Security and Privacy Policy » History » Version 3
Nico Schottelius, 02/05/2020 09:34 AM
1 | 1 | Nico Schottelius | h1. Security and Privacy Policy |
---|---|---|---|
2 | |||
3 | 2 | Nico Schottelius | {{toc}} |
4 | |||
5 | 1 | Nico Schottelius | h2. Status |
6 | |||
7 | This document is **PRE PRODUCTION** |
||
8 | |||
9 | h2. Introduction |
||
10 | |||
11 | The following chapters describe our policy in regards to security and privacy concerns. |
||
12 | |||
13 | |||
14 | 3 | Nico Schottelius | h2. Logging only the necessary |
15 | 1 | Nico Schottelius | |
16 | Logs are taken only where necessary and kept only as long as relevant to operation procedure. |
||
17 | Specifically network traffic **content** is not logged. |
||
18 | |||
19 | h2. Non disclosure |
||
20 | |||
21 | No information is given to the public about our customers or customer use cases. |
||
22 | An exception to this is prior public information or explicit consent from the customer. |
||
23 | |||
24 | h2. Acting by Swiss law |
||
25 | |||
26 | According to Swiss laws, the **only** authority that is allowed to request network access |
||
27 | is the "PTSS":https://www.li.admin.ch/en . It may only request access after a Swiss court ruling and only for |
||
28 | cases that violate Swiss law. |
||
29 | |||
30 | h2. Access to data or network traffic from foreign entities |
||
31 | |||
32 | No access is granted. |
||
33 | |||
34 | h2. Access to data or network traffic from domestic entities |
||
35 | |||
36 | Access to our infrastructure is granted based on Swiss laws and requires a Swiss court order. |
||
37 | |||
38 | h2. Access to data or network traffic from our staff |
||
39 | |||
40 | For operational activities staff members can and will investigate network traffic to ensure the stability of our platform. |
||
41 | Access to customer specific data is strictly forbidden. |
||
42 | |||
43 | An exception to above rule is if the customer specifically granted permission for it. |