DSGVO / GDPR / RGPD Update – We have Policies and Stuff!
In information security policies are like opinions – everyone has one or more. So this is why we did some updating. You can now find our privacy policy on the main DeepSec web site and on our blog. We use few third party services, because most of our infrastructure is hosted on our own systems. When it comes to (tele)communication, payment services, and (sadly) email we have to rely on operators doing this for us. Our email infrastructure will move in the near future (i.e. in 2018). We will announce the change via your local DNS resolver when the time comes. 😊
Bear in mind that we take the agile approach when it comes to developing policies. Publish often, do rolling releases. At least that is how we understand the process. A policy is not written in stone. We may have missed something, because a lot of data is being processed and logged these days. Furthermore a lot of data protection and privacy controls are moot when people keep using devices and software which uses „telemetry“ features. We try to keep the IT ecosystem as Free (as in Free Software) as possible. This also means that we do not create profiles of attendees or speakers, keep data tied to persons only as long as we need it, and that we do not share data with third parties except for the mentioned entities described in our privacy policy.
Let us know in case we missed something. 🖋