This Hosting & Security Policy (the "Policy") governs the provision of hosting and security services by Shadowtek Pty Ltd (ACN 627 829 878) as Trustee for The Dey Family Trust ("Shadowtek", "we", "us", or "our") to clients ("you" or "Client") who engage our hosting services.
Shadowtek provides LiteSpeed-powered WordPress hosting with enterprise-grade security infrastructure. Our hosting environment includes:
We maintain a 99.99% uptime target across our hosting infrastructure. This excludes scheduled maintenance windows, third-party service outages, or downtime caused by Client actions, content, or configurations.
Shadowtek is responsible for:
Clients are responsible for:
The following are shared responsibilities requiring cooperation between Shadowtek and the Client:
We maintain a curated list of approved, security-vetted plugins that have been tested in our hosting environment. Clients are strongly encouraged to select plugins from this list.
"Rogue Plugins" are defined as:
The installation of unvetted, nulled, or rogue WordPress plugins is strictly prohibited. Such actions compromise server integrity and may result in immediate site suspension to protect other tenants. Shadowtek reserves the right to:
Clients may request installation of plugins not on the approved list. Shadowtek will:
Denial of a plugin request is final and is made in the sole discretion of Shadowtek to protect infrastructure integrity.
Shadowtek maintains daily server-level snapshots for infrastructure disaster recovery purposes. These snapshots are intended to support recovery from:
Clients NOT on an active Shadowtek Maintenance Plan are solely responsible for:
Any recovery actions Shadowtek performs are limited to what is reasonably available from infrastructure snapshots and/or any other backups expressly included in the Client's active Maintenance Plan or service agreement.
Disaster recovery and restorations are not guaranteed to be complete or to prevent data loss between snapshot intervals, and may be impacted by factors outside Shadowtek's control (including Client actions, malware infections, or corrupted application-level data).
Shadowtek offers tiered maintenance plans that determine the level of proactive management and support:
The following outlines the typical inclusions for each tier (subject to the Client's service agreement):
Update Frequency: Monthly WordPress core, plugin, and theme updates
Security Monitoring: Baseline hosting-level protections (Cloudflare WAF, CloudLinux isolation, Imunify360 real-time defense) with reactive support for critical issues
Update Frequency: Weekly WordPress core, plugin, and theme updates
Security Monitoring: Enhanced monitoring and proactive checks, including performance monitoring and monthly security scans, with priority support
Update Frequency: Managed updates with daily monitoring
Security Monitoring: Highest level of security oversight with real-time security threat response, 24/7 proactive monitoring, and proactive performance optimisation
Response times and service levels vary by maintenance plan:
Non-Critical: 24-48 hour response time
Site-Down Emergency: 4-hour response
Non-Critical: 12-hour response time
Site-Down Emergency: 2-hour response
Non-Critical: 4-hour response time
Site-Down Emergency: 1-hour response
Response times are calculated during Australian Eastern Standard Time (AEST/AEDT) business hours (9:00 AM - 5:00 PM, Monday-Friday), excluding public holidays, unless otherwise specified in the service agreement.
Clients may not use Shadowtek hosting services for:
Hosting accounts are subject to fair use resource limits:
No single account may consistently exceed 50% of allocated CPU resources.
Maximum 2GB RAM per account under standard hosting plans.
Storage limits are defined in the Client's hosting agreement. Overage fees apply for excessive storage use.
Unlimited bandwidth is provided under fair use. Bandwidth abuse (e.g., serving large media files as a CDN) may result in throttling or service suspension.
Shadowtek reserves the right to immediately suspend or terminate hosting services for:
Suspended accounts will be held for 7 days, after which data may be permanently deleted. No refunds will be issued for services terminated due to policy violations.
Clients retain full ownership of all website content, including:
Shadowtek claims no ownership rights to Client content.
Shadowtek retains ownership of:
Upon termination of hosting services, Clients receive a complete export of their website files and databases but do not receive proprietary Shadowtek configurations or custom infrastructure code.
Upon written request, Shadowtek will provide:
Data export requests must be made at least 7 days prior to account termination.
Hosting fees are invoiced monthly or annually as specified in the Client's service agreement. All fees are payable in Australian Dollars (AUD) and are due within 14 days of the invoice date.
The following services may incur additional fees:
$150 per restoration request for non-security-related incidents.
$250-$750 depending on severity, if the infection was caused by Client actions (e.g., weak passwords, Rogue Plugins).
$200/hour for support requested outside business hours (for Essential and Professional Plan clients only; included in Executive Plan).
Billed at $150/hour for requests outside the scope of standard hosting services.
If a Rogue Plugin or Client-caused security vulnerability results in a site compromise requiring manual intervention, Shadowtek may charge a Security Remediation Fee of $350-$1,000 depending on the complexity of the cleanup and restoration.
Accounts with invoices unpaid for more than 14 days past the due date may be suspended without notice. A $50 reconnection fee applies for accounts suspended due to non-payment.
Shadowtek commits to a 99.99% uptime target for hosting infrastructure. Uptime is calculated monthly and excludes:
If Shadowtek fails to meet the 99.99% uptime target due to infrastructure failure, Clients may be eligible for service credits:
10% credit on the following month's hosting fee.
25% credit on the following month's hosting fee.
50% credit on the following month's hosting fee.
Credits are issued automatically and applied to the next invoice. Credits are the sole remedy for SLA breaches and do not entitle Clients to cash refunds.
No credits will be issued for:
To the maximum extent permitted by Australian law, Shadowtek's total liability for any claim arising from hosting or security services shall not exceed the total amount paid by the Client for hosting services in the 12 months preceding the claim.
Shadowtek is not liable for:
Clients agree to indemnify and hold harmless Shadowtek, its directors, employees, and contractors from any claims, damages, or legal fees arising from:
Shadowtek reserves the right to modify this Hosting & Security Policy at any time. Changes will be effective immediately upon posting to the Shadowtek website (https://www.shadowtek.com.au/). Clients will be notified of material changes via email at least 14 days prior to the effective date.
Continued use of Shadowtek hosting services after changes constitute acceptance of the revised Policy.
This Policy is governed by the laws of Queensland, Australia. Any disputes arising from this Policy or the provision of hosting services shall be resolved through binding arbitration in Brisbane, Queensland, in accordance with the rules of the Australian Centre for International Commercial Arbitration (ACICA).
For questions, support requests, or policy clarifications, please contact:
Acknowledgment: By engaging Shadowtek hosting services, you acknowledge that you have read, understood, and agree to be bound by this Hosting & Security Policy.