Acceptable Use Policy

1. Purpose and Scope

This Acceptable Use Policy (“AUP”) applies to all customers, resellers, and users (“Users”) who access or use any network, connectivity, or managed service provided by Sofia Connect EAD(“Sofia Connect”), including IP Transit, Ethernet / L2VPN, DWDM Wavelengths, Dark Fiber, and any associated management platforms.

This AUP is incorporated by reference into the Terms of Service. By using Sofia Connect’s services, Users agree to comply with this AUP. Customers are responsible for ensuring that their end users, sub-customers, and downstream parties also comply.

2. Prohibited Activities

The following activities are strictly prohibited on Sofia Connect’s network:

2.1 Illegal Activity

• Transmitting, storing, or distributing content that is unlawful under Bulgarian, EU, or applicable international law.
• Engaging in fraud, identity theft, phishing, or any activity designed to deceive or harm third parties.
• Hosting, distributing, or facilitating the distribution of child sexual abuse material (CSAM) or any content that sexualises minors.
• Violating intellectual property rights, including copyright infringement via unauthorised distribution or reproduction.
• Facilitating or participating in money laundering, terrorist financing, or other financially criminal activity.

2.2 Network Abuse

• DDoS Attacks. Launching, directing, facilitating, or participating in Distributed Denial of Service (DDoS) attacks or any volumetric, protocol, or application-layer attack against any host, network, or service.
• Port Scanning and Network Probing. Conducting unsolicited port scans, vulnerability scans, or network probes against third-party systems without explicit written authorisation from the target system owner.
• Unauthorised Access. Attempting to gain unauthorised access to any system, network, account, or data. This includes password cracking, brute-force attacks, and exploitation of known vulnerabilities.
• Traffic Amplification. Using open resolvers, misconfigured servers, or protocol weaknesses to amplify traffic towards third-party targets (e.g., DNS amplification, NTP reflection, SSDP reflection).
• IP Spoofing.Sending packets with forged source IP addresses that do not belong to the Customer’s assigned address space. Customers must implement BCP38 ingress filtering on downstream traffic.
• BGP Hijacking. Originating or propagating BGP announcements for address space not assigned or authorised to the Customer.

2.3 Spam and Unsolicited Communications

• Sending unsolicited commercial email (spam) in violation of applicable law, including EU Directive 2002/58/EC and Bulgarian Electronic Commerce Act.
• Operating open mail relays that facilitate third-party spam distribution.
• Using Sofia Connect’s network as a source or relay for bulk unsolicited SMS, messaging, or robocall campaigns without recipient consent.
• Harvesting email addresses or other personal data from third-party systems without authorisation.

2.4 Malware and Harmful Content

• Hosting, distributing, or transmitting malware, ransomware, spyware, trojans, rootkits, or any malicious code designed to harm systems or users.
• Operating botnet command-and-control (C2) infrastructure.
• Hosting phishing pages, credential-harvesting forms, or fraudulent look-alike websites.

2.5 Resource Misuse

• Intentionally consuming excessive network resources in a manner that degrades service quality for other customers.
• Reselling or sub-leasing Sofia Connect services beyond what is expressly permitted in the applicable Service Agreement.

3. Abuse Reporting

Sofia Connect operates a dedicated abuse desk reachable at noc@sofia-connect.net. Third parties who believe they are affected by traffic originating from Sofia Connect’s network (ASN 47872) are invited to submit reports with supporting evidence including:

• Source IP addresses and timestamps (UTC)
• Relevant log excerpts or packet captures
• A description of the observed behaviour
• Contact details for follow-up

Sofia Connect will acknowledge abuse reports and investigate within one (1) business day.

4. Consequences of Violation

Sofia Connect reserves the right to take any or all of the following actions in response to AUP violations, proportionate to the severity and nature of the breach:

• Issue a written warning requiring the Customer to cease the offending activity within a specified timeframe.
• Temporarily rate-limit, null-route, or blackhole specific traffic flows or IP addresses to protect network integrity.
• Immediately suspend service to affected Customer circuits or accounts without prior notice where there is an imminent threat to network security or third parties.
• Terminate the Customer’s service agreement in accordance with the Terms of Service.
• Report the activity to relevant law enforcement or regulatory authorities and cooperate fully with any lawful investigation.
• Seek injunctive relief or other legal remedies to prevent further harm.

Emergency suspension does not relieve the Customer of payment obligations for the period up to and including the date of suspension.

5. Cooperation with Authorities

Sofia Connect will cooperate with Bulgarian law enforcement, judicial authorities, and other competent bodies as required by applicable law, including the Electronic Communications Act of the Republic of Bulgaria and EU Directive 2018/1972 establishing the European Electronic Communications Code.

6. Amendments

Sofia Connect may update this AUP at any time with thirty (30) days’ notice via the website or direct communication to registered Customers. Continued use of services following the effective date of any revision constitutes acceptance of the updated AUP.