It is important for you to know that for us your privacy is the most important thing, so we do not analyse absolutely nothing you have on your device: photos, files, emails, websites you connect to, ... And when we say nothing, we mean that, nothing. We only analyse the metadata of the connections between your device and the Internet destinations it tries to connect to. This allows us to identify risks and threats, according to the cybersecurity knowledge databases of various international organisations.
The personal data stored by this service is as little as possible: only your email address and the telephone number you give us to notify you of any risks we detect. We also give you the possibility, if you think it is appropriate, to give us some other data such as: gender, age, country where you live, etc... It is useful for us to make aggregate analyses, but it is not compulsory.
All information will be stored in municipal datacenters (data centres). The aim of the service is not to identify you, nor to know who you are, but only and exclusively to help you protect your security on the Internet. We want to be very clear about this.
The data is stored with the highest level of security, according to European and international laws on data protection and the City Council will in no case be able to:
- Use the data for another purpose
- Share them with third parties (except if required by the judiciary)
The metadata of the connections can be used for the improvement of public services. But no personal or web browsing data will be analysed.
Added for the more tekies:
By now you might be thinking that we act like a Man in the Middle attack, but we don't. We don't because there are basic things we don't do, and never will. It's not because there are basic things we don't do, and never will. For example, we don't break any kind of SSL tunnel. If the traffic is encrypted on an HTTPS, SFTP, ... connection, it is let through as is. We only observe things like DNS query requests launched from the device, user-agent HTTP headers, connection attempts to Netbios services over IP or other unusual and suspicious protocols or connection attempts to IP addresses that are related to IOCs published in official sources. This alone gives a pretty clear picture of the type of malware that is trying to use the network. There is no analysis whatsoever of the content of the pages visited, even if they travel via unencrypted protocols and it would be technically feasible to do so.