i  Privacy policyLIGTH THEME

1. Privacy and security

This website does not

This website contains links to external websites. All such links are marked with the external link symbol *. If you click on such a link, that does not convey the target site you are using this website.

2. Location and hosting

This website is located in the Netherlands, in the European Union. Hosting service is provided by Digital­Ocean*.

3. Transport level security and certificates

This website uses only known secure TLS protocols and only known secure cipher suites, see IT Security Guidelines for Transport Layer Security*. The TLS (SSL) certificates are provided by Let's Encrypt*, world's largest non-profit certificate authority, run by the Internet Security Research Group ISRG*.

4. Data collection

The web server that provides this website creates log files. These files log visitors when they visit the website. The information collected by the log files for each page visit includes the following:

As a visitor's IP address can potentially be associated with a data subject (person), the IP addresses are therefore treated as personal data as defined by the EU General Data Protection Regulation* (GDPR, official EUR-Lex*). This website does not collect any other personal data.

5. Data usage

The log files are required to monitor and maintain the security of the website and to troubleshoot and maintain the website server. The processing of the log data is necessary for the purposes of the legitimate interests of the website owner, see GDPR Article 6 - Lawfulness of processing*. Log files are accessed solely by the people in charge of the technical operation of the site. Logged data is never sold, shared or given to any third parties, or moved across the borders of the EU.

The visitor's IP-based geolocation information is used3 to enforce the EU Council Regulations 2022/328* and 2022/355*.

6. Data retention

The log files are encrypted within 24 hours of their creation with a hybrid cryptosystem based on AES PDF* and RSA PDF* (more specific RSAES-PKCS1-v1_5*). All log files will be purged after 15 days at the latest.

7. Your rights

You have the following rights to your personal data, see GDPR Chapter 3 - Rights of the data subject* for details:

If you think your data protection rights have been violated, you can, as a citizen or resident of any of the countries represented in the European Data Protection Board* (EU countries, Iceland, Liechtenstein, and Norway), file a complaint with any national Data Protection Authority*, or contact the website owner.

The owner and controller (within the meaning of GDPR Article 4*) of the website is Petri Kutvonen*. To exercise your rights in relation to your personal data, send an e-mail to contact@crypt-app.net. The data processor (also defined by GDPR Article 4*) is the hosting provider Digital­Ocean*.

8. Compliance

Besides the GDPR, this website is compliant

The California Consumer Privacy Act* (CCPA) does not apply to this website.

In the UK, the UK GDPR UK Data Protection Act 2018* is still in force, but the government has announced that the UK is departing from it and is moving to a less stringent regulation.

9. Privacy policy changes

The right to revise this privacy policy to make it more accurate is reserved. The Privacy policy link will always take you to the current policy.

_______________
Notes
  1. Your browser or a browser extension (not the website) might set site-specific cookies.
  2. Your browser or a browser extension might do this.
  3. The geolocation information is processed only within your browser. It is never saved, logged, or relayed anywhere.

Last revised December 1, 2022

Previous version:  August 8, 2022

BACK