Masto.host is a service provided by WAP – Web Access Platforms, Unipessoal, LDA. This is a one-person-company, owned and administrated by Hugo Gameiro. This is a project that aims to make running a Mastodon instance easily accessible. It is only I, Hugo, that work on this company and that will conduct, single-handedly, the provision of this service.
I only request and save information that is absolutely essential for me to offer the services provided in Masto.host.
The only information I request is:
- email address
- domain/subdomain for installations
- plan for the subscription
Besides the referred data, I will also store in the Masto.host database the PayPal subscription ID, the IP used to sign up, the history of payments, temporarily IPs used to sign in to the web interface and other encrypted login data, such as password, “remember me” series and tokens, time-based one-time password/two factor authentication (TOTP/2FA) secret and backup code for TOTP/2FA.
That information is only processed by me and stored on the Masto.host database (with remote temporary backups) and local copies on my work devices.
I use that information to keep track of Masto.host active and cancelled instances and at any time you may request that I delete/anonymise that information from my records.
This information is private and never shared with anyone and it will never be used to any other purpose than to provide you the service you subscribed to. There is no newsletter and you will only be contacted by me if something important and specific needs to be communicated related to your service. I don’t do email marketing, period.
As GDPR requires that a DPO (Data Protection Officer) be named, obviously the DPO for Masto.host is me (Hugo Gameiro).
Other data that I also control is the one sent to email@example.com email account. For example, whenever you request support the only copy of your request and my reply is stored there. Also, PayPal sends me notifications about subscriptions and payments and that is also stored in that email account.
The email address firstname.lastname@example.org is hosted at Fastmail and secured behind a large unique password and two step authentication.
Masto.host website doesn’t use tracking cookies and the server that runs it is kept up to date using cPanel, CloudLinux and maintained by me.
This is really all the personal information I store and use to run Masto.host.
Privacy of the Hosting Service
When it comes to the hosting service in itself, I am a Data Processor. Meaning, I process the data that the owners of instance (that are the Data Controllers) request of me and that I assume have permission to do so.
As a data processor, I employ the best security that I know of to keep the data private, namely keeping the servers and software up to date and servers can only be remotely accessed using my private key that only I have access to.
Also, you can be sure that I don’t go through the data stored in instances databases, logs or any form of media (images/videos). I will only do so when explicitly asked by the owner, when necessary due to a technical issue, if I suspect some illegal activity or some abuse of the system is happening.
Although it never happened, you should also know that I will obviously give access to an instance data to authorities if a legal warrant is presented to me that requires that I provide access to that data. Again, this never happened and I will disclose if a case like that ever happens.
MailGun handles all notification emails for the instances hosted on Masto.host, unless requested otherwise by the owner of the instance.
BunnyCDN provides CDN (Content Delivery Network) for media files. The usage of a CDN is intended to improve load times on media files, especially for users not in Europe.
ClouDNS provides DNS hosting for the Masto.host domain.
OVH is the provider of server rental and data center infrastructure.
Instances and the data associated with them are stored in OVH data centers. The shared hosting infrastructure is stored in France and unless requested otherwise by the owner of a dedicated instance, the same applies to dedicated servers.
As a Data Controller (owner of the instance) and/or user of an instance hosted on Masto.host, you should know that Mastodon was not build to communicate private information and that data stored by Mastodon is currently not encrypted (with the exception of the users passwords). You should not store private information on any Mastodon instance. Remember that if a data breach occurs you should expect all stored information to be fully accessible.
In the event of a data breach I will report it without “undue delay” to all owners of instances involved.
All instances hosted by Masto.host use Mastodon software that provides each user access to their personal information, where they can download an archive of it or change/delete it.
After information is deleted from a user in a Mastodon instance hosted in Masto.host the data is immediately removed from the servers.
The only data that is stored in Masto.host servers, not generated by the Mastodon software, and that could contain a form of personal identifiable information (IP addresses) is an access log containing the IP address of the requests made to the servers. These logs are auto deleted in less than 90 days.
At any time, any instance owner can request a backup to move the instance to another service and/or request for the instance and all information to be deleted.
Each instance owner is responsible to inform and ask for consent from the users to store and process their information.
Rights of the data subject
Although you use my services as a Data Controller, by using the service you also have rights as a data subject (regarding these, WAP is placed as Data Controller). As such, you are entitled to require the exercise of the following rights:
This right allows you to know if your data is being processed or not. When they are being processed, you can inquire about the purpose of the processing, categories of the data being processed, who is accessing your data and what is the conservation deadline.
Right to rectification (article 16 GDPR)
By exercising this right, you can ask that your data is rectified/corrected when the personal data is inaccurate.
Right to erasure (‘right to be forgotten’) (article 17 GDPR)
You can ask to be forgotten in the following conditions:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you want to withdraw consent on which the processing is based on, and there is no other legal ground for the processing;
- you object to the processing pursuant exercising your right to object and there are no overriding legitimate grounds for the processing;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
Right to restriction of processing (article 18 GDPR)
You can ask that I restrain the processing of your data if:
- you contest the accuracy of your personal data, and you can ask for the restriction of processing while I verify the accuracy of the personal data;
- the processing is unlawful, and you oppose to the erasure of the personal data and request the restriction of their use instead;
- we no longer need the personal data for the purposes of the processing, but you require the data for the establishment, exercise or defence of legal claims;
- you objected to the processing (article 21(1)), and verification is pending the in whether our legitimate grounds override those of the data subject.
Right to data portability (article 20 GDPR)
This right allows you to ask me that your data can be transferred to you or to a service of your choosing.
You can only exercise this right when the data is processed with a legal basis on your consent or a contract and when the processing carried out by automated means. I will provide the data in a structured, commonly used and machine-readable format.
Right to object (article 21 GDPR)
You can object to the processing of data I do when it is based on my legitimate interests.
Right to retrieve your consent
At any given time, you also have the right to retrieve your consent, when this is my legal basis to process your personal data.