We respect your right to privacy — isn't that what everybody is saying? Privacy is hard. We aim for a good balance between privacy, security, business needs, usability and legal regulations.
Let's face it: data processing potentially including personal data is happening on multiple levels with web hosting: We have to store IPs for security reasons, we have to store billing related data for 10 years and most importantly you are storing your code, uploads and databases here.
The General Data Protection Regulation (GDPR) is strengthening and unifying data protection for consumers/individuals. We appreciate that of course and seek compliance. Mind that fortrabbit is a business to business platform, so certain parts might not apply here.
Third party services transparency
fortrabbit wouldn't be possible without relying on third party services. This gives you an overview on which external services we use, how and why — in developer-readable style:
Cloud & data centers
The fortrabbit itselfs platform runs on Amazon Web Services, (AWS). That includes our web properties (www, blog, help and dashboard) and well as the Apps our clients are creating here. Various different services from AWS ( EC2, RDS, S3, Route53, Cloudfront …) are used in combination.
Apps will be stored in the data center location you are choosing.
Billing related data is stored in Ireland.
Credit card billing informations are getting stored with our credit card payment processor Wirecard directly. We only keep a minimum of information: a reference and an identifier. SEPA bank account informations are stored with our databases.
Usage statistics, tracking & marketing
We are making use of Google Analytics and Google AdWords. We might use re-marketing from Google, as it is an effective way to stay on the radar of potential clients. We might also advertise on Twitter, for this we are sharing about your visit with Twitter, think Tailored Audiences.
The little chat bubble on the bottom right is powered by Intercom. Intercom collects some meta-data, like browser and Geo location about you. For identified Accounts, we also share your name, company, e-mail and potentially additional meta-data. This really helps us giving you a personal and fast support.
We are using MailChimp to send occasionally e-mail updates to subscribed Accounts. These e-mails include relevant informations on service updates, new features and announcements on service changes. With MailChimp we share e-mail addresses and names (for personalization). New fortrabbit Accounts get signed up for the newsletter automatically. Each newsletter — of course — includes a one-click opt-out option. Additionally, there is a Account notification setting with the Dashboard to manage subscriptions.
Accounts can subscribe — via opt-in — to fortrabbit service status updates for downtimes and incidents. This optional service is provided by Statuspage from Atlassian. It is possible to subscribe by e-mail, SMS or RSS feed.
Web server logs
You can interact with fortrabbit services on various transport protocols. We are storing connection data in log files with each access. This may include the request time, the IP address of the requestor, the protocol and version used, URL called, response status, the number of bytes delivered, a referrer and a user agent (browser and OS). We are doing so for security reasons — to avoid malicious and unauthorized access. We reserve the right to blacklist certain IPs from our services based on these access logs.
When deleting Apps or Accounts with us, we delete as much and as complete as possible. For some clients this comes as an surprise as they expect that we just hide data away, until they pay their open invoices.
Data processing agreement
Our terms are covering general data processing measurements. We have an additional, general "order data processing agreement" (only in German) on request for larger clients.
To err is human, the porvided information here might include errors or be incomplete. We do our best to keep it up-to-date.
last amended on February 12th, 2016
We treat your personal data in accordance with all applicable laws. The personal data and all information provided by our clients regarding legal matters are protected by the strict German attorney client privilege. All other personal data gathered by us are protected under federal German law, in particular the Federal Data Protection Act ("Bundesdatenschutzgesetz", BDSG) and the Telemedia Act ("Telemediengesetz", TMG). All our employees are bound to these laws, too.
Statistics using Google Analytics
Remarketing & tracking
fortrabbit may uses session-based and persistent-based cookies. Session cookies persist during a browser session. They disappear when closing or quiting the browser. Persistent cookies remain after closing or quiting browser. If you disable the web browsers ability to accept cookies, functionality of the services may be affected, and you may not be able to successfully use the services.
If you have chosen to identify yourself to fortrabbit via registration, session cookies containing encrypted information to identify you are used. Each time you log into the services, a session cookie containing an encrypted, unique identifier that is tied to your account is placed your browser. Session cookies allow to identify you and to process your online transactions and requests. Cookies are required to use the services.
fortrabbit uses persistent cookies that only the company can read and use to identify browsers that have previously visited the company's web site. When you purchase services or provide the company with personal information, a unique identifier is assigned you. This unique identifier is associated with a persistent cookie that the company places on your web browser. The company is careful about the security and confidentiality of the information stored in persistent cookies. If you disable your web browser's ability to accept cookies, you will be able to navigate the company's web site, but you will not be able to successfully use the services.
fortrabbit may use information from session and persistent cookies in combination with data about fortrabbit clients.
fortrabbit web sites collect your internet protocol (“IP”) addresses to track and aggregate non-personal information and for security reasons. For example, fortrabbit uses IP addresses to guess a currency based on your location.
When registering with fortrabbit personal data will be collected, namely your e-mail address. The data collected is used exclusively to grant you access and contact you in relevant circumstances.
You have the right to ask us about your personal data stored with us. You have the right to get incorrect information corrected or blocked or deleted. You can revoke the right to use personal data for advertising purposes at any time. If you want to make use of your rights as described before, please send us a letter (haha).