Privacy and data protection policy

Privacy

QSA.net considers that the service user’s security of privacy is very important. QSA.net does everything practicable to prevent the service user’s information being mishandled or accessed without authority. Any information collected will only be used with the service user’s consent. By using QSA.net websites, the service user agrees and gives consent to the terms set out hereafter.

Information collected from website visitors

When visiting a QSA.net website, the service user’s activity, browser information and information about the website they are looking at, along with an approximation of their location which may be recorded. QSA.net may publish this information in a collective and anonymous way. QSA.net may also record information linked to the service user’s IP address or e-mail address, if identified to the website. QSA.net will never publish any personal information. QSA.net uses this information solely to improve its websites, products and services, as well as the service user’s experience with QSA.net. QSA.net will not share this personal information with any third party other than as set out below.

Documents and data collected from our on-line services

QSA.net software is intended for the commercial market and therefore makes security of personal information and data one of its fundamental Policies.
Data, are the property of our service users and are safeguarded by means of the most modern data protection measures: These are:

  • access to the application is gained via a double level of authentication
  • connection is only possible with an encrypted key
  • antivirus security is provided by Deep Security by Trendmicro
  • unauthorised intrusion is prevented by an advanced adaptive firewall
  • daily back up is performed on a specific infrastructure, external to the servers
  • dedicated space and database is provided for each service user on a VMWare Virtual Private Cloud ISO 27001, ISO 9001 and TIER III certified infrastructure.

QSA.net is a Telecom Italia (the largest cloud services provider in Italy) qualified Partner, this provides and ensures:

  • 24-hour monitoring
  • perimeter protection places and system rooms with redundant power
  • advanced control systems
  • redundant architecture in terms of both physical infrastructure and network
  • high-reliability VMware hypervisor
  • automatic balance of workload (VMware DRS)
  • enterprise-class Servers with multiple 2,2 GHz CPUs
  • redundant data center resources (servers, SANs and storage)

If a service user decides to terminate their association with QSA.net all documents and data collected will be returned to the owner before deleting them from our servers. Our service users are the sole owners of their data.

Collection and use of personally identifying information, data and documents.

In the course of its commercial activities, QSA.net collects the e-mail addresses, names and other information volunteered when a service user communicates with QSA.net. When a service user registers with QSA.net, they will be asked for information such as their name, organisational information, e-mail addresses, telephone numbers and postal addresses. When a service user applies they can add documents and data. QSA.net may use the information gathered solely for the continual improvement and effective provision of its products and services, including billing, authentication, contact information.
QSA.net's websites provide the service user with the facility to create and post additional content via its public message boards or commenting sections. Any information the service user publishes using these facilities may be displayed publically. QSA.net does not intentionally collect information from children under the age of thirteen (13).

Credit card information

Transactions will usually be processed by PayPal which is a secure payment service provider that can process your payment on behalf of QSA.net.

Protection of personal information

QSA.net may, from time to time, disclose essential personal information to its employees, contractors and affiliated organisations. This will only be done on a need-to-know basis. QSA.net uses the services of third party vendors for storage, network and technical services. Personal information may be transferred outside the service user’s home country as part of the provision of services. When required by law or when QSA.net believes that disclosure is reasonably necessary to protect the rights of QSA.net or third parties, personal information may be disclosed. QSA.net reserves to right to publish anonymised correspondence and feedback sent to it in order to help respond to the correspondence of or to help other service users. QSA.net will take all reasonable and practicable measures to protect against unauthorised access, use and alteration to personal information. When passing personal information to a third party, QSA.net will ensure that adequate protection of the information is applied by the recipient. Should QSA.net be acquired or merged with another organisation, the service user’s information may be transferred. QSA.net will notify the service user if their information is to be subject to a different Policy. Should QSA.net cease trading or file for bankruptcy, information held about the service user will not be transferred to any third party.
Third party vendors are:

  • Telecom Italia for all EU countries included UK and Swiss;
  • Amazon Web Services for USA and Canada.

Cookies

A cookie is a small amount of information that our websites can store on your computer. Your computer provides this cookie when visiting the same website in the future. Cookies are used to enhance your experience with a website. QSA.net uses cookies to identify visitors and track visits to our website, store login session information and to remember your user preferences. Visitors can disable the storage of cookies in their web browser, but should be aware that in doing so this may affect the quality of the experience with the website. In some cases, the website may not work at all.

Access to your information

You can change any of the personal information retained by us by contacting us at: This email address is being protected from spambots. You need JavaScript enabled to view it. . If you would like us to delete any personal information held about you, we will do so on request unless it is essential to retain the information as part of our provision of products and services to you.

Changes to this Privacy and Data Protection Policy

From time to time QSA.net may make adjustments to this Policy. Changes to this Policy will be made at the sole discretion of QSA.net. QSA.net service users are encouraged to check this Policy from time to time for such changes. The service user’s continued use of this site following changes to this Policy will be taken as confirmation of their acceptance of the changes.

This Policy has been published under a Creative Commons Sharealike license (http://creativecommons.org/licenses/by-sa/3.0/). This means that the service user is welcome to copy and adapt the license for their own use, as long as they publish the Policy under the same license terms.

This Privacy and Data Protection Policy was adopted and published on June 6th 2010 and was last updated on August 2nd 2016.

Certifications

TELECOM ITALIA CONSIND E.A.

 ISO/IEC
20000-1:2011
IT Service
Management System
that support the 
provision of hosting
services from its
own Data Center

 ISO/IEC
27001:2014
 Cloud computing 
and
Data Center
Services

ISO/IEC
27001:2006
 Management
and assurance
of network
infrastructures
and services,
perimeter firewalls
and technological
systems for Telecom
Italia's data centers

ISO/IEC
27001:2014
ICT security
monitoring and
incident handling

ISO/IEC
27018:2014
Information
technology
security techniques

ISO
9001:2015
Software provision,
training and support