Data Protection

AnubisNetworks’ Data Policies

Definitions of Service Data

Service (and Product) data refers to the use of Personal and other types of data across AnubisNetworks

According to EU GDPR Article 4, personal data is “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”

AnubisNetworks handles all types of data (Service data), including Personal data related to its only product, an Email Security/Filtering gateway.

Our understanding of the legislation is that email messages content is personal data. As well as email addresses and IPs, as seen here.

AnubisNetworks as a Processor of Data

According to EU GDPR Article 4, a processor is “a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.” Any organization dealing with personal data is considered a processor. EU GDPR Article 4 defines processing as “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.” In short, anything that is done to, or with, personal data (including simply collection, storage and transmitting) is considered processing.

Our understanding is that AnubisNetworks and its product act as a processor, and allows the controllers (the customers) to configure the system and ensure how own data is processed.

Protection of Personal Data from Data Breaches

According to EU GDPR Article 4, a personal data breach is “any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Our understanding is that AnubisNetworks is within Industry's best practices in the way it works to protect its data from Data Breaches.

AnubisNetworks Service

Notes on the Service:

The service that AnubisNetworks provides to its customers consists of the delivery and maintenance of the Mail Protection Service (MPS) product (see below), as well as requested support and service desk operations by its customers in relation to that same product.

AnubisNetworks also performs other regular activities related to service data, namely processing contracts and agreements communicating with customers, and other Legal/Fiscal/Banking activities related to the Business.

All of AnubisNetworks’ staff that may access any of the contracts, agreements, and customer information have been authorized to do so, under their contractual obligations of AnubisNetworks and/or parent company.

Other controls and data security processes are in place to ensure the correct handling of such information.

All the third party software used to manage and store that information have been required to be compliant with the latest legislation on Data Privacy and Security. The software/platform providers AnubisNetworks use are well established, compliant, companies such as Amazon AWS, Google, Salesforce, and Zendesk, Feel free to reach us for further details

 

AnubisNetworks Email Security Products

Notes on the Product:

  • MPS product is an Email Security Gateway, whose sole purpose is to filter all email messages deliberately and accidentally sent to and from customer organizations.
  • MPS is delivered as a physical/virtual platform based product (“On-premises”) and as a Cloud Online Service (“Software-as-a-Service”).
  • MPS is a processor of Email Messages. The company is the controller of the email messages incoming and outgoing from their organization.
  • The technology behind Email (SMTP) is, by definition, insecure. Email messages belong to the sender of the email message, which by sending it to a certain destination email address consents the visualization of that message’s content and details.
  • All email filtering is automatic. Access to logs and messages are only performed by AnubisNetworks Service Desk team, under explicit request by the customer.
  • All options toward filtering bad email (i.e. unsolicited, infected) are managed by Customer administrator users. Any user data, namely User AAA is controlled by the user.
  • The service data processed by our system is email Addresses, email Content, user authentication and activity auditing; all Clean, Bad, doubtful (quarantined) email is processed and delivered according to company own configurations (via the administrators in the portal). The MPS product only stores email header logs and the complete email message for quarantined messages, for a configured period (default: 7 days). All quarantined messages stored can be released (for delivery), downloaded, and deleted by customer administrator users.

MPS Product and Service provides the following service acceptance functionalities:

  • A Platform license, which can be accepted and rejected at any moment.
  • A Terms and Conditions clause, on the product, and on company’s official website.
  • A Service Level Agreement.
  • All available options are user managed, via tick boxes.