 7-day money back — if you're not satisfied within the first 7 days of your first server, contact us for a full refund. This applies to new accounts only.
• After 7 days — no cash refunds on used compute time. We may offer pro-rata account credit at our discretion.
• Commitment periods — if you've paid upfront for 3, 6 or 12 months, we'll refund the unused portion as account credit.
• No refunds — for accounts suspended due to Acceptable Use Policy violations.

To request a refund, email billing@baremeta.cloud with your account details and reason. We'll respond within 2 business days.

What's yours vs what's ours

The BareMeta platform — the dashboard, control panel, API, documentation, and underlying software — is owned by BAREMETA LTD. Your data and what you run on the platform belongs to you. Here's how that split works:

• Your data is yours. Everything you put on the platform (your servers, files, configurations, code) stays yours. See Section 05 for details on how we handle it.
• Our platform is ours. The dashboard UI, the control system that runs it, our logos, and our brand are ours. You get a limited, non-exclusive licence to USE them while your account is active — you don't get to copy them, rebrand them, or use them outside our service.
• What you CAN do: use the platform freely within these terms, write your own code that calls our API, talk about BareMeta online, link to us, request features.
• What you CAN'T do: reverse-engineer the platform, scrape our dashboard to build a competing product, remove BareMeta branding from pages we serve, or claim our service as your own.
• Open source. Parts of our platform use open-source software licensed under their own terms. Nothing in these terms restricts your rights under those open-source licences.
• Feedback. If you send us feedback, bug reports, or feature suggestions, we can use them freely to improve the service. No attribution needed, no payment owed. Please keep them coming — most of our improvements start as customer suggestions.

Who we can and can't serve

BareMeta is a UK company and must comply with UK and international sanctions laws. By using our services, you warrant that:

• You are not located in or a resident of a country subject to UK or international comprehensive sanctions (currently including, but not limited to: Iran, North Korea, Syria, Cuba, Crimea, Donetsk/Luhansk).
• You are not listed on the UK Sanctions List (OFSI), the EU Consolidated Financial Sanctions List, the US Treasury's OFAC Specially Designated Nationals List, or equivalent international sanctions lists.
• You will not use the service to provide services to anyone on those lists, and will not use it to export or re-export technology, software, or data in violation of UK export control laws.

If we become aware that you're in breach of this section, we must suspend or terminate your account immediately. This is a legal obligation under UK law, and we can't waive it.

Things we're still building

Some parts of our platform are in 'beta' or 'early access' — features we've released to learn from real customer use before fully launching them. We think you'll like getting early access, but we need to be clear about what beta means:

• Beta features are clearly marked in the dashboard or documentation.
• No uptime SLA applies to beta features. Our Section 04 uptime target is for generally-available features only.
• Beta features are provided 'as is' — we don't warrant they'll work as described, be free of bugs, or become generally available.
• Data in beta features may be lost if the feature is reset, redesigned, or discontinued. Back up anything important.
• We may end beta access at any time with or without notice, including if a beta feature isn't working out.

During our overall early-access period — until we formally announce General Availability — the platform as a whole is offered in this spirit: in good faith, with best-effort support, but without the full formal guarantees of a post-GA service.

When you're responsible for us

You're using our infrastructure to run your own software for your own users. That creates a few situations where things you do (or that your users do) could cause legal problems for us. This section covers the split.

You'll defend us and cover our legal costs if a third party sues or makes a claim against us because of:

• Content you or your users put on your servers (defamatory posts, copyright-infringing files, illegal material)
• Applications you build that cause harm to others (security breaches, data leaks, abusive messages, spam campaigns)
• Your breach of these terms, the Acceptable Use Policy, or any applicable law
• Your use of AI features in the dashboard in a way that causes third-party harm

In practice this almost never happens — most customers run legitimate workloads. But the clause has to exist because we can't police every server, and if a third party sues us over something a customer did, we can't be the ones eating the legal fees.

What this does NOT cover: situations where we're genuinely at fault (we leaked data, our platform failed and caused yours to fail, we breached our own promises to you). Those stay our responsibility per Section 07.

When it genuinely isn't our fault

No matter how hard we work, some things genuinely aren't in our power to prevent. This section is about them.

We won't be held responsible for failure or delay in performing our obligations when caused by events beyond our reasonable control, including:

• Infrastructure outside our datacentre — upstream transit carrier outages, core internet routing issues, DNS root failures
• Physical disasters — fires, floods, earthquakes, pandemics, war, civil unrest
• Utility failures — mains power cuts, cooling failures, water damage at the datacentre
• Legal or governmental action — court orders, sanctions, emergency legislation, mandatory takedowns, telecoms licensing changes
• Critical supplier failures — a payment processor going offline, a required upstream service failing
• Targeted cyber attacks against your service — attacks that exceed the datacentre's included DDoS mitigation limits, attacks outside the mitigation scope, or application-layer attacks against your workloads

When something in this list happens, we'll communicate as quickly as we reasonably can, work to restore service as fast as possible, and waive SLA credits that would otherwise apply for the affected period. But we won't owe damages for events genuinely in this category.

This is called a 'force majeure' clause. It's standard across the cloud industry.

Legal housekeeping

A few legal points that don't fit in the other sections but matter:

• These are the whole agreement. These terms (together with our Privacy Policy and any separate written contract we sign with you) are the complete agreement between you and BareMeta. Statements made in marketing, emails, chats, or sales calls don't override what's written here.
• If one part is unenforceable, the rest survives. If any court or regulator finds a clause of these terms invalid or unenforceable, the rest of the terms remain in full effect. We don't lose the whole agreement over one bad sentence.
• Not enforcing doesn't mean giving up. If we don't immediately act on a breach of these terms, we don't lose the right to act on it later, or to act on similar breaches in future.
• We can transfer these terms; you can't. If BareMeta is acquired, restructured, merged, or sold, we may transfer these terms to the new entity. You can't transfer your account or the benefit of these terms to anyone else without our written consent.
• UK law applies. These terms are governed by the laws of England and Wales. Any disputes go to the courts of England and Wales.
• No third-party rights. These terms don't create rights for anyone except you and BareMeta. A third party can't sue under the Contracts (Rights of Third Parties) Act 1999 as a result of this agreement.

Get in touch

Questions about these terms? Something not clear? Just want to chat? We're real people and we're happy to help.