Tusanga is committed to the EU 'General Data Protection Regulation' (GDPR) and see GDPR as an essential element in running our service. Put briefly: We do our utmost to be 'one of the good guys' when it comes to your privacy. For the detailed listing required by law, please see below.
Controller is Tusanga by Adam Williams, Bomlaerkevej 17, 2970 Hoersholm, Denmark, phone +45 42 55 60 28, email firstname.lastname@example.org.
Purpose of data processing: Delivering email and user service, protecting against abuse and fraud as well as ensuring network and information security.
Legal basis for processing is contractual necessity for delivering email and user service and legitimate interest of the controller in performing abuse and fraud protection as well as ensuring network and information security.
The information we collect from you may be used in any of the following ways:
You have the right:
Incoming and outgoing messages are automatically analysed by our anti-spam and anti-virus checking routines. Every connection to our servers is subject to automated anti-abuse routines which e.g. will prevent you from trying to send 100s of emails a second.
The email itself is stored encrypted. Your password is stored hashed and salted. See encryption for more detail.
Outside parties: Tusanga uses Hetzner in Germany as hosting company for our servers. Other than that, we do not sell, trade, give or pass information from or about our users to any third parties except when forced by law.
Data mining and profiling: We do not use Google Analytics or other trackers. No information from user activity is used to compile any kind of profile of our users.
Automated individual decision-making, including profiling: We do not do this.
Data retention: We retain backups of deleted messages for 30 days. This is for the purpose of restoring data in case of accidental deletion by users. After 30 days, data will be permanently deleted from all our systems.
Account deletion: Should you close your account, all data will be permanently deleted after 30 days. This is for the purpose of restoring data in case of users wanting to reopen accounts. After 30 days, data will be permanently deleted from all our systems.
In order to maintain proper server operations, for error diagnosis and for prevention of abuse, mail server logs are kept for 30 days. Processing takes place for the purposes of abuse and fraud protection as well as ensuring network and information security.
Data and systems are secured using a combination of passwords, encryption, Intrusion Prevention Systems (IPS), sandboxing, backups and other technologies.