Below is the 3DPrinterOS Data Handling Policy, which summarizes how your Data is handled and the measures taken to secure it.
3DPrinterOS servers are hosted by data centers in the USA and California.
System Security
3DPrinterOS uses firewalls and logical access control to protect our servers from unauthorized system access, allowing only trusted operations personnel to manage our systems. We also make sure to use strong configuration standards to harden our servers and keep them up-to-date with the latest security patches. As such, data access is limited to explicitly authorized personnel only.
Application security
We support strong cryptography (SHA-256 with RSA encryption) for communication over public networks, so your 3DPrinterOS password and the contents of your activity may be protected in transit, as set forth below.
3DPrinterOS also limits the rate of UI and API calls to prevent brute-force attacks. Password complexity requirements are enforced on the 3DPrinterOS password. We strive to work only with GDPR-compliant partners and do our best to ensure that they adhere to data protection regulations.
3DPrinterOS passwords are cryptographically hashed before being stored in our database. When elected for customers who want to add access control, 3DPrinterOS supports 2-factor authentication (2FA using Google Authenticator). In this case, 3DPrinterOS logins require an additional verification code, which Google Authenticator generates.
Use and Storage of Customer Data
In our system, customer data is collected for three purposes:
1. To guarantee the execution of all system services and maintain the security of users: email and IP address. This data is obligatory, so the user can’t revoke his consent to process it.
2. To provide social services and user interaction. All the data from public pages, the IP address used to determine the user’s location in our map of users and email, name, last name, organization, specialization, avatar, wallpaper, mobile phone, address(country, city, address, some info about yourself, as data needed to cover users interactions). The user can revoke his consent to process it.
3. To expand our services and customer base, we collect the following data from the pre-registration form: country, institution name, type of institution, role, company, industry, department, organization, and main 3D Printer. The user can revoke his consent to its processing.
We share your data only to provide you with the best experience and only in the following cases:
Your email and first name make talking with our support easier with Intercom.
Your email, first name, and last name will be used throughout the system to notify you about your activities with Mandrill Mailer.
Your email to notify you about our news with Mailchimp.
Your IP address with Google Analytics to analyze your activities and provide the best services in the world.
We will not share your data for marketing purposes with companies outside.
All customer data is handled as confidential and sensitive information and is only accessed by a limited number of people from the 3DPrinterOS team.
The data is accessed and used only in cases of:
3DPrinterOS software that aggregates data to calculate statistics and analytics
Customer support to the extent required to solve the case
To ensure compliance with applicable laws and regulations, including data storage demands set forth by US and EU regulations.
Accessed by third parties only as far as is needed to sustain service functionality and stored by third parties as demanded by law