Below is information regarding himagz.com’s commitment to protect the privacy of users and to ensure the integrity of the Internet.
Internet user privacy is of paramount importance to Himagz.com. The success of our business depends upon our ability to maintain the trust of our users. If for any reason you have concerns about our software or website’s privacy policies, please contact us. We are committed to ensuring that every user’s needs are addressed.
Collection of Personal Information
In the course of delivering this site to you, Himagz.com does NOT collect any personally-identifiable information about you, such as your name, address, phone number or email address without your knowledge, and are taking measures to protect your privacy.
You can send email requesting help and your email will NOT be shared in any way with any third party, and will only be used to send replies to you.
You can leave comments on the site and may do so completely anonymously. You may (but don’t have to) use your “real” email address or name; if you do, that data is associated with the comment. We won’t use the information associated with comments in any way, won’t sell the information or share it with third-parties. We don’t associate IP addresses with comments or store them.
You may sign up to our site newsletter. We use a double opt-in for that and will store your email address for the sole purpose of delivering the newsletter to that email address. You may unsubscribe from the newsletter at any time. Your email address will be removed when you unsubscribe and no record of the data will be kept.
The site displays share and subscribe options for select social networks. These are implemented in the most privacy-friendly manner; they are static links that don’t connect to third-party sites automatically and won’t record any user interaction unless activated by the user.
If you have any questions or concerns regarding this matter, please feel free to contact us.
Embedded content from other websites
Articles on this site may include embedded content from the video hosting site YouTube or Google Drive. We use YouTube’s privacy-enhanced mode for the embeds which ensure that YouTube does not collect any visitor data when the page is loaded. We used Google Drive for more efficient the our cloud block storage and more secured. Google Drive are not collect any visitor data when the page is loaded.
We do use Google Analytics on the desktop, mobile version to collect information about website visits. We have configured Google Analytics to use the lowest period of time for which data that is collected is associated with cookies and user identifiers, and the time period does not reset on new activity.
We used Cloudflare, and Amazon Web Service (AWS) collects aggregate data automatically when a user visits the site.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.
You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Note that we need to be able to link data to you, for instance, by your email address.
Where we send your data
Visitor comments may be checked through an automated spam detection service that is operated by Automattic, the company behind WordPress. Also our comment system are used them.
The information “typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself)”.
If you subscribe to our email newsletter, the email address is sent to Feedburner which operates the newsletter service.
How long we retain your data
If you leave a comment, the comment, your selected name and email address if filled out, are retained indefinitely on the site.
If you subscribe to our email newsletter, we keep your email address in our database until you unsubscribe from the newsletter (which you may do at any time).
If you have an account, we keep record of the account for as long as it is open. All data associated with the account is removed when the account is deleted; comments are anonymized in the process.
Third Party Advertising:
We use third-party advertising companies to serve ads when you visit our website.
These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you.
If you would like more information about this practice and to know your choices about not having this information used by these companies, click the links below.
The following third parties are supported:
Here you can find an additional information for recovery plan and DDoS Mitigation and others that are not stated before.
How we protect your data
We protected your data thru daily, weekly, monthly backup where it’s occurred every day (UTC +08:00) to make sure that our backup are always up to date into several backup designation such Google Drive, AWS S3, and Dropbox used API with data transport TLS/SSL
Our databases are used MySQL are in the private network and used 3 nodes cluster. So it’s meant our databases are not exposed to Public Network.
We are not allowed our staff used SSH with plain password, every connection are established used Private Key and Public Key where it’s reviewed every month.
Since our website are used 3rd Party as we mentioned above such as Cloudflare, and Amazon Web Services (AWS), we are used roles procedure (eg. IAM) and 2FA prior login for make more secured.
What data breach procedures we have in place
– Our website are protected by Cloudflare for DDoS protection, and CDN. We used Cloudflare as our Domain Name Server (DNS) with configured High Level for security protection.
– We are used multiple data center located with different providers and geography to make sure that our website are still able to open by our visitor even the primary server are down for mitigation.
– We used AWS Cloudtrail for compliance, operational auditing and risk auditing
– Checking the file integrity by developed in-house plugin.
So we make sure even our site are under attack by DDoS or such our visitor are still able to load/open our website.
We used 2 types of notifications :
– When our sites are Down where we used Jetpack.
– We used metrics in-house powered by AWS Cloudwatch so when our resources are exhausted it will notify to us so we are able to mitigate the issue arise before it’s occur.
Please use our contact page to get in touch with us.