The purpose of this online service is to provide you with trusted, professional and high performance IT services such as technical support or public cloud computing resources.
What we collect
In order to deliver some of our services to you or to protect our systems we may collect personal data such as username, IP address, HTTP Referer, requested pages/URI’s.
When we collect
Visitors that sign up for our service
IP address, HTTP referrer information and requested pages are logged in addition to our customers “username”, email address, URL, billing and mailing addresses for contractual obligations such as invoicing and fiscal reporting.
Customers that log-in to our services
IP addresses, reverse DNS information, API calls, HTTP Referer, requested pages/URI’s may be logged in order to provide the service as well as for security purposes.
In some situation we may record via specific auditing methods user, script names and binaries for security purposes.
If you contact us we will collect the email address you nominate and any other identifying information you provide, such as your name, your company or phone number. Please do not give us other personal or sensitive information. Other than circumstances such as unlawful activity or via court order we do not share Personal Information with any other agency (government or private) unless it is absolutely required to fullfill your request.
We may share personal data with third parties when it is necessay to fullfill your request for a product or service that requires input from our partners, sub-contractors, etc.
How we deal with complaints and requests
You may request access to Personal Information about you that we hold and you may ask us to correct your Personal Information if you find that it is not accurate, up-to-date or complete. You may also make a complaint about our handling of your Personal Information. These services are free of charge within reasonable limits. To protect your privacy and the privacy of others, we will need evidence of your identity before we can grant you access to information about you or change it. You can contact us by email at email@example.com. We undertake to respond within 30 days. If the request or complaint will take longer to resolve, we will provide you with a date by which we expect to respond.
How we protect your Personal Information
This online service is hosted in Romania in a secure, TIER III accredited datacentre. To help protect the privacy of data and personal information we collect and hold, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We train our employees about the importance of confidentiality and maintaining the privacy and security of your information. Access to your Personal Information is restricted to employees who need it to provide benefits or services to you.
Retention of Personal Information
Web access logs are retained for 24 hours after which they are anonymized and stripped of any personally identifiable data. Email communication logs are retained for up to 36 months. Personal, financial and billing information is retained for up to 50 years (financial documents such as invoices, contracts, etc.). Our sales history (visibile through our CRM/ERP systems) as well as support emails and logs are retained for up to 20 years.
We do not share your information with third parties without your explicit permissions.
Access to Personal Information
Access to customer data by Spearhead operations and support personnel is denied by default. When access to customer data is granted, management approval is required and then access is carefully managed and logged.
Spearhead personnel are assigned unique ID’s and cryptographic access keys to use for access to our underlying physical servers. Remote access is restricted only from our secure locations.
Spearhead provides customers with strong data security as a default and by additional service options. spearhead.cloud is a multi-tenant service, which means multiple customers (workloads, virtual servers, containers, etc.) are stored on the same physical hardware. spearhead.cloud uses logical isolation to segregate each customer’s data from the data of others. Segregation using our best-of-breed technology allows for the scale and economic benefits of cloud computing service while providing rigorous access controls to prevent customers accessing one another’s data.
Customer’s are responsible for ensuring that data stored in spearhead.cloud is encrypted in accordance with their standards.
Protection for in-transit data is enabled by default for the customer portal, our websites, as well as the API and CLI tools. Customers can enable encryption for traffic between their own VM’s as required by configured tunnels, vpn’s or whatever may be required. spearhead.cloud protects data in transit to or from outside the components and data in transit internally using industry standard Transport Layer Security (TLS) 1.2 or later with 2,048-bit encryption keys. spearhead.cloud encrypts all data communication between
- the customer and spearhead.cloud
- between internal components (such as between two datacenter or availability zones or between our compute service and our object storage service)
Encryption of data in storage and in transit can be deployed by customers as a best practice for ensuring confidentiality and integrity. All cloud services can be configured by the customer to use SSL to protect communications to or from the Internet and even between individual spearhead.cloud VM’S.
spearhead.cloud currently operates in a single availability zone within a TIER3 datacenter located in Bucharest, Romania. We expect to launch a second availability zone in 2020 and from there to expand regionally with new datacenter locations. Data redundancy for virtual machines is offered locally, per physical server or via clustering technology configured by us or the customer. Data redundancy for our existing MANTA object store is located in US-East Virginia and data is saved in two copies in two separate datacenter. Once this service is migrated to the EEA, it will provide the same level of redundancy: two copies of the data per default; initially in a single availability zone and in the future in two availability zones.
When customers leave spearhead.cloud or at their request, data is completely erased (scrubbing). When physical hardware is decommissioned, Spearhead executes a complete deletion of data.
Spearhead does not inspect or monitor applications or systems that customers deploy to spearhead.cloud unless specifically granted by the customer. Spearhead does not know what kind of data customers store within spearhead.cloud and makes no claim to ownership of customer data.
For records stored in spearhead.cloud, customers are responsible for maintaining and extracting their data according to their own requirements. Spearhead can provide support to customers in regards to managing their own records based on their requirements.