Happy holidays from ISC!
ISC is fortunate to have staff members in so many different countries around the world: our software development benefits from all the different perspectives - and we benefit personally!
Read postThis text was updated on 15 November 2021. Please click here to read our full, up-to-date privacy policy.
Like many responsible organizations with an online presence, we have committed to meet our new obligations under GDPR (General Data Protection Regulations – it’s an EU thing). We are a small business with approximately 35 employees and no business activities located in Europe. We are committed to transparency because we care about public trust in ISC; we also don’t want to spend a lot of your money on lawyers. We have created a formal written privacy policy based heavily on the one ISOC recently published, and have done our own inventory of personal and technical data we have in our systems.
What follows is an inventory of the data we collect and use, with a link to the formal Statement of Privacy.
ISC operates a number of Sites for public collaboration and information sharing, including but not limited to: public mailing lists, fora, ISC’s main website, project wiki pages, source code repositories, software issue trackers, our Knowledgebase, our ftp.isc.org and downloads.isc.org downloads sites, social media sites, and others.
We don’t use paywalls or require registration to read information on any of our Sites or to download documents or software. We do require registration to submit data to these systems in order to control spam and abuse. We may use your Personal Data submitted during registration to contact you. In some cases, your registration and other personal information provided by you will be visible to other users.
Users of our public mailing lists, issue trackers, code repositories, Knowledgebase and other ISC Sites consent to publishing their personal data when they choose to participate actively in those public sites. ISC’s mailman service, GitLab, ftp.isc.org, downloads.isc.org, kea.isc.org, bugs.isc.org, www.isc.org, and ednscomp.isc.org are operated by ISC. ISC’s Github site, Document360 Knowledgebase, Cloudsmith repository, SendOwl store and BrightTalk webinar replay site are operated by those companies on our behalf, as well as our social media accounts on FaceBook, Twitter, LinkedIN and YouTube.
ISC maintains several databases for tracking software issue reports by users. These databases enable the public to report and view problem reports about ISC open source projects. These include but are not limited to:
All of these systems may store submitter username, email address, and other contact data, depending on what the user shared (e.g. in the signature field in the email), as well as technical data about their software deployment, network, and issue, and possibly configuration files, log files, and core dumps. We must have this information in order to communicate with the submitter to get more information about the issue and/or verify a solution.
We don’t want anyone to refrain from submitting issues because of privacy concerns, however, so if you want to submit an issue and don’t want your submission to be publicly visible, contact us to request that we hide your personal information. Depending on the site, this may mean that the entire issue is non-public, which defeats the purpose of having a public issue tracker, so please don’t do this without a compelling reason.
Subscribers to ISC’s software support services have to provide contact information for multiple (usually four) points of contact. This information is required in order for us to provide the support service. This information generally includes:
We use the email address to communicate with support subscribers, to alert them of support ticket updates, to provide notice of new releases, to provide transactional information (such as validation of email address), to send terms and instructions for the support service, and to process forgotten passwords. Very infrequently, we may also use the technical support contact email addresses to survey support users about our support services or product usage, or to provide roadmap updates.
We don’t have any regular support process that uses customer telephone numbers, but some subscribers of our support services are allowed to contact us via phone and we might conceivably use the telephone number in an unusual process, e.g. for verifying identity when updating contact information or for password recovery.
Support technical contact information is stored in our support ticketing system, which is operated by ISC in the US. (Some technical support contacts may also be included in our main (Zendesk) contact database.) This database also includes a log of customer support tickets opened and our responses to them, and may include core dumps, configuration files, and software logs.
We use this information to support customers, and to identify and troubleshoot issues in our software. Access is limited to current ISC employees. We retain this record even after an individual or organization terminates their support relationship with ISC, unless they specifically request we delete it, because it provides us with a valuable technical record.
Our standard support services agreement includes a non-disclosure agreement (NDA). We don’t publicly identify customers or their representatives unless the customer does so first. When we log issues in our publicly visible issue trackers on behalf of support customers, we either make the issue private, or anonymize the support customer’s identity.
In the event you choose to make a donation or purchase using your credit card, we will request credit card information, including number, expiration date, billing address, and card security code so your donation can be processed. This information passes directly to ISC’s payment processor, PayPal. ISC neither uses nor stores this information.
We use services for interacting with users, optimizing our websites, and managing our search presence. Each of our contracts with these third parties restricts the use of personal information so it can only be used to provide the services under the contracts. In addition, these companies are required to treat all information and protect it by processes and procedures no less strict than those used by ISC.
Our current services and/or contractors are:
We can be contacted, about this or anything else, at info@isc.org.
Our main phone number (which generally goes to voicemail) is +1 650-423-1300. Our business address is PO Box 360, Newmarket, NH 03857.
What's New from ISC