Data Privacy for Managed Cloud Solutions/Hosting

Data Privacy Statement

Here at Jaispirit, data privacy is something we take very seriously. We have been specializing in secure data exchanging and privacy. To us, data privacy is our stated mission.

Still, even at Jaispirit, there are some customer data that we need to capture and store in order to guarantee seamless server operation and with it, high security for your data. We also need to be able to show you that our systems are working as intended and that we are fulfilling our services to you as agreed.

Below, we describe in full exactly which data needs to be stored, where, for how long and for what purpose it will be stored.

Account Data (‘User Data’)

You need to provide details such as your name, your address and optionally your bank details for direct debits when you use our services. We cannot verify whether these data are correct. We are required to store these user data for as long as your account is active. If, on registering, you additionally let us know your password, an alternative external e-mail address or a telephone number. We also store these data for the eventuality that we need to help you in an emergency or send you a link for a password reset.

All these data that you send and receive while using our services as well as all contacts, addresses and files are stored encrypted on our servers which are located in a highly secured data center in Europe, Strasbourg.

Where possible certain data such as passwords are hashed for extra, which means that no authorized personnel here at Jaispirit is able to view these data. After you terminate your contract and after any related issues have been resolved, we irreversibly delete all of your data stored in our systems.

Exception: Like any other businesses, we are obliged by the tax office to retain invoice data within our accounting systems for the given time. This means we need to store information’s about when we billed what amount to whom. Within the tax code, there is no exception to this. These data can be accessed by the following: our administrators and support team. Some of these data may also be accessed by our accountants.

Log Files and Connection Data

Our servers store log files, i.e. temporary data about who did what when in order to monitor the operation of our servers for error tracing and for ensuring there is no unauthorized outside access to our systems.

Web server

  • Stored data: When did which IP address access our platform. The Jaispirit office stores log-ins.
  • Purpose: Security reasons. Misuse and unauthorized access need to be eliminated wherever possible; this benefits our users.
  • Deletion: Deletion after given time by local law (TH).
  • Accessed by: System administrators, support team/help desk, programmers.

Mail server SMTP

  • Stored data: Sender, recipient, message ID and size of every sent and received e-mail.
  • Purpose: Verifiability that the e-mails entrusted to us were correctly sent/received; this needs to be traced when users wish to investigate the loss of an e-mail.
  • Deletion: Deletion after given time by local law (TH).
  • Accessed by: System administrators, support team/help desk.

Mail server POP3/IMAP

  • Stored data: Which account has logged in when from which IP address. When e-mails are deleted, the message ID and size of the deleted e-mails are stored. When an e-mail is moved to a different IMAP folder, the message ID and size are stored as well as the source and destination locations. No e-mail contents are logged.
  • Purpose: Verifiability of unauthorized access to a mailbox, i.e. how and why an e-mail was deleted in case users wish to investigate the loss of an e-mail.
  • Deletion: Deletion after given time by local law (TH).
  • Accessed by: System administrators, support team/help desk.

Customer management

  • Stored data: First name/last name, street and address; town/city and ZIP code; country; telephone number; alternative e-mail address. A mobile phone number for receiving password resets.
  • Purpose: First name and last name are required. The remaining data are required for billing and for user support. When any of the data in the account settings are changed (address, direct debit authority, etc.), a log of which IP address the changes were made from is held for given time by local law (TH).
  • Deletion: Deletion after given time by local law (TH).
  • Accessed by: System administrators, support team/help desk, programmers, accounting team/management assistants.

Website Analysis

On our Jaispirit website, we use Google Analytics for analyzing visitor statistics.

We use Google Analytics to analyze where our website visitors come from, which contents are most relevant to them and where there might be issues with our website. We never observe any of our visitors as identifiable persons.

Google Analytics uses cookies: These are small text files that are stored on your computer and that permit analysis of your website use. You can configure your web browser to reject cookies, but we’d like to point out that this may prevent you from using all the features provided on our website.

Third-Party Services and Tracker

Additionally, Comments from our Users under FAQ-Articles or Blogposts can lead to loading of Avatar-Images from the Provider “Gravatar” (Data privacy Statement from Gravatar).

We use the Google reCaptcha service in order to prevent abuse of our systems. As part of the registration process, your IP address will be transmitted to the service for validation. The reCaptcha service is subject to Google’s data protection policy.

Advertising, Market Research, and Data Sharing with Third Parties

Storing parts of your data exclusively serves the purpose of letting us operate your Hosting securely. These data will never be used, analyzed or shared for any other purpose. We have no interest in using your data for any advertising or market research purposes. We will not share any of your data with any third parties.

Disclosing Data to Investigative Authorities

It is our aim to protect free communication through capturing as little customer data as possible, through technological measures such as consistent encryption to prevent surveillance and through encouraging our customers to widely use the protective technologies available to them.

According to local authorities the public prosecutor and the police can access the user data held by Internet Service Providers (ISP) such as ourselves. A simple information request suffices; no court order is needed. A telecommunications provider has no legal recourse against such a request; it must comply. It should also be noted that the provider is required to treat such a request confidentially and that the affected customer must not be informed about the request.

Access to the log data of mail and web servers and to the e-mails contained in a mailbox, on the other hand, requires a search and seizure warrant signed by a judge, unless the investigative authorities can claim exigent circumstances. ISP’s again have no legal recourse against search warrants; seizure of the log data cannot be denied.

In such a case, Jaispirit has no choice but to hand over the data in question to the investigative authorities. If we failed to do so, we would face the seizure of entire servers when being searched as well as our employees being arrested for contempt of court.

Conversely, we will never hand over any data unless the legal conditions for such a request or seizure are presented beyond doubt (so-called ‘anticipatory obedience’). We will unequivocally reject any police requests if they have insufficient legal backing as it would be illegal for us to comply with such requests. All requests and pertaining issues are checked diligently and critically by us and our lawyers.

We have no way to determine whether the user details you have provided to us during registration are correct and relevant. If you encrypt your data with GPG, we will furthermore be unable to make the contents of such data readable.

If you have any further questions or concerns, please contact our Managing Director, Mr. Erich Alexander C. Goettert, md[at]jaispirit.com.

© Copyright Jaispirit Co., Ltd. – All rights reserved.
These Privacy notifications are subject to change without notice.
These Data Privacy are time stamped by DigiStamp.com