Exact Hosting Master Service Agreement

This Master Service Agreement (MSA) shall constitute a binding contractual agreement between Exact Hosting, a service operated by Tucows.com Co, (“Company”) and you, the purchaser of our services (“you” or “Customer”).

This MSA provides the terms and conditions for services sold through our website, exacthosting.com.

The Service Agreement includes:

  1. Terms of Service
  2. Acceptable Use Policy
  3. Exhibit A – Domain Registration Agreement
  4. Privacy Policy

You agree to be bound to all agreements found herein.

Terms of Service

  1. Monthly Service Fees: Fees for service(s) ordered by the Customer shall begin on the date of the initial order. That date shall serve as the monthly anniversary date (“Anniversary Date”) for all future billings including one time fees, upgrades, additional services, cancellations, and service credits. Fees are due in advance of the monthly service cycle and will be billed on the anniversary date of each month.
  2. Upgrade Fees: Upgrades ordered on the billing Anniversary Date will be billed for a full month service and will continue each month on the Anniversary Date. Upgrades ordered after the normally-billed Anniversary Date will be prorated to the next Anniversary Date and billed as a onetime pro-rata charge. Future charges will appear as full monthly fees added to your existing Anniversary Date.
  3. Additional Service Fees: Additional services ordered on the Anniversary Date will be billed for the full month service and will continue each month on the Anniversary Date. Additional services ordered after the normally-billed Anniversary Date will be prorated to the next Anniversary Date and billed as a onetime pro-rata charge. Future charges will appear as full monthly fees added to your existing Anniversary Date.
  4. One Time Fees: One time fees, such as setup fees, administrative fees, and late fees are due and payable at the time they are incurred.
  5. Service Credits: Service credits will be issued to your Customer account and shall be used to offset future billable services. Service credits shall not be issued as cash back to the Customer nor are service credits transferable to other account holders.
  6. Cancellation: The Company requires a thirty (30) day written (i.e. via email or help request) cancellation notice prior to the Anniversary Date for discontinuance or downgrades of month-to-month services. Failure to supply the requisite thirty (30) days written notice of cancellation will result in a full billable monthly cycle prior to cancellation. All Customer data remaining after the cancellation date will be destroyed for security and privacy reasons.
  7. Refunds & Disputes: All services rendered by the Company are non-refundable. This includes, but is not limited to: set-up fees, one time fees, monthly service fees, upgrade fees, additional service fees, administrative fees, and late fees. Customers seeking to resolve billing errors are instructed to open a help ticket with our support department. A chargeback of payment for services rendered will result in an additional charge of $150 and will be subject to collection by an authorized collection agency.
  8. Non-Payment: Any outstanding amounts not paid within a thirty (30) day period will be considered past due and will accrue interest at the rate of one and one-half percent (1.5%) per month. If any amount due under this Agreement is collected by or through an attorney or collection agency, Customer shall pay all of Company’s collection costs, including attorney’s fees.
  9. Affiliates: Exact Hosting does not offer an affiliate program. However, customers who have become part of Exact Hosting via an acquisition will be grandfathered into any existing affiliate program that was active prior to an acquisition. Additionally, the following changes will take place immediately following an acquisition:
    1. Payouts will be reduced to 10% or remain as is if less than 10% of the hosting plans monthly or annual payment;
    2. You can request the commission balance to be paid out to you or apply it as a credit to your account. You need at least $50 in your account for a withdrawal by cheque. If you do not request that your balance be paid out to you within thirty (30) days of its accrual, we will automatically credit your account. You must also have a valid W9 form on file, please submit one separately to our support team.
  10. Data: The Company agrees to use best efforts and commercially reasonable best practices when deploying services related to data integrity, backup, security, and retention. These services include, but are not limited to: hard drive storage, raid hard drive arrays, network attached storage, storage area networks, operating system installs, operating system reloads, and other situations involving Customer data. Customer assumes ultimate responsibility for data integrity, retention, security, backup, and ownership. The Company collects and uses Customer data as follows:
  • Account Data:This may include your name, user name, account email address, and associated data. We use this to create and maintain your account.
  • Hosting Data: This includes the files that you upload for us to publish on your behalf as your website.
  • Billing Data:This may include your billing address and billing information. We use this data, through our subprocessor, Stripe, to bill you for services on the Anniversary Date.
  • Identity Use: Company agrees not to use Customer name, logos, or information without prior written consent of Customer.
  1. Laws: Customer agrees to abide by all local, state, and federal laws pursuant to services delivered in Charlottesville, Virginia, United States of America. Proper venue for legal remedies shall be the City of Charlottesville, Virginia. All contract terms found herein shall be bound by Virginia State Law or the Uniform Commercial Code, whichever may be applicable.
  2. Data Protection Authority:If you are a resident of the European Economic Area (EEA) and believe we maintain your personal data subject to the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority, responsible for the territory in which we maintain a subsidiary office in Germany. Our lead supervisory authority is:

Landesbeauftragte für Datenschutz und Informationsfreiheit
Postfach 20 04 44
40102 Düsseldorf

Tel.: 0211/38424-0

  1. Mutual Indemnification: Each party agrees to indemnify and hold harmless the other party, the other party’s affiliates, and each of their respective officers, directors, attorneys, agents, and employees from and against any and all claims, demands, liabilities, obligations, losses, damages, penalties, fines, punitive damages, amounts in interest, expenses, and disbursements of any kind and nature whatsoever (including reasonable attorneys’ fees) brought by a third party under any theory of legal liability arising out of or related to the indemnifying party’s actual or alleged infringement or misappropriation of a third party’s copyright, trade secret, patent, trademark, or other proprietary right.
  2. Limitation of Liability: The Company shall not be liable to Customer for harm caused by or related to Customer’s services or inability to utilize the services unless caused by gross negligence or willful misconduct. Neither Party shall be liable to the other for lost profits, direct or indirect, special or incidental, consequential or punitive, or damages of any kind whether or not they were known or should have been known. Notwithstanding anything else in this agreement, the maximum aggregate liability of the Company and any of its employees, agents, or affiliates, under any theory of law shall not exceed a payment of money not to exceed the amount paid by the Customer for hosting services for the six months prior to the occurrence of the event(s) giving rise to the claim.
  3. Arbitration: Any controversy or claim arising from service or related to this contract or breach therein in excess of $5,000.00 shall be settled by arbitration in accordance with the commercial arbitration rules of the ADR Forum. The resulting judgment rendered by a licensed arbitrator may be entered in any court having valid jurisdiction.
  4. Acceptance: Acceptance of the Service Agreement, incorporating the terms of service and acceptable use policy, hereby initiates billable services and is deemed complete by agreement to the terms as described and completion of the ordering process.

Acceptable Use Policy

The Company is dedicated to the unrestricted free transmission of information via the Internet.

Notwithstanding anything found herein, the Company follows all local, state, and federal laws pursuant to the services delivered over the Internet and directly related to our network and internal systems. The purpose of the acceptable use policy is to inform all Customers of anticipated Customer use. Due to the myriad of possibilities in maintaining a network comprised of many servers, this document is intended to act as a guideline to service and not to be all-encompassing.

Direct Violations of AUP: The following list represents per sedirect violations of the acceptable use policy and will be subject to immediate redress under the methods of resolution as described in the acceptable use policy.

    1. Copyright Infringement: Direct copyright infringement as defined and noted under Title 17, Section 512 of the United States Code is a direct violation of the acceptable use policy.
    2. Unsolicited Email: The sending of mass unsolicited email (spam) is a direct violation of the acceptable use policy. This includes, but is not limited to, the direct sending of such messages; support of such messages via web page, splash page, or other related site; or the advertisement of such services.
    3. Email Bombing: The sending, return, bouncing, or forwarding of email to specified user(s) in an attempt to interfere with or overflow email services is a direct violation of the acceptable use policy.
  • Proxy Email (Spam):The use of dedicated services to proxy email unsolicited users is a direct violation of the acceptable use policy. Proxy email is defined as the use of dedicated services to act in concert with other services located inside or outside the network to achieve mass unsolicited email (spam) to unrelated third parties.
  • UseNet Spam:The use of dedicated services to send, receive, forward, or post UseNet unsolicited email or posts is a direct violation of the acceptable use policy. This includes UseNet services located within the Company’s network or unrelated third-party networks.
  • Illegal Use:Any use of services to attempt or to violate statutory illegal activities is a direct violation of the acceptable use policy. This includes, but is not limited to: death threats, terrorist threats, threats of harm to another individual, multi-level marketing schemes, “Ponzi schemes”, invasion of privacy, credit card fraud, racketeering, defamation, slander, and other illegal activities.
  • Child Abuse Material:The Company has a zero-tolerance policy regarding child abuse material and related sites. The hosting of child abuse material or related sites or contact information is in direct violation of federal law and the acceptable use policy.
  • Threats & Harassment:The Company’s network can be utilized for any type of individual, organizational, or business use. This does not include threats or harassment to individuals, organizations, or businesses unless it falls within the bounds of protected free speech under the First Amendment. The Company seeks to serve only as the medium of exchange for information and refrains from decisions on Freedom of Speech.
  • Fraudulent Activities:The Company prohibits utilizing services for fraudulent activities. Notification of fraudulent activities by verified third parties can result in violation of the acceptable use policy.
  • Denial of Service:The Company absolutely prohibits the use of services for the origination or control of denial of service attacks or distributed denial of service attacks. Any relation to DoS, DDoS, or related activity is a direct violation of the acceptable use policy.
  • Terrorist Websites:The Company prohibits the use of dedicated services for the hosting of terrorist and terrorism-related websites. This includes, but is not limited to, sites advocating human violence and hate crimes based upon race, religion, ethnicity, gender, sexual orientation, or country of origin. Any such activity is a direct violation of the acceptable use policy.
  • Distribution of Malware:The Company prohibits the storage, distribution, fabrication, or use of malware including virus software, root kits, password crackers, adware, key stroke capture programs, and other programs used for malicious activity. Any use of such programs is a direct violation of the acceptable use policy. Programs used in the normal ordinary course of business are deemed acceptable. For example: a security company analyzing the latest root kit for new security analysis software.
  • Phishing:The Company strictly prohibits any activity associated with phishing or systems designed to collect personal information (including, but not limited to name, account numbers, usernames, and passwords) under false pretenses. Splash pages, phishing forms, email distribution, proxy email, or any relation to phishing activities will result in immediate removal and is a direct violation of the acceptable use policy.
  • HYIP or Ponzi Schemes:High Yield Investment Plans or Ponzi schemes with the intent to defraud end-users are illegal, not allowed on the network, and a direct violation of the acceptable use policy. This includes hosting, linking, or advertising via email websites or schemes designed to defraud.

Disclosure to Law Enforcement: Occasionally, the Company is required by law to submit Customer information to law enforcement officials when presented with a valid request from a court with proper jurisdiction. Information requested is disclosed as directed pursuant to the subpoena, warrant, or other valid request. The Company utilizes great care in keeping Customer information safe and private and will only release information described in the request. The Company will notify Customer of the information request as allowed by the subpoena; where possible, the Company will provide prior notification to Customer, to afford the opportunity to object to the request in an appropriate court.

Reporting Violation of the Acceptable Use Policy: The Company accepts reports of violations of the acceptable use policy via email to abuse@exacthosting.com. Reports of violations include the name and contact information of the requestor as well as the name, contact information, IP address, and description of the violation. The Company owes no duty to third parties reporting violations. The Company will review all third-party reports and will take appropriate actions as described within the acceptable use policies or as determined in its sole and absolute discretion.

Methods of Resolution for Violations Under the Acceptable Use Policy: The ultimate goal of the Company is to balance the rights and interests of our Customers in the highly evolving Internet ecosystem. The Company understands the challenges of hosting companies, resellers, businesses, organizations, and other Customers who may have third-party violations occur due to the nature of their business. The goal to our methods of resolution is to mitigate any service interruptions while resolving any potential violations under the policy. Our staff are dedicated to working with you to resolve potential violations and are available via phone or email. Timing for resolution differs according to the degree of the violation, the nature of the violation, involvement of law enforcement, involvement of third-party litigation, and other related factors. Overall, the Company is dedicated to working with the Customer to resolve all potential violations prior to any service interruptions.

Disclaimer: The Company retains the right, at its sole and absolute discretion, to refuse new service to any individual, group, or business for any reason. The Company also retains the right to discontinue service with notice for repeated violation of the acceptable use policy over time.

III. Exhibit A – Domain Registration Policy

You agree to the following terms and conditions listed on this page upon purchasing, renewing, or transferring a domain name.

IV. Privacy Policy

Whenever we refer to “Exact” in this document, we are referring to the hosting services provided by Tucows.com Co. via the website exacthosting.com.

Our Privacy and Data Collection Practices

Like most online businesses, Exact collects and processes information on behalf of and about our customers. We want to help our customers understand what data we collect, how we use the data we collect, who we share this data with, and how we secure and protect this data.

The purpose of this policy is to share these details with our customers and anyone else interested in how we collect and process personal data.

We’ve tried really hard to keep this document simple and readable and if you have any suggestions for how we can improve it, please let do us know.

Information We Collect and Hold

When you purchase services from Exact, we create an account for you. This account makes it possible for you to track and manage your purchases with us. For the purpose of creating your account, we collect what we call “account data” and “hosted data”.

Account data includes:

  • the name of the account holder;
  • the mailing address of the account holder;
  • a primary and, optionally, a secondary email address, associated with the account holder and any other individual that the account holder wishes to designate; and
  • a credit card number, expiry, and verification code.

For your convenience, we may store this data at your direction as a default set of information for future purchases.

Hosted data depends on what you want on your website(s) and includes:

  • the files you upload to publish as your website(s);
  • the files you upload but remain unpublished as your website(s).

You should be aware that we understand that your hosted data is intended to be published, as the service that you have purchased from us is to publish that data as your website(s). If you upload anything as hosted data, we will treat it as such. You should be careful about what you upload as hosted data.

Our use of your account data

Exact only uses account data for the purpose of facilitating the management of your account and billing for your purchases.

We share this data programmatically with Stripe, for the purpose of billing your credit card.

Exact relies on tokens generated by Stripe to trigger billable events. Exact retains the industry-normal first six and last four digits of the credit card, the type of credit card, and the name associated with the credit card for internal tracking and audit purposes. The data is stored securely and is not usable for any billing or charging purposes. Stripe will never use your data for their own purposes without our explicit consent or notice to us.

We use WHMCS for billing. Your account information may be associated with your bill through WHMCS. The data is stored securely and not usable for any purpose other than billing and auditing.

Exact may share your account data with law enforcement agencies on a case-by-case basis, if necessary as part of a legal investigation. We may notify you if this happens, depending on the circumstances. Exact may also share your account data with a third party under order from a court of competent jurisdiction related to a lawsuit or investigation. We evaluate these requests on a case-by-case basis and we will notify you as appropriate.

We may use your account data to contact you concerning a dispute related to your account or for verification purposes to make sure no one else is accessing your account.

Exact does not share your account data with any other parties for any other reasons, with the exception of vendors, working under our instruction following levels of security at least as rigorous as those followed by Exact.

We never sell this information.

Location of Data Collection and Processing

Your account data and hosted data are collected and processed by us in the United States, the UK, and the Netherlands. When necessary for the services your have requested from us, your data may also be processed elsewhere, within or outside of Canada, in accord with legal regulations. Again, your hosted data is published to your website(s) and is public on the Internet.

Customer Service Information

We use a third party service, Zendesk, to help us manage all of our customer service interactions. Any information you send to use via email is usually stored and tracked in our Zendesk system. We also use Zendesk to log information when you call us for assistance. None of this information is accessible by any third party other than Zendesk.

When you call Exact Support via telephone, we will likely record and archive the conversation. If you don’t agree to this, please contact Exact Support through our online chat, email or other means as may be available at exacthosting.com.

Electronic Newsletters and Unsubscribe Policy

We only provide newsletters to you if you have opted in to receive them. If you change your mind, you can unsubscribe from our mailing list at any time through the link we provide at the top and bottom of every mailer.

Data Analytics

We collect and aggregate data concerning how people use the website at exacthosting.com. When you visit our websites, our web servers temporarily record the IP address of your computer, the file requested (file name and URL) by the client, the http response code, and the website from which you are visiting us. The recorded data is used for data security purposes, particularly to protect against attempted attacks on our server, and for statistical analysis. We do not use it to create individual user profiles nor do we share this information with third parties. Some of the data is associated with your account and the website(s) we host on your behalf, but is not personally identifiable to any third-party. We use a variety of third party services to help us collect and analyze this data, including Google Analytics.


We use cookies for certain services. These are small text files that are stored on your computer. They enable the system to tell if you repeatedly visit websites from the same computer.
Session cookies are cookies that are only saved on your computer for the duration of a single Internet session. They do not contain any personal data. For some offerings we use persistent cookies that support the services for future sessions. These cookies remain valid until you delete them or until the deletion period configured in your client is reached. You can set your browser to prevent these cookies being stored or to delete the cookies at the end of your Internet session. Please remember that in this case you may not have access to the full range of functions offered by our website.

Data Security and Retention

We follow generally-accepted standards to store and protect the personal data we collect, both during transmission and once received and stored. We use encryption where appropriate.

We retain personal data only for as long as necessary to provide the services you have purchased from us, and we may retain that information for legal or business purposes after termination of the services. These post-services retention periods are either mandated by law or contract and are necessary for preserving, resolving, defending, or enforcing our legal and contractual rights or needed to maintain accurate business and financial records.

If you have any questions about the security or retention of your personal data, you can contact us by email at help@exacthosting.com or by giving us a phone call at 1.877.658.4146 (Option 1, Monday to Friday between 8am and 9pm ET).

Data Access and Correction

You may view the personal information we have about you inside your account. You also may request, free of charge, information on the scope, origin, and recipients of any stored data as well as the purpose of storage. You may request that incorrect data be corrected at any time, or you may correct any data elements inside your account to which you have access.

Age restrictions

We do not target our services to persons under the age of 18. If you know of, or have reason to believe, anyone under the age of 18 has provided us with any personal data, please contact us.

Changes in our Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we decide to change our Privacy Policy, we will post those changes here, among other places we think you are likely to visit. We will place a date on any new privacy policy with material changes, so you will be able to see the last revision date.

Data Protection Authority

If you are a resident of the European Economic Area (EEA) and believe we maintain your personal data subject to the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority, responsible for the territory in which we maintain a subsidiary office in Germany. Our lead supervisory authority is:

Landesbeauftragte für Datenschutz und Informationsfreiheit


Postfach 20 04 44

40102 Düsseldorf

Tel.: 0211/38424-0

Contact Us

If you have any questions, concerns or complaints about our Privacy Policy, our practices or our Services, you may contact our Office of the DPO by email at DPO @ tucows.com. In the alternative, you may contact us by either of the following means:


By Mail:

Exact, a service of Tucows

96 Mowat Avenue

Toronto, Ontario

M6K 3M1


(Attention: Office of the Data Protection Officer)


or for customers established in the EEA:



Tucows Data Protection Officer

Rickert Rechtsanwaltsgesellschaft m.b.H

Kaiserplatz 7 – 9

53113 Bonn

DPO @ Tucows.com

We will respond to all requests, inquiries or concerns within thirty (30) days.

Click Me