Our data collection promises
We collect as little data as possible. Nonetheless this is sometimes necessary to make sure our software systems are functionally complete. We take great care of your data and make sure your privacy is guaranteed.
This is why we promise you the four following things:
- We will protect your data.
- We will not to store data longer than necessary.
- We will never share your data with third parties.
Which data do we process?
To make sure our software systems are functionally complete we need to process the following data categories.
Name, email and address data
We need your name, email and address data to make sure we can contact you properly and promptly.
Your login credentials are stored to make sure your account is safe and only you can login into your account.
We need to store your IP address temporarily as a security measure to make sure that malicious users do not attempt to brute-force your login credentials.
Cookies are an essential technical bit to make sure the systems are functioning properly. Without cookies you would need to login on every page again and again as the current web protocol is stateless. Cookies contain a random session identification number that we use to recognize you when you open a new web page.
Other data we process
We also collect data that might seem irrelevant for proper functioning of our software systems, however they have other purposes as presented below.
While interacting with our software systems our servers automatically create log files that contain information relevant for debugging, such as browser version, IP, timestamp, etc. Aside from debugging we actively leverage this data to implement a number of quality- and security-related products, such Codana® and Secure Patrol®.
Codana® is a qualitative tool developed by Codific to make sure that programming errors are actively followed up by our team of engineers and solved before they escalate.
Secure Patrol® is a complete security solution targeted towards real-time monitoring and protection of software systems.
Server logs are rotated and eventually cleared within a couple of months.
As opposed to server logs audit logs contain more context-related information such as, which user has done what action within the system. Audit logs are firstly used to spot potential access control violations. Furthermore, audit logs can be leveraged to debug issues.
Audit logs are cleared every 2 months.
Data processing purposes
We need to process your data with a very specific purpose in mind, such as:
- providing you with access to our software systems,
- depending on your contractual information deciding what level of access you should get,
We will not use your data for purposes other than defined here.
We will store your data only as long as you remain a customer within our software systems. Beyond that period all your data will be destroyed.
We are experts in software security and we do consider even the most far fetched threat pretty seriously. We have a list of various technical and organizational measures to make sure our software systems are secure against unauthorized access. A detailed list of security-related countermeasures is strictly confidential and out of the scope for this privacy statement.
We do not share your data with third parties, period.
Hosting within EU
Without exceptions all our systems are hosted within the EU.
Your rights as a data subject
Right to access, right to correction, right to object to processing.
As a user of our software systems it is within your rights to access all your private data and request a correction or removal. You may also ask us to temporarily or permanently suspend processing your private data in case you would like to exercise your right to object to processing. If you would like to obtain more information please contact us via the contact form on our website.
Right to data portability
We apologize, however we have opted for not implementing the data portability principle as all our software systems are very tailored towards specific functional requirements. Within the limits of the law we will require a small fee in exchange for a full export of your data.