[{"data":1,"prerenderedAt":390},["ShallowReactive",2],{"doc-\u002Fsecurity\u002Fcompliance":3},{"id":4,"title":5,"body":6,"description":380,"edit":381,"extension":382,"meta":383,"navigation":384,"path":385,"seo":386,"stem":387,"vertical":381,"weight":388,"__hash__":389},"content\u002Fsecurity\u002Fcompliance.md","Compliance",{"type":7,"value":8,"toc":365},"minimark",[9,13,18,30,61,72,77,117,120,124,131,134,138,145,159,162,166,169,265,268,272,307,314,318,325,329,336,340],[10,11,12],"p",{},"OpenSense is operated from the EU for EU customers. The compliance\nstory is short, narrow and verifiable. We do not promise more than we\noperate.",[14,15,17],"h2",{"id":16},"gdpr","GDPR",[10,19,20,21,25,26,29],{},"OpenSense is a ",[22,23,24],"strong",{},"data processor"," for sensor measurements. Most\nmeasurements (temperatures, humidity, CO₂) are not personal data, so\nGDPR has limited reach on the ",[22,27,28],{},"measurement"," stream itself. The\npersonal data we actually hold is:",[31,32,33,41,48,54],"ul",{},[34,35,36,37,40],"li",{},"The account holder's ",[22,38,39],{},"email address"," (the magic-link login).",[34,42,43,44,47],{},"The ",[22,45,46],{},"billing details"," (Stripe — they are the processor for that).",[34,49,43,50,53],{},[22,51,52],{},"recipient list"," for alerts and reports (free-text emails and\nTelegram chat ids).",[34,55,56,57,60],{},"Optional ",[22,58,59],{},"operator notes"," typed on alarm acknowledgements.",[10,62,63,64,67,68,71],{},"We are a ",[22,65,66],{},"data controller"," for the first item (your relationship with\nus is direct) and a ",[22,69,70],{},"processor"," for the rest (you ask us to email\nyour staff; you are the controller of your staff's emails).",[73,74,76],"h3",{"id":75},"customer-rights","Customer rights",[31,78,79,90,96,105,111],{},[34,80,81,84,85,89],{},[22,82,83],{},"Access",": dashboard ",[86,87,88],"code",{},"Account → Export everything"," produces a ZIP\nof all your data, including raw measurements, alerts, reports and\nnotes. Issued within 5 minutes.",[34,91,92,95],{},[22,93,94],{},"Rectification",": edit the account; corrections appear in the audit\ntrail.",[34,97,98,84,101,104],{},[22,99,100],{},"Deletion",[86,102,103],{},"Account → Delete"," is one-click. The data is\nirreversibly purged within 30 days; backups are aged out within 60\ndays.",[34,106,107,110],{},[22,108,109],{},"Portability",": the export ZIP is CSV + JSON, openable by anyone.",[34,112,113,116],{},[22,114,115],{},"Object to processing",": contact us; we close the account.",[10,118,119],{},"We do not sell, share or otherwise process personal data for marketing.\nThere is no advertising network, no analytics fingerprinting; we use a\nself-hosted Plausible instance for aggregate site traffic (no cookies).",[14,121,123],{"id":122},"data-residency","Data residency",[10,125,126,127,130],{},"All customer data lives in ",[86,128,129],{},"eu-central"," (Hetzner Falkenstein, Germany).\nWe do not replicate to non-EU regions. We do not back up to non-EU\nregions. We do not have a US team member with administrative access.",[10,132,133],{},"Hetzner Online GmbH is a German entity subject to EU law. The\nunderlying physical infrastructure is in Germany.",[14,135,137],{"id":136},"dpa","DPA",[10,139,140,141,144],{},"Our Data Processing Agreement is at\n",[86,142,143],{},"https:\u002F\u002Fopensense.murzin.digital\u002Flegal\u002Fdpa",". It follows the EDPB\n2021 SCCs (Standard Contractual Clauses) template, scoped to the\nservice we provide. The salient points:",[31,146,147,150,153,156],{},[34,148,149],{},"Processor: Murzin Digital s.r.o. (EU-registered company, Slovakia).",[34,151,152],{},"Sub-processors are listed below and notified before changes.",[34,154,155],{},"72-hour breach notification.",[34,157,158],{},"Audit right: customer or their auditor may audit us once per year on\nreasonable notice; default audit period is one business day on-site\nor asynchronous via document request.",[10,160,161],{},"You do not need to sign the DPA separately — clicking \"I accept\" on\nthe signup flow constitutes acceptance under EU law. We can sign a\nhard-copy DPA on request for larger customers.",[14,163,165],{"id":164},"sub-processors","Sub-processors",[10,167,168],{},"These are the third parties that touch customer data:",[170,171,172,191],"table",{},[173,174,175],"thead",{},[176,177,178,182,185,188],"tr",{},[179,180,181],"th",{},"Processor",[179,183,184],{},"Purpose",[179,186,187],{},"Location",[179,189,190],{},"Why this one",[192,193,194,209,223,237,251],"tbody",{},[176,195,196,200,203,206],{},[197,198,199],"td",{},"Hetzner Online GmbH",[197,201,202],{},"Compute, storage, networking",[197,204,205],{},"DE",[197,207,208],{},"EU jurisdiction, no US parent",[176,210,211,214,217,220],{},[197,212,213],{},"Stripe Payments EU",[197,215,216],{},"Billing",[197,218,219],{},"IE",[197,221,222],{},"EU entity; SEPA + cards",[176,224,225,228,231,234],{},[197,226,227],{},"Postmark",[197,229,230],{},"Transactional email delivery",[197,232,233],{},"US, but EU-only routing for our account",[197,235,236],{},"Reliability beats EU-only alternatives",[176,238,239,242,245,248],{},[197,240,241],{},"Telegram Bot API",[197,243,244],{},"Alarm push (only if customer enables)",[197,246,247],{},"NL\u002FDE pop",[197,249,250],{},"The customer's own choice; not all customers use it",[176,252,253,256,259,262],{},[197,254,255],{},"The Things Network",[197,257,258],{},"LoRaWAN packet routing (LoRaWAN customers only)",[197,260,261],{},"NL",[197,263,264],{},"EU entity for the EU instance",[10,266,267],{},"Adding a sub-processor: we email all customers at least 30 days before.\nCustomer can object; objection is grounds for cancellation with refund\nof the remaining period.",[14,269,271],{"id":270},"cookies","Cookies",[31,273,274,292,302],{},[34,275,276,279,280,283,284,287,288,291],{},[22,277,278],{},"Session cookie"," after magic-link login, ",[86,281,282],{},"httpOnly",", ",[86,285,286],{},"Secure",",\n",[86,289,290],{},"SameSite=Lax",", expires after 30 days of inactivity.",[34,293,294,297,298,301],{},[22,295,296],{},"Locale cookie"," (",[86,299,300],{},"os_locale",") to remember language choice. Optional.",[34,303,304],{},[22,305,306],{},"No third-party cookies. No advertising cookies. No fingerprinting.",[10,308,309,310,313],{},"We do not have a cookie banner because we do not set non-essential\ncookies. (EU law requires consent for ",[22,311,312],{},"non-essential"," cookies; the\ntwo cookies above are functional.)",[14,315,317],{"id":316},"audit-log-access","Audit log access",[10,319,320,321,324],{},"Customers can self-export the per-account audit log at any time\n(dashboard ",[86,322,323],{},"Account → Audit log → Export","). Includes login events,\ndevice configuration changes, rule edits, report downloads, and\nsupport-team access (we annotate when we look into your account, see\nbelow).",[14,326,328],{"id":327},"support-team-access","Support-team access",[10,330,331,332,335],{},"Engineers can read your account's data only to resolve a support ticket\nyou opened, only after you accept a ",[86,333,334],{},"support access"," modal. The access\nis time-limited (24 h) and audit-logged. We do not have a \"view as\ncustomer\" button that bypasses this.",[14,337,339],{"id":338},"sources","Sources",[31,341,342,351,358],{},[34,343,344],{},[345,346,350],"a",{"href":347,"rel":348},"https:\u002F\u002Feur-lex.europa.eu\u002Feli\u002Freg\u002F2016\u002F679\u002Foj",[349],"nofollow","GDPR — text on EUR-Lex",[34,352,353],{},[345,354,357],{"href":355,"rel":356},"https:\u002F\u002Fedpb.europa.eu",[349],"EDPB Guidelines on the use of Standard Contractual Clauses (2021)",[34,359,360],{},[345,361,364],{"href":362,"rel":363},"https:\u002F\u002Fwww.hetzner.com\u002Flegal\u002Fprivacy-policy\u002F",[349],"Hetzner GmbH — data privacy",{"title":366,"searchDepth":367,"depth":367,"links":368},"",3,[369,373,374,375,376,377,378,379],{"id":16,"depth":370,"text":17,"children":371},2,[372],{"id":75,"depth":367,"text":76},{"id":122,"depth":370,"text":123},{"id":136,"depth":370,"text":137},{"id":164,"depth":370,"text":165},{"id":270,"depth":370,"text":271},{"id":316,"depth":370,"text":317},{"id":327,"depth":370,"text":328},{"id":338,"depth":370,"text":339},"GDPR, data residency, DPA, sub-processors",null,"md",{},true,"\u002Fsecurity\u002Fcompliance",{"title":5,"description":380},"security\u002Fcompliance",520,"bvNU_K26c0AwEWJbgBDXNPhUV5tsLrrnttTxYxUXQ9Q",1779022955941]