99Stack Cloud is a privacy friendly cloud. We don't collect more information than needed
When using our services. 99Stack Cloud handles the following data
Customer: Information that is associated with our customers contract, and their service with us. Including but not limited to name, e-mail address, country of residence and the IP-address used to interact with our servers.
Resources: Information about services and active subscriptions associated with your account, including but not limited to servers, storage volumes, software licenses, snapshots and addon services.
Traffic data: Information about which services you interact with and when, via our servers at *.99stack.com. Please note, traffic data does not include direct connections to your servers or other resources.
Analytics: Automatically collected information via the open-source Matomo analytics software: (matomo.org). Information collected includes but is not limited to Country, IP-address, Operating system, Browser and version. Informatio is used to better understand where our visitors are located, you may opt out at any time by using an ad blocker such as Ublock Origin or a privacy respecting browser such as Brave.
Some data is required in order for the service to operate. Most collected data is required for legal reasons. GDPR's rules for lawful handling of personal data are as follows:
We need our customers personal information in order to deliver the service that they have ordered from us, or to complete our agreement regarding the delivery of services and products and to ensure the operation and support of our services. We also need customers information for billing services, credit information purposes (crypto currency payments excluded).
Without access to customers personal information in this regard, we may not be able to provide our services to them.
We will save our customers data as long as they arecustomers, and we will send it to our authorized subcontractors to deliver service as well as for debugging. Some data is kept longer depending on what the data needs to be used for and our obligations under the law.
Once a customer has ended their customer relationship with us, their information will remain with us for 6 months. In order for the information to be as secure as possible during this time, we will archive the customer profile and limit access to it, and after the time runs out, we will delete all remaining information we have about the customer.
We never share any personal data with our infrastructure providers or subcontractors. Information is referenced by a anonymous id used to link a resource to a account within our system only.
Infrastrucutre providers and subcontractors may keep logs over network activity in order to detect and prevent abusive usage or illegal activities. Subcontractors may share such information to us if deemed necessary.
We are obliged to disclose data to authorities such as the police and other emergency services, at the request of law and government decisions.
We handle our customer data with extreme care. All interaction between us and our subcontractors that contains data is encrypted or made through TLS secured tunnels.
All internal communication between our own servers are made over private network interfaces and secured by TLS. Data stored on disk is encrypted using AES with 256-bit keys.
Data is stored in a globally distrubuted cluster of secured dedicated database servers. Servers are located in the following regions: Oregon - USA, Virginia - USA, Dublin - Ireland, Frankfurt - Germany, Mumbai - India, Seoul - South Korea.
Right of access: Customers have the right to know what personal information we have about them and how we handle it, and they may access it free of charge. The data subject makes a request for information in electronic format, and the information shall be provided in an electronic format which is generally known.
Right to rectification: We are responsible to ensure that the personal information we handle about a customer is accurate and up-to-date. If a customer notices an error, they have the right to request rectification of this information.
Right to erasure: Under certain circumstances a customer has the right to have his/her personal data deleted. This is applied in the following situations:
Right of objection: Right to object the processing of personal data provided by 99Stack Cloud on the basis of a balancing of interests. We need to receive the treatment a customer is opposed to. Then we will only continue to deal with the data if there are compelling legitimate reasons for the personal data to be processed and if these outweigh the customers interests. For marketing purposes, a customer is always entitled to oppose the processing of personal data.
Right of limitation: Our customers may limit our processing of their personal data if they dispute the accuracy of the data, if the processing is illegal or if the data is not required for the purpose of the processing.
We process data in order to ensure the security of our services and communication networks, to detect or prevent any kind of illegal use or use that otherwise violates the terms of the service.
We also process this data to prevent misuse of networks and services and to detect and prevent fraud, spam, hacking & cracking, illegal activites, and other potential threats. Including but not limited to those listed in acceptable use policy.
Third party cookies are not required and may at any time be blocked. By solely interacting with 99Stack API only and never accessing our websites, no cookies will be placed at all.
Agreements and disputes must be interpreted and applied in accordance with Swedish law.
In the event of a dispute between 99Stack Cloud and the customer, the parties shall seek to agree first. Disputes arising from interpretation and application shall ultimately be settled in the ordinary courts.
Data which we collect from you may be stored and processed in and transferred to countries outside of the European Economic Area (EEA). For example, this could occur if our servers are located in a country outside the EEA or one of our service providers is situated in a country outside the EEA.