This website is operated by Tobias Fiebig, as responsible party (“we” or “us”). This notice describes how we process your personal data in connection with this website and the services built on it.
1. What data do we collect and process?
When you visit our website, you transmit the following information, which is automatically transmitted from your computer to the page you have visited. We will store and process the following data for up to 14 days for operational reasons:
- Date and time of the access
- IP Addresses
- Accessed URI
- Referrer
- User Agent String
- Statuscode
1.2 Email Delivery Test
There is no obligation to conduct an email delivery test. The email delivery test evaluates the emails you send to our email servers. The information we collect is only about the email servers you rely on, not your personal information. There we process the following data:
- Email headers of the emails you send
- Timestamps and further metadata
- DNS request data
The only personal information you have to enter is your email address. We will store your email address only up to the moment the tests are finished in order to send you the report. After sending the user the report the email address will be deleted. If we do not receive a reply to our email, we store email addresses for one hour.
To attribute emails to email providers, we use the domain part of email addresses. Hence user@example.com is reduced to example.com.
We are storing this aggregate information, i.e. your provider's use of email security technologies, IPv4 and IPv6 support, and whether the provider validates DNSSEC, for an indefinite time for the purpose of ongoing scientific research into the adoption of email security measures. If you are your own provider, this information might personally identify you, and we ask you to consider this before participating. If you did participate in the study and would like to have your data deleted, please write to privacy@email-security-scans.org, and we will delete your data as soon as possible, but generally withing five business days.
2. Cookies
Cookies are small text files which are stored on your own device. In general, one differentiates between 'session cookies' and 'permanent cookies'. Session cookies are automatically deleted after a webbrowser session ends. Other cookies may remain on your device until you delete them yourself or they expire.
Modern webbrowsers allow you to control, limit, or prevent websites' ability to set cookies. Many browsers allow you to configure them so that all cookies are deleted once you close the webbrowser. Deactivating cookies may limit the functionality of our site.
We only set cookies that are necessary following Art. 6 Abs. 1 lit. f DSGVO, i.e., a session cookie to differentiate different users' simultanous sessions. As the operator of these sites we have a legitimate interest to set cookies that are necessary for a reliable operation of our services. We do not set tracking or analysis cookies.
3. Integration of third-party technologies
Our websites incorporates third-party technologies, services or libraries, in particular the following JS libraries: Bootstrap, jQuery and CSS libraries. However, we deliver these libraries ourselves, instead of including them from external servers.
4. Purposes and legal basis of data processing
We process your personal data for the following purposes:
To make the website and service available to you, including the email-deliverability-test.
If you use the opt-out feature, we use a hash of your email address to prevent all future delivery of mails from our site to you.
5. Disclosure of personally identifiable information
We do not transmit any personally identifiable information to third parties. Our system is hosted by AS59645, run by Tobias Fiebig, the responsible researcher for this project.
We make the test-results of a specific email-address available via a unique link containing a random ID. We do not map this ID to the email addresses you entered.
If you share your unique link with somebody else, they can see your test-results.
However, we do not store your email address after the test completed, and do not include your email address or email provider on the report page.
6. Duration of storage
We delete personally identifiable data after a maximum of 14 days. Aggregated provider statistics are stored indefinately, see 1.2.
If you use the opt-out feature of our site to block all further emails to your address, we indefinately store a hash of your address, which we use to block our service from interacting with your address again.
7. Your rights in connection with the processing of your personal data
Naturally, you have the right to request a copy of your personal data, request corrections, or immediate deletion.
As we limit the amount of personal data we store, we cannot tie your name to an entry in our database.
Hence, to request a full copy of, correction of, or deletion of a measurement, please share the unique link you received with us, and we will process your request withing no more than five business days.
If you are your own email provider, i.e., your mail provider personally identifies you, please just write us an email, and depending on your request, we will either provide you with a copy of your data, delete it, or correct it.
8. Accountable entity and contact
If you have any questions or concerns regarding the processing of your personal data, please contact us by post or e-mail:
Address: Tobias Fiebig, Campus E14, 66123 SaarbrĂĽcken, Germany
Email: privacy@email-security-scans.org