The latest update to this document was done on 17th of May 2018
Below is the 3DPrinterOS Data Handling Policy, which summarizes as to how your Data is being handled and the measures taken as to secure it.
3DPrinterOS servers are hosted by data centers in USA, California.
3DPrinterOS uses firewalls and logical access control to protect our servers from unauthorized system access, allowing only trusted operations personnel to manage our systems. We also make sure to use strong configuration standards to harden our servers, and we keep them up-to-date with the latest security patches. As such data access is limited to explicitly authorized personnel only.
We support strong cryptography (SHA-256 with RSA encryption) for communication over public networks, so that your 3DPrinterOS password and contents of your activity may be protected in transit as set forth below.
3DPrinterOS also has rate limiting in place on UI and API calls to prevent brute force attacks. Password complexity requirements are enforced on 3DPrinterOS password. We strive to only work with partners that are GDPR compliant and do our best to ensure that they adhere to the set regulations for data protection.
3DPrinterOS passwords are cryptographically hashed before storing in our database. 3DPrinterOS supports 2-factor authentication (2FA using Google Authenticator) when elected for customers who want to add an additional access control. In this case 3DPrinterOS logins require an additional verification code, which is generated by Google Authenticator.
Use and Storage of Customer Data
In our system customer data is collected with 3 purposes:
1. To guarantee execution of all system services and keep security of users : email, IP-address. This data is obligatory, so user can’t revoke his consent to process it.
2. To provide social services and users interaction. All the data from public pages, IP address used in order to determine user’s location in our map of users and email, name, lastname, organization, specialization, avatar, wallpaper, mobile phone, address(country, city, address, some info about yourself, as data needed to cover users interactions). User can revoke his consent on its processing.
3. To expand our services and customers base - data we collect from pre-registration form : country, institution name, type of institution, role, company, industry, department, organization, main 3D Printer. User can revoke his consent on its processing.
We share your personal data only in order to provide you the best experience and only in next cases:
We will not share your personal data for marketing purposes with companies outside.
All customer data is handled as confidential and sensitive information and is only accessed by limited number of people from 3DPrinterOS team.
The data is accessed and used only in cases of: