It is the simple goal of afd42 to do as much as is realistically possible to protect the privacy of our users.
For this reason, we have set up some fairly simple rules that govern our entire infrastucture and and mode of operation.
No third party data-exchange not explicitly initiated by the user.
In summary, we:
Do not publish any data about you, your company, or any other sensitive information about you, that you have not explicitly asked us to share.
We do publish general statistics of how many active domains we have by TLD and number of customers by country, but only in an anonymised fashion.
Also, any information put into the DNS system is inherently public. For more information about this subject, see the section on DNS and whois privacy below.
- Do not share any of our data with third parties besides what is necessary for hosting and backup. Please see the section below on hosting and backup for details.
Do not attempt to mine data to find more information about you, besides what you have already provided us.
We do use automated systems for keeping track of how our customers use our services, but we do not attempt to link this information with user identities.
This means no Google Analytics, no Facebook like buttons, no hosted webfonts, no fancy cloud hosting. This makes our operations more costly, and our marketing less effective. We realise that this is a cost of doing business, and we're willing to pay this cost, because we value your privacy higher than our own convenience.
We do not store passwords.
A very basic and often neglected precaution on web sites is to never store your user’s passwords. We consider your password to be such a personal and private piece of data, that we will not store it in any recoverable form.
We use a state of the art, non-reversible encryption algorithm to generate a fingerprint of your password, which we use for validation when you log on later.
We will never ask you for your password. Only use your password for our service on afd42.com.
We do not store credit card data.
When you pay with your credit card on our site, you can rest assured that we do not store any of your credit card information on our systems. As soon as we receive the data, we pass it on to our payment provider, which handles your data in accordance with international banking security regulations.
Any data you give us belongs to you, period.
It is not ours to keep or sell. You can always ask us for a copy of your data. If you ask us to delete it, we will do so.
For the proper functioning of our services, we have a few exceptions to the rules outlined above. We have outlined these, as well as the reason behind them.
A few sections of our website feature public content. If you elect to publish your own content on these sections, your content will be made public as well. All forms where the entered data is made publicly available will be clearly marked as such.
For example, we have our official company blog on this web site. If you add a comment to that, your comment will be viewable by anyone who reads the blog post.
It is a sad fact of the Internet, that if you have any publicly available faclities, someone will try to abuse these facilities for nefarious purposes, such as spam, phishing, etc.
To protect our services, we use a service called Mollom. This is used in two ways:
To protect against automated attacks against our services, we will require you to fill out a CAPTCHA to perform certain actions, like creating a new account, resetting your password, sending e-mails via the contact form, etc.
This CAPTCHA is provided by Mollom BVBA., and the data you enter in the CAPTCHA field (and this field only) will be sent to Mollom for validation.
To prevent spam the public parts of our web site, we use Mollom’s textual analysis service.
This only applies to public content, such as blog comments, and any form that uses Mollom’s textual analysis will be clearly marked as such.
To be able to improve our services, we need to know how our web site is used. For this reason, we use a couple of statistics packages on our site, but we do not track users individually.
We only use self-hosted statistics, so no outside entities will be able to track your use of our website.
Hosting and backup
This web site is hosted on servers rented from Hetzner Online AG. The staff of Hetzner does not have any login to the servers, will only have cause to interact with the server in connection with hardware maintenance.
In addition to our own backup systems, we use Tarsnap for as our final backup tier to make sure your data is safe with os. All data stored on Tarsnap is encrypted before it is sent to Tarsnap, so they have no way of accessing the stored data.
As a Danish company, we are bound by the laws of Denmark. Our hosting company is bound by German law. If we are served with a court order for the release of your data, we will be forced to comply. Otherwise, we will never share your data with anyone.
Legal limits, lawsuits, etc.
DNS and WHOIS privacy
DNS is in many ways like the phone book. Simply put, it makes it possible for vistors to your website to find the address of your webserver by looking up your name in the great Internet phonebook, DNS.
It is possible to have a private DNS server, ie. a private phone book, for use internally within a company, that is not the service we're currently offering.
DNS also has a system for discovering who owns and manages domain names. This is called WHOIS. When we register a domain name on your behalf, we are required to furnish the WHOIS system with this information. Since this can be an inconvenience for privacy, marketing or other reasons, we do offer a “WHOIS privacy” option, where we will be listed as owners and managers of the domain in the WHOIS system. We offer you a confidential, private agreement that you will retain full control and ownership of the domain name. Find more information about WHOIS privacy in our terms of service.