Privacy is an ever-growing concern on the Internet. Many businesses are selling access to their customers’ data, or their attention via advertisements.
That is not the kind of business we want to be. We want to provide the best services we can, and have a straight and honest business relationships with the people and organisations using these services.
To us, that means respecting our customers’ privacy as much as legally and reasonably possible.
Who “we” are
Ablis is run by Högh Digital. See our imprint for further details.
What data we collect
Our login-system uses e-mail address and passwords. The passwords are never stored or logged in clear-text, but are instead stored as cryptographic hashes in accordance with OWASP recommendations.
Depending on your chosen method of payment and security preferences, we may ask you to provide additional information, like real name, phone number, mailing address, or similar.
We do not collect or retain any credit card data, those are handled by our payment provider in compliance with PCI-DSS.
We use a simple, GDPR compliant, privacy-respecting web statistics system to keep track of what goes on on our website.
To combat fraud and attacks on our systems, we log cryptographic hashes of IP addresses for certain security-critical actions, like password changes. Error tracking systems and logs may contain incidental IP addresses, but we do not otherwise retain your IP address.
The data you enter as part of general use of the application is stored and used solely to provide the services we have agreed to provide you.
How we use the collected data
First, DNS and WHOIS systems are by their very nature public. When you provide
us data to be put into these systems, these data will consequently be made public.
Therefore, do not put any data you want kept private into these systems.
We use the data you provide us as outlined above. Your data is never shared with third parties, except for the two following exceptions:
Hosting- and service partners
We use third-party services for server hosting, payment processing, error reporting, traffic statistics, etc. The providers of said services will by nature of providing them have techical access to the data, but are not granted permission to access or use it for any other purpose than providing their services to us, and are not permitted to sell the data or share it with third parties, except as legally required (see the next point). Additionally, we have a global network of DNS servers, but they only contain publicly available DNS data, and so have no impact on privacy.
We are located in Switzerland, and the hosting- and service providers hosting private data for us are located in Switzerland, Finland and Germany. We are thus subject to international law as well as local law in said jurisdictions. That means that we may be legally compelled to turn over data from our systems. Should this happen, we will inform the affected customers, unless we are legally barred from doing so.
GDPR and cookies