Please rotate your device in portrait mode for the best experience

Tune Insight

Privacy Policy

Customer Privacy Policy

1. Introduction

Tune Insight SA is the Data Controller. We can be contacted as per the details below:

Email: contact@tuneinsight.com

Postal address:
Tune Insight SA
EPFL Innovation Park
Bâtiment C
1015 Lausanne
Switzerland

1.1 Scope of This Document

This document explains how we process personal data, as it relates to:

  • Tune Insight Customers: Tune Insight Customers use Tune Insight Authentication Service to store and manage user accounts.
  • Tune Insight Users: Tune Insight Users use Tune Insight Authentication Service to store and manage their user accounts.

Apart from where otherwise noted, this document does not address data protection issues relating to the data submitted by Users to the self-hosted Tune Insight Agent instances, as this is the legal responsibility of the Customer.

1.2 The Customer and the User

This document is designed to explain Data Protection issues relating to Tune Insight Customers and Users. If you are paying (or otherwise compensating) Tune Insight to provide a service, you are a Customer. If you have an account registered on the Tune Insight Authentication Service, you are a User.

It is possible to be both a Customer and a User, but we encourage you to consider these roles separately when thinking about Data Privacy concerns.

1.3 Changes to This Document

Over time we may make changes to this document. If we make a material change we will provide the Customer with reasonable notice prior to the change. We will set forth the date upon which the changes will become effective; any use of a Tune Insight service by the Customer, or Tune Insight Authentication Service by a User will constitute the Customer's acceptance of these changes.

Your access and use of a Tune Insight Service is always subject to the most current version of this document.

2. Access to Your Data

2.1 What is the legal basis for processing my data and how does this affect my rights under GDPR (General Data Protection Regulation)?

2.1.1 Legal Basis for Processing

Tune Insight has different legal basis for processing, based on which product you are using:

  • Tune Insight customers: your data is processed under New Federal Act on Data Protection. Note that on 15 January 2024, the European Commission published a report on the maintenance of adequacy decisions with regard to several third countries, including Switzerland, thereby confirming that Switzerland offers an adequate level of data protection Commission report of 15 January 2024.
  • We process your data only as necessary to meet our contractual obligations to you, or to engage with you to do something before entering into a contract (such as providing a quote);

2.1.2 Your Rights as Data Subject

You have rights in relation to the personal data we hold about you. Some of these only apply in certain circumstances. Some of these rights are explored in more detail elsewhere in this document. For completeness, your rights under GDPR are:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision-making and profiling.

For more information about these rights, please see the GDPR Art. 12-23. If you have any questions or are unsure how to exercise your rights, please contact us at contact@tuneinsight.com.

2.2 What information do you collect about me and why?

The information we collect is for the purpose of supporting your user account, allowing you to log into a self-hosted Tune Insight Agent using the Tune Insight Authentication Service. We do not profile Users or their data.

2.2.1 Information you provide to us:

We collect information about you when you input information in the Tune Insight Authentication Service or otherwise provide it directly to us.

Tune Insight Authentication Service Customer Account and Profile Information

We collect information when you or we register for an account. This information is kept to a minimum on purpose, and is restricted to:

  • Email address (Identifier)
  • Username
  • Full Name
  • Affiliated organization

Your authentication identifier is used to authenticate your access to Tune Insight Authentication Service at https://auth.tuneinsight.com and to uniquely identify you. This Service is securely hosted on Azure in Zurich, Switzerland.

2.2.2 Information we collect automatically as you use the service:

Connection Information

We log the IP addresses of everyone who accesses the Authentication Service. This data is used in order to mitigate abuse, debug operational issues, and monitor traffic patterns. Our logs are kept for 90 days.

2.3 Sharing data in compliance with enforcement requests and applicable laws; enforcement of your rights

In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to

(a) comply with any applicable law, regulation, legal process or governmental request,

(b) protect the security or integrity of our products and services (e.g. for a security audit),

(c) protect Tune Insight and our users from harm or illegal activities, or

(d) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the serious bodily harm of any person.

2.4 How Do You Handle Passwords?

We never store password data in plain text; instead they are stored hashed with the algorithm pbkdf2-sha256 using 27500 hash iterations. Passwords sent to the server are encrypted using TLS > v1.2.

It is your sole responsibility to keep your email, username, password, otp and other sensitive information confidential. Actions taken using your credentials shall be deemed to be actions taken by you, with all consequences, including service termination, civil and criminal penalties.

If you become aware of any unauthorized use of your account or any other breach of security, you must notify Tune Insight immediately by sending an email to tech-support@tuneinsight.com. Users should manage good password hygiene (e.g. using a password manager) and change their password if they believe their account is compromised.

If you forget your password (and you have registered an email address) you can use the password reset facility to reset it.

2.5 Our Commitment to Children's Privacy

We never knowingly collect or maintain information in Tune Insight, through any of the Services provided, from those we know are under 16, and no part of Tune Insight is structured to be used by anyone under 16. If you are under 16, please do not use the Service.

2.6 How Can I Access or Correct My Information?

You can request a copy of your data by emailing contact@tuneinsight.com. We are working on a solution which will allow you to download the data automatically.

2.7 What Are the Guidelines Tune Insight Follows When Accessing My Data?

  • We restrict who at Tune Insight (employees and contractors) can access Tune Insight data to roles which require access in order to maintain the health of the services.
  • We never share what we see with other users or the general public.

2.8 Who Else Has Access to My Data?

We host the Tune Insight Authentication Services on Amazon Web Services (AWS) and Microsoft Azure, specifically:

  • Our Authentication Service server is hosted in a Microsoft Azure data center in Zurich, Switzerland.
  • Our Customer portal server is hosted by Vercel in Frankfurt, Germany.

Physical access to our offices and locations use typical physical access restrictions.

We use secure private keys when accessing servers via SSH, and protect our Azure and AWS console passwords locally with a password management tool and 2FA.

2.9 What happens if Tune Insight is sold?

In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.

If we or substantially all of our assets are acquired by a third party, personal data held by us about our users will be one of the transferred assets.

2.10 How Is My Data Protected from Another User's Data?

All of the Tune Insight user data resides within the same dedicated cluster. We use software best practices to guarantee that only the Customer can access it. In other words, we segment User data via software. We do our best and are very confident we're doing a good job at it, but, like every other service that hosts User data on the same database, we cannot guarantee that it is immune to a sophisticated attack.

2.11 What Should I Do If I Find a Security Vulnerability in the Service?

If you have discovered a security concern, please email us at tech-support@tuneinsight.com. We'll work with you to make sure that we understand the scope of the issue, and that we fully address your concern. Information security is our highest priority, and we work to address any issues that arise as quickly as possible.

Please act in good faith towards our users' privacy and data during your disclosure. White hat security researchers are always appreciated.

Should you have other questions or concerns about this document, please send us an email at contact@tuneinsight.com.

4. Document History

  • 2024, April 5th: Privacy Policy document was created and published at https://tuneinsight.com/privacy-policy.