Megabit Cloud Rwanda is a brand of Gewape Cloud (Rwanda) Limited, a company registered in Rwanda under Law No. 007/2021 with the business registration number 121024663. Our registered office is located in Kimihurura, Kigali, Rwanda.
To ensure a transparent and positive experience, we’ve provided important documents outlining our commitment to you and our expectations regarding the fair and legal use of our services. Please take a moment to review these documents.
LAST UPDATED: SEPTEMBER 16,2024
Terms of Service for Megabit Cloud Rwanda
These Terms of Service ("Agreement") govern your access to, and use of the services provided by Gewape Cloud (Rwanda) Ltd, trading as Megabit Cloud Rwanda ("we," "us," or "our"). By using our services, you agree to comply with these terms. If you do not agree with any part of this Agreement, you must not use our services.
We offer a range of services, including but not limited to:
- Cloud Servers: Virtual servers that run on a cloud computing platform, providing scalable and flexible computing resources accessible via the internet. Cloud servers can be configured to meet various needs, such as web hosting, database management, and application hosting.
- Domain Name Registration and Renewal: Services that allow you to register and maintain a unique domain name for your website. This includes managing DNS settings and ensuring the domain remains active through timely renewals.
- SSL Certificates: Digital certificates that secure the connection between your website and its visitors by encrypting data transmitted over the internet. SSL certificates are essential for protecting sensitive information and enhancing trust.
- Web Hosting: Services that provide the infrastructure to store and serve your website's files. This includes shared hosting, dedicated hosting, and managed hosting options, depending on your needs.
- WordPress Hosting: A specialized web hosting service optimized for WordPress websites, offering features such as automatic updates, enhanced security, and performance optimization tailored for WordPress applications.
- Email Hosting: Services that provide email accounts using your domain name, offering features like spam filtering, storage solutions, and integration with productivity tools.
- Microsoft 365: A cloud-based suite of productivity applications, including Word, Excel, and Outlook, designed to enhance collaboration and efficiency within your organization.
You must create an account to access our services. You agree to provide accurate and up-to-date information during registration.
You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account.
We reserve the right to monitor your account for compliance with these terms and may suspend or terminate your account if any irregularities are detected.
To order services, you must select the desired service and complete the registration process. You will receive a summary of your order before finalizing it.
Payment must be made online at the time of order placement. We accept various payment methods.
A legally binding contract is formed when we email you an acceptance confirmation. This confirmation constitutes our acceptance of your order and signifies that the services have been activated.
You may not use our services for illegal activities, including but not limited to, the dissemination of harmful or malicious content, or infringement of intellectual property rights.
You are responsible for complying with all applicable laws and regulations related to your use of our services.
You agree to the fee structure associated with the services, as outlined on our website. We may revise fees based on market conditions, and continued use of the services implies acceptance of the revised fees.
Non-payment of fees may result in the suspension or termination of services.
We do not guarantee uninterrupted or error-free services. Our liability for any disruption or unavailability is limited to the extent permitted by law.
We are not liable for any loss or damage to data caused by your actions or omissions.
Your use of our services is subject to our Privacy Policy, which outlines how we collect, use, and protect your personal information. By using our services, you consent to the terms of our Privacy Policy.
We retain all intellectual property rights in our services and related materials. You retain rights to your data and content but grant us permission to use it as necessary to provide the services.
You may not reproduce, distribute, or reverse-engineer our services without our express written consent.
We may terminate this Agreement and your access to services if you violate any terms of this Agreement.
You may terminate this Agreement by requesting the cancellation of your account.
This Agreement is governed by the laws of the Republic of Rwanda.
In the case of a misunderstanding, the Parties shall first attempt to resolve the dispute amicably through written notice.
If the dispute cannot be resolved amicably within thirty (30) days, it shall be referred to arbitration under the Kigali International Arbitration Center (KIAC) Rules.
If any provision of this Agreement is found to be invalid or unenforceable, the remaining provisions shall remain in effect.
We may update these terms from time to time. Continued use of our services after changes implies acceptance of the new terms.
By using our services, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service. If you have any questions regarding these terms, please get in touch with us.
Acceptable Use Policy for Megabit Cloud Rwanda
This Acceptable Use Policy (AUP) outlines the acceptable and prohibited uses of the services provided by Gewape Cloud (Rwanda) Ltd trading as Megabit Cloud Rwanda. The purpose of this policy is to ensure that all users understand their responsibilities when using our services, to protect the integrity of our network and services, and to promote a safe and productive environment for all users.
This policy applies to all users of Megabit Cloud services, including but not limited to customers, employees, contractors, and any other individuals who access our services. It covers all aspects of service usage, including cloud servers, web hosting, email hosting, and any other services provided by Megabit Cloud.
Users are permitted to use Megabit Cloud services for the following purposes:
Utilizing services for legitimate business activities, including hosting websites, applications, and data storage.
Using email and other communication tools for professional correspondence.
Engaging in software development, testing, and deployment activities that comply with legal and ethical standards.
Using services for educational purposes, research, and personal development.
The following activities are strictly prohibited when using Megabit Cloud services:
Engaging in any unlawful activities, including but not limited to fraud, hacking, and distribution of illegal content.
Attempting to disrupt, damage, or gain unauthorized access to our services or the services of others.
Sending unsolicited bulk emails or engaging in any form of email harassment.
Uploading, sharing, or distributing content that is obscene, defamatory, threatening, or otherwise objectionable.
Using our services to infringe upon the intellectual property rights of others, including copyright and trademark violations.
Overusing system resources in a manner that negatively impacts the performance of our services or the experience of other users.
Users are responsible for the content they upload, share, or distribute using Megabit Cloud services. By using our services, you warrant that you have the necessary rights to such content and that it complies with this Acceptable Use Policy.
Any violation of this Acceptable Use Policy may result in the suspension or termination of your access to Megabit Cloud services. We reserve the right to investigate any suspected violations and take appropriate action, including reporting to law enforcement authorities if necessary.
Megabit Cloud is not liable for any damages, losses, or expenses arising from your use of our services or your violation of this Acceptable Use Policy. Users are responsible for their actions and any consequences that may result from them.
We may update this Acceptable Use Policy from time to time to reflect changes in our services or legal requirements. Users will be notified of significant changes via email or through our website. Continued use of our services after such changes constitutes acceptance of the updated policy.
By using Megabit Cloud services, you acknowledge that you have read, understood, and agree to comply with this Acceptable Use Policy. If you do not agree with any part of this policy, you must discontinue the use of our services immediately.
For any questions or clarifications regarding this Acceptable Use Policy, please contact our support team.
Privacy Policy for Megabit Cloud Rwanda
At Gewape Cloud (Rwanda) Ltd, trading as Megabit Cloud Rwanda, we are committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our services. By accessing or using our services, you consent to the practices described in this policy.
We may collect personal information from you in various ways, including when you:
- Register for an account
- Place an order for services
- Subscribe to our newsletter
- Contact us for support
The types of personal information we may collect include:
- Name
- Email address
- Phone number
- Billing address
- Payment information
- Any other information you provide to us
We may use the information we collect for various purposes, including:
- To provide, maintain, and improve our services
- To process transactions and send you related information, including purchase confirmations and invoices
- To communicate with you about your account or transactions
- To respond to your comments, questions, and requests
- To send you marketing communications, if you have opted in to receive them
- To comply with legal obligations and protect our rights
Both Megabit Cloud and its customers will comply with all applicable data protection legislation. We ensure that we have all necessary consents and notices in place to enable the lawful transfer of personal data. We implement appropriate technical and organizational measures to protect against unauthorized processing and accidental loss, destruction, or damage to personal data.
We do not sell, trade, or otherwise transfer your personal information to outside parties without your consent, except in the following situations:
We may share your information with third-party service providers who assist us in operating our services, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
We may disclose your information when required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.
- Customer Data: Retained for 6 months after the service becomes inactive.
- Financial Records: Retained for 10 years to comply with financial regulations.
- Backup Data: Retained for a maximum of 30 days upon termination of services.
You have the right to:
- Access the personal information we hold about you
- Request correction of any inaccurate or incomplete information
- Request deletion of your personal information, subject to certain exceptions
- Withdraw consent to processing where we rely on your consent to process your personal information
To exercise these rights, please contact us using the contact information provided below.
We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect your data from unauthorized access, use, or disclosure. However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee its absolute security.
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on our website and updating the effective date at the top of this policy. We encourage you to review this Privacy Policy periodically for any changes.
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
- Email: support[at]megabitcloud.com
- Website: https://support.megabit.cloud
By using our services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.
Service Level Agreement (SLA) for Megabit Cloud Rwanda
This Service Level Agreement (SLA) is an addendum to the existing policies of Gewape Cloud (Rwanda) Ltd, trading as Megabit Cloud Rwanda, and outlines the specific service levels that we commit to providing to our customers. This SLA is intended to ensure clarity regarding the quality and reliability of the services we offer.
The purpose of this SLA is to define the service levels, responsibilities, and expectations for both Megabit Cloud and its customers concerning the delivery of services.
This SLA applies to all services provided by Megabit Cloud, including but not limited to:
- Cloud Servers
- Domain Name Registration and Renewal
- SSL Certificates
- Web Hosting
- WordPress Hosting
- Email Hosting
- Microsoft 365
Megabit Cloud commits to providing a minimum uptime of 99.9% for all services, excluding scheduled maintenance and force majeure events.
Customers will be notified at least 48 hours in advance of any scheduled maintenance that may impact service availability.
In the event of an emergency requiring immediate maintenance, customers will be notified as soon as possible.
Megabit Cloud offers technical support via email and online chat. The response times are as follows:
- Critical Issues: Response within 1 hour (service is down or severely impacted)
- High Priority Issues: Response within 2 hours (major functionality is impaired)
- Medium Priority Issues: Response within 4 hours (minor issues that do not significantly impact functionality)
- Low Priority Issues: Response within 6 hours (general inquiries or requests for information)
Megabit Cloud will monitor the performance of its services and provide customers with access to performance reports upon request.
A quarterly report will be provided to customers detailing service uptime, response times, and any incidents affecting service levels.
Customers are required to promptly notify Megabit Cloud of any service-related issues to ensure timely resolution.
Customers must comply with all applicable policies to maintain service levels.
7.1. Service Credits
If Megabit Cloud fails to meet the uptime commitment of 99.9%, customers may be eligible for service credits as follows:
- 99.0% - 99.8% uptime: 10% credit of the monthly service fee.
- 95.0% - 98.9% uptime: 25% credit of the monthly service fee.
- Below 95% uptime: 50% credit of the monthly service fee.
Customers must submit a claim for service credits within 30 days of the service level failure, along with relevant documentation.
The following circumstances will not be considered a breach of the SLA:
- Scheduled maintenance.
- Force majeure events, including natural disasters, acts of government, or other events beyond the control of Gewape Cloud.
- Customer-induced outages or issues resulting from the customer's equipment or software.
Megabit Cloud reserves the right to modify this SLA at any time. Customers will be notified of significant changes via email or through our website. Continued use of our services after such changes constitutes acceptance of the updated SLA.
This SLA shall be governed by and construed by the laws of the Republic of Rwanda.
By utilizing the services of Megabit Cloud, you acknowledge that you have read, understood, and agree to the terms outlined in this Service Level Agreement. If you have any questions or require further clarification, please contact our support team.
Support Policy for Megabit Cloud Rwanda
At Megabit Cloud, we are committed to providing our customers with exceptional service. This Support Policy outlines our support services and aligns with our Service Level Agreement (SLA) to ensure clarity regarding the quality and reliability of the services we offer.
Our primary support channel is via https://support.megabit.cloud or via email at support[at]megabitcloud.com.
We aim to respond to all queries within 30 minutes. Additionally, we provide support through our website's live chat feature, which is available 24/7.
Our standard support hours are 24/7 via our support portal at https://support.megabit.cloud . Inquiries are prioritized based on urgency and impact.
Our support team can assist with the following:
- Troubleshooting issues related to our services.
- Providing information and guidance on using our services.
- Assisting with account and billing queries.
Please note that our support does not extend to issues outside of our services, such as customers' internal network issues.
While we aim to respond to all queries within 30 minutes, actual response times may vary based on the complexity of the issue and the volume of support requests. Our commitment to response times aligns with the SLA, which outlines specific response times based on issue priority:
- Critical Issues: Response within 1 hour.
- High Priority Issues: Response within 2 hours.
- Medium Priority Issues: Response within 4 hours.
- Low Priority Issues: Response within 6 hours.
If an issue cannot be resolved by our support team, it will be escalated to our technical team for further investigation. This process ensures that complex issues receive the attention they require.
We welcome feedback on our support services. If you have any suggestions or comments, please email us at customer.care[at]megabitcloud.com. Your input helps us improve our services.
We may update this Support Policy from time to time to reflect changes in our support practices. We encourage customers to review this policy regularly. Any significant changes will be communicated via email.
This Support Policy is designed to complement our Service Level Agreement (SLA). Both documents work together to define the expectations and responsibilities of both Megabit Cloud and our customers.
By utilizing the services of Megabit Cloud, you acknowledge that you have read, understood, and agree to the terms outlined in this Support Policy and the accompanying SLA. If you have any questions or require further clarification, please contact our support team.
Pricing Policy for Megabit Cloud Rwanda
The purpose of this Pricing Policy is to outline the pricing structure for services provided by Gewape Cloud (Rwanda) Ltd, trading as Megabit Cloud Rwanda, and to ensure transparency in our pricing practices.
Clients can choose to pay in the currency of their preference during the registration process. The available currencies will be displayed on our website.
Clients will be invoiced in the currency they selected during registration. The invoiced amount will include all applicable taxes based on the client's country of billing (billing address).
Prices for our services, including cloud servers, domain names, SSL certificates, web hosting, WordPress hosting, email hosting, and Microsoft 365, will be displayed on our website. Detailed pricing information will be provided for each service, including any applicable fees.
We accept credit and debit card payments from major card networks, including Visa, Mastercard, and American Express.
Clients can make payments using various mobile money services, depending on their location and availability.
Bank transfers are accepted for clients who prefer this payment method. Bank details will be provided upon request.
Prices will be reviewed and revised annually. This review will consider market conditions, operational costs, and other relevant factors.
Active clients will receive notice of any price changes at least one month before the implementation of new prices. This notification will be sent via email to the address registered in your account.
New prices will be published on our website, ensuring that all customers have access to the most current pricing information.
Payment for services is due at the time of order placement or as specified in the service agreement. Failure to make timely payments may result in service suspension or termination.
If a payment is declined due to insufficient funds, we reserve the right to suspend or terminate the client's services until the outstanding balance is cleared.
A late fee of 3% will be applied to any overdue payment for each month or portion of a month that the payment is overdue.
In case of deletion of non-email services, a restoration fee of $50 will apply. For email services, a restoration fee of $70 will apply.
Redemption fees for domain names will be applicable based on the Top-Level Domain (TLD) as per industry standards and regulations.
Refunds are governed by our Refund and Billing Dispute Policy. Please refer to that policy for details on eligibility and procedures.
If there is a discrepancy in pricing due to an error or oversight, we reserve the right to adjust the price before processing the order. In such cases, we will notify the client of the correct price and allow them to confirm or cancel their order.
For any questions or clarifications regarding our Pricing Policy, please contact our support team. We are committed to providing transparent and fair pricing practices to our clients.
By using our services, you acknowledge that you have read, understood, and agree to be bound by this Pricing Policy.
Cancellation policy for Megabit Cloud Rwanda
You may cancel your services with Gewape Cloud (Rwanda) Ltd, trading as Megabit Cloud Rwanda, at any time. However, please note that certain services are non-refundable, as outlined in our Refund and Dispute Policy.
To cancel your services, please follow these steps:
Once your cancellation request is processed, you will receive a confirmation email. Please note that cancellations may take up to 24 hours to be fully processed.
If you are eligible for a refund upon cancellation, as per our Refund and Billing Dispute Policy, the refund will be processed within 5 business days of your confirmed cancellation request.
Refunds will be issued to the same payment method used for the original purchase. If the payment method is no longer valid or accessible, we may issue the refund via an alternative method, such as a check or bank transfer.
We reserve the right to terminate your services at any time for the following reasons:
- Violation of our Terms of Service
- Non-payment of fees
- Engaging in illegal or abusive activities
- Any other reason deemed necessary by Megabit Cloud Rwanda
In the event of termination by us, you will not be entitled to a refund, and any outstanding fees will remain due and payable.
We may discontinue or suspend any of our services at any time, with or without notice. If we discontinue a service you have purchased, we will provide a prorated refund for the unused portion of your subscription.
We will make reasonable efforts to notify you in advance of any service discontinuation, but we are not obligated to do so.
Certain provisions of our Terms of Service, such as those related to intellectual property rights, disclaimers, and limitations of liability, will survive the termination or expiration of your services.
If you have any questions or concerns regarding our Cancellation Policy, please contact our support team for assistance.
Data Retention Policy for Megabit Cloud Rwanda
The purpose of this Data Retention Policy is to establish guidelines for the retention, storage, and disposal of data collected and maintained by Gewape Cloud (Rwanda) Ltd, trading as Megabit Cloud Rwanda. This policy ensures compliance with applicable laws and regulations while optimizing data management practices.
This policy applies to all data collected, processed, and stored by Megabit Cloud, including but not limited to customer information, transaction records, operational data, and backup data. It covers all employees, contractors, and third-party service providers who handle or have access to this data.
Data will be categorized into the following types for retention purposes:
Information collected from customers, including personal details and transaction history.
Documents and records related to financial transactions and accounting.
Copies of data stored for recovery purposes, including websites, emails, and cloud data.
Information related to domain name registrations is governed by the policies of the respective domain registries.
Retained for 6 months after the service became inactive. After this period, the data will be securely deleted unless further retention is required for legal or regulatory reasons.
Retained for 10 years to comply with financial regulations and audits. After this period, the records will be securely deleted.
Retained for a maximum of 30 days upon termination of services. If a client changes their mind and requests data restoration within this period, applicable restoration fees will be charged as per our pricing policy.
Domain name data will be governed by the domain policy as per the respective domain registry’s regulations.
Data will be stored securely using industry-standard encryption and access controls to protect against unauthorized access, loss, or theft. Regular audits will be conducted to ensure compliance with this policy and to assess the effectiveness of data security measures.
Once the retention period for any data has expired, it will be securely disposed of in a manner that prevents unauthorized access or recovery. This may include:
- Physical Destruction: For physical records, shredding or incineration will be used.
- Digital Deletion: For electronic data, secure deletion methods will be employed to ensure data cannot be recovered.
- Data Owners: Department heads are responsible for ensuring compliance with this policy within their respective areas and for identifying the data they manage.
- IT Department: Responsible for implementing data security measures, conducting audits, and ensuring secure data disposal.
- Compliance Officer: Responsible for monitoring adherence to this policy and for staying informed about applicable laws and regulations.
This Data Retention Policy will be reviewed annually or as needed to ensure it remains compliant with applicable laws and regulations. Updates will be communicated to all employees and relevant stakeholders.
Failure to comply with this Data Retention Policy may result in disciplinary action, including termination of employment or contracts, as well as potential legal consequences.
For any questions or clarifications regarding this policy, please contact the Compliance Officer via email at dpo[at]megabitcloud.com
Intellectual Property Rights Policy for Megabit Cloud Rwanda
All intellectual property (IP) created or developed using the services provided by Gewape Cloud (Rwanda) Ltd, trading as Megabit Cloud Rwanda, shall remain the property of the original creator or owner. This includes, but is not limited to, software, designs, documentation, and any other creative works. Users retain all rights to their content and data uploaded or created using our services.
By using our services, you grant Megabit Cloud a non-exclusive, worldwide, royalty-free license to use, reproduce, modify, and display any content you upload to our platform to provide the services. This license will terminate when you delete your content from our services.
You must ensure that any content you upload, or share does not infringe on the intellectual property rights of third parties. Megabit Cloud is not responsible for any claims arising from the use of your content that violates the rights of others.
Megabit Cloud provides its services on an "as is" and "as available" basis. We do not warrant that our services will be uninterrupted, error-free, or free from viruses or other harmful components. We disclaim all warranties, express or implied, including but not limited to implied warranties of merchantability and fitness for a particular purpose.
To the fullest extent permitted by law, Megabit Cloud shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, or use, arising out of or in connection with your use of our services, even if we have been advised of the possibility of such damages.
In no event shall Megabit Cloud's total liability to you for all damages, losses, and causes of action exceed the amount paid by you, if any, for using our services during the twelve (12) months preceding the event giving rise to the liability.
You agree to indemnify, defend, and hold harmless Megabit Cloud, its affiliates, and their respective officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, costs, or expenses (including reasonable attorneys' fees) arising out of or in connection with your use of our services, your violation of this policy, or your infringement of any intellectual property or other rights of any person or entity.
Megabit Cloud reserves the right to modify this Intellectual Property Rights Policy, Disclaimers, and Limitations of Liability at any time. We will notify you of any significant changes via email or through our website. Your continued use of our services after such changes constitutes acceptance of the updated policies.
For any questions or clarifications regarding this policy, please contact our support team.
Refund and Billing Dispute Policy for Megabit Cloud Rwanda
For domain name registrations, SSL certificates, and Microsoft 365 subscriptions, we do not provide refunds. These services are non-refundable once the order is placed and processed.
For all other services, such as cloud servers, web hosting, and WordPress hosting, we offer a money-back guarantee:
You can request a full refund within 30 days of your initial purchase for an annual subscription plan. This allows you to try our services risk-free.
If you are on a monthly subscription plan, you can request a refund within 7 days of your initial purchase. This gives you a week to evaluate our services.
To request a refund, please contact our support team within the applicable guarantee period. We will process your refund within 5 business days of receiving your request.
Please note that refunds are limited to one per customer. If you have previously received a refund from us, you may not be eligible for another refund.
If you have any billing disputes or questions about your charges, please contact our support team within 30 days of the charge. We will review your case and provide a resolution.
If we determine that the disputed charges were made in error, we will issue a credit to your account. However, if the charges are valid and by our terms, you will be responsible for paying the outstanding amount.
In the event of non-payment, we reserve the right to suspend your services and pursue legal action to collect the owed fees. You will also be liable for any expenses incurred by us in collecting the delinquent amounts, including attorney's fees.
We are committed to providing transparent and fair billing practices. If you have any concerns or need assistance, please don't hesitate to reach out to our support team.
Data Processing Agreement Between Gewape Cloud Rwanda Limited and Customers in compliance with Rwanda Data Protection Law n°058/2021 of 13/10/2021
This Data Processing Agreement (“DPA”) is an addendum to the Terms & Conditions between Gewape Cloud Rwanda Limited (“Megabit Cloud Rwanda”) and you (“Customer”). The DPA will be effective and replace any previously applicable data processing and security terms as of 01st August 2023 and will continue for as long as Megabit Cloud Rwanda provides the services set out in the Terms & Conditions.
Definitions
“Customer Data” means data provided by or on behalf of the Customer or Customer End Users via the Services under the account.
“Data Controller” means the entity determining the purposes and means of processing Personal Data.
“Data Processor” means the entity that processes Personal Data on behalf of the Data Controller.
“Data Protection Laws” means all data protection and privacy laws and regulations applicable to processing Personal Data under the Agreement, including the DPL.
“Data Subject” means the individual to whom the Personal Data relates.
“DPL” means Rwanda Data Protection Law n°058/2021 of 13/10/2021.
“Personal Data” means any Customer Data relating to an identified or identifiable natural person to the extent that such information is protected as personal data under DPL.
“Processing” has the meaning given to it in the DPL, and “process,” “processes,” and “processed” shall be interpreted accordingly.
“Sub-Processor” means any third party authorized under this DPA to have logical access to and process Customer Data to provide parts of the Services.
“Services” means any product or service provided to Customer, as described in Megabit Cloud Rwanda Terms & Conditions.
Data Processing
Megabit Cloud Rwanda will only act and process Customer Data by the documented instruction from Customer (the “Instruction”) unless required by law to act without such Instruction. The Instruction at the time of entering this DPA is that Megabit Cloud Rwanda may only process Customer Data to deliver Services as described in its Terms & Conditions and any product-specific agreements. Subject to the terms of this DPA and with the parties’ agreement, the Customer may issue additional written instructions consistent with the terms of this Agreement. The customer is responsible for ensuring that all individuals who provide instructions are authorized to do so.
Megabit Cloud Rwanda will inform the Customer of any instruction it deems to violate DPL and will only execute the instructions once they have been confirmed or modified.
When Megabit Cloud Rwanda processes Customer Data, both parties acknowledge and agree to the following:
Confidentiality
Megabit Cloud Rwanda shall treat all Customer Data as strictly confidential information. Customer Data may not be copied, transferred, or otherwise processed in conflict with the Instruction from Customer unless required by law.
Megabit Cloud Rwanda employees shall be subject to an obligation of confidentiality that ensures that the employees shall treat all Customer Data under this DPA strictly and only process Customer Data by the Instruction.
Sub-Processing
The customer authorizes Megabit Cloud Rwanda to engage third parties to process Customer Data (“Sub-Processors”) without obtaining any further written, specific authorization. Megabit Cloud Rwanda will restrict Sub-Processor access to Customer Data to what is necessary to provide the Services.
Megabit Cloud Rwanda shall complete a written agreement with any Sub-Processors. Such an agreement shall, at minimum, provide the same data protection obligations as the ones applicable under this DPA. It remains accountable for any Sub-Processor in the same way as for its actions and omissions.
Megabit Cloud Rwanda will inform the Customer of any new Sub-Processor engagements at least 30 days before the new Sub-Processor processes any Customer Data. Notifications of such engagements will be delivered to the account email address and through the control panel interface. The Customer’s responsibility is to ensure account information is correct and updated.
The customer has the right to object to using a Sub-Processor by terminating this Addendum and Services by Megabit Cloud Rwanda Terms and Conditions. A list of current Sub-Processors can be found in Annex 1.
Security
Megabit Cloud Rwanda will implement and maintain technical and organizational measures to protect Customer Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access as set out in Annex 2 of this Addendum and by DPL. The security measures are subject to technical progress and development. The customer acknowledges that Megabit Cloud Rwanda may update or modify the security measures from time to time, provided that such updates and modifications do not result in the degradation of the overall security. In addition, Megabit Cloud Rwanda will make controls available to Customers to secure Customer Data inside the control panel further.
Data Breach Notifications
Suppose Megabit Cloud Rwanda becomes aware of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Customer Data on systems managed by or otherwise controlled by Megabit Cloud Rwanda. In that case, Megabit Cloud Rwanda agrees to notify the Customer without hesitation or delay. Notifications of such incidents will be sent to the account email address set by the Customer. The customer’s sole responsibility is to ensure this information is correct and kept up to date inside the control panel.
Megabit Cloud Rwanda will make reasonable efforts to identify the cause of any breach and take necessary steps to prevent such a breach from reoccurring.
The customer agrees that Data Breach Notifications will not include unsuccessful attempts or activities that do not compromise the security of Customer Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems.
Data Subject Rights
If Megabit Cloud Rwanda receives a request from a Data Subject to exercise such rights about Customer Data, it will forward the request to the Customer. The customer must respond to such requests within the timeframes specified within DPL.
Megabit Cloud Rwanda will assist the Customer in fulfilling any obligation to respond to requests by data subjects, including providing controls via the control panel to help comply with the commitments set out under DPL.
Data Transfers
Megabit Cloud stores and processes data in secure data centers in Rwanda. Data may be transferred and processed outside to countries where Sub-Processors maintain their data processing operations. The customer agrees to transfer, store, or process data outside Rwanda. Megabit Cloud Rwanda will take all steps reasonably necessary to ensure that Customer Data is treated securely and by the relevant Data Protection Laws.
Compliance and Audit Rights
Megabit Cloud Rwanda agrees to maintain records of its security standards, and upon written request by the Customer, Megabit Cloud Rwanda shall make available all relevant information necessary to demonstrate compliance with this DPA. The customer agrees that any audit or inspection should be carried out with reasonable prior written notice of at least 30 days and not be conducted more than once in any 12 months. If Megabit Cloud Rwanda declines the request, the Customer is entitled to terminate this addendum and Services.
Return or Deletion of Data
Megabit Cloud Rwanda only retains Customer Data for as long as required to fulfill its initially collected purposes. Termination of this Addendum or Services in line with Megabit Cloud Rwanda Terms & Conditions will result in all Customer Data being deleted unless otherwise required by law. Megabit Cloud Rwanda shall securely isolate and protect from further processing for Customer Data archived on backup systems.
Limitation of Liability
The total liability of each part under this addendum shall be subject to the limitation of liability as set out in Megabit Cloud Rwanda Terms & Conditions. For the avoidance of doubt, in no instance will Megabit Cloud Rwanda be liable for any losses or damages suffered by Customer where Customer is using Services in violation of its Terms & Conditions, regardless of whether it terminates or suspend an account due to such violation.
Annex 1 – Sub-Processors
Available upon request.
Annex 2 – Security Measures
Available upon request.
Megabit Cloud offers affordable and reliable public cloud solutions with a focus on environmental responsibility. We provide IaaS, PaaS, and SaaS services, along with special pricing for SMBs, NGOs and academia. With regional offices and data centers worldwide, we prioritize data security and local compliance while ensuring a fast and efficient cloud experience for our customers.
© 2025 Megabit Cloud Rwanda. All rights reserved.