GridColo Facility Rules & Regulations

1Purpose and Principles

GridColo operates critical infrastructure. These rules exist to:

These rules are designed to align with common best practices for critical infrastructure environments and to support customer compliance objectives. Nothing in this document is intended to reduce or waive any rights, obligations, or protections set forth in a signed agreement between GridColo and a customer.

2Acceptance, Enforcement, and Order of Precedence

2.1 Acceptance

By requesting access, entering a GridColo facility, shipping equipment to GridColo, or directing GridColo to perform work (including remote hands), you acknowledge and agree to comply with these Facility Rules.

2.2 Enforcement

GridColo may, in its sole discretion and as permitted by law:

• Deny, revoke, or suspend access credentials
• Require escort or additional screening
• Stop work that is unsafe or non-compliant
• Remove individuals from the premises
• Recover costs resulting from violations, including incident response, cleanup, repairs, or third-party claims
• Report suspected unlawful activity to appropriate authorities

2.3 Order of Precedence

If there is a conflict, the following order applies:

1. Applicable law and mandatory government requirements
2. Facility emergency directives issued by GridColo staff
3. The customer's executed agreements (e.g., MSA, Order Form)
4. These Facility Rules
5. Site-specific posted signage and instructions

3Definitions

4General Conduct and Professional Standards

4.1 Professional Behavior

All persons must behave in a professional and respectful manner. Prohibited conduct includes:

• Harassment, discrimination, threats, intimidation, or violence
• Disorderly behavior or refusal to comply with lawful instructions
• Tampering with safety/security devices, signs, or barriers
• Any action that creates an operational risk

4.2 Fitness for Duty

No person may access the facility or perform work while impaired. Prohibited:

• Illegal drugs, misuse of prescription drugs, intoxication, or impairment
• Possession, distribution, or use of controlled substances on site

GridColo may require removal from site for suspected impairment.

4.3 Smoking and Vaping

Smoking/vaping is permitted only in designated areas (if any). It is prohibited in all buildings, data halls, and near fuel storage or other posted hazard zones.

4.4 Photography, Recording, and Audio/Video Calls

To protect confidentiality and security:

• No photography or recording in Critical Areas without written pre-authorization and escort conditions, if required
• No live-streaming, video calls, or "showing the room" in Critical Areas unless explicitly authorized
• Security systems may monitor areas as permitted by law

5Access Governance and Identity Requirements

5.1 Access is a Privilege

Access is granted on a need-to-access basis and may be limited by role, time, area, and purpose.

5.2 Authorized Personnel Lists

Customers must maintain accurate CAP lists. Access requests may be denied if:

• The individual is not listed as CAP, or identity cannot be verified
• Required onboarding steps are incomplete (e.g., training, paperwork)
• There are account standing issues (as defined in applicable agreements)

5.3 Identity Verification

All individuals must present acceptable identification and comply with verification steps. GridColo may use layered verification (e.g., ID check, credential checks, biometrics where legally permitted, and/or secondary verification) appropriate to the facility's security posture.

5.4 Badges and Credentials

• Badges/credentials are personal and non-transferable
• Tailgating/piggybacking is prohibited
• Badges must be worn visibly where required and surrendered upon request
• Lost/stolen badges must be reported immediately

5.5 Escort Requirements

Certain individuals and/or areas may require escort at all times, including but not limited to:

• Visitors and delivery personnel
• Vendors not approved for unescorted access
• Individuals with temporary access status
• Entry into specific restricted rooms

5.6 Access Hours and Scheduling

Access may be:

• 24x7 for authorized CAP (subject to facility policy and agreement), or
• Scheduled/limited where needed for safety or operations

High-impact activities (moves, heavy lifts, hot work, power work, overhead cabling changes) must be scheduled in advance and may require an approved MOP.

6Screening, Inspections, and Prohibited Items

6.1 Screening

GridColo may conduct security screening and inspections as permitted by law, including of bags, cases, toolboxes, shipping containers, or vehicles.

6.2 Prohibited Items (High-Level)

Unless explicitly authorized in writing, the following are prohibited:

6.3 Tools and Equipment Controls

Tools must be appropriate for the task and in safe condition. Prohibited:

• Unsafe, damaged, or modified tools
• Uncontrolled cutting/grinding in data halls without controls
• Use of unapproved extension cords or power taps (see Section 10)

7Visitor Management

7.1 Visitor Eligibility

Visitors must be sponsored by a Customer or GridColo host and may be denied access at any time.

7.2 Visitor Requirements

Visitors must:

• Present ID and complete sign-in
• Remain with host/escort as required
• Wear visitor identification
• Follow all posted restrictions and staff instructions

7.3 Minors

Minors are generally not permitted in Critical Areas. Exceptions require prior written approval and strict escorting.

8Customer Work Authorization and Change Discipline

8.1 Work Must Be Authorized

Work affecting Customer equipment or shared infrastructure must be authorized by the Customer and/or GridColo as applicable. GridColo may require verification of the requestor's authority.

8.2 Required Planning for High-Risk Work

The following typically require an MOP and may require GridColo approval prior to execution:

• Electrical work beyond basic plug/unplug (including breaker operations)
• Any work in electrical rooms, UPS areas, generator yards, or fuel systems
• Overhead ladder work, ceiling/ladder rack changes, cable pulls involving shared pathways
• Any activity that may generate smoke/dust/particulate (cutting, drilling, grinding)
• Use of lifts, rigging, or moving heavy equipment
• Hot work (soldering, torch use, open flame), if ever permitted
• Work affecting cooling interfaces, liquid lines, or any potential leak risk

8.3 "Stop Work" Authority

9Housekeeping, Cleanliness, and Material Control

9.1 Clean-As-You-Go

Data centers require high cleanliness standards. All persons must:

• Remove packing materials promptly
• Keep aisles clear and comply with egress requirements
• Avoid generating debris; use containment and vacuum controls where needed

9.2 Waste Disposal

Dispose of waste only in designated receptacles and per site rules. Special waste streams (batteries, electronics, chemicals) must be handled per Section 12.

9.3 Storage Restrictions

• No storage in aisles, egress paths, electrical rooms, or mechanical spaces
• Storage in customer cages/suites must not block airflow, panels, or access to safety devices
• No long-term storage of combustibles unless explicitly authorized

10Technical Rules for Customer Equipment, Power, and Cabling

10.1 General Equipment Standards

Customer equipment must be commercially appropriate, safely operable, and installed in a professional manner. GridColo may require removal or remediation of equipment that presents:

• Electrical hazard
• Fire hazard
• Excessive heat output beyond designed capacity
• Unacceptable vibration, noise, or EMI
• Physical instability or poor rack integration

10.2 Rack Safety and Loading

• Observe rack manufacturer load ratings and stability requirements
• Heaviest equipment must be mounted low where practicable
• Use proper rails and fasteners; do not "float mount" heavy devices
• Do not block rear/front airflow; use blanking panels where appropriate

10.3 Power Connection Rules

To protect reliability and safety:

• Use only approved power cords and connectors rated for the load
• Do not use consumer-grade power strips, unapproved tap devices, or daisy chains
• Extension cords are prohibited for permanent use and may be prohibited entirely in Critical Areas except under controlled, temporary conditions
• Maintain proper A/B power diversity according to design and customer requirements
• Do not exceed circuit ratings; account for inrush and peak conditions

10.4 Grounding and Bonding

Customers must not modify facility grounding/bonding. Equipment must be installed consistent with electrical codes and manufacturer guidance. Any grounding anomalies must be reported immediately.

10.5 Cabling Standards (Copper and Fiber)

• All cabling must be professionally dressed, secured, and labeled
• No loose cables across aisles or under doors
• Respect bend radius and strain relief (especially fiber)
• Use approved pathways (ladder racks, trays) and follow separation rules for power vs. data as applicable
• Do not interfere with other customers' cabling or shared bundles

10.6 Labeling Requirements

At minimum, Customer should label:

• Racks and RU positions (or maintain an equivalent inventory map)
• Power cords (source PDU/outlet and destination device)
• Network patch cords (source/destination ports)
• Any liquid lines (if permitted) and quick disconnect identifiers

GridColo may require minimum labeling for operability and safety.

10.7 Wireless and RF Controls

• No customer-installed Wi-Fi APs or ad-hoc wireless networks without written authorization
• No interference devices, jammers, rogue repeaters, or unauthorized antennas
• All RF deployments must be coordinated with GridColo to avoid operational impact

11Remote Hands Rules and Customer Direction Controls

11.1 Authorized Requestors Only

Remote hands requests must come from verified CAP via approved channels. GridColo may use call-back or multi-factor confirmation for sensitive requests.

11.2 Scope and Limitations

Remote hands is generally limited to reasonable, well-defined tasks (e.g., reboot, cable move, visual verification, media swaps where authorized). GridColo may refuse tasks that are:

• Unsafe or unclear
• Likely to cause service impact without an MOP
• Outside of scope or not permitted by the agreement
• In violation of law or policy

11.3 Customer Responsibility for Instructions

Customers must provide:

• Exact rack/unit/device identifiers
• Specific port or cable labels
• Clear success criteria and backout steps for risky tasks

GridColo is not responsible for ambiguity in instructions.

11.4 Chain-of-Custody for Media and Assets

Handling of drives, tapes, HSMs, and sensitive materials must follow documented chain-of-custody. Customers should specify:

• Whether media is to be returned, stored, destroyed, or shipped
• Packaging requirements
• Shipping address and authorized recipients

12Safety Program Requirements

12.1 General Safety

All persons must:

• Follow posted signs and instructions
• Immediately report unsafe conditions, spills, or alarms
• Keep egress routes clear at all times
• Use required PPE (Section 12.4)

12.2 Electrical Safety

No energized electrical work unless explicitly authorized and appropriately controlled.

• Access to electrical rooms is restricted to authorized individuals
• Any breaker operations, panel access, or electrical testing requires authorization and may require an MOP, qualified personnel, and appropriate PPE

12.3 LOTO and Hazardous Energy

Where applicable, LOTO procedures must be followed. Customers and contractors must not apply/remove locks/tags on facility-controlled equipment without authorization and coordination.

12.4 PPE

Minimum PPE may be required by area/task. Examples:

• Closed-toe shoes required in all operational areas
• Safety glasses where posted or for cutting/drilling work
• Hearing protection where noise thresholds are posted
• Hard hats and high-visibility apparel in construction zones/loading docks as posted
• Electrical PPE requirements are task- and hazard-dependent

12.5 Ladders, Lifts, and Rigging

• Ladder use must follow manufacturer guidance; three points of contact
• Lift operations require qualified operators and spotters as required
• Rigging must be performed by competent personnel using rated equipment
• No overhead work above others without controlled exclusion zones

12.6 Hot Work and Ignition Sources

Hot work is prohibited unless explicitly authorized in writing with a permit process and controls (fire watch, suppression readiness, area prep, and post-work monitoring).

12.7 Housekeeping as a Safety Requirement

Debris and packaging are safety hazards and must be removed promptly.

13Hazardous Materials and Environmental Controls

13.1 General Rule

Hazardous materials are prohibited unless explicitly declared, approved, and controlled.

13.2 Batteries

Lithium batteries (including spare packs) must be managed safely and stored/handled per manufacturer guidance and applicable codes.

Damaged, swollen, or compromised batteries must not be brought into the facility and must be reported if discovered.

13.3 Chemicals, Solvents, and Cleaning Agents

No unapproved solvents, aerosols, corrosives, or flammable chemicals in Critical Areas.

Cleaning must be done using approved materials that do not create residue, dust, or fumes.

13.4 Liquids Near IT Equipment

Liquids in data halls are strictly controlled. Any permitted liquids (e.g., sealed cooling interfaces) must:

• Use professionally engineered, leak-minimized solutions
• Have secondary containment where applicable
• Be supported by documented procedures and emergency response steps

13.5 Spill Reporting

14Fire Safety and Life Safety Systems

14.1 Do Not Interfere with Life Safety Systems

Prohibited:

• Blocking fire doors, extinguishers, pull stations, alarms, sprinklers, detectors, or emergency lighting
• Covering smoke detectors or disabling detection systems
• Tampering with suppression systems

14.2 Response to Alarms

When an alarm sounds or staff direct evacuation:

1. Stop work immediately if safe to do so
2. Follow evacuation routes
3. Proceed to designated muster points
4. Do not re-enter until authorized

14.3 Reporting

Report smoke, burning smells, unusual heat, sparks, or audible electrical arcing immediately.

15Shipping, Receiving, and Loading Dock Rules

15.1 Advance Coordination

Shipments may require advance notification, including:

• Carrier and tracking details
• Delivery window
• Weight/dimensions and handling requirements
• Special equipment needed (pallet jack, forklift, lift gate)

15.2 Packaging Standards

• Use professional packaging appropriate for sensitive electronics
• Clearly label customer name, site, cage/suite, and contact
• Include internal packing lists

15.3 Chain-of-Custody and Secure Receiving

GridColo may maintain receiving logs, photo documentation of exterior condition, and custody tracking where appropriate.

15.4 Prohibited Dock Practices

• Unattended equipment in unsecured areas
• Blocking dock exits, fire lanes, or security checkpoints
• Unsafe pallet stacking or exceeding dock load limits

16Confidentiality, Privacy, and Customer Asset Protection

16.1 Confidentiality Expectations

All persons must respect confidentiality of other customers. Prohibited:

• Attempting to access other customers' areas or equipment
• Discussing other customers' presence, configurations, or activity
• Photographing or recording other customers' assets

16.2 Privacy and Monitoring

GridColo may employ monitoring (e.g., cameras, access logs) in accordance with law and posted notices. Individuals must comply with applicable monitoring policies and instructions.

17Network and Cybersecurity Rules for On-Site Activity

17.1 Customer Systems

Customers are responsible for security of their systems, but GridColo requires baseline behaviors to reduce facility risk:

• Do not connect unauthorized devices to any shared or facility-managed networks
• No scanning, probing, or interference with facility systems or other customers' networks
• No rogue DHCP servers or broadcast storms

17.2 Portable Media and Sensitive Tools

Customers should follow strong media hygiene. GridColo may restrict certain activities that increase risk (e.g., connecting unknown USB devices to shared systems).

17.3 Incident Reporting

Suspected cybersecurity incidents that may impact facility operations or shared systems must be reported promptly.

18Incident Management and Reporting Requirements

18.1 What Must Be Reported Immediately

18.2 Cooperation

All persons must cooperate with incident response, including providing statements and preserving relevant information (photos, logs, device states), consistent with law and contractual obligations.

19Business Continuity and Emergency Operations

GridColo maintains emergency response procedures. During emergencies, GridColo may:

• Restrict access and suspend non-essential work
• Implement additional controls or escorts
• Require customers to coordinate before dispatching personnel

Customers are responsible for maintaining current emergency contacts and escalation paths.

20Violations, Cost Recovery, and Sanctions

20.1 Examples of Violations

• Tailgating, badge sharing, or unauthorized access attempts
• Unsafe work practices, ignoring PPE/permit requirements
• Unapproved hot work or dust-generating work
• Unapproved liquids or hazardous materials
• Interference with life safety systems
• Harassment or threats
• Unauthorized photography/recording

20.2 Cost Recovery

Customers may be responsible for costs arising from their personnel, visitors, or contractors, including:

• Repairs and cleanup
• Incident response and investigations
• Third-party claims resulting from negligence or willful misconduct

as permitted by applicable agreements and law.

21Requests, Exceptions, and Special Approvals

Some activities may be permitted only via written exception, including:

• Photography/recording in restricted areas
• Specialized cooling interfaces or liquid-cooled deployments
• Non-standard power distribution equipment
• Large-scale cabling projects affecting shared pathways
• Construction or modification activities in or adjacent to Critical Areas

Exception requests must include scope, risk controls, and time windows. Approval is discretionary.

22Document Control, Updates, and Contact

22.1 Updates

GridColo may update these rules from time to time. The publicly posted version is the current version. Material changes may be communicated through customer notices as appropriate.

22.2 Contact

For access coordination, exceptions, shipping instructions, remote hands, or safety questions, use the GridColo support channels designated in your customer agreement or posted on the GridColo website.