Masto.host is a service single-handedly provided by Hugo Gameiro. This is a personal project that aims to help make running a Mastodon instance easily accessible.
I only request and save information that is absolutely essential for me to offer the services provided in Masto.host.
The only information I request and/or store is:
- the email addresses of instance owners, that they provide when requesting the subscription of a plan
- the PayPal email address that I receive whenever I receive a payment
- the domain/subdomain used for the instance
- the email communications between me and the owners of the instances
That information is only processed by me and stored on both a spreadsheet on my computer and the firstname.lastname@example.org email account.
I use that information to keep track of Masto.host active and cancelled instances and at any time you may request that I delete/anonymise that information from my records.
This information is private and never shared with anyone and it will never be used to any other purpose than to provide you the service you subscribed to. There is no newsletter and you will only be contacted by me if something important and specific needs to be communicated related to your service. I don’t do email marketing, period.
As GDPR requires that a DPO (Data Protection Officer) be named, obviously the DPO for Masto.host is me (Hugo Gameiro).
To illustrate the data flow of Masto.host, I will explain how I have things setup:
When you fill in the form to subscribe to a plan and press save, the server creates and saves a new file with the information submitted + your IP address + a random order ID. That file will be used after I receive an email from PayPal confirming a payment to know who made the payment are and what domain you want to use for the Mastodon installation.
All information is pretty much stored in the email account and a couple of spreadsheets where I copy paste your email address, PayPal email address, domain used for the instance, date of registration/cancellation and some other server details (redis-server number, internal usernames, etc) that are just technical to keep track of how each instance is running. Also, the spreadsheet keeps a record of all payments received and done related to Masto.host.
The email account for Masto.host where all communication is saved is a GSuite email account and secured behind a large unique password and two step authentication.
My computers and devices are all encrypted, with passwords required to access, two step authentication, remote deletes enabled and always up to date, without a single software that isn’t fully licensed and that receives continuous updates.
Masto.host website doesn’t use tracking cookies and the server that runs it is kept up to date using cPanel, CloudLinux and maintained by me.
This is really all the personal information I store and use to run Masto.host.
Privacy of the Hosting Service
When it comes to the hosting service in itself, I am a Data Processor. Meaning, I process the data that the owners of instance (that are the Data Controllers) request of me and that I assume have permission to do so.
As a data processor, I employ the best security that I know of to keep the data private, namely keeping the servers and software up to date and servers can only be remotely accessed using my private key that only I have access to.
Also, you can be sure that I don’t go through the data stored in instances databases, logs or any form of media (images/videos). I will only do so when explicitly asked by the owner, when necessary due to a technical issue, if I suspect some illegal activity or some abuse of the system is happening.
Although it never happened, you should also know that I will obviously give access to an instance data to authorities if a legal warrant is presented to me that requires that I provide access to that data. Again, this never happened and I will disclose if a case like that ever happens.
MailGun handles all notification emails for the instances hosted on Masto.host, unless requested otherwise by the owner of the instance.
OVH is the provider of server rental and data center infrastructure.
Instances and the data associated with them are stored in OVH data centers. The shared hosting infrastructure is stored in France and unless requested otherwise by the owner of a dedicated instance, the same applies to dedicated servers.
As a Data Controller (owner of the instance) and/or user of an instance hosted on Masto.host, you should know that Mastodon was not build to communicate private information and that data stored by Mastodon is currently not encrypted (with the exception of the users passwords). You should not store private information on any Mastodon instance. Remember that if a data breach occurs you should expect all stored information to be fully accessible.
In the event of a data breach I will report it without “undue delay” to all owners of instances involved.
All instances hosted by Masto.host use Mastodon software that provides each user access to their personal information, where they can download an archive of it or change/delete it.
After information is deleted from a user in a Mastodon instance hosted in Masto.host the data is immediately removed from the servers.
The only data that is stored in Masto.host servers, not generated by the Mastodon software, and that could contain a form of personal identifiable information (IP addresses) is an access log containing the IP address of the requests made to the servers. These logs are auto deleted in less than 90 days.
At any time, any instance owner can request a backup to move the instance to another service and/or request for the instance and all information to be deleted.
Each instance owner is responsible to inform and ask for consent from the users to store and process their information.