Throughout your interactions with us we will collect only the data that we require in order to provide you with the service that you are requesting. The key information that we process is shown below for your information:
When you access any of our services we will store a record of your IP address along with details of your request in our logs. This information is stored and used by our system to ensure the integrity of our services.
Retention: This information is stored in rotating logs, which are kept for a minimum of 6 months.
Authorisation & Session Data
Whenever you login to one of our services we will use at least two cookies that will identify your session to our services. This is necessary to provide our service to you.
The browser_id cookie is a permanent cookie that uniquely identifies your browser to us and allows us to ensure that previous sessions from that browser are invalidated when logging in again. This is only used for the purposes of invalidating these sessions as well as allowing us to notify you when new sessions are created in new browsers.
The user_session cookie is, initially, a session-only cookie that contains a unique token that identifies your specific session. This data is not stored on our end and is only stored in a hashed form. If you choose to persist your login session, this cookie will be converted to a more permanent cookie with an expiry time at some point in the future. The actual time will depend on the service you are using.
In addition to these cookies, we also store IP addresses & user agents with your session. This allows us to look for anomalies in its use to help us protect your account and our systems.
Retention: This data is stored until such time as the associated user account is deleted.
When you sign up, we need to know your first & last name so that you can be identified. We will use your name to address you and it may be stored in various systems that you use. This is necessary to provide our service to you.
Your name may be shared with other people that share access to an account you are part of. For example, if you have a Jireh Solutions Ltd. account, your name will be shared with other members of that account.
Retention: Your name will be retained until your user account is deleted. In some cases, your name may be kept with your billing records were we have a legal obligation to store this information.
We will store your e-mail address for the purposes of managing your account with us. This will be used for transactional e-mails that relate directly to your account or services. This information is required in order to ensure you are informed about your account and can take appropriate actions in various situations.
We may also use your e-mail address to send you messages about our services which may include notifications about newly launched features, improvements to the service, upcoming maintenance as well as ways to help you make the most of your service. If you would rather not receive these messages, please let us know or click the unsubscribe link in these e-mails.
We will not send you any other marketing messages unless you subscribe to our newsletter which you can do through our website when signing up or through one of our applications. When you do this, you will be consenting with us to use your email address for this purpose. You may withdraw this consent at any time by unsubscribing from the messages or contacting us.
If you are using a service that allows multiple users to have access to the same account, your e-mail address may be shared with the other users on this account.
Our applications may share a cryptographic hash (MD5) of your e-mail address with the Gravatar service to allow us to display an appropriate profile image with your images. If you do not have an account with Gravatar, they will not be able to determine your actual e-mail address.
Retention: Your email address will be kept until such time as all accounts associated with it are deleted from our systems.
If we send you transactional e-mails, these will be passed through our internal mail server and stored for a period of time to assist with debugging delivery problems and ensuring messages are appropriately delivered to their destinations. This is necessary to provide our service to you.
The information stored includes the contents of the message sent, the e-mail addresses of the recipients and any other headers.
Retention: The contents of messages are stored for a period of 30 days from the date the message is received by our mail system. The meta data for any messages is kept for 60 days from this date.
If you send us e-mails, these may be passed through our mail servers. If some cases, these messages will be consumed by one of our services or applications, for example, tickets sent to your Sirportly account or updates to tickets submitted to Codebase. This is necessary to provide our service to you.
We never store your own passwords on our services in plain text. Passwords are hashed using an industry standard hashing algorithm. As a good security practice, we recommend the following with regards to choosing your password:
- Use a unique password with our services that is not shared with any others.
- Choose a long secure password containing either multiple random words, or a good combination of letters, numbers & symbols.
- Exercise good password hygiene and change your password on a regular basis.
If you enable two factor authentication, we may ask for your mobile number which will be used to allow you to restore access in the event that you lose access to your account. This is necessary to provide our service to you.
Retention: Your mobile number will be kept until such time as you delete your account or manually remove your mobile number from it.
Company Name & Your Postal Address
We require your postal address in order to provide you with an invoice for your services. This information is collected as a legal obligation and will be stored on our systems along with invoices for a minimum period of 7 years.
We may wish to send you items by post (for example t-shirts, mugs, stickers etc…). To do this, you will need to provide your address to us again and consent to us using it for the purposes of sending you items by post. We may store your address on file to allow us to send you items in the future. You may opt to have this address removed from our records at any time by contacting us.
Any Data Added By You And Stored In Your Accounts
When you use our services you might upload or generate personal information relating to your own customers and users. You will remain the data controller for all such data that is stored within our systems and are responsible for ensuring you have an appropriate lawful basis & notices in place to allow us to store this data on your behalf.
If you use a Jireh Solutions Ltd. service which allows you to upload, store or process any personal data, you are responsible for ensuring that you are compliant with appropriate laws & regulations (for example the General Data Protection Regulation) for this data.
We do not recommend customers store any personal data in areas of our systems that are not designed for the purposes of storing this information.
Retention: Data stored in the services you have with us will be kept until such time as you delete the data yourselves or you cancel your account. Upon cancellation of an account, we may keep the data for up to 7 days at which point it will be purged from our databases.
We use Google Analytics to help us track the details of visitors browsing our public websites. We do not use Google Analytics on any URLs once you have been authenticated. We do not send any personal data to Google’s services through Google Analytics and we configure our tracking codes to anonymise any IP addresses.
Support By E-mail
If you contact us by e-mail or through one of our websites, you will be sharing your contact details (e-mail address and/or phone number) with us for the purposes of responding to your query. This is necessary to provide our service to you.
Retention: We retain all support requests (including name & contact details) that we receive for the purposes of auditing and training of staff.
E-mail Directly To/From Our Employees
If you communicate with our employees directly by e-mail (i.e. not using our normal support channels), we may retain your name & e-mail address in the mailboxes of the employee(s) that you communicate with. This is necessary to provide our service to you.
Retention: Employee e-mails are kept indefinitely. Any e-mails that contain sensitive data that are delivered by accident will be removed immediately.
We store backups of data stored by us for use in disaster recovery. Backup data is encrypted and stored off site in a secure data centre. This is necessary to provide our service to you.
Retention: Backup data is stored for a minimum period of 20 days.
If you apply for a job with us, we will store the personal data that you submit for the purposes of considering your application.
Retention: Job application data will only be kept until the position has been filled unless you ask us to keep your information on record for considering for a future position.