Cart
Get 20% off ordering today: 
How to write your Acceptable Use Policy Template
We include this 4 page template with IT/Software/Hardware Contract Pack and the Proposal Kit Professional. You will get more content and software automation for data merging, managing client documents, and creating proposals with line item quoting with a Contract Pack or the Professional.
DOWNLOADABLE, ONE-TIME COST, NO SUBSCRIPTION FEES
If you need this template on DVD media order from our Amazon shop.
What Our Clients SayI have been using this pack for a few years to access the many templates in the packs for contracts, NDAs, etc. and it has been a great time and money saver. Quick and easy to use."
CEO at Naturally Ahimsa
1. Get IT/Software/Hardware Contract Pack or the single template that includes this business contract document.
We include this contract in editable Word format that can be customized using your office software.
2. Download and install after ordering.
Once you have ordered and downloaded your template or pack, you will have all the content you need to get started.
3. Customize the contract template with your information.
You can customize the contract document as much as you need. If you get a Contract Pack or Professional Bundle, you can also use the included Wizard software to automate name/address data merging.
Abstract
This agreement sets the ground rules for how a customer may use a hosting provider’s web hosting and email services. It functions as an Acceptable Use Policy, defining appropriate use of company resources and information resources, and placing accountability on the customer to ensure compliance by every user the customer authorizes. The policy applies to employees, contractors, and other users who connect to the provider’s network systems and information systems for business purposes. Management is expected to create awareness programs and security policies so personnel understand acceptable practices, confidentiality obligations, and the integrity and protection of information stored on computer equipment and devices.
Service is provided as-is and as available. The company disclaims warranties, including merchantability and fitness for a particular purpose, and does not guarantee uptime or normal performance. The customer bears responsibility for its data, backups, and information stored, while the provider will make reasonable efforts to protect data on its facilities.
Reimbursement for outages is limited to fees paid; direct costs and other damages are excluded. Use must be in accordance with local laws and U. S. federal law. This is a minimum standard that the organization should carry into related rules and practices.
The company limits its liability for content and user actions and reserves the right to change the agreement at any time, to identify activities that could harm its reputation or network, and to take action. Restrictions apply where activities could compromise security, create a breach, or expose proprietary information. The company is the sole arbiter of violations and may update requirements without prior notice.
Misuse of system resources is prohibited. Users may not run programs that consume excessive CPU time, memory, or storage, or resell mail services, forwarding, or auto-responders. If a process degrades service or threatens the integrity of network systems, the provider may terminate that process immediately, without prior approval or explicit consent from the user.
Only lawful use is allowed. It is a violation to transmit material that infringes intellectual property, is obscene or defamatory, or breaches export controls. The policy clearly treats spam as inappropriate use: no unsolicited commercial or informational email.
Posting ads to forums or mailing lists, or using another provider’s services while routing responses through the company’s servers, is prohibited. Falsifying identification or user information is also forbidden. In practice, employees should communicate with clients for business purposes tied to their employees’ work duties and avoid personal mass mailings or similar information that could be seen as inappropriate.
System and network security provisions forbid allowing or attempting unauthorized access, probes, scans, service interference, mail bombing, flooding, or header forgery. While the contract does not list tools, best practice is to block or avoid port scanners, packet sniffers, and password cracking programs. Protect authentication purposes by safeguarding passwords, personal identification numbers, and security tokens.
Do not intentionally access systems or programs contained on the provider’s servers without authorization. Treat any confidential or sensitive data as proprietary information to prevent unauthorized disclosure or compromise.
The domain name and DNS sections align with ICANN policy. Transfers cannot occur during the first 60 days after registration. After day 61, transfers can proceed using standard processes, but there is no guarantee of success.
The customer is responsible for DNS entries, and fees are not refundable if a transfer fails due to WHOIS identification issues, timeouts, or other causes. This underscores the need for accurate records and prior coordination to ensure compliance with registrar procedures.
If the company suspects a violation, it may investigate and restrict access during the review. It can suspend or terminate accounts without refund and may notify law enforcement or take legal action. This accountability framework is intended to ensure compliance, protect assets, and maintain secure operations. The company owes no compensation for disruptions resulting from violations.
For practical governance, align this contract with internal management practices. Have every employee, contractor, or approved user sign an acceptance of the AUP to confirm knowledge of the rules. Limit personal use unless formally approved; if an organization permits incidental personal use, make clear that incidental personal activities must not interfere with business or normal performance.
Do not share access with family members or other acquaintances. Obtain prior approval for any nonstandard activity. Protect confidential information, including sensitive data that may be subject to regulatory regimes; organizations that handle health data should treat HIPAA compliance requirements with special care. Extend the same respect for confidentiality and appropriate use to personal email messages, voice messages, and fax machines, even when used for convenience. Public agencies should factor in open records requests when classifying information stored on company resources.
Security operations should combine computer security measures and security programs with clear processes. Enforce the minimum access needed, monitor for inappropriate behavior, and set expectations that users only connect approved devices to the information system. Maintain awareness that actions are subject to the following restrictions designed to secure the environment: do not create or transmit inappropriate content, do not compromise other users’ accounts, and do not bypass authentication safeguards. When in doubt, seek explicit consent from management before proceeding.
Finally, the agreement requires that an authorized representative sign, confirming authority to bind the organization. This signed acceptance helps identify responsibility, ensure compliance, and reinforce that all users must respect the policy and the integrity of the provider’s systems.
Proposal Kit can help teams assemble this kind of policy and related documents efficiently. Its document assembly tools, AI Writer, and extensive template library streamline writing, while automated line-item quoting supports broader business packages and proposals. Organizations can develop consistent, easy-to-use materials that align contracts, policies, and procedures without unnecessary complexity.
Beyond service terms, this type of policy is a governance tool that links security programs, human resources, and IT operations. It defines how employees, contractors, and vendors use internet access, network systems, and information resources for business purposes. The policy applies across the organization and sets expected behavior to avoid downtime, data compromise, and reputational harm. When leaders document rules and computer security measures, they reinforce integrity, protection, and appropriate use of company resources.
Human resources can embed the policy into hiring and offboarding. New personnel complete awareness training and provide signed acceptance in accordance with security policies before they receive accounts, personal identification numbers, and security tokens for authentication purposes. HR and IT provision only approved devices, connect users to the information system with the minimum access required, and remove credentials quickly when roles change.
Clarify incidental use so people understand boundaries. Many organizations allow incidental personal use of computer equipment, internet access, and communications for convenience, but restrictions apply. Personal email messages, voice messages, or fax machines should follow acceptable practices, must not interfere with normal performance or the employee’s work duties, and cannot be used to create or transmit material that violates policy. Family members or other acquaintances may not use organization facilities or connect to network systems.
Security testing should follow change control. Only qualified staff may run port scanners, packet sniffers, or password cracking programs, and only with prior approval in formally approved change windows and explicit consent from management. Do not intentionally access programs contained on systems beyond what is required for business. The following restrictions help maintain data integrity, ensure compliance, and sustain best practice monitoring.
Treat sensitive data and proprietary information with strict confidentiality. Limit access on a minimum necessary basis and prevent unauthorized disclosure. Where health or similar information is present, align operations with HIPAA compliance expectations and other regulatory compliance requirements; public entities should consider how open records requests affect retention of information stored across the environment. Clear rules reduce the chance of a breach and the risk of legal action.
Plan domain and DNS administration with defined workflows. Identify responsible owners, keep WHOIS identification current, and schedule approved updates to name servers and MX records. ICANN timing rules and transfer locks apply and may be subject to registrar processes and direct costs. Strong internal procedures help avoid avoidable failures and keep changes secure and predictable.
Establish an investigation playbook. If management suspects inappropriate use, preserve logs, restrict access, and document actions while you communicate with clients and stakeholders. Assign accountability and escalation paths so teams can respond in accordance with local laws and security policies. This approach helps the organization create knowledge, protect assets, and continue business with minimal disruption.
Proposal Kit can streamline the development of these materials. Teams can use document assembly, the AI Writer, and the extensive template library to create cohesive policy packets, onboarding checklists, and acknowledgment forms. Automated line-item quoting helps standardize related service descriptions in proposals. Its ease of use supports HR and IT in producing consistent, approved documentation that aligns security policies, acceptable practices, and signed acceptance requirements.
Treat this policy as part of enterprise risk management. Define a risk appetite for internet access and network systems, then map the rules to controls that protect integrity, confidentiality, and availability. Align computer security measures with regulatory and compliance requirements, so operations proceed in accordance with local laws while preserving accountability and protection of assets. Publish clear ownership for each control so management can identify gaps, allocate budget, and ensure compliance across departments.
Strengthen third-party oversight. Require each contractor and vendor user to sign an acceptance of the AUP and any security policies before they connect. Use non-disclosure language to protect proprietary information and confidential or sensitive data, and make appropriate use a condition of access. Extend the same rules to temporary personnel who carry out business purposes on company resources or facilities.
Tighten identity and access lifecycle. Coordinate with human resources so that onboarding grants the minimum access needed for the employee’s work duties, and offboarding immediately revokes accounts, security tokens, and personal identification numbers. Apply multi-factor methods for authentication purposes and document who approved each access change, subject to periodic recertification.
Define BYOD boundaries. If the organization allows approved personal devices, restrictions apply: separate work and personal data, block unvetted apps, and require device encryption. Family members or other acquaintances may not use work accounts or connect to information resources. Clarify that incidental use does not override security policies and that information stored on personal devices for work is still subject to company rules.
Adopt data classification and data loss prevention. Label confidential, proprietary, and public information; set handling rules for each class. Use filters to prevent users from trying to transmit material that would cause unauthorized disclosure through email, voice messages, fax machines, or similar information channels. Public agencies should tag records likely to be subject to open records requests to simplify review and retention.
Expand monitoring and audit readiness. Centralize logs from network systems and the information system to spot signs of compromise and inappropriate use. Track metrics such as training completion, incident counts, and time to contain a breach. Maintain evidence that users read and sign the latest version, and keep version history so leaders can show how the policy applies over time.
Manage capacity and performance. To prevent misuse of system resources and to preserve normal performance, set reasonable quotas, rate limits, and alerts for CPU time, storage, and outbound email. Only formally approved testing teams may run diagnostic tools; even then, they require prior approval and explicit consent.
Improve domain and DNS governance. Maintain a domain inventory, registrar access controls, change windows, and dual authorization for edits to DNS records. Assign named owners for registrar and DNS providers, budget for direct costs, and apply change logs so you can review who made edits and why. Coordinate TTL changes and rollbacks to reduce disruption during migrations and ensure compliance with registrar procedures.
Elevate incident response maturity. Conduct tabletop exercises, keep an escalation matrix, and document how to preserve logs if a violation occurs. Coordinate with legal and communications teams before contacting clients or regulators, and plan for situations that may lead to legal action under applicable laws.
Formalize an exception process. When business needs require deviations from the rules, document the request, risk, compensating controls, a review date, and who approved it. Exceptions should be temporary and tracked so management can reevaluate them later.
These practices benefit the target audience by reducing confusion, speeding onboarding, limiting downtime, and improving security without blocking productivity. Clear rules help employees communicate confidently with clients, protect company resources, and avoid inappropriate use that could compromise business operations.
Proposal Kit can help you create cohesive policy packs that include the AUP, onboarding acknowledgments, exception request forms, incident report templates, domain transfer checklists, and related procedures. Its document assembly, AI Writer, and extensive template library make it easier to generate consistent, approved materials, while automated line-item quoting helps package associated services in proposals. This streamlines authoring and keeps your documentation easy to use and ready to share.
How to write my Acceptable Use Policy Template document - The Narrative
THIS AGREEMENT is made this Current Day day of Current Month, Current Year by and between Company Name (hereafter referred to as "Customer") and Company Name (hereafter referred to as "Company"). The purpose of this policy is to set forth an Acceptable Use Policy ("AUP") by which Customer will abide while using, renting, leasing, or otherwise making use of Company goods and services. By using Company's Web Hosting and Email services, Customer agrees to comply with the following policies and assume responsibility for the compliance of all Customer's Users permitted by Customer to use Company products and services.
Terms and Conditions
As a service, the standard Acceptable Use Policy is provided below.
Right to Service
Company's service will be provided on an "as is, as available" basis. Further, Company provides no warranty, written, expressed, or implied, for any Web Hosting and Email services provided, including, without limitation, warranty of the merchantability and warranty of fitness for a particular purpose. This expressly includes any reimbursement for losses of income due to disruption of service by Company or its providers beyond the fees paid to Company for services. Customer and Customer's Users will use the Web Hosting and Email services in a manner consistent and compliant with any and all applicable laws of the State of State and the U.S. Federal Government.
Use of any information obtained by way of Company is at User's own risk, and Company specifically denies any responsibility for the accuracy or quality of information obtained through its services. Company makes no warranty, written, expressed or implied of any guaranteed uptime, or that the service will function at a reliable level based on past performance. Company is not responsible for any damages arising from Customer's or Customer's Users' use of Company's Services or by any inability to use the Web Hosting and Email services for any reason.
Company shall make every reasonable effort to protect data stored on Customer's Server(s). Company is not responsible for Customer or Customer's Users' data, files, or directories residing on Company's equipment. Customer is solely responsible for maintaining data, files, and back-ups.
Limit of Liability
Company shall not be liable for any content posted, opinions expressed, or actions taken by any of the Users of Company services. Any conduct that violates the laws, regulations, or the accepted norms of the Internet community or the community standards in which the User lives, whether expressly mentioned in this Agreement or not, is strictly prohibited. Company reserves the exclusive right to prohibit any activities that it deems will adversely affect its commercial reputation or goodwill, endanger its network, impact its Customers, or expose it to liability or tort.
Modification of Agreement
Company reserves the right to add, modify, or delete any provision of this Agreement at any time and without notice. Company reserves the exclusive right and will be the sole arbiter as to what constitutes a violation of any of these provisions.
Misuse of System Resources
It is a violation for anyone who, including but not limited to, employs posts or programs that consume excessive CPU time, server memory, or storage space; permits the use of mail services, mail forwarding capabilities, POP accounts, or auto-responders other than for their own account; or resells access to CGI scripts installed on Company servers. Company reserves the right to immediately and without notice to the User, terminate any service or process that uses a disproportionate amount of any system resources.
Potentially Tortuous or Illegal Conduct
The following shall be construed as violations of this Agreement and may result in suspension or deletion of a Customer's Users' account or in Termination of this Agreement. Company products and services may only be used only for lawful purposes. Transmission, distribution, or storage of any material in violation of any applicable law or regulation is strictly prohibited.
This includes, without limitation, material protected by copyright, trademark, trade secret, or other intellectual property right used without proper authorization, or material that is obscene, defamatory, constitutes an illegal threat, or violates export control laws. Non-acceptable content or links may include, but are not limited to: Pirated software, Hackers' programs or archives, Warez, Game Mods or Patches, Irc Bots, Chat Sites/Servers, Pornography and Adult Content, TGP, or any other file or media deemed by Company to be illegal or for which Customer or Customer's Users do not have the legal right to use, post, or otherwise store on Company servers. No one shall post defamatory, scandalous, or private information about a person without their consent or with intention to inflict emotional distress, or post any information that violates any rightful trademarks, copyrights, or other intellectual property rights.
Sending unsolicited email messages ("Spam") from or through Company's servers, including, without limitation, commercial advertising or informational announcements, shall be prohibited. Company reserves the right to terminate this Agreement and any other accounts under Customer's account if Company determines that unsolicited mass email has occurred or if Company receives complaints that unsolicited email messages have been sent from Customer's account. Posting to any Usenet or other newsgroup, forum, email mailing list or other similar group or list articles with the intent to engage in commercial advertising or informational announcements. Engaging in any of the foregoing activities using the service of another provider, but channeling such activities through a Company-provided server, or using a Company-provided server as a mail drop for responses.
Any unauthorized distribution or copying of copyrighted material, violations of U.S. export restrictions, harassment, fraud, dealing in contraband, and other illegal activities, or dealing in content and material that has been deemed illegal in the User's community, state, province, or municipality. Falsifying any User information provided to Company or to other Users of the service in connection with the use of a Company service.
System and Network Security
Violations of system or network security are strictly prohibited, and may result in criminal or civil liability. Examples include, but are not limited to: allowing unauthorized access, use, probe, or scan of any Company system, security, authentication measures, data or traffic; interference with service to any User, host or network, mail bombing, flooding, or attempts to overload a system or broadcast attacks. Customer's or Customer's Users shall not engage in forging of any TCP-IP packet header, email headers, or any other information provided or passed through Company Systems or Network at any time.
Domain Name Agreements, Restrictions, and Transfer Policies
Under ICANN policy, Company is prohibited from allowing the transfer of domain name Registrars during the first sixty (60) days after initial registration of the domain name. This applies to ALL domain names, regardless of where they are purchased. Domain names cannot be transferred to or from Company's system within this period. Beginning on the sixty-first (61st) day after the initial registration, the procedures for transferring domain names can be completed without restriction.
The full ICANN policy concerning domain name registration can be found at ICANN.
Domain Name Transfer Notifications
Company does not guarantee that all domain name transfers or updates to DNS records, MX records, Aliasing Records, URL forwarding, domain name forwarding or other Registrar or DNS-related service or product will succeed.
DNS Information
Company shall not be responsible for updating any of the DNS records or entries for transferred domain names. Customer shall have sole responsibility for ensuring that all relevant DNS entries for domain name(s) are correct. Fees paid for transferred domain names are not refundable if the transfer fails for any reason.
This may include, but is not limited to: timeouts resulting from a delay in owner or registry approval, incorrect contact information in the WHOIS record, or attempted transfers of domains that are not transferable for any other reason.
Consequences of Violation
If Company becomes aware of an alleged violation of any of the terms contained in this Agreement, or any other policy that has been posted on its web site, made available to Customer via email, or posted in any other form, Company shall initiate an investigation. During the investigation, Company may restrict Customer or Customer's Users' access to Company products and services in order to prevent further possible unauthorized activity. Company may, at its sole discretion, restrict, suspend, or terminate Customer's account without notice or refund, or pursue civil remedies as it deems necessary. Company shall notify the appropriate law enforcement department of any such violations.
Company shall not be responsible for any payment, refunds, or compensation in any way for service disruptions or termination resulting from violations of this Agreement. The undersigned represents and warrants that, on the date first written above, the undersigned is authorized to enter into this Agreement in its entirety, and duly binds respective principals by the signature below.
20% Off Discount
Add To Cart This Word Template Only
Add To Cart IT/Software/Hardware Contract Pack
Add To Cart Proposal Kit Professional Bundle
4.7 stars, based on 847 reviewsAlternate Documents
Related Documents
How to Build a Legal Contract with Proposal Kit
This video illustrates how to create a legal contract using the Proposal Pack Wizard software. It also shows how to create a proposal with an invoice and contract at the same time.
Frequently Asked Questions
How do I customize this contract to fit my business needs?
Customizing this contract involves editing the document to include your business details, terms, and conditions. The templates are designed to be flexible, allowing you to insert your company's name, address, and other relevant information. You can modify clauses to reflect your unique business practices and legal requirements.
Is this contract compliant with laws and regulations?
The legal contract templates are written by legal professionals and designed to comply with current laws and regulations at the time of their writing. However, laws can vary by jurisdiction and change over time, so it's recommended to have your contract reviewed by a local attorney to ensure it meets all legal requirements specific to your region and industry. Templates are licensed as self-help information and not as legal advice.
Can I use the same contract for different clients or projects?
You can use the same contract for different clients or projects. The templates are versatile and easily adapted for various scenarios. You will need to update specific details such as client names, project descriptions, and any unique terms for each new agreement to ensure that each contract accurately reflects the particulars of the individual client or project.
What should I do if I encounter a clause or term I don't understand?
If you encounter a clause or term in the contract that you need help understanding, you can refer to guidance notes explaining each section's purpose and use. For more complex or unclear terms, it's advisable to consult with a legal professional who can explain the clause and help you determine if any modifications are necessary to suit your specific needs.
How do I ensure that the contract is legally binding and enforceable?
To ensure that the contract is legally binding and enforceable, follow these steps:
- Complete all relevant sections: Make sure all blanks are filled in with accurate information.
- Include all necessary terms and conditions: Ensure that all essential elements, such as payment terms, deliverables, timelines, and responsibilities, are clearly defined.
- Signatures: Both parties must sign the contract, and it is often recommended that the contract be witnessed or notarized, depending on the legal requirements in your jurisdiction.
- Consult a legal professional: Before finalizing the contract, have it reviewed by an attorney to ensure it complies with applicable laws and protects your interests.
Ian Lauder has been helping businesses write their proposals and contracts for two decades. Ian is the owner and founder of Proposal Kit, one of the original sources of business proposal and contract software products started in 1997.By Ian Lauder
Published by Proposal Kit, Inc.Disclaimers
Proposal Kit, Inc. makes no warranty and accepts no responsibility for the suitability of any materials to the licensee's business. Proposal Kit, Inc. assumes no responsibility or liability for errors or inaccuracies. Licensee accepts all responsibility for the results obtained. The information included is not legal advice. Names in use cases have been fictionalized. Your use of the contract template and any purchased packages constitutes acceptance and understanding of these disclaimers and terms and conditions.
Facebook
YouTube
Bluesky
Search Site