Privacy & Security

Privacy

NL-ix offers an extensive range of Interconnection services: - Peering services - Transport services - Transit services - Cloud services

We need a certain amount of data in order to be able to provide our services to you.

To be able to provide the best possible service to you, it important for us to know which products and services you purchase from us and how you use our products and services. We link the information we receive from you in order to respond quickly and adequately to your questions, service requests (e.g. on a disruption in the services), and complaints.

We aim to inform you personally and at a time when the information is relevant to you. This information may consist of tips about products you use or newsletters. Your interests are paramount in processing your data!

We therefore promise that: - We handle your data with care. You can rest assured that your data is safe with us and that we observe the law. - We do not look at the content of your or your customers’ communication. We do not monitor any conversations, look at the content of your messages, e-mails or chats, or record which websites are visited. - We do not sell your data to third parties. - We inform you about the use made of your data and offer you simple means to view and adjust your data and the choices you have made with regard to your privacy. - You decide what happens with your data. We respect the choices you have made with regard to your privacy.

Which data do we process?

If you intend to purchase a service from us or enter into a contract for one of our services, we process your personal data such as your name, telephone number, email address, which service(s) you purchase, and the subscription type. We also register similar information about the technical and administrative (billing) contacts you provide for the performance of the contract.

If you or other employees of your company contact us, for example, if you ask a question by telephone, via an NL-ix website or via social media, we record this question. We need to record it for the purposes of answering the question and performing actions arising therefrom. Your data will also be recorded if you report a service disruption, lodge a complaint, or fail to pay an invoice.

We refer to this data as ‘contact details’.

For what purpose do we process this data?

Provision of services

First and foremost NL-ix processes your data for the provision of our services to you. Processing of your data is necessary for dealing with requests, establishing a link, building connections, sending an invoice, making an enquiry into an invoice, and handling fault reports or complaints. We cannot provide our services to you without processing your data.

Marketing and sales purposes

NL-ix processes your contact details for marketing and sales activities with respect to services provided by NL-ix (even after termination of the contract) unless you have objected to this. For example you may be approached about our services when you register for an Event. Your data will be processed by NL-ix, or a processor contracted by NL-ix, for the purpose of making offers, unless you have objected to our approaching you by letter, text message, email or telephone.

NL-ix does not provide your data to third parties for purposes of marketing, sales, and other business activities. Insofar as data is provided to third parties for the benefit of their activities, this will only be done in a format that is anonymised and aggregated in such a way that this data cannot be traced to your person in any way whatsoever.

Compliance with legal obligations

NL-ix has a legal obligation to provide your data to third parties, for example, to the competent authorities within the context of a criminal investigation.

Network quality, availability and security of the network, and connections of our customers

NL-ix is responsible for the network used for the conveyance of (internet) traffic. This involves the maintenance, planning and improvement of the network and management such as routing traffic, resolving disruptions, monitoring peak loads and overload. By analysing the use made of our network we obtain essential information on the network use and load. We can make targeted additions, upgrades and improvements to our network on the basis of this information. NL-ix processes your data for these technical and statistical analyses. The results of these analyses are anonymised for reporting within NL-ix and cannot be retraced to individuals. We are not interested in the content of your or your customers’ communication and we never record the content of the communication about our network.

Visits to our website, login to the 'MyNL-ix' environment

When you visit our website, we process the following data:

  • your IP address, type and language of your browser, the time of your visit and the web address from which you reached our site, the pages you view on our site, the links you click on, and the other actions you perform. We do this using cookies. For more information about the cookies we use and the choices you can make, see below.
  • When you order a service on our website we request additional personal data from you, such as your email address, name, work address, or a telephone number.
  • If you want to access the 'My NL-ix' environment on our website, you have to register with a user name and a password.

Use of cookies and local storage

This website uses cookies and local storage. These are small text files stored on your device (computer, tablet, smartphone, or another device) to enhance your experience on the website. Websites use these for many different purposes, including but not limited to:

  • Get information about the traffic on our website
  • Provide you with essential functionalities of our website
  • Track your browsing behaviour
  • Track your engagement with social services
  • Collect information about how users use our website
  • Remember your preferences for our website
  • Personalize content and advertisements.

We use cookies and local storage according to applicable national and international laws.

How long will your contact data be stored?

NL-ix will not store your data longer that is allowed and necessary for the purposes for which your data is processed. How long certain data is stored depends on the nature of this data and the purposes for which it is processed. The retention period may therefore be different for each purpose.

If you have entered into a contract with NL-ix, your contact details will at least be kept during the term of the contract. We will keep your invoice for a maximum period of seven years. We have a legal obligation to keep this invoice for tax-related purposes for such a period.

How do we handle your data after the retention period?

Your personal data is removed or anonymised after the retention period. Anonymising means that you personal data is stripped of any identifying characteristics, so that only statistical data that cannot be linked to your person in any way whatsoever remains. This statistical data is important for us, because we can gain an insight into the use of our products and services on the basis of this data.

Inspection, correction and/or removal, right of objection

You have the right to inspect your data. This means that you can request insight into which personal data has been recorded and for what purposes this data is used.

During several stages of your interaction with us, we offer you the opportunity to indicate whether your contact details may be processed, for example for purposes of analysis and the offering of NL-ix services. In addition, we offer you the option to view at any time which choices you have registered with us or to alter your choices or destroy contact details. You can inform us by sending an email to privacyoffice@nl-ix.net.

You can object to the processing of your contact details by NL-ix if your contact details are used for purposes other than necessary for the performance of an agreement or for complying with a legal obligation. You can, for example, object to the use of your personal data for marketing and sales activities. You can do this at any time by sending an email to privacyoffice@nl-ix.net.

If you would like to contact NL-ix's data protection officer, please contact J. Jongenelen via privacyoffice@nl-ix.net.

Security

Found a security vulnerability? Please report it to us.

NL-ix finds it extremely important to provide secure products and services for all of our customers. The privacy of our customers is of paramount importance. Our specialised teams monitor our networks and systems. Despite care and dedication, situations may arise in which there might be a vulnerability in our security. If you have indications you may have spotted such a vulnerability in any of our networks and systems, we kindly request you to contact us.

To be able to resolve this situation as soon as possible and to prevent a potential vulnerability being abused we kindly request you to share information with us and ask you to do the following.

Report security vulnerabilities (or suspicion thereof) to NL-ix’s Computer Emergency Response Team using the email cert@nl-ix.net. Please provide sufficient information (for example, a detailed description including IP addresses, logs, how to reproduce the vulnerability, screenshots, etc.) so that we can handle your message as effectively as possible. Do not share knowledge about the vulnerability with others, until the leak has been repaired. Do not abuse the vulnerability. If this happens we may have to pursue legal action. Once a vulnerability is reported, we will contact you to make arrangements for a reasonable period of recovery and a possible coordinated publication of the vulnerability.