Privacy Policy: Coding Mammoth (Semonto)

This Privacy Policy informs you about the type of personal data that is collected, received and processed through Semonto, our Server Monitor Tool, and about how we use, share, retain and protect such personal data. Our main priorities is the privacy of our visitors. If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us. Version: 1 January 2021

Data Controller and Processor

Semonto is a product by Coding Mammoth BV, a Belgian company registered with enterprise number 0847.844.732 in Krijgslaan 219/2 2610 Antwerp, RPR Antwerp. Coding Mammoth BV can be reached at info@codingmammoth.com or +32 478 80 42 86. See codingmammoth.com for more information about Coding Mammoth. Coding Mammoth BV is the “data controller” of all personal information that is collected and used about its customers for the purposes of the EU data protection laws and also a “data processor” of information collected and used about its customers who are data controllers.

Introduction

Coding Mammoth BV is committed to protecting its customers’ privacy and takes its responsibility regarding the security of customers information very seriously. We will be clear and transparent about the information we are collecting and what we will do with that information.

This Policy sets out:

All personal data is collected and processed in accordance with EU data protection laws.

What personal data we collect

Your information such as username, email-address, telephone number, and other information provided when you sign up will be stored in our database. We will never sell or share this data to any third party or other persons than Coding Mammoth BV. We will not use your data for any other project of Coding Mammoth BV. We will do our best to protect your data so nobody will be able to get access to your private data. If you delete your account, your personal data will be removed after 6 months (see Term of service). This will allow you to reactivate your account without losing any data within those 6 months. All data that we have is always accessible or available on request via our dashboard, Supervisor, or by contacting us.

Your personal account password will be hashed and stored in our database. Since we use one-way hashes, third party cannot re-hash the hashed passwords to recover your original password. For more information about hashes and security, please consult the following article on Wikipedia: Cryptographic hash functions.

The passwords on status pages are not encrypted nor hashed. We decided to not encrypt them because it allows you to see your current password at the portal, as the main concept of protecting status pages is to share this password with your customers and clients. Normally, this will not cause any security problems. For more information contact us at support@semonto.com.

As explained, the data we save is generic account data (such as username, email address and address). This data can be reviewed at the portal via the account page, and changed at any time. We save a hashed version of your account password. Semonto performs tests on your servers and websites. This data is stored and used for analytics via the portal on your request. This type of data wont be sold to third parties. Payment data is only stored at our payment provider as listed before. Semonto only stores an overview of the last invoices. The only PII information Semonto has are email addresses, phone numbers and IP addresses.

Semonto works with sessions. Those sessions are hashed and are limited in time. This means that after a period of inactivity, your session will be destroyed automatically and you will need to log in again. When a connection is closed, the session will be deleted automatically after a period of time.

Cookies

We use small text files called cookies for the sessions. Those cookies are used only to identify the customer, not to identify any specific customer traits. These cookies do not store sensitive data, and will expire along with the session. See our cookie policy for more information.

History and test results

The historical data of the tests performed on your servers or websites will only be available through your status URL and/or through your status pages (which can be password protected in the portal).

How we use your data

We use the information we collect in various ways, including to:

GDPR and applicable data protection laws allow us to process your personal data where we have the legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal data for.

In most cases we will need to process your personal data so we can provide our services and perform our contract with you.

We may also process your personal data for one or more of the following:

Only children aged 16 or over can provide their own consent. For children under this age, consent of the children’s’ parents or legal guardians is required.

We will not retain your data for longer than is necessary to fulfil the purpose it is being processed for. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve those purposes through other means.

Payments

We will store a history of your orders with Semonto, for example notification-credits, plan-upgrades or account renewals. You can review this information at the portal. We will not store any payment details (such as CreditCard numbers) on our servers. Since our payments are handled by Paddle, it can be useful to read the Privacy Policy of Paddle.

Newsletters

We send an email periodically with the latest changes and features of Semonto. If needed, you can unsubscribe of those newsletters via the link in every email. You can sign up again via the newsletter page. This newsletter is free, and available for everyone, unrelated if you are customer or not.

Where do we store your data

We follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, destruction or damage. The data you provide to us is protected and encrypted in transit and at rest. Data in transit is secured using SSL (Secure Socket Layer) technology. SSL is the industry standard method of encrypting personal information so that they can be securely transferred over the Internet.

We are not processing payment information. This is processed and transmitted directly to our payment provider who is Payment Card Industry Data Security Standard (PCI DDS) certified.

We may disclose your information to trusted third parties for the purposes set out in this Privacy Policy. We require all third parties to have appropriate technical and operational security measures in place to protect your personal data, in line with EU law on data protection rules.

Data processors

Semonto is a software product developed by Coding Mammoth BV. We use external partners for some parts, which are listed below. Some of those partners will have (indirect) access to some data. see below for an overview. We also make use of some analytics and crash reporting services to improve our product and services. See list of subprocessors for an up to date list.

International data transfer

We require all services providers to process your information in a secure manner and in accordance with EU law on data protection. We utilise standard means under EU law to legitimise data transfers outside the EEA.

Log Files

Semonto follows a standard procedure of using log files. These files log visitors when they visit websites, or when the application is calling our API service. All hosting companies do this and a part of hosting services' analytics. he information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.

Gravatar

Gravatar, a "Globally Recognized Avatar" system is an avatar that is linked to your email address, if you have configured any. Gravatar is a project of Wordpress. Semonto uses gravatar in the portal. For this feature, a hash of the account email address is send to Gravatar which should not expose your email address.

CCPA Privacy Rights (Do Not Sell My Personal Information)

Under the CCPA, among other rights, California consumers have the right to:

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

GDPR Data Protection Rights

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

Children's Information

Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.

Semonto does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.

How to Contact Us

If you have any comments or inquiries about the information in this Privacy Policy, if you would like us to update your personal data, or to exercise your rights, please contact us by email at info@semonto.com.

Complaints

The customer has the right to file a complaint with the Belgian Privacy Protection Commission (35 Rue de la Presse, 1000 Brussels - commission@privacycommission.be).

Changes to Privacy Policy

Our Privacy Policy may change from time to time and any changes to the statement will be communicated to you by way of an e-mail or a notice on our website.

Related documents