Technology Stack Access Policy
This Technology Stack Access Policy ("Policy") is designed to complement the CentralNic Terms and Conditions. It outlines the standards and procedures that all Suppliers must follow when accessing or using our Technology Stack. Suppliers should read this Policy carefully before accessing and using our technology stack. By accessing or using our technology stack, Suppliers agree to be bound by this Policy.
"Our" and "we" shall refer to CentralNic Ltd.
"Supplier" refers to any third-party vendor, service provider, or contractor that accesses our technology stack. The term shall also refer to any customer and service user including, but not limited to, Registrars accessing our Technology Stack in accordance with our Master Access Agreement.
"Technology Stack" refers to our suite of software technologies, infrastructure, and services used to build and run our platform, including - but not limited to - our APIs, web interfaces and EPP services.
Purpose and Scope
The purpose of this Policy is to protect our Technology Stack from actions or events that might cause instability, security issues, high load, or other common technology incidents in the domain name space that may negatively affect other users of our Technology Stack, our Technology Stack itself or parts thereof, or any third parties. This Policy applies to all Suppliers who access or use our Technology Stack for any purpose. All access to and use of our Technology Stack is conditioned on the acceptance of and compliance with this Policy.
An Affiliated Supplier is a Supplier affiliated with another Supplier. Cases where Suppliers shall be considered to be Affiliated Suppliers include, but are not limited to cases where:
- Suppliers are directly or indirectly under common ownership or control, regardless of whether this is full or partial ownership or control;
- a Supplier declares, implies or confirms its affiliation with another Supplier;
- one or more officers of one Supplier are also officers or related persons of officers of the other Supplier;
- Suppliers are working in concert to achieve a common objective or otherwise act in a manner that we may reasonably assume that the Suppliers are affiliated with one another.
We may determine in our sole discretion whether multiple Suppliers shall be considered to be Affiliated Suppliers.
By accessing or otherwise using our Technology Stack, Suppliers are confirming their understanding and acceptance of this Policy. Non-compliance with this Policy will be considered a breach of our Terms and Conditions and may result in sanctions in accordance with this policy. Suppliers are responsible for avoiding any action that may impact the stability and security of our Technology Stack. These responsibilities include but are not limited to the following:
- Complying with all applicable laws and regulations.
- Using the Technology Stack in a responsible and respectful manner.
- Reporting any potential or actual security threats, instability issues, high load, or domain name incidents.
- Avoiding the submission of repetitive or high volume requests.
- Avoiding any behavior that may compromise the stability or security of our Technology Stack, that may result in high load or that otherwise causes, contributes to is likely to cause an interruption or degradation of, interference with, or disproportionate burden on our Technology Stack.
Affiliated Suppliers shall be considered jointly regarding the effect of their actions on the stability, security or the load of our Technology Stack.
Domain Name Incidents
Suppliers are expected to actively prevent and report any incidents related to the domain name system, such as DNS hijacking, cache poisoning, unauthorized zone transfers, and any other form of DNS abuse or cyberattacks. Suppliers are required to follow our Anti-Abuse Policies.
Commercial Use and Enhancement of the Technology Stack
If a Supplier intends to build on top of our Technology Stack, or use our Technology Stack for commercial gain in a manner not explicitly specified in another agreement, they may be subject to further terms and conditions, as well as additional charges. This will be determined at our absolute discretion. Suppliers must seek and receive written approval from us before proceeding with such activities which may be withheld for any reason. This shall not apply to the use of our EPP for domain registration purposes by accredited registrars.
Suppliers must implement strong security measures to prevent unauthorized access, use, disclosure, disruption, modification, or destruction of our Technology Stack, including DNS-related vulnerabilities (“Security Incidents”). Measures may include multi-factor authentication, strong password policies, secure DNS practices, and active monitoring for potential threats. Suppliers must notify us immediately of any known or suspected Security Incidents.
Suppliers must adhere to all relevant data privacy laws and regulations when accessing data through our Technology Stack. They are required to respect the confidentiality and privacy of all information they access or use in connection with our Technology Stack.
All rights, titles, and interests in and to the Technology Stack (including but not limited to any software, logos, service marks, trade names, and other intellectual property) belong solely and exclusively to us. Suppliers must respect our intellectual property rights in the Technology Stack. Any unauthorized use or infringement of our intellectual property rights is strictly prohibited.
We reserve the right to limit, suspend and/or terminate a Supplier's access to our Technology Stack at our absolute discretion if the Supplier's conduct directly or indirectly leads to instability of our Technology Stack, security issues, high load, or domain name incidents or if otherwise necessary to protect the stability and/or security of our Technology Stack. Our decision is final and binding. Sanctions against one Supplier may be applied jointly to all of its Affiliated Suppliers.
Policy Violations and Sanctions
We reserve the right, at our absolute discretion, to sanction any violation of this Policy, including any failure to prevent or report a domain name incident, may result in immediate limitation, suspension or termination of access of a Supplier to the Technology Stack, legal action, and/or notification of law enforcement authorities, without prior notice and without liability to the Supplier if the Supplier's conduct directly or indirectly leads or contributes to instability of our platform, security issues or high load. Sanctions implemented against one Supplier may be applied to all its Affiliated Suppliers. Our decision is final and cannot be appealed.
Limitation of Liability and Disclaimer
In no event shall we be liable for any indirect, incidental, special, punitive, exemplary, or consequential damages (including, but not limited to, loss of use, data, or profits; or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of a Suppliers’ use of our Technology Stack.
Our Technology Stack is provided "as is," without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose, and non-infringement. Except when explicitly agreed otherwise, our Technology Stack is provided under no form of Service Level Agreement.
We reserve the right, at our sole discretion, to modify or replace this Policy at any time. We will make reasonable efforts to provide at least 30 days' notice prior to any Policy Updates taking effect.