ABOUT

Getting Started Guide
Get Help

POLICIES AND SECURITY

Terms of Service
Privacy Policy
Other Policies

PRODUCT

What's New ⭐
Features
Roadmap

BOUNTY PROGRAMS

Bug Bounty Program
Code Bounty Program

GUIDELINES

Brand Guidelines
Code Guidelines
Community Guidelines
Contact Support

© MACHI-SYSTEMS 2022– V2.0

Data Handling Policy

At Machi-Systems, we ask for and store the minimum amount of your information necessary to maintain our records and provide our services. The Machi-Systems team is well-trained to handle data with the utmost privacy and security in mind. Strict rules such as using strong credentials and multi-factor authentication are required by all Machi team members. All payment processing is entirely handled by third-party payment processors, and no financial information is stored in Machi-Systems aside from the user’s payment and respective transaction IDs.

Email

  • Uses
    • To serve as login for the myMachi-Systems Client Area and Machi-Systems Hub
    • Point of contact for Machi-Systems service announcements
    • Point of contact for Machi-Systems Ticket System inquiries
  • Collection
    • Provided by the user during signup
  • Storage
    • WP = Cleartext
    • WHMCS = Cleartext
    • Django Suit = Cleartext
  • Access and Reasons for Access
    • User
    • Machi-Systems team
      • Means of contacting the user for support or any service announcements
  • Retention
    • Indefinite
  • More information

Username

  • Uses
    • To identify the user on the Machi-Systems Ticket System
    • Used for the name of the user’s Machi-Systems slot
    • Registered as a local user on the server and show any running processes that the user has, upon request.
    • Serve as the user’s username for installed applications, like WordPress.
  • Collection
    • Provided by the user during signup
  • Storage
    • WP = Cleartext
    • WHMCS = Cleartext
    • Django Suit = Cleartext
    • Installed Applications = Depends on the Application
  • Access and Reasons for Access
    • User
    • Machi-Systems team
      • Needed for any support inquiries
      • Required to investigate any server issues by searching for applications that have high-resource consumption, server instability source, or any illegitimate applications that the user runs
  • Retention
    • Indefinite
  • More Information

Country

  • Uses
    • To compute taxes that apply to the user’s country of their choosing
  • Collection
    • Provided by the user during signup
  • Storage
    • WP = Cleartext
    • WHMCS = Cleartext
  • Access and Reasons for Access
    • User
    • Machi-Systems team
  • Retention
    • Indefinite
  • More Information

Password

myMachi-Systems Client Area Password

  • Uses
    • Serve as the user’s password on the myMachi-Systems Client Area
  • Collection
    • Provided during signup on the myMachi-Systems Client Area
  • Storage
    • WP = Encrypted*
    • WHMCS = Encrypted
  • Access and Reasons for Access
  • User
  • Limited access by the Machi-Systems team
    • The Machi-Systems team has no means of seeing the user’s password as it is hashed, but they can reset a password upon identity verification
  • Retention
    • Indefinite
  • More Information

Machi-Systems Hub Password

  • Uses
    • Serve as the user’s password on the Machi-Systems Hub to gain access to their slot
  • Collection
    • Provided after the purchase of the user’s slot
  • Storage
    • WPMUDEV Hub = Encrypted
    • WP = Encrypted
    • Django Suit = Encrypted
  • Access and Reasons for Access
  • User
  • Limited access by the Machi-Systems team
    • The Machi-Systems team has no means of seeing the user’s password as it is hashed, but they can reset a password upon identity verification
  • Retention
    • Indefinite
  • More Information

Application Passwords

  • Uses
    • Serve as the password for the user’s installed applications, like WordPress.
  • Collection
    • Provided after user slot purchase
  • Storage
    • WP = Depends on the Application
    • Django Suit = Cleartext
    • Installed Applications = Depends on the Application
  • Access and Reasons for Access
  • User
  • Machi-Systems team
    • Needed to provide application-specific support inquiries, with the user’s permission
  • Retention
    • Until the user uninstalls the application
  • More Information

Payment Processing

PayPal

  • Uses
    • Serves as one of Machi-Systems’s payment gateways
  • Collection
    • Payment processing is done entirely by PayPal. The only data that is saved in WHMCS/WPMUDEV, and WP under the user’s account, is the PayPal Transaction ID.
  • Storage
    • WP = Cleartext (PayPal Transaction ID)
    • WHMCS = Cleartext (PayPal Transaction ID)
    • WPMUDEV = Cleartext (PayPal Transaction ID)
  • Access and Reasons for Access
  • Machi-Systems Sales Team
    • The Machi-Systems Sales Team may verify user information with PayPal as part of the sales process
  • Retention
    • Indefinite

Coinbase

  • Uses
    • Serves as one of Machi-Systems’s payment gateways
  • Collection
    • Payment processing is done entirely by PayPal. The only data that is saved in WHMCS/WPMUDEV, and WP under the user’s account, is the Coinbase Payment ID and Hash.
  • Storage
    • WP = Cleartext (Coinbase Payment ID and Hash)
    • WHMCS = Cleartext (Coinbase Payment ID and Hash)
    • WPMUDEV = Cleartext (PayPal Transaction ID)
  • Access and Reasons for Access
  • Machi-Systems Sales Team
    • The Machi-Systems Sales Team may verify user information with Coinbase as part of our sales process.
  • Retention
    • Indefinite

Logs and Analytics

Server Metrics

  • Uses
    • To view the health and resource usage of the servers
  • Collection
    • Provided after the deployment of the user’s slot
  • Storage
    • WPMUDEV = Cleartext
    • Machi-Systems Servers = Cleartext
    • Django Suit = Cleartext
    • Sentry.io = Cleartext
  • Access and Reasons for Access
  • User
    • Server metrics can be viewed using various Hub utilities installed on the user slot. The following are the main visible metrics:
      • CPU Usage
      • Swap Usage
      • RAM Usage
      • 1/5/15 Load Average
      • Your running processes
      • Input/Output metrics
      • Disk space
      • Quota disk space (your allocated disk space)
      • Physical disk space
      • Processes run by other users on the same server are not accessible to the user
  • Machi-Systems Team
    • In addition to the metrics above, the Machi-Systems team uses Sentry.io and WPMUDEV Hub to quickly aggregate all metrics from all of the servers and warn the team of errors in any servers.
    • Server metrics can be used for support inquiries and to investigate resource abuse in any server.
  • Retention
    • Indefinite

Authentication Logs

Machi-Systems Control Panel Login Attempts

  • Uses
    • Any invalid access attempts are logged into the Machi-Systems Infosphere, which bars the user from logging into the myMachi-Systems.com Platform after a certain number of attempts for a certain period of time. This includes the following:
      • Username, as inputted by the user
      • IP address
      • Number of attempts
      • Last date of attempt
  • Collection
    • Information is collected when incorrect user credentials are entered
  • Storage
    • WP = Cleartext
    • Django Suit = Cleartext
  • Access and Reasons for Access
  • Machi-Systems Team
    • Used to identify any brute-force attempts
    • Users can also request to lift the timeout and/or remove the access attempt upon request and identity verification via the Ticket system
  • Retention
    • 24 hours, or if the user requests it

SSHD Logs

  • Uses
    • Standard logs created by the SSH Daemon. Logs are located at ‘/var/log/auth.log’
  • Collection
    • Collected when the SSH Daemon is operational
  • Storage
    • Machi-Systems Servers = Cleartext
  • Access and Reasons for Access
  • Limited Access to Machi-Systems the team
    • Checked for possible network intrusions. Checking certificates for expiry and SSH daemon troubleshooting are accessible by the Machi-Systems Technical Support Team only when necessary.
  • Retention
    • Indefinite

System Generated Logs

  • Uses
    • Server-wide generated logsused in identifying any issues on the servers
  • Collection
    • Logs that are generated by the operating system of the servers
  • Storage
    • WPMUDEV Hub = Cleartext
    • Machi-Systems Servers = Cleartext
    • Sentry.io = Cleartext
  • Access and Reasons for Access
  • Limited Access Machi-Systems team
    • Used to identify any issues in a specific server
    • Aggregated by Sentry.io and WPMUDEV Hub, warning the team of errors in any servers
  • Retention
    • Indefinite

Logs Generated by Installed Applications

  • Uses
    • Logs generated by installed applicationsused in identifying issues within a user’s slot
  • Collection
    • Installed applications generate these logs
  • Storage
    • WPMUDEV Hub = Cleartext
    • Django Suit = Cleartext
    • Installed Applications = Cleartext
  • Access and Reasons for Access
  • User
  • Machi-Systems team
    • Provide application-specific support inquiries, upon user permission
  • Retention
    • Until the user uninstalls or removes the application

User’s bash History

  • Uses
    • A record of all the commands entered by the user on the Machi-Systems slot shell. It’s located in $HOME/.bash_history
  • Collection
    • Each command entered on the shell is recorded
  • Storage
    • Machi-Systems Servers = Cleartext
  • Access and Reasons for Access
  • User
  • Machi-Systems team
    • Used for general or application-specific inquiries, such as checking if the entered commands by the user are correct
    • Checking for possible intrusions or server abuse
  • Retention
    • Indefinite until removed by the user

Hosted Data

Installed Applications

  • Uses
    • Essential files for installed applications to run properly
  • Collection
    • The user installs this on your slot
  • Storage
    • Machi-Systems Servers = Depends on the Application
  • Access and Reasons for Access
  • User
  • Machi-Systems team
    • For application-centric support inquiries, with user permission
  • Retention
    • Indefinite until removed by the user

User Data

  • Uses
    • Data that is created by the user and/or the user’s applications and stored on the user’s slot
  • Collection
    • Upon creation by the user and/or user applications
  • Storage
    • Machi-Systems Servers = Cleartext
  • Access and Reasons for Access
  • User
    • User files are stored in one of the home folders on the Machi-Systems’ servers and are isolated from other users. Only the user has access.
  • Mavchi-Systems team
    • Can be accessed for any support inquiries, with the user’s permission.
  • Retention
    • Indefinite until the user removes it.
      • For any legitimate DMCA takedown notices, the user will be informed and asked to delete said content within 24 hours.
  • More Information

We hope you’ve found this doc useful. Is anything missing? If so, email us at contact@machi-systems.com and we’ll get it sorted for you.

 

Creating for good cause? ✨If you are building or creating something that works towards solving mental health, wellbeing or environmental issues, then you can get access to Machi-Systems services at a reduced rate. Please get in touch for more information.

 

Questions? Send us a note and we’ll get right back to you.

Was this article helpful?
YesNo

ABOUT

Getting Started Guide

Get Help

POLICIES AND SECURITY

Terms of Service

Privacy Policy

Other Policies

PRODUCT

What's New ⭐

Features

Roadmap

BOUNTY PROGRAMS

Bug Bounty Program

Code Bounty Program

GUIDELINES

Brand Guidelines

Code Guidelines

Community Guidelines

Contact Support

© MACHI-SYSTEMS 2022– V2.0