Terms of Service

1. Service Description

CoreTech provides cloud-based and on-premise DDoS mitigation services, including but not limited to: network traffic scrubbing (L3/L4), application layer protection (L7), BGP-based traffic engineering, AI-driven threat detection (CoreDetection™), stateful mitigation firewalling (CoreEdge™), and related API and webhook services. Services are delivered as described in the applicable Order Form executed between CoreTech and the Customer.

2. Commencement and Duration

• The Agreement shall commence on the date specified in the Order Form and remain in force for the agreed Initial Term.
• Upon expiry of the Initial Term, the Agreement shall automatically renew on a month-to-month basis unless terminated by either Party in accordance with this Agreement.
• During the Initial Term, termination shall be permitted only in the event of a Material Service Failure that remains uncured following written notice.
• "Material Service Failure" means a repeated or prolonged breach of the SLA, verified by mutually acceptable evidence, and primarily attributable to CoreTech's network or infrastructure — excluding issues caused by Customer equipment, third parties, force majeure, or misuse.

3. DDoS Mitigation Service Level Agreement (SLA)

3.1 Time to Mitigation (TTM)

Time to Mitigation (TTM) is defined as the duration required for the DDoS mitigation system to initiate and engage in the process of filtering incoming traffic. TTM measurement initiates from the moment the initial DDoS attack packet impacts the Customer's system, extending until the commencement of the mitigation service effectively blocking incoming attack traffic.

3.2 Mitigation Efficiency

CoreTech guarantees 100% Mitigation Efficiency, calculated by assessing the percentage of malicious traffic filtered following the Mitigation SLA Time Frame. This is contingent upon proper configuration and application of firewall rules and application filters accessible through the Customer Portal or API.

3.3 Firewall Rule Implementation

• Instant Mitigation with Pre-existing Rules: For any DDoS attack against an IP with correct firewall rules in place before the attack, mitigation is instant.
• Synchronization Period for New Rules: For new subnets or end-customers without existing firewall rules, a synchronization period of up to 40 minutes may apply as rules propagate across all global scrubbing centers.

3.4 SLA Credits

• All SLA claims must be reported no later than five (5) days after the incident occurred.
• Credits apply only to protection services and do not apply to support or nonrecurring costs.
• To qualify, the Customer must receive service directly from CoreTech, have a current payment account, and confirm no third-party services are interfering with mitigation.
• Service Outage Credits: Up to 6 hours outage = 7 days prorated credit; over 6 hours = 14 days prorated credit.
• Three (3) Service Outages lasting at least 60 minutes on any three (3) days within a 60-day period grants the Customer the right to terminate without penalty.

4. Customer Support Response Times

Support is available 24/7/365 via email ([email protected]), dedicated Slack channels, and phone (+90 501 075 60 08).

5. Provision of Services

• CoreTech will provide the Services with reasonable skill and care in accordance with the Agreement.
• CoreTech cannot guarantee that the Services will be fault-free. In the event a fault occurs, the Customer should report it immediately; CoreTech will use best endeavors to rectify the fault as soon as reasonably practicable.
• CoreTech may suspend Services where necessary for operational reasons such as repair, maintenance, or improvement. Except in emergencies, CoreTech will provide notice of any planned downtime.
• CoreTech may change peering arrangements to achieve optimal performance and efficiency, with advance notice when reasonably practicable.

6. Bandwidth and Usage

• Bandwidth commitment is calculated using the 95th percentile rule: five-minute averages of traffic usage (in and out) are taken for a month, sorted by value, the top 5% discarded, and the next highest value is the 95th percentile usage.
• Where 95th percentile usage exceeds the committed bandwidth, the difference is invoiced as burst bandwidth in accordance with the Order Form.
• CoreTech reserves the right to monitor bandwidth usage and utilize technology to limit usage to ordered amounts.

7. Customer Responsibilities

• Maintaining accurate BGP announcements and network configuration.
• Providing timely and accurate contact information for emergency notifications.
• Cooperating with CoreTech's SOC team during active mitigation events.
• Ensuring authorized use of IP prefixes announced through CoreTech's network.
• The Customer is responsible for providing all necessary software, hardware, or other facilities required for making use of the Services.

8. Acceptable Use

The Customer agrees not to use the Services to:

• Deliver, receive, upload, download, or use material which is abusive, defamatory, obscene, or in breach of any copyright, privacy, or other rights.
• Send or promote unsolicited advertising or promotional material.
• Infringe any third party's intellectual property rights.
• Conduct any unlawful or fraudulent activity.
• Deliberately generate DDoS attack traffic through CoreTech's network.

9. Equipment

• If CoreTech provides any equipment free of charge, the Customer shall return all equipment within ten (10) business days following termination, at the Customer's expense, or purchase at the price specified in the Order Form.
• The Customer indemnifies CoreTech against any claims arising from CoreTech's possession or use of the Customer's equipment.

10. IP Addresses

• IP addresses assigned to the Customer shall be used only in connection with the Services.
• If the Customer discontinues use of the Services or the Agreement terminates, the Customer's right to use the assigned IP addresses shall terminate.
• CoreTech may change IP addresses upon thirty (30) days' written notice.

11. Intellectual Property and Confidentiality

• All intellectual property rights in equipment, hardware, and software provided by CoreTech remain with CoreTech or its licensors. This includes CoreEdge™, CoreDetection™, and all proprietary methodologies.
• Neither party shall disclose confidential information, logins, passwords, service specifications, or pricing to any third party without prior written consent.

12. Limitation of Liability

• Neither party shall be liable for indirect, incidental, special, punitive, or consequential damages or loss of profits.
• CoreTech shall not be liable for failure or delay due to circumstances beyond reasonable control, including force majeure events.
• The Customer may terminate if force majeure delay continues for ten (10) continuous business days.
• The Customer's sole remedies for claims relating to the Services are as set forth in the SLA.

13. Cancellation, Suspension, and Termination

• Either party may terminate with thirty (30) days' written notice.
• Either party may terminate immediately if the other commits a material breach and fails to remedy it within fourteen (14) days of written notice.
• CoreTech may immediately suspend or terminate services if directed by a competent authority, the Customer fails to pay, the Customer breaches the agreement, the Customer's use disrupts other customers, or CoreTech reasonably believes the Customer's conduct is prejudicial to its interests.

14. Governing Law

The validity, interpretation, enforceability, and performance of this Agreement shall be governed by and construed in accordance with the laws of the Republic of Türkiye. Any disputes shall be subject to the jurisdiction of the courts of İstanbul, Türkiye.

15. General Provisions

• The Agreement (including the Order Form) constitutes the entire agreement and supersedes all prior representations.
• In the event of conflict between the Agreement and the Order Form, the Order Form shall take precedence.
• Either party must act upon a breach within two (2) years of becoming aware of it.
• CoreTech may assign or sub-contract its rights at its discretion. The Customer may not assign without written consent.

16. Contact

For questions about these terms: