Security and Privacy Policy » History » Version 2
Nico Schottelius, 02/05/2020 09:34 AM
| 1 | 1 | Nico Schottelius | h1. Security and Privacy Policy |
|---|---|---|---|
| 2 | |||
| 3 | 2 | Nico Schottelius | {{toc}} |
| 4 | |||
| 5 | 1 | Nico Schottelius | h2. Status |
| 6 | |||
| 7 | This document is **PRE PRODUCTION** |
||
| 8 | |||
| 9 | h2. Introduction |
||
| 10 | |||
| 11 | The following chapters describe our policy in regards to security and privacy concerns. |
||
| 12 | |||
| 13 | |||
| 14 | h2. Logging the necessary |
||
| 15 | |||
| 16 | Logs are taken only where necessary and kept only as long as relevant to operation procedure. |
||
| 17 | Specifically network traffic **content** is not logged. |
||
| 18 | |||
| 19 | h2. Non disclosure |
||
| 20 | |||
| 21 | No information is given to the public about our customers or customer use cases. |
||
| 22 | An exception to this is prior public information or explicit consent from the customer. |
||
| 23 | |||
| 24 | h2. Acting by Swiss law |
||
| 25 | |||
| 26 | According to Swiss laws, the **only** authority that is allowed to request network access |
||
| 27 | is the "PTSS":https://www.li.admin.ch/en . It may only request access after a Swiss court ruling and only for |
||
| 28 | cases that violate Swiss law. |
||
| 29 | |||
| 30 | h2. Access to data or network traffic from foreign entities |
||
| 31 | |||
| 32 | No access is granted. |
||
| 33 | |||
| 34 | h2. Access to data or network traffic from domestic entities |
||
| 35 | |||
| 36 | Access to our infrastructure is granted based on Swiss laws and requires a Swiss court order. |
||
| 37 | |||
| 38 | h2. Access to data or network traffic from our staff |
||
| 39 | |||
| 40 | For operational activities staff members can and will investigate network traffic to ensure the stability of our platform. |
||
| 41 | Access to customer specific data is strictly forbidden. |
||
| 42 | |||
| 43 | An exception to above rule is if the customer specifically granted permission for it. |