User Information and Code Security Statement
Ver 2.0 Effective time: 2020-01-01
Thank you (user) for your concern and trust in Beijing ProtocolSoft Tech., INC. (hereinafter referred to as ProtocolSoft, us, we). Before you may become the user of our products or services, please read carefully and understand the following contents. If you have any objection to the following contents, please contact us in time and inform us of your different opinions. If you do not contact us and use our Products or services, we will default that you have recognized the existence and legitimacy of the following content.
Some or all of the following content will also appear in other ProtocolSoft files related to user information and code security.
As a kind of traffic analysis products, when you deploy our products or purchase our services, our products or services will inevitably come into contact with sensitive information existing in your network traffic. At the same time, we also know your concern and worry about these sensitive information. Therefore, we need to make full commitment, consideration and measures for this. Including but not limited to:
1. Statement on the nature of the company, the background of shareholders and employees
1.1 We promise that tcpiprabs is a start-up company without any government or state-owned unit background, our shareholders and employees, and no government or state-owned unit background or identity; we have no obligation and responsibility to provide our user information to any third party;
1.2 We promise that we will not proactively disclose user information to third-party organizations in any country on the premise that it may violate the legal provisions of the user's country and the user's written authorization; if we need to provide user information related to ProtocolSoft products, the third party agency must provide clear written documents that have the legal effect of the country in which the user is located;
2. Statement on code security audit and open source
2.1 We deeply understand the importance of the security of software products to users. Therefore, we accept the review of our product codes commissioned by users, or any government authorized, or any industry recognized code inspection agency; and, Government, military, financial institutions and other information-sensitive departments can also require us to open source code to undergo security checks if our products are deployed in large numbers;
2.2 We promise that we will not have any subjective, undeclared software loopholes or backdoors that may cause the leakage of user information; if any third-party agency or user finds that our program has related risks, please contact us actively, After verifying the correctness, we will stop using the related products immediately, and notify users who are using the related products, and we will immediately remediate and upgrade related vulnerabilities;
3. Statement on returning the legality and version information of users
3.1 Except for the real-time traffic information obtained by VPM-SAAS, all ProtocolSoft products deployed on the user side will return this version of the product to ProtocolSoft company at a certain frequency. Use authorization, user registration information, network card IP, MAC and other software authorization management and Relevant information such as online upgrade, which is only used to judge the legitimacy of the user and the necessity of the version upgrade, and will not return other information unrelated to these two types of uses;
3.2 If you have questions about the return of these two types of information, or do not recognize that these information are collected by ProtocolSoft, you can declare to ProtocolSoft in advance, as long as you are a legitimate user, we will inform you of our information return path, and you can set the Strategy to intercept the return path to prevent this information from being obtained by us;
If you do not declare that this information belongs to your sensitive information before using ProtocolSoft products, we will assume that this information will not involve your sensitive information or infringe your interests, and we will not accept any future claims you may make against us. Various complaints;
4. Statement of sensitive information about the VPM-SAAS service
4.1 Due to the inevitable contact with the user's traffic information, we will only collect the TCP / UDP quintuple and KPI / KQI information from the tmarlin host, and will not receive the HTTP and SQL information that may become sensitive information;
Up to now, no user has claimed that TCP / UDP quintuple information and KPI / KQI information are sensitive information that needs to be strictly confidential;
But if you think that these two kinds of information belong to your sensitive information when you use related products, please make a statement to us in advance, and we will provide you with the local installation version of tdolphin, so as to avoid our contact with these information;
If you do not declare that the information belongs to your sensitive information before using tdolphin SaaS, we will default that the information will not involve your sensitive information or infringe your interests, and we will not accept all kinds of complaints you may lodge against us in the future;
5. Company management measures related to code and information security
5.1 We have instituted stricter and legally binding corporate discipline to reduce information security issues caused by personal reasons of employees;
5.2 With employees who may have access to sensitive information, we have signed sensitive legal information confidentiality obligations;
5.3 For work content that may come into contact with users' personal information, financial information, or other sensitive information, we will perform strict multi-level audits and decentralized operations;
5.4 During the product development and testing phase, we have implemented a stricter code security inspection system to reduce information security issues caused by code risks;
6.1 We are not responsible for any information security risks and losses incurred by users during the use of ProtocolSoft products that do not meet deployment requirements and functional design;
6.2 We are not responsible for any information security risks and losses caused by the cracking and decompilation of ProtocolSoft products by any institution or individual;
6.3 We do not bear the information security risks and losses of users who are not registered on the ProtocolSoft official website;
6.4 We are not responsible for the information security risks and losses caused by the disclaimed content as stated above;
6.5 We do not assume the risks and losses of information security caused by inadequate user security measures for each product deployed in the user environment;
6.6 We do not assume any risk or loss of information security due to non-subjective consciousness or technical limitations;
6.7 We do not bear any economic loss within the scope of non-subjective consciousness and non-technical capabilities that are seriously mismatched with the prices of our products and services.
7. Content modification
We reserve the right to modify the above content at any time. We will post any changes to the above on this page.
The usual change time is half a year or one year, please pay attention to the modification of this page on January 1st and July 1st of each year. Unless there are particularly significant changes to the terms, we will no longer notify you by mail.
The above statement has been effective since January 1, 2020. If you do not agree with the above content, you can resolve it with our company through consultation or do not use our products and services.
Beijing ProtocolSoft Tech., Inc.