Transparency Report 2026
We believe every hosting provider should publish what it receives and what it does about it. This report covers January 1, 2026 to December 31, 2026 (year to date).
Last updated: June 1, 2026
Legal Requests
Valid Romanian Tribunal takedown notices
No court-issued takedown orders received from Romanian courts in 2026.
Government data requests (all jurisdictions)
No subpoenas, warrants, or formal data requests received from any government authority.
DMCA complaints received (US-originated)
All rejected as non-domestic. DMCA is a US statute and has no effect on infrastructure hosted in EU jurisdictions.
National security letters / gag orders
We have never received a national security letter. This statement will be removed if that ever changes.
Service Abuse
Offshore does not mean lawless. We host privacy-respecting workloads, not weaponized infrastructure. The cases below were closed by our compliance team, not by foreign takedown demands.
Service abuse cases handled
Confirmed violations of our Acceptable Use Policy resulting in suspension or termination.
Accounts terminated for CSAM
We operate a strict zero-tolerance policy. Any CSAM finding triggers immediate termination and law enforcement referral.
Accounts terminated for terrorism-related content
Zero-tolerance, immediate termination, no refund.
Accounts terminated for malware command-and-control (Empire, Cobalt Strike, botnets)
C2 infrastructure violates our AUP regardless of jurisdiction. Detected via abuse reports and external threat intel.
Network Snapshot
Active customers
We are intentionally small. Quality over quantity.
Servers under management
Mix of VPS, dedicated, and Tor hidden service nodes.
Jurisdictions
Romania, Ukraine, Netherlands, Iceland, Finland, Switzerland.
Policy Commitments
We only act on legal instruments issued by a competent authority in the jurisdiction where the server is physically located. Foreign court orders, DMCA notices, and informal pressure are not honored.
We do not scan customer disks, traffic, or memory for content. We respond to specific, documented abuse reports.
We do not maintain master keys, weaken cryptography, or pre-install monitoring agents in customer images.
When legally permitted, we notify the affected customer before complying with any data request, so they can challenge it.
CSAM, terrorism, human trafficking, and active malware command-and-control are out of scope and result in immediate termination, no refund, no exceptions.
The absence of a national security letter is restated in each report. If the number ever changes, this language will be removed without comment.
Methodology
Counts are taken from our internal abuse and legal ticketing systems for the reporting period. Where exact counts are small enough to risk identifying a specific customer or complainant, we report "fewer than 5" or "fewer than 10" rather than the precise number.
A "valid" takedown notice is one that originates from a competent court or authority in the jurisdiction where the server is located, identifies the specific resource, and provides a legal basis under that jurisdiction's law. Notices that do not meet these criteria are recorded as received but not counted as valid.
Press and Legal Contact
We respond to verified press inquiries within 5 business days. For urgent compliance matters, see our abuse reporting page.