Privacy at Privex (Privacy Policy)

Last Updated: Sat 5 Oct 2019

1. What details are collected from Privex customers?

When you place an order via our Order Form - we only collect the details which you enter on the form:

Your name (Psuedonym's / Aliases are fine)
Your e-mail address
The hostname for the server you're ordering
The purpose of use
The selected operating system
The referral - if entered
Any additional notes entered
The server package selected
The date/time of the order

What we DON'T do when you're making an order:

We do NOT log your IP address when making an order
- In the future, we may use an anonymised form of your IP address for analytics purposes, however this will NOT be linked to the order you're making.
We do NOT log any information about the browser you're using (e.g. user agent string)
We do NOT use any form of "tracking cookies".
We do NOT share your order details with any third parties.

In some rare cases, for specific products, we may be required to share some, or all of your personal details with one or more third parties in-order to provide the service. In the event of this, we will explicitly inform the customer before sharing any details, in clear visible writing

For example, written in large bold text on the page where the service can be ordered, or by contacting the customer via email to request consent to share the personal details with the third part(ies) (not hidden within a long legal text such as a Privacy Policy or Terms of Service)

2. Are any details recorded when browsing the Privex website or payment portal

We do NOT use any form of "tracking cookies", and at the time of writing, we do NOT collect IP addresses of those using the website.

3. (General Privacy) How does Privex protect my privacy?

We make every attempt to protect your privacy where possible.

We avoid collecting personal data in the first place by:

Limiting the required personal details on our order form to the bare minimum required to provide the service
Disabling "access logs" on our web servers (or at least removing all potentially identifiable information from the log format), to ensure no IP addresses are collected of those browsing our websites.

We avoid third party services where possible, we attempt to control as much of our infrastructure as possible, to avoid any personal data being leaked to third parties whom we have no control over their privacy policies.

We do not use a third party "DDoS protection", "Web Application Firewall", or similar service for the main Privex website (www.privex.io) and the Privex Payment Gateway (pay.privex.io). A small selection of our older public websites / web applications may still use Cloudflare - however over time we're migrating these sites to use our self-hosted web server cluster, ensuring that all online communication is done directly with Privex, without any potential third party interception.
We handle all payments in-house using our very own Privex Payment Gateway, which means that none of your invoice or payment attempt information is shared with third parties.
We do not use any form of third party "hosted database" services (such as Amazon RDS, Azure SQL etc). We hold all database data on our own database cluster, with full disk encryption on all database nodes, protecting your data in the event of our database servers being seized.

4. Use of Cookies at Privex

As mentioned in "details recorded when browsing the Privex website", we do NOT use tracking cookies in any form.

At the time of writing, we use functional cookies for the following purposes:

Storing user session data, such as:
keeping you logged in to a service such as a management panel
temporarily storing your form information for re-filling forms such as on Order Form when you've entered invalid information.
Persisting referral information when customers click on a referral link e.g. privex.io/?r=john@example.com

The functional cookies mentioned above are never used for any form of tracking your use of our services.