0.1.2 - All RAMShard customer data is stored on servers hosted in the United States. Server data is stored on servers hosted in Canada, France, Singapore, and Australia. Servers are hosted by OVH and RamNode. We use a Content Delivery Network (CDN) to reduce latency, which does not store any data except connection logs. These CDN servers are hosted in the United States, Brazil, United Kingdom, Germany, Japan, Singapore, and Australia.
0.1.3 - Certain parts of RAMShard's GDPR compliance are subject to the laws of the United States of America, where RAMShard is incorporated. Therefore, we must comply with United States data protection laws as well as the GDPR.
0.1.4 - All employees responsible for development and infrastructure maintenance of RAMShard LLC, a United States Limited Liability Company, are fully aware of the GDPR requirements. In addition, all code is reviewed by the Data Protection Officer (DPO) before it is deployed to the platform. This ensures security breaches and bad practices do not take place (this provides a double safety check before any changes are pushed lived).
1.1.1 - We collect the following types of information from you to provide you with the Services and for the other purposes described below. We may collect such information via automated means such as cookies.
1.1.2 - Personal: The personal information we collect may include your name, address, telephone number, email address, IP address, dates of service provided, types of service provided, payment history, manner of payment, amount of payments, date of payments, and other payment information. The financial information we receive will only be used to bill you for the Services.
1.1.4 - RAMShard stores data on two kinds of parties:
1.1.5 - RAMShard collects the following account information for each user (referred to as customers):
1.1.6 - The following information is held on our users' end-users:
1.1.7 - We don't log any user activity, except for system logs which include IP address, user agent, and time of connection. These logs are used for informing the customer about the security of their account, debugging, and lawful purposes and are retained for a maximum of 6 months. This log retention policy is subject to the laws of the United States of America (if we are sent a search warrant, we must comply and provide logs with the requested information).
1.1.8 - The information held on our users' end-users in the responsibility of our users (the individuals who've purchased a service with RAMShard). It is the responsibility of our users to manage the data they hold on their server (e.g. removing sensitive data such as credit card or social security numbers if someone happens to share it with them). It is our responsibility to secure access to this data so only server owners can access it and have the right to rectification and deletion.
1.1.9 - Communicating privacy information: RAMShard users' end-user privacy terms are the responsibility of RAMShard customers. They should be available on the RAMShard customer's server or server website.
2.1.1 - Personal: The information we collect is used for billing and to provide service and support to our customers. We may study this information to determine our customers needs and to promote certain products and services or additional support. We may also generate non-identifying and aggregate profiles from information that our customers provide during registration (such as the total number of customers in a given category). We take reasonable precautions to prevent unauthorised access to your information.
2.1.2 - Log Files: We use IP addresses to analyze trends, administer our site and servers, track access, and gather broad demographic information for aggregate use. It is possible that personal information about a customer may be included in the log files due to the normal functions of IP addresses and Web browsing.
2.1.3 - RAMShard does not share or sell any customer or server data. The data is not used for advertising or analytics. Our business model is solely based on paid subscriptions (the user is not the product).
3.1.1 - Service Providers: We may share your personal information with third parties that help us provide the Services. For example, we may use service providers to authorize and process payments, administer surveys or run promotions. Your personal information may be maintained and processed by our third party service providers in the United States or in other jurisdictions. Our service providers are given the information they need to perform their designated functions.
3.1.2 - Law Enforcement: We cooperate with government and law enforcement officials to enforce and comply with the law. We will disclose any information about users upon a valid request by government or law officials as we believe necessary or appropriate to respond to claims and legal process.
4.1.1 - RAMShard customers' rights in regards to GDPR are enforced in the following ways:
5.1.1 - If a customer's information changes, or if a customer no longer desires the Services, we will endeavor to provide a way to correct, update or remove that customer's personal data from our records. In most cases, this can be achieved via our billing system at https://ramshard.com/client/.
6.1.1 - RAMShard replies to all access requests within 1 month. We offer this free of charge to our customers.
7.1.1 - Lawful basis for processing personal data: RAMShard stores user data involving giving consent (e.g. opting into marketing emails or a conversation both parties entered by will).
7.1.2 - Consent is explicitly provided by our users when they proceed to complete an action or task (e.g. providing user data).
8.1.1 - This website is not directed towards children and we do not seek to collect any personal information from children. If we become aware that personal information from a child under the age of thirteen has been collected, we will use all reasonable efforts to delete such information from our systems.
8.1.2 - RAMShard does not offer online services to children under the age of 13 in the United States or under the age of 16 in Europe.
8.1.3 - Children may still be able to use RAMShard services from another RAMShard customer's account. The RAMShard customer is responsible for their own users and activities in regards to children regulations and laws.
9.1.1 - Our team closely monitors any unauthorized system access and has put multiple measures in place to minimize the attack surface on our systems and services. In over a year, RAMShard has had zero security issues. Users and security researchers can report security flaws to an encrypted email address (firstname.lastname@example.org). We process all reports in the same day. In addition, we pay for valid security flaws that are reported to us.
9.1.2 - Here are the measures we have taken to reduce the attack surface on our systems and services:
9.1.3 - RAMShard will notify its users of any data breach within twenty-four hours after knowing about it and patching the security flaw. It is then the responsibility of our users to report this data breach to their end-users in due time.
10.1.1 - Security comes first for any new system RAMShard develops. Our goal is to protect the integrity of the new system while at the same time protecting any user data that's going to be stored by that system.
12.1.1 - RAMShard may, via its users, process data from individuals located in EU member states.
12.1.2 - RAMShard's main establishment is in the United States, therefore its supervisory authority is based in the United States of America.
12.1.3 - RAMShard is owned and operated by RAMShard LLC, a United States Limited Liability Company, identified as: