This document was last updated on 2018-05-25.
Effective Date: 25 May 2018
Talaia contact details
TALIA NETWORKS, S.L.
Pau Claris, 94, 3ºB
08010 - Barcelona, Spain
Mail for requests and queries on privacy: [email protected]
Data Protection Officer: [email protected]
Personal data we process and purposes
Customers & Subscribers Data
We only process as data controller the contact and billing information of our customers and providers, as necessary to manage and render our services, and email addresses of visitors to our website who have explicitly consented to be updated about our services (Customers and Subscribers Data).
TALAIA provides a SaaS solution for our customers to manage their traffic intelligence, threat mitigation and peering analytics. Our platform is either deployed in our own cloud or on-premise for data-centers and large carriers.
By using our platform, customers can collect and process the relevant data about their own traffic within their own networks and systems, such as source and destination IP addresses, data on IP traffic flows, as well as other information related to their network infrastructure (Network Data) to visually see their network traffic and mitigate attacks to protect and secure their networks.
Our customers are the data controllers of their respective Network Data. TALAIA process Network Data as data processor for the sole purpose of rendering our services and to the extent strictly necessary and proportionate for the purposes of providing analytics and ensuring network and information security to our customers.
The purpose of TALAIA processing related to Network Data does not require the identification of any data subject.
TALAIA processes Customers Data and Networks Data as necessary for the performance of our agreements with our customers. Legal basis for processing Subscribers Data is consent for keeping them updated about our services.
Disclosure to other recipients
We do not share Customers & Subscribers Data with any third party, other than providers as necessary to manage our relationship, i.e. for billing or mailing purposes.
Network Data are stored on servers contracted by TALAIA to a third-party provider (OVH).
TALAIA only shares Network Data with third party providers when necessary to render our services, i.e. for maintenance or cleaning purposes.
If we transfer or share data with providers located outside the UE, we apply appropriate safeguards, like the signature of contract with standard data protection clauses adopted by the European Commission.
We retain Customer Data for so long as we need it to manage the relationship, to comply with our legal obligations and to manage potential liabilities.
Networks Data are stored in our third-party cloud for the time of duration of our services.
We provide custom retention policies tailored to the needs of our customers. Fast storage of raw NetFlow/IPFIX data and time aggregates, for querying and filtering purposes along with fast performance dashboards. With compliance and forensics in mind, we've implemented custom policies with up to 24 months of raw NetFlow storage and we can adapt to most scenarios and needs.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including, in the cloud, customers have a private workspace protected by an administration tool manage by themselves, and, in the on-premise solution the hardware is administered by the customer and the access to the tool is administered by the same administration tool to help protect information from unauthorized access, destruction, use, modification, or disclosure.
Data subject rights
Customers and Subscribers can request access to and rectification or erasure of their personal data or restriction of processing, or to object to processing as well as the right to data portability, by addressing their queries to TALAIA (see contact details above).
For Subscribers which processing is based on consent, they can withdraw consent at any time, addressing their requests to TALAIA.
Customers and Subscribers also have the right to lodge a complaint with the Spanish Data Protection supervisory authority.