Data Handling Policy


At Machi-Systems, we ask for and store the minimum amount of your information necessary to maintain our records and provide our services. The Machi-Systems team is well-trained to handle data with the utmost privacy and security in mind. Strict rules such as using strong credentials and multi-factor authentication are required by all Machi team members. All payment processing is entirely handled by third-party payment processors, and no financial information is stored in Machi-Systems aside from the user’s payment and respective transaction IDs.

Email

  • Uses
    • To serve as login for the myMachi-Systems Client Area and Machi-Systems Hub
    • Point of contact for Machi-Systems service announcements
    • Point of contact for Machi-Systems Ticket System inquiries
  • Collection
    • Provided by the user during signup
  • Storage
    • WP = Cleartext
    • WHMCS = Cleartext
    • Django Suit = Cleartext
  • Access and Reasons for Access
    • User
    • Machi-Systems team
      • Means of contacting the user for support or any service announcements
  • Retention
    • Indefinite
  • More information

Username

  • Uses
    • To identify the user on the Machi-Systems Ticket System
    • Used for the name of the user’s Machi-Systems slot
    • Registered as a local user on the server and show any running processes that the user has, upon request.
    • Serve as the user’s username for installed applications, like WordPress.
  • Collection
    • Provided by the user during signup
  • Storage
    • WP = Cleartext
    • WHMCS = Cleartext
    • Django Suit = Cleartext
    • Installed Applications = Depends on the Application
  • Access and Reasons for Access
    • User
    • Machi-Systems team
      • Needed for any support inquiries
      • Required to investigate any server issues by searching for applications that have high-resource consumption, server instability source, or any illegitimate applications that the user runs
  • Retention
    • Indefinite
  • More Information

Country

  • Uses
    • To compute taxes that apply to the user’s country of their choosing
  • Collection
    • Provided by the user during signup
  • Storage
    • WP = Cleartext
    • WHMCS = Cleartext
  • Access and Reasons for Access
    • User
    • Machi-Systems team
  • Retention
    • Indefinite
  • More Information

Password

myMachi-Systems Client Area Password

  • Uses
    • Serve as the user’s password on the myMachi-Systems Client Area
  • Collection
    • Provided during signup on the myMachi-Systems Client Area
  • Storage
    • WP = Encrypted*
    • WHMCS = Encrypted
  • Access and Reasons for Access
  • User
  • Limited access by the Machi-Systems team
    • The Machi-Systems team has no means of seeing the user’s password as it is hashed, but they can reset a password upon identity verification
  • Retention
    • Indefinite
  • More Information

Machi-Systems Hub Password

  • Uses
    • Serve as the user’s password on the Machi-Systems Hub to gain access to their slot
  • Collection
    • Provided after the purchase of the user’s slot
  • Storage
    • WPMUDEV Hub = Encrypted
    • WP = Encrypted
    • Django Suit = Encrypted
  • Access and Reasons for Access
  • User
  • Limited access by the Machi-Systems team
    • The Machi-Systems team has no means of seeing the user’s password as it is hashed, but they can reset a password upon identity verification
  • Retention
    • Indefinite
  • More Information

Application Passwords

  • Uses
    • Serve as the password for the user’s installed applications, like WordPress.
  • Collection
    • Provided after user slot purchase
  • Storage
    • WP = Depends on the Application
    • Django Suit = Cleartext
    • Installed Applications = Depends on the Application
  • Access and Reasons for Access
  • User
  • Machi-Systems team
    • Needed to provide application-specific support inquiries, with the user’s permission
  • Retention
    • Until the user uninstalls the application
  • More Information

Payment Processing

PayPal

  • Uses
    • Serves as one of Machi-Systems’s payment gateways
  • Collection
    • Payment processing is done entirely by PayPal. The only data that is saved in WHMCS/WPMUDEV, and WP under the user’s account, is the PayPal Transaction ID.
  • Storage
    • WP = Cleartext (PayPal Transaction ID)
    • WHMCS = Cleartext (PayPal Transaction ID)
    • WPMUDEV = Cleartext (PayPal Transaction ID)
  • Access and Reasons for Access
  • Machi-Systems Sales Team
    • The Machi-Systems Sales Team may verify user information with PayPal as part of the sales process
  • Retention
    • Indefinite

Coinbase

  • Uses
    • Serves as one of Machi-Systems’s payment gateways
  • Collection
    • Payment processing is done entirely by PayPal. The only data that is saved in WHMCS/WPMUDEV, and WP under the user’s account, is the Coinbase Payment ID and Hash.
  • Storage
    • WP = Cleartext (Coinbase Payment ID and Hash)
    • WHMCS = Cleartext (Coinbase Payment ID and Hash)
    • WPMUDEV = Cleartext (PayPal Transaction ID)
  • Access and Reasons for Access
  • Machi-Systems Sales Team
    • The Machi-Systems Sales Team may verify user information with Coinbase as part of our sales process.
  • Retention
    • Indefinite

Logs and Analytics

Server Metrics

  • Uses
    • To view the health and resource usage of the servers
  • Collection
    • Provided after the deployment of the user’s slot
  • Storage
    • WPMUDEV = Cleartext
    • Machi-Systems Servers = Cleartext
    • Django Suit = Cleartext
    • Sentry.io = Cleartext
  • Access and Reasons for Access
  • User
    • Server metrics can be viewed using various Hub utilities installed on the user slot. The following are the main visible metrics:
      • CPU Usage
      • Swap Usage
      • RAM Usage
      • 1/5/15 Load Average
      • Your running processes
      • Input/Output metrics
      • Disk space
      • Quota disk space (your allocated disk space)
      • Physical disk space
      • Processes run by other users on the same server are not accessible to the user
  • Machi-Systems Team
    • In addition to the metrics above, the Machi-Systems team uses Sentry.io and WPMUDEV Hub to quickly aggregate all metrics from all of the servers and warn the team of errors in any servers.
    • Server metrics can be used for support inquiries and to investigate resource abuse in any server.
  • Retention
    • Indefinite

Authentication Logs

Machi-Systems Control Panel Login Attempts

  • Uses
    • Any invalid access attempts are logged into the Machi-Systems Infosphere, which bars the user from logging into the myMachi-Systems.com Platform after a certain number of attempts for a certain period of time. This includes the following:
      • Username, as inputted by the user
      • IP address
      • Number of attempts
      • Last date of attempt
  • Collection
    • Information is collected when incorrect user credentials are entered
  • Storage
    • WP = Cleartext
    • Django Suit = Cleartext
  • Access and Reasons for Access
  • Machi-Systems Team
    • Used to identify any brute-force attempts
    • Users can also request to lift the timeout and/or remove the access attempt upon request and identity verification via the Ticket system
  • Retention
    • 24 hours, or if the user requests it

SSHD Logs

  • Uses
    • Standard logs created by the SSH Daemon. Logs are located at ‘/var/log/auth.log’
  • Collection
    • Collected when the SSH Daemon is operational
  • Storage
    • Machi-Systems Servers = Cleartext
  • Access and Reasons for Access
  • Limited Access to Machi-Systems the team
    • Checked for possible network intrusions. Checking certificates for expiry and SSH daemon troubleshooting are accessible by the Machi-Systems Technical Support Team only when necessary.
  • Retention
    • Indefinite

System Generated Logs

  • Uses
    • Server-wide generated logsused in identifying any issues on the servers
  • Collection
    • Logs that are generated by the operating system of the servers
  • Storage
    • WPMUDEV Hub = Cleartext
    • Machi-Systems Servers = Cleartext
    • Sentry.io = Cleartext
  • Access and Reasons for Access
  • Limited Access Machi-Systems team
    • Used to identify any issues in a specific server
    • Aggregated by Sentry.io and WPMUDEV Hub, warning the team of errors in any servers
  • Retention
    • Indefinite

Logs Generated by Installed Applications

  • Uses
    • Logs generated by installed applicationsused in identifying issues within a user’s slot
  • Collection
    • Installed applications generate these logs
  • Storage
    • WPMUDEV Hub = Cleartext
    • Django Suit = Cleartext
    • Installed Applications = Cleartext
  • Access and Reasons for Access
  • User
  • Machi-Systems team
    • Provide application-specific support inquiries, upon user permission
  • Retention
    • Until the user uninstalls or removes the application

User’s bash History

  • Uses
    • A record of all the commands entered by the user on the Machi-Systems slot shell. It’s located in $HOME/.bash_history
  • Collection
    • Each command entered on the shell is recorded
  • Storage
    • Machi-Systems Servers = Cleartext
  • Access and Reasons for Access
  • User
  • Machi-Systems team
    • Used for general or application-specific inquiries, such as checking if the entered commands by the user are correct
    • Checking for possible intrusions or server abuse
  • Retention
    • Indefinite until removed by the user

Hosted Data

Installed Applications

  • Uses
    • Essential files for installed applications to run properly
  • Collection
    • The user installs this on your slot
  • Storage
    • Machi-Systems Servers = Depends on the Application
  • Access and Reasons for Access
  • User
  • Machi-Systems team
    • For application-centric support inquiries, with user permission
  • Retention
    • Indefinite until removed by the user

User Data

  • Uses
    • Data that is created by the user and/or the user’s applications and stored on the user’s slot
  • Collection
    • Upon creation by the user and/or user applications
  • Storage
    • Machi-Systems Servers = Cleartext
  • Access and Reasons for Access
  • User
    • User files are stored in one of the home folders on the Machi-Systems’ servers and are isolated from other users. Only the user has access.
  • Mavchi-Systems team
    • Can be accessed for any support inquiries, with the user’s permission.
  • Retention
    • Indefinite until the user removes it.
      • For any legitimate DMCA takedown notices, the user will be informed and asked to delete said content within 24 hours.
  • More Information

We hope you’ve found this doc useful. Is anything missing? If so, email us at contact@machi-systems.com and we’ll get it sorted for you.

 


Creating for good cause? ✨If you are building or creating something that works towards solving mental health, wellbeing or environmental issues, then you can get access to Machi-Systems services at a reduced rate. Please get in touch for more information.

 


Questions? Send us a note and we’ll get right back to you.

Was this article helpful?
YesNo