Pii, is used in privacy law and information security around the world and is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. We do apologise for the length of our policies; however, it is necessary to cover new ground.
At present, Safing ICS Technologies GmbH runs four (4) services, these are as follows, Website, Forum, SPN, and Portmaster update server: these services collect different levels of data, however we aim to collect as little as possible, and all data received by us is treated with the strictest of confidence with privacy always in mind, all data is held securely.
Although the information collected is basic and may not be classed as PII, we treat all data with the same respect and as such have listed all the data, we collect from the services we provide.
The data we collect from Website Visitors:
At present the forum is run on a third party service, however, with respect to being open and transparent, our forum when running, is usually on the Reddit platform, we have no control on how their service collects, stores, shares, handles, or uses data, and as such, you are advised to read any and all privacy policies of the sites you intend to use.
Software running on customers' PC – AGPLv3 License. Please read Article 9. of the Terms of Service. This does not collect, handle, or store any personal identifiable information, except for a per-device API-Token if logged into the SPN, during the SPN login the user/pass is sent to our Customer Hub to retrieve the API-Token, this is never stored, by default no data is collected or processed.
We intend that in the future, opt-in and privacy preserving telemetry functions will be offered to our subscribers.
The customer hub holds all data relevant to the administration of our SPN subscription and service to you, and although it is not all classed as PII, the information gathered and stored is as follows and includes the domain: https://account.safing.io
Safing ICS Technologies GmbH run surveys both continuous and in limited time scope in order to best know and understand the needs of our customers, these are used for development and enhancement of our services, data supplied by users is kept until a user deletes it, these surveys only collect basic information and not PII, by way of example and not limited to, "Which Operating Systems do you use?".
As with any third parties, we take no responsibility for your actions when using said services, it is within your best interests to read all policies on the third party sites you use or visit.
Data is stored in a protected database on a specially guarded server. The server is operated by us and hosted by Hetzner.
Information/data used for the purpose of linking payments to a specific user to enable services are as follows:
Valid email address, if or when required.
User name, not your real name.
Payment identifiers, transaction code sent to us via the payment gateway used.
we are required by law to keep payment records for a period of 7 years, for taxation purposes, even in the event that the account is deleted, we are required to keep the transaction identifiers for this period.
Payment records are only linked to your account until it is deleted, or expired, they then become orphaned and cannot be linked back to your account.
Payments of up to 400€ (incl. Taxes) do not require customer information, i.e. your invoices will be anonymous.
In Transit: All traffic between the Customer and Safing ICS Technologies GmbH is encrypted using modern Transport Layer Security (TLS). TLS is a cryptographic protocol designed to provide communications security over a computer network and aims primarily to provide confidentiality and data integrity between two communicating computer applications.
At rest: Hot data (in use) is protected on our server, cold data (backups) are encrypted.
The information collected whilst subscribing to the SPN or using the website is basic in nature and only used for the specific reasons of software development and the administration of your account.
Valid email address. If or when required, Used for the administration of your account.
Transaction identifier, sent by payment gateway. Used for the administration of your account.
The internet browser and operating system you are using. Used for software development purposes.
The language set by the browser. Used for software development purposes.
The part of the IP address that designates country. Used for software development and administration purposes.
Referrer. How did you find the site? Used for software development purposes.
Hetzner. Hosting Provider.
GitHub. Hosting Provider.
PayPal. Payment gateway.
Stripe. Payment gateway.
Sparkasse Baden: Bank. Payments, wire transfer.
We do not sell, trade, or otherwise transfer to outside parties, your personally identifiable information. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential as per their privacy policies and terms of service.
Information we gain through payment gateways for the purpose of linking to your account are limited to transaction identifiers, please refer to: Article 3. (how we protect your PII Data).
We may release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, privacy, or safety.
The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it is now implemented in many countries worldwide, it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018, and grants users’ certain rights under the GDPR policy, these are set out below and clarified in Article 16., alternatively, to read more about GDPR please visit the following link:
Providing users with the Services they have requested.
Managing user subscriptions and processing payments.
Providing customer support.
For a legitimate interest associated with the operation and development of our services and business, including:
Enhancing the quality, reliability, and effectiveness of our website and Services.
Communicating with customers to provide information and feedback related to our Services and website.
With the consent of users, which users can withdraw at any time.
You can exercise your rights under the GDPR to access, transfer, correct, delete, or object to the processing of your personal information by contacting us at:
in conjunction with CalOPPA, we agree to the following:
The Fair Information Practices Principles, form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the world, understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information. In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
• We will notify the users via email within 1 business day.
• We will notify the users via in site notification within 1 business day.
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
Safing ICS Technologies GmbH will not share or dispose of member’s information to third parties as per the data protection act 1998, this can be read by following the link below:
The SPN provided by Safing ICS Technologies GmbH is in no way targeted for use in any way shape or form towards minors/children under the age of 18 years, however, as our service does not require data upon subscription concerning age, real name, or home address, we cannot, and will not be held responsible for your child’s actions whilst online, all data collected by us is treated in the same manner, protected behind numerous layers of encryption, used to provide the service to you, and not shared with any third parties.
In conjunction with CalOPPA and the 2013 amendments, we do not track users of our SPN (Safing Privacy Network), in this case we do not respond to, do not track signals or requests from you, on the understanding that, our service does not track users’ actions or usage whilst on the SPN service. Please read Article 13. No logs policy.
At present we do not provide any mobile applications for our services, however as it is possible to connect to our SPN service using your mobile devices internet browser, the following applies: We do not track, or collect any data from your mobile devices other than information provided by you to subscribe to our service, please refer to: Article 2. Personal Identifiable Information (PII/Data), we collect, and Article 3. How we store and protect your PII/Data.
We do not log or store records on user activity using our SPN Service, we are committed to your privacy and DO NOT collect or log browsing history, traffic destination, data content, IP addresses, or DNS queries from Subscribers connected to our SPN.
For the avoidance of all doubt, should any government body or law enforcement agency compel Safing ICS Technologies GmbH to release such subscribed user information, listed above, we cannot supply this information as the data does not exist, and is therefore not in our possession.
What are cookies?
Cookies are small text files which a website/service may put on to a member’s computer or mobile device when you first visit a site, service, or page. The cookie helps the website, to recognize your device the next time you visit. There are many functions cookies serve, for example they can help us to remember your username and preferences.
Session cookies last only for the duration of your visit and are deleted when you close your browser, these facilitate various tasks such as allowing a website/service to identify that a user of a particular device is navigating from page to page, supporting website security or basic functionality.
Persistent cookies last after you have closed your browser and allow a website to remember your actions and preferences. Sometimes persistent cookies are used by websites/services to provide targeted advertising based upon the browsing history of the device, we DO NOT use targeted advertising cookies of any description.
We use first party cookies (our own) on our services, for the following purposes:
Login: Once you login to our website/service, a cookie is set containing your encrypted credentials, required to recognize you between page visits.
You can disable this cookie by deselecting “Remember me” in the login form.
Session: Upon first visit of our website/service, the system will create a new unique session for you which will be saved using a cookie on your computer.
Sessions are required to recognize users between page accesses. It is a temporary cookie which will be deleted once you close your internet browser.
Third-Party Services: Displayed ads or sharing content through social networks or comparable actions might cause a cookie created by them, we DO NOT use third parties in that respect, therefor cookies in this category can only be added by the member using a third-party site etc. this is not recommended by Safing ICS Technologies GmbH.
How to disable or delete cookies?
Your internet browser offers specialized options to manage and remove cookies and also offer settings to reject many or all cookies. Please refer to the instructions for your internet browser from the list below.
Google Chrome https://support.google.com/chrome/answer/95647?hl=en
In compliance with the GDPR, you can request a list of the information we hold on your account, however at this time it is best to remember that any information held by us, is the information freely given by you when you subscribe to our services, in this case data requests must be made using the information given to us, by way of example only, email address if used, in an email, requesting the information to:
As the data we collect is solely used to run and administer your account, you can ask at any time for us to stop processing, or to erase the data held on your account, however in these aforementioned cases, this will result in the removal of your account from our services, this course of action does not automatically trigger a refund under Terms of Service. Article 10 your right to cancel, and Article 11 refunds. For cases of this type please contact us with your request at:
for the avoidance of all doubt, we are a company based around privacy and security, any and all data collected on a members account is basic, by way of example only and not limited to, a verifiable email address, if required, and transaction id’s, these are protected behind encryption.
Information/data held by us on any subscriber is basic and minimal, any and all data requests made by Government, or law enforcement agencies can be applied for, however, this is in the form of single account data only and not by block.
By forwarding the required paperwork, in this case, a written request and reason, with a current court order covering the correct jurisdiction attached, Safing ICS Technologies GmbH will comply with the law, applied by the Austrian court’s jurisdiction under European law.
As Safing ICS Technologies GmbH is registered in Austria, any and all disputes will be decided only through the Austrian court system following European law as our guideline. It is important to note: the SPN provided by Safing ICS Technologies GmbH does not collect any IP addresses, browsing history, traffic data, or DNS queries that could be used to identify any specific user.
Amendment 0.1. 05/08/2020
Due to the Court of Justice of the European Union ruling on data transfers, invalidating the Privacy Shield and GDPR compliance of such a ruling. It is here by stated that Safing ICS Technologies GmbH, does not hold or transfer any data to any servers held in the United States of America, however, due to the operating nature of the SPN, we cannot and will not be held responsible for any private nodes held within the United States of America that you choose to use.
please note: whereas we cannot change our policies to suit every individual, we will listen to your concerns and reply in a timely manner.
Thank you for taking the time to read our policies on how we operate our service and collect, use and protect all of your data.
© Safing ICS Technologies GmbH
All rights reserved.