Who we are

Our website address is: http://jogamp.org/.

You can also read out transparency report.

Contact forms

Find our contact information in our wiki page.

Content

• Privacy Policy
• Security Policy

Privacy information

JogAmp Project Services

Besides offering read-only information about out JogAmp project, this website also utilizes interactive services where users submit data for the project. These are:

• Mediawiki
• Bugzilla
• Jenkins

We further provide git repositories of the project's source code containing source code of our contributors adhering to the respective license.

What data we collect and why we collect it

Public Project Data

Data collected via our project services as listed above, are stored and published to further the JogAmp project and is not considered private data. Project data is shared with he world.

Private Connectivity Artifacts & User Credentials

When visitors leave comments on the site or add data via our project services, we collect the data and may also collect the visitor’s IP address and browser user agent string to help spam detection, which is considered private data and is not disclosed nor shared.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you submit data using our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we may set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

We consider cookies private data and do no share them.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Example: Our Vimeo or YouTube embedded media.

Who we share your data with

Private data as described above, if any, is not shared with anybody!

Public project data as described above is non-private and shared with the world.

How long we retain your data

Private data as described above, if any, is not stored permanently nor backed up.

Public project data as described above is retained indefinitely to document and further the JogAmp project.

What rights you have over your data

Private data as described above, if any, is not accessible.

If you hold a user account via our project services, you should be able to delete your account. However, public project data is persistent.

Where we send your data

Private data as described above, if any, is not send or shared to anybody.

Public project data as described above is shared with the world.

Security information

How we protect data and secure operations

Our servers are setup, protected & handled as follows to ensure secure & coherent operations

• Access via asymmetric cryptography key-pairs only
• Only store asymmetric public keys, used to access sensitive services from our secured environment only.
• Not allowing service access from 3rd parties via weak ‘cookies’ or ‘tokens’.
• Web-applications may manage their own user-login database with credentials and
  • won’t send passwords via emails
  • store encrypted/hashed passwords only, not clear text
• Database and certain other vulnerable resources are directly accessed by web-applications via intranet only
• Web-applications are not executed with the web-server credentials, but within dedicated user space (separation, encapsulation)
• A firewall explicitly opts-in network services as intended
• Using a self-healing redundant filesystem and encrypted distributed replication backup strategy
• Follows regular update procedures
• Utilizing Warrant Canaries in our transparency report.

What data breach procedures we have in place

• Notifying world via our transparency report.
• Notifying data owners of the breach, excluding
  • public project data as described above
• Data coherency tests using backups and restoration of the original data

What third parties we receive data from

• public project data as described above

What automated decision making and/or profiling we do with user data

• None

Industry regulatory disclosure requirements

• None to our knowledge