|
|
 |
| (c) March 2001 Global Enterprise Network | |
|
|
|
|
|
|
| (c) March 2001 Global Enterprise Network | |
|
|
|
This Privacy Policy specifies the actions taken by Global Enterprise Networks (GEN), with regard to monitoring and protection of our networks, systems, servers, and applications, to users of the GEN Network. GEN reserves the right to modify the Policy at any time.
ILLEGAL USE:
The GEN Network, Systems, Servers and applications may be used only for lawful purposes.
Transmission, distribution or storage of any material in violation of any applicable law or regulation is prohibited. This includes, without limitation, material protected by copyright, trademark, trade secret or other intellectual property right used without proper authorisation, and material that is obscene, defamatory, constitutes an illegal threat, or violates export control laws. For further information please refer to our policy statements.
Applications, Systems, Platforms, Services and Networking Equipment may only be used for lawful purposes and in strict accordance with our Terms of Service and Acceptable Use Policy.
STATEMENT:
GEN, and its associated divisional companies actively supports an organisations right to privacy, and operates a strict policy of privacy protection. GEN Staff are thoroughly investigated prior to employment, and their actions are carefully monitored to comply with our internal security procedures. All traffic in transit across our networks is heavily encrypted point-to-point to ensure it is safe from interception by third party telecommunications companies and others. Location of network transit switching nodes, the only points on the network where traffic travels unencrypted is known to only those employees who's job depends on it. The location of all transit points is known only to 3 senior members of staff within GEN.
Breaches of internal security at GEN are taken extremely seriously and acted upon with extreme prejudice. ALL GEN employees are contractually obligated to maintain the internal security of GEN indefinitely and completely withstanding of any contract of employment in force. The penalties for breach of that agreement are swift and severe, and GEN will not hesitate to impose such penalties should cause arise.
GEN makes every reasonable effort to prevent monitoring of a user's activities by a third party remotely, and certain procedures and limitations are in place to actively prevent this, however, we cannot completely guarantee this. GEN will investigate any reports of external monitoring by its users, and report its findings. Furthermore, should GEN discover that such monitoring is being or has been performed by a third party, GEN will disclose this to any users that can be shown to have been the subject of said monitoring.
Denial of Service & Security attacks; GEN will take whatever action is required to prevent any external party from penetrating network security or performing any form of service attack. GEN employs automated protection systems to procure packet traces from hosts engaged in such an activity, and GEN network monitoring staff may initiate separate packet logging should they feel it appropriate. The GEN organisation has a fully staffed legal department with strategic associations in 14 countries, and GEN will investigate, procure evidence, and prosecute to the full extent of the law any individual or corporate body found to be engaged in any activity which promotes a security or liability threat to GEN or its customers.
In the event that a GEN customer has been the victim of a security breach, GEN will, upon formal request provide that customer with all available evidence relating to that specific violation only, coincidental evidence gathered will not be disclosed.
GEN will not disclose any information to a third party relating to the actions of any of our users unless so ordered to do so by a court of law in the United Kingdom or as set forth in exclusions below.
USER PRIVACY:
GEN Users should feel confident to perform actions via the GEN network without fear of interception, monitoring, or logging. Any GEN User can send emails to & from the GEN network in the knowledge that the information contained in that email will not be recorded, stored, or in any other way procured except in the case that it is infected with a virus (see below). Usage of the GEN Network for legal purposes will exemplify the user of any kind of information disclosure by GEN or its divisional companies. GEN System monitoring described in detail below is the only monitoring performed during normal operations (exception above, Denial of Service & Security Attacks).
It is recommended that all GEN customers use their assigned proxy server for browsing & ftp to prevent malicious sites/servers from tracing the origin of the request for tracking, identification, or subsequent attack. It is also recommended that corporate customers take advantage of GEN firewall products and services to protect their organisations from possible intrusions.
Should you have any questions relating to your privacy, or would like some advice on maintaining your online privacy, please feel free to contact a member of the support team on support@gen.net.uk.
EXCLUSIONS
Should any recognised organisation or individual provide clear and indisputable evidence that a GEN Customer has operated in breach of our terms of service, acceptable use policy or any other contract in force between the customer and GEN, then that customer will no longer be protected by this privacy policy and GEN may, solely at their discretion subject that customer to monitoring/recording of packets at the hardware level and any other evidence gathering technique in order to confirm beyond any reasonable doubt the alleged action. GEN will, depending on the offence, not hesitate to supply gathered evidence to local law enforcement authorities.
NON PAYMENT & BREACH OF CONTRACT
In the event that you fail to make the required payments, and/or breach your contract(s) with GEN, we shall have the right to make modifications to your services in order to suspend/terminate the operation of said services. This may involve redirection and/or suspension of services.
SYSTEM MONITORING:
The GEN system is constantly monitored in the following categories:
| Network Usage |
| Random Packet Sampling | Samples taken usually twice in 24 hours, capture is 1000 packets, capture is analysed for packet consistency, flow, routes, etc, etc. This is for diagnostic/statistics only, no human normally ever sees this information. |
| Proxy Gateway Usage | Data requested via our proxy array is logged in as far as the url's requested, and status codes returned. As the proxy array also operates as a cache server, the url's requested are also cached, and expired using defined rulesets. The cache itself is not directly consulted or analysed except for system provided statistics on cache/proxy performance. |
| Messaging Usage |
|
In-bound Messages |
Messages incoming via our viruswall's has its headers
logged only, this data
is only used for;
The body of the email is not logged, stored, captured or in any other way preserved except in the case that it contains a virus, in which case, the entire message is stored in a quarantine directory for 48 hours (and a message sent to both sender and recipient), after 48 hours, with no contact from either sender or recipient the quarantine copy is automatically deleted. Mail incoming that is routed outside our viruswalls, will be delivered directly to the appropriate server, the message will be stored in a directory that represents the user's mailbox or gateway queue. Upon the user's delete command (or a successful despool/forward) the file is removed from the server. SMTP Servers maintain logs of the SMTP & POP Sessions, detailing command sequences and result's, but not email headers or data. * Contents of mailboxes are *NOT* included in server backup's, only configuration information. |
|
Out-bound Messages |
Mail outgoing via our viruswall's has
only its headers logged, this data
is only used for;
The body of the email is not logged, stored, captured or in any other way preserved except in the case that it contains a virus, in which case, the entire message is stored in a quarantine directory for 48 hours (and a message sent to both sender and recipient), after 48 hours, with no contact from either sender or recipient the quarantine copy is automatically deleted. ** All outbound mail routed by any of our messaging servers will be ultimately routed via the viruswalls. SMTP Servers maintain logs of the SMTP & POP Sessions, detailing command sequences and result's, but not email headers or data. * Contents of mailboxes are *NOT* included in server backup's, only configuration information. |
| FTP Server usage |
| Although the GEN FTP server allows anonymous access, your IP is still logged along with file information uploaded/downloaded. Due to UK laws that can be used to hold a provider liable for information stored on such repositories, routine sweeps of the data are performed manually in an attempt to screen out illegal material. Furthermore, any confirmed abuse report will be acted upon by removal of the offending file(s). In addition, and inline with our policy statements and UK Law, any request to supply historical log data made by a court of law within the UK will be obliged. |
| Web Server Usage |
| Files placed in your home directory and any subdirectory thereof will be
subject to the following conditions; (a) The data/information/software must be compliant with our terms of service and policy statements (b) The data/information/software will be periodically inspected via the http interface for compliance. This inspection is performed routinely and each and every GEN Hosted site is inspected at least once every 6 months during normal operations. (c) Any report of abuse will be thoroughly investigated, and depending on the conditions of that abuse, GEN will take appropriate actions in response. Access of your website via other users on the http interface (port 80) will be logged in detail and the logs are stored centrally within our organisation for reporting, billing and statistics. These logs will be made available to the user upon request at no charge. Users who request 'special' file access permissions be configured despite warnings from GEN that this may lead to compromise of the security of their site do so solely at their own risk. GEN will neither take action nor inform the customer should the site be compromised. Customers websites *ARE* subject to regular automated backups, although GEN is not responsible for storage and backup of customer websites. |
| NNTP (USENET) Server Usage |
| General NNTP Access | Access to the NNTP Server is logged in detail and the logged data will be stored for a period of 48 hours after which time its overwritten as is the case in circular logging. |
| News Group Access | GEN does not knowingly carry illegal or objectionable material on its NNTP
servers, reports of such material will result in removal of the group from the feed. As user group subscriptions are a function of the news client software, GEN does not maintain or record a list of user's subscribed groups. |
| Read News Group Articles | Access to news group articles is recorded by the servers for summary statistics only, message ID's or headers are not recorded or preserved, only counts of reads from groups, and general group usage data (e.g. total number of messages inbound/hour, outbound/hour, average size, average message count accessed by each separate client, etc, etc). |
| Post News Group Articles | Posting of a message article to a newsgroup will cause the contents of
that posted message to be stored on the GEN news servers, together with various headers
which can be used to trace the messages origin to one of the GEN news servers. Reports of abuse will be investigated by GEN abuse staff, and dependant on the conditions of said abuse, GEN will take appropriate action. |
Complaints regarding Illegal Use, System or Network Security issues, e-Mail abuse, USENET abuse, or SPAM should be sent to abuse@gen.net.uk
