Updated: 19th June 2020
failstats.net ("us", "we", or "our") operates the https://failstats.net website (the "Service").
This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.
Information Collection And Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Personal Data
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to:
Usage Data
Submitted data
Usage Data
We collect information how the Service is accessed and used ("Usage Data").
This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, unique device identifiers and other diagnostic data.
We aim to store personally identifiable Usage Data for a term of no more than 30 days, but it can be kept indefinitely in the event of a technical issue or an attack on the Service. Anonymised Usage Data can be kept beyond this.
Your IP address and time of site access is sent to engiedev.net to be included on the dashboard (https://engiedev.net/dashboard/). Your IP address is stored for up to a maximum of 48 hours, after which it is anonymised to "0.0.0.0" in the engiedev.net database.
Submitted Data
This can be divided into two categories;
User Account
A verified user account is required to submit fail2ban data to the API. This is used to reduce spam by asking users to verify their email address before allowing API access. After this, your email address will only be used to contact you if there is a problem, or you make a request to us. To make a user account, you choose to submit the following information:
Username - To login with
Password - To login with
Email - To verify the account
Data submitted to API
If you choose to submit fail2ban information to the failstats API (typically via the failstats application), this information consists of:
Date and time of when the attacker (of your service) was banned
The IP address of the banned attacker
A UUID to represent the target computer
API key to check if access is allowed and to provide personal statistics
Optionally, the name of the target service
This data is stored permanently to provide the Service and a copy without UUID or API key data is publicly available for download.
Submission times and UUIDs are logged permanently to monitor for suspicious activity.
All of the data is monitored for any suspicious activity, and will be deleted if required to maintain the accuracy of the Submitted Data.
Tracking & Cookies Data
We do not use cookies or similar technologies for the purpose of tracking, and do not monetise any Usage Data.
We do store cookies on your computer, please refer to the "Cookie consent" link in the footer for further information and controls.
Use of Data
failstats.net uses the collected data for various purposes:
To provide and maintain the Service
To provide analysis or valuable information so that we can improve the Service
To detect, prevent and address technical issues
How we protect data
Protecting your security and privacy is extremely important to us and we make every effort to secure your information and maintain your confidentiality in accordance with the terms of the Data Protection Act 1998. Our website is protected by various levels of security technology, which are designed to protect your information from any unauthorised or unlawful access, processing, accidental loss, destruction and damage.
Please note that we may need to disclose your personal information where we:
Are under a legal duty to comply with any legal obligation or;
Need to disclose it to protect our rights, property or safety of our customers or others.
Transfer Of Data
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside United Kingdom and choose to provide information to us, please note that we transfer the data, including Personal Data, to United Kingdom and process it there.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
failstats.net will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
Disclosure Of Data - Legal Requirements
failstats.net may disclose your Personal Data in the good faith belief that such action is necessary to:
To comply with a legal obligation
To protect and defend the rights or property of failstats.net
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
To protect against legal liability
Security Of Data
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Links To Other Sites
Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Children's Privacy
Our Service does not address anyone under the age of 18 ("Children").
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
Keeping you in control
We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
The right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of the personal information we hold;
The right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);
The right to have inaccurate data rectified;
The right to object to your data being used for profiling
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
If you would like further information on your rights or wish to exercise them, please contact us.
Changes To This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
Contact Us
If you have any questions about these Terms, please contact us.