***Effective Date: March 30, 2019***
--- SECTION 1 - OVERVIEW ---
yLab.info is a premium domain that is available for purchase. yLab.info is operated by fai.host.
This privacy notice applies solely to information collected by yLab.info, except where stated otherwise. It will notify you of the following:
- What personal information we collect and why we collect it.
- How long we store your data.
- What right you have over your data.
- Who do we share your data with.
- Where do we send your data.
- Response to legal process.
- External Resources.
- Survey & contests.
- How we protect your data.
- What data breach procedure we have in place.
- What third party we receive data from.
- What automated decision making and/profileing we do with user data.
- Notification of changes.
We use “cookies” on our website. A cookie is a piece of data stored on a site visitor’s hard drive to help us improve your access to our sites and identify repeat visitors to our sites. For instance, when we use a cookie to identify you, you would not have to log in a password more than once, thereby saving time while on our sites. Cookies can also enable us to track and target the interests of our users to enhance their experience on our site.
2.b. Essential Cookies
1. Advertisement cookie - As a way of generating revenue to maintain the health of our website and to ensure our legal right interest, we may from time to time display advertisement from 3rd parties. 3rd party advertisements vendors may set cookies on your browser with the purpose of serving you the advertisement that best suit your interest and to verify that the ads actually been viewed by a real person. We do not have any control over those cookies or how they are stored. However, when choosing advertisements for our website we ensure that we will only work with reputable 3rd parties.
--- SECTION 3 - WHAT PERSONAL INFORMATION WE COLLECT AND WHY WE COLLECT IT ---
3.a. Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from another website behaves in the exact same way as if the visitor has visited the website that the content(s) was embed from.
Whether whichever protocol you choose to utilize(FTP, HTTPS, HTTP, DNS, etc..), at the moment that you made a request to our server, our server will log the request that your browser/software made to us and also your IP. These logs of IPs help us identify any problem with our services if there are. These logs are also a crucial tool for us to maintain the security of our service or detecting a data breach.
IPs are somewhat similar to if you were to walk into a store and the store has cameras to help monitor suspicious activities and enhancing customers' experiences by capturing all traffic into the store. However, IPs are less identifiable than a real image. As an image of you taken by a security camera would clearly be able to identify who you are. Unless you provided us with others identifiable information, IPs are not as such capability as multiple users could share a same public IP address and information pertaining to an IP address is usually kept by the ISP(Internet Service Provider) and ISPs usually do not disclose IP's information unless the matter pertains to laws.
We also use IPs as a tool to analyze the broad geographic trend of our visitor. We do not have an intention to link an actual person to an IP address but we use IPs as a tool of security and as a tool for analyzing traffic trends.
We may report or publicly disclose abusive IPs engaging in hacking attempts or other malicious behavior of which, include, but not limited to, causing a DDoS to our services, attempted DDoS, any type of spam, hacking attempts, hacking, phishing, spoofing, SQL injection, attempted SQL injection, attempted to exploit a security vulnerability in a version of a software that we run even though we are not running that version, attempted to exploit a security vulnerability in a software on our server that we may or may not have the software installed, and any attempt to exploits any security vulnerability on our server/software/web platform whether if the vulnerability existed or not.
3.c. Browser and other informations
When your browser makes a request to our server for our website, we collect your user agent header information. Your user agent header helps us identify the browser that you are using and the device that you are using. This information is to help us better understand the device that you are using so that our website can serve to you responsively based on the device that you used. We also use this information to help better understand the demographic trend of our traffic to help us further improve our service.
--- SECTION 4 - HOW LONG WE STORE YOUR DATA ---
For IPs and requests that made to our server through whichever protocol that was used(FTP, HTTPS, HTTP, DNS, etc..), we may store these log files for up to 7 years from the date that they were created.
For IPs logs where it is reasonable to believe that there was/were attempted breach into our platform or server, we may keep those logs indefinitely.
When you contact us through e-mail or from our contact form, our administrators may store your e-mail address and any information you provided us for up to 7 years. When contacting us, we will not use your e-mail address to send you unsolicited messages.
--- SECTION 5 - WHAT RIGHT YOU HAVE OVER YOUR DATA ---
5.a. Data portability
As of current, yLab.info does not have a feature where you can sign up for an account at our site, we would most likely not to have any important personal information about you. Nonetheless, to request your personal information that we have, please send an e-mail from the e-mail address that associated with your information to email@example.com.
If the only information we have about you is your IP, whether if the information for the IP that you requested is in our database or not, we will not respond to your request.
5.b. Data erasure
You can also request that we erase any personal data we hold about you. This does not include any data we are obligated to keep for administrative, legal, or security purposes.
We do not handle requests for removing IP addresses from our database, as IPs are pieces of vital information that gives us the ability to maintain security and integrity of our systems. Also, unless aided by law in legal situations, we do not have the capability of being able to identify the owner(end-user not ISP) of an IP address.
5.c. Respond time and record keeping
We will respond to all privacy request within one month of receiving the request.
We will not respond to requests where we can't identify who you are from the information you provided us whether if we have the information that you requested for exporting/erasing.
Once we processed a privacy request and audited the request, we will store a record of all information that pertains to the transaction in an encrypted file.
We may keep a record for each privacy request that made to us for up to 15 years from the date that we first received the request. This is for us to maintain our legal right in case a legal claim dispute arise.
We will only use privacy requests' records where the law obligated us to. Besides that, we will not use, share, sale, nor trade information from privacy requests' records.
--- SECTION 6 - WHO DO WE SHARE YOUR DATA WITH ---
6.a. Business Transfers
As our business grows, we may sell or sells assets or business offering. We may also merge with other entity or reorganize into a new entity. In other circumstances, we may file for bankruptcy. In those events that mentioned by this subsection, customers and visitors' information typically is one of the transferring assets.
Furthermore, prior to any of the events mentioned by this subsection, we may disclose analytic data to prospect acquirers. The information that we disclose to prospect acquirers may include logs of IPs as proof for the amount of traffic that we had.
We may disclose information about you to our organization affiliates in order to help provide, understand, and improve our Services and our affiliates' services, including the delivery of ads.
6.c. Sharing of abusive and misconduct
We may share to others entity information pertain to IPs engaging in hacking attempts or other malicious behavior of which, include, but not limited to, causing a DDoS to our services, attempted DDoS, any type of spam, hacking attempts, hacking, phishing, spoofing, SQL injection, attempted SQL injection, attempted to exploit a security vulnerability in a version of a software that we run even though we are not running that version, attempted to exploit a security vulnerability in a software on our server that we may or may not have the software installed, and any attempt to exploits any security vulnerability on our server/software/web platform whether if the vulnerability existed or not. Those entity/entities that we share the information pertaining to IPs that involved in abusive or misconduct may publicly disclose or reshare that information with other entity/entities.
6.d. Final note
--- SECTION 7 - WHERE DO WE SEND YOUR DATA ---
Our server is located at a data center in Kansas City, Missouri, United States. Through whichever mean, whenever you communicate with our server, your information is transmitting to the United States.
When we back up the data from our server, your information will be transmitted to a computer that located in Canada through the SSH protocol or the HTTPS protocol. Your data is encrypted during transmission by SSH/HTTPS.
When we work on our server(i.e modify the content, editing HTML code, editing pages, approving comments, managing the server, etc.), information will be transfer from our server in the United States to Canada through the SSH protocol or the HTTPS protocol. The information is encrypted during transmission by SSH/HTTPS.
--- SECTION 8 - RESPONSE TO LEGAL PROCESS ---
We may disclose any identifiable personal information or nonidentifiable personal information that we have, in order to comply with the law, a judicial proceeding, court order, or other legal processes.
--- SECTION 9 - EXTERNAL RESOURCES ---
yLab.info's website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our sites and to read the privacy statements of any others website that collects personally identifiable information.
--- SECTION 10 - SURVEYS & CONTESTS ---
From time-to-time, our sites may request information via surveys or contests. Your participation in these surveys or contests is completely voluntary. You can choose not to participate in the surveys or contests offer. But if you choose to participate in the surveys or contests we offer, we may request personal information from you. The information that we may request, includes, but not limited to, contact information (such as name, phone number, and e-mail address), and demographic information (such as shipping address, zip code, age). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the use and satisfaction of our services.
--- SECTION 11 - CHILDREN ---
We do not knowingly collect or solicit Personally Identifiable Information from anyone under the age of 13 or knowingly allow such persons to register as Users.
If you are under 13, please do not send any information about yourself to us, including your name, address, telephone number, or email address. In the event that we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
When it comes to IP addresses, it is impossible for us to know if we logged an IP address from someone that is under the age of 13. We also do not have a method of being able to link an actual person to an IP address if you don't share with us any other personal information.
--- SECTION 12 - HOW WE PROTECT YOUR DATA ---
For information storage, our server is located in Kansas City, Missouri, United States with a trusted ISP. Access within the facility is controlled by biometric access controls. Once inside the perimeter, access to the data center floor is controlled by additional biometric access controls through mantraps and blast proof corridors. Our server is also password protected with different accounts for different purposes. Each privileged account to our server has a different set of passwords.
For our server, we have software in place to try to prevent and detect a data breach.
When your information is stored on our backup computer. They are stored into an encrypted partition on a passworded protected computer. We try our best to encrypted all confidential information when we store the data in our backup computer. Access to the encrypted partition is strictly enforced.
--- SECTION 13 - WHAT DATA BREACH PROCEDURE WE HAVE IN PLACE ---
We do have a data breach prevention plan in place. However, we are not perfect, and can't guarantee that a data breach will never occur. Thus, if we are aware that a data breach has occurred, we will, within 72 hours from the time that we first aware of the breach, e-mail all user that have an account with us and notify that there was a breach.
If IPs logs were the only data that were compromised. We will, within 72 hours from the time that we first aware of the breach, notify you through our data breach status page at www.fai.host/breach, that a data breach had occurred.
--- SECTION 14 - WHAT THIRD PARTIES WE RECEIVE DATA FROM ---
As of current, we do not receive any personal data from any third party.
--- SECTION 15 - WHAT AUTOMATED DECISION MAKING AND/OR PROFILING WE DO WITH USER DATA ---
Our ads service platform may utilize IP addresses to obtain broad geographic information to try to serve the correct ads based on the broad geographic location that associate with each individual IP address. To be able to obtain broad geographic location that associate with an IP address, our software embed public and opensource IPs database such as Maxmind IP Database. The information from IP databases that we utilized is not always correct. Thus, sometimes we may serve you the wrong ads from a different country.
--- SECTION 16 - NOTIFICATION OF CHANGES ---
--- SECTION 17 - SEVERABILITY ---