Effective Date: x x, xxxx
Last Updated: x x, xxxx
EU DIGITAL SERVICES ACT (DSA) COMPLIANCE NOTICE
This Digital Services Act (DSA) Compliance Notice forms an integral part of SCALIBIT’s Terms of Service (ToS) and Acceptable Use Policy (AUP), and is incorporated herein by reference.
This notice is provided in accordance with Regulation (EU) 2022/2065 of the European Parliament and of the Council (The Digital Services Act).
SCALIBIT (“SCALIBIT”) provides neutral intermediary services, including Virtual Machines (VPS, VDS), Cloud Services (Cloud Servers, Dedicated Cloud Servers), Cloud Compute Services, Dedicated Servers (Dedicated Servers or Bare Metal), and specialized GPU Servers. As a provider of unmanaged infrastructure, SCALIBIT qualifies as a “Mere Conduit” and/or “Hosting” service provider under Articles 4 and 6 of the DSA.
SCALIBIT does not provide managed services, application management, content hosting services, monitoring services, or ongoing system administration, and does not act as a systems operator or application service provider.
All services and servers, together with any IP address(es) assigned thereto, are leased, utilized, and managed exclusively by Customers. All legal, regulatory, contractual, and content-related responsibilities arising from the use, operation, and management of such services, servers, and assigned IP address(es) rest solely with the Customer. SCALIBIT does not control, operate, administer, or supervise any Customer-leased services or servers, and does not review, monitor, curate, modify, or regulate any content hosted, stored, processed, or transmitted within such services. All administrative authority and operational control remain exclusively with the Customer. SCALIBIT does not act as a content publisher, content creator, or editorial authority.
Customers act as the sole and independent data controllers for any personal data processed within their environments, within the meaning of applicable data protection laws (including GDPR).
Quick navigation to key parts of this policy
1. POINTS OF CONTACT
Pursuant to Articles 11 and 12 of the DSA, SCALIBIT has designated the following points of contact for direct communication with EU Member States’ authorities, the European Commission, the European Board for Digital Services, and our Customers:
- Official Compliance Email: dsa@scalibit.com
- Legal Department: legal@scalibit.com
- Preferred Language: English is the preferred language for all communications regarding DSA compliance.
2. NOTICE AND ACTION MECHANISM
If you believe that any content hosted on a service or server leased, utilized, and managed by a Customer, physically hosted within data centers located in Member States of the European Union (including any IP address(es) assigned to such services or servers), is illegal under EU or applicable Member State law, you may submit a formal notice via email to dsa@scalibit.com.
Submission Requirements: To ensure a prompt review, a DSA Notice must be sent in writing and include the following specific information:
- (i) A sufficiently substantiated explanation of the reasons why the individual or entity alleges the information in question to be illegal content;
- (ii) A clear indication of the exact electronic location of that information, such as the exact URL(s) or the specific IP address associated with the content;
- (iii) The name and email address of the individual or entity submitting the notice (except in cases involving offenses referred to in Articles 3 to 7 of Directive 2011/93/EU);
- (iv) A statement confirming the bona fide belief of the individual or entity submitting the notice that the information and allegations contained therein are accurate and complete.
Notice Forwarding and Remediation: Upon receipt of a valid notice, SCALIBIT’s primary procedure is to forward the complaint to the Customer leasing, utilizing, and managing the specific service, server, and assigned IP address(es). The Customer is required to review and remediate the issue expeditiously to ensure compliance with this policy and applicable laws.
Technical Limitations and Access Boundaries: SCALIBIT does not possess, retain, or have routine access to any administrative, root, or privileged credentials (including, without limitation, SSH keys, RDP access, root passwords, database credentials, encryption keys, or system-level authentication data) for any services or servers leased, used, and managed by Customers.
Any access, if ever provided, is performed solely in response to a specific technical support request initiated by the Customer, and is strictly exceptional, temporary, and limited in scope. Such access is initiated solely at the explicit request of the Customer, and only where the Customer voluntarily provides temporary credentials or access information for this limited purpose. Such access is strictly limited to operating system–level configuration or the diagnosis and resolution of infrastructure, connectivity, or network-related issues.
Such access does not include the review, modification, processing, or handling of Customer content, databases, application data, or personal data, and does not confer any operational control, ongoing administrative authority, or create any contractual, fiduciary, agency, service-operator, or joint-controller relationship regarding the Customer’s systems or data. All administrative authority and operational control remain exclusively with the Customer.
Accordingly, SCALIBIT has no technical capability to access, view, inspect, modify, delete, or otherwise interact with any data, files, software, applications, or content stored, processed, or transmitted within services or servers leased, used, and managed by Customers.
SCALIBIT has no visibility into, control over, or insight into the internal operations, processes, runtime environments, or file systems of any Customer-managed servers or services. All data custody, system administration, and operational responsibility remain exclusively with the Customer.
Remediation Measures: Because SCALIBIT does not have any technical ability to intervene at the file, content, or application level within services or servers leased, utilized, and managed by the Customer, any action taken in response to a verified illegal activity is strictly limited to network-level measures.
If the Customer fails to respond within a reasonable timeframe or refuses to remediate the identified issue, SCALIBIT reserves the right, at its sole discretion, to implement enforcement actions at the service level and, where technically necessary, to coordinate network-level measures through the relevant upstream data center providers and network operators that physically host the affected services and originate and announce the associated IP address ranges, including but not limited to IP null-routing, suspension of the affected service or server, or permanent termination of the services or servers leased, utilized, and managed by the Customer, together with any IP address(es) assigned to such services.
Permanent termination of a service or server shall result in the irreversible deletion and complete erasure (formatting) of all data, files, software, and content stored within the terminated service or server, except where retention is required by applicable law or a valid court order. Such data destruction is final and non-recoverable.
To the maximum extent permitted by applicable law, SCALIBIT shall not be liable for any data loss resulting from enforcement actions taken in response to verified illegal activity or failure by the Customer to remediate such activity.
2.1 Misrepresentations. Pursuant to Article 20 of the DSA, any person who knowingly or negligently submits misleading information in a notice may be held liable for damages caused.
3. CONTENT MODERATION AND NEUTRALITY
SCALIBIT maintains a policy of infrastructure neutrality. Our moderation is strictly reactive and limited to addressing verified abuse (malware, phishing, etc.) or valid legal orders. SCALIBIT does not engage in proactive content moderation, algorithmic filtering, or content classification.
3.1 No General Monitoring. In accordance with Article 8 of the DSA, SCALIBIT is not obligated to monitor the information we transmit or store, nor are we obligated to actively seek facts or circumstances indicating illegal activity.
4. COMPLIANCE WITH ORDERS
4.1 Scope of Authority and Jurisdiction: Pursuant to the Digital Services Act (DSA), SCALIBIT only addresses content-removal or service-suspension orders from EU Member State authorities when such orders pertain to infrastructure physically hosted and located within data centers in the European Union (i.e., services or servers physically hosted within the EU that are leased, utilized, and managed by Customers, together with any IP address(es) assigned to such services or servers), and does not perform content-level removal within unmanaged hosting environments. As SCALIBIT, LLC is a Wyoming-based entity, any request for non-public information or metadata regarding the Customer leasing, utilizing, and managing a service, server, or assigned IP address(es) is subject to strict international legal standards. Such requests must be processed via Mutual Legal Assistance Treaties (MLAT) or through valid U.S. legal process (e.g., U.S. Court Orders, Subpoenas). For detailed procedural requirements, please refer to our Legal Information Requests Policy.
4.2 Technical Isolation and Data Custody: SCALIBIT provides strictly unmanaged infrastructure. SCALIBIT does not possess, retain, or have access to any data, files, software, or content stored or utilized by Customers within the services or servers they lease, utilize, and manage. Furthermore, SCALIBIT does not maintain backups, "images," or snapshots of any Customer data, nor does it perform automated data duplication. As SCALIBIT utilizes third-party upstream data center providers for physical hosting, the management of underlying network routing and high-level traffic logs remains with such providers, not SCALIBIT.
4.3 Metadata and Identity: SCALIBIT only collects basic account information provided by the Customer during registration (e.g., name, address, email). SCALIBIT does not verify the accuracy of this metadata nor does it require identity documents (ID/Passport) unless explicitly mandated by applicable law.
4.4 Compliance with Removal Orders: Upon receipt of a valid order from a judicial or administrative authority of an EU Member State to remove illegal content hosted on EU-based infrastructure, SCALIBIT will act expeditiously to comply while verifying the authenticity and legal validity of such orders. SCALIBIT will formally inform the requesting authority of its technical limitations regarding unmanaged hosting environments.
5. ANNUAL TRANSPARENCY REPORTING
As required by Article 15 of the DSA, SCALIBIT will publish (if applicable based on service volume) an annual transparency report detailing the number of removal orders received from EU authorities and the number of notices received regarding illegal content.
6. CHANGES TO THIS NOTICE
SCALIBIT reserves the right to update or amend this Digital Services Act (DSA) Compliance Notice from time to time to reflect changes in applicable laws, regulatory guidance, or operational practices. Any such updates will become effective upon publication on this page. Continued use of SCALIBIT’s services after such publication constitutes acknowledgment of the updated notice.
