1. Protection of personal data

Protime respects the privacy of the users of its website in accordance with the provisions of the applicable data protection legislation (based upon the European Directive 95/46/EU of 24 October 1995 of the European Parliament and the Council concerning the protection of natural persons in connection with the processing of personal data and concerning the free movement of these data). 

When allowing the ProMobile app access to your devices camera, the images are used for barcode scanning only. None of the images are used for a different purpose, nor are they stored in the app, on your device, in the Protime software or our datacenter. 

The personal data provided by the user voluntarily via the different websites are kept on a certain location (see below). Since the data are provided by the user, Protime cannot be held responsible for their contents and Protime therefore disclaims all responsibility. 

You are entitled to inspect, correct and remove these data as provided for by the applicable data protection legislation. This can be done by addressing a written request with proof of your identity to Protime NV, Kontichsesteenweg 54, 2630 Aartselaar.

The user data are used to provide you quickly and efficiently with the requested services or information as well as additional communication regarding other products or services of Protime. Applications to which only registered users can log in, are governed with respect to privacy by the terms of use of the application itself as agreed between the client and Protime.

2. Cookies – Google Analytics

Please read our cookie statement below for more information.

3. Protection of access

Protime gives much care to the safe access to on-line services, accessible for customers and registered users, by using security systems according to the latest technological developments. To gain access, the user must give proof of his identity by means of an identification procedure which he alone can use in accordance with the terms of use of the application itself as agreed between the client and Protime. The user undertakes to use the service with due care and to do his utmost to prevent that any third party may find out about the strictly personal identification procedure.

4. Datacenter locations

4.1 Corporate website

The personal data provided by the user voluntarily via this website are registered in the files of Protime and are kept at the address of Protime Kontichsesteenweg 54, 2630 Aartselaar.

4.2 Premium suite

The personal data provided by the user voluntarily via this website are registered in the files of Protime and are kept at the address of SD Services NV, Brouwersvliet 5, 2000 Antwerp.

4.3 Protime 360°

The personal data provided by the user voluntarily via this website are registered in the files of Protime and are kept at the address of Unitt (Combell) (EU).

5. Email security

Our state of the art email security device does several checks on incoming emails. If our email security device has dropped your mail this means that one of the following checks has failed:

5.1 Reverse DNS

Reverse DNS Lookup determines the host associated with a given IP address. If an email from somecompany.eu  with a source IP address of X.X.X.X is delivered to our anti-spam security gateway, the Reverse DNS lookup feature will check the IP Address X.X.X.X is actually associated with the domain somecompany.eu. If this is not the case, it is assumed the email has been spoofed.

5.2 SPF

The owner of a domain (somecompany.eu) will publish an SPF record which will consist of all authorised senders for this domain. An email receiver can check the sender's records to see if it is associated with that domain, and when the SPF records specify this is the case, the email is accepted. 

The SPF record will prove the sender is a trusted sender for that domain.

There is a difference between:

  • SPF softfail
     

    v=spf1 ip4:X.X.X.X ~all
    ~all means that any servers not listed in this SPF record should be treated as a "softfail", ie. mail can be allowed through but should be tagged as suspicious.

    -> Protime will tag the email with a tag [SPF SOFTFAIL]
    -> Protime will put the mail in the users personal SPAM Quarantine where it can be released if wanted
    -> Domains which get a tag [SPF SOFTFAIL] cannot be added to personal whitelist

  • SPF Hardfail
     

    The owner of the domain can specify the SPF record for the domain like:
    v=spf1 ip4:X.X.X.X -all
    -all means that any senders not listed in this SPF record should be treated as a "hardfail", ie. they are unauthorised and emails from them should be discarded

    -> Protime will tag the email with a tag [SPF FAIL]
    -> Protime will put the mail in Quarantine where it can be checked by the Itservicedesk team

5.3 DKIM

DKIM (DomainKeysIdentified Mail) is an email security standard designed to make suremessages aren’t altered in transit between the sending and recipient servers.It uses public-key cryptography to sign email with a private key as it leaves asending server. Recipient servers then use a public key published to a domain’s DNS to verify the source of the message, and that the body of the messagehasn’t changed during transit. Once the signature is verified with thepublic key by the recipient server, the message passes DKIM and is considered authentic.

The mail security will flag messages with error "DKIM: permfail body hash did not verify [final]" for every mail send by $sender" with a tag [DKIM failed]
This can be caused by several things:
>> The public key specified in the DKIM-Signature header is wrong.
>> The public key published by the sender in their DNS is wrong.
>> The body of the email was modified after it left the mailserver
>> Someone spoofed the email and signed it without having the correct private key.
>> Other causes are also possible

Anyway the emails with DKIM failed flag are "suspected" and quarantined.
The sender will have to solve this issue!

5.4 Anti-Malware - Virusscan

The  Anti-Malware System combines  Web Reputation Filters, a critical first layer of preventative defense against new outbreaks, with best-of-breed signature-based verdict engines to provide powerful, fully integrated anti-malware defense. 

As the second layer of defense Anti-Malware System scans web content, as it is downloaded, against malware and virus signatures - eliminating the broadest range of known and emerging web-based threats. A combination multiple antivirus engines, including Sophos and McAfee, provide maximum security without compromising scalability.

5.5 AMP (Advanced Malware Protection)

AMP analyzes emails for threats  hidden in malicious attachments. It gives advanced protection against spear phishing, ransomware, and other sophisticated attacks.

AMP uses a combination of file reputation and file sandboxing to identify and stop threats.

  • File Reputation captures a fingerprint of each file as it traverses the Email Security gateway and sends it to AMP’s cloud-based intelligence network for a reputation verdict. Given these results, malicious files are automatically blocked
  • File Sandboxing provides  the ability to analyze unknown files that are traversing the Email Security gateway. A highly secure sandbox environment enables AMP to glean precise details about a file’s behavior and to combine that data with detailed human and machine analysis to determine the file’s threat level. This disposition is then fed into AMP’s cloud-based intelligence network and used to dynamically update and expand the AMP cloud data set for enhanced protection. 

5.6 Outbreak filters - URL Filtering

Outbreak Filters protect our network from large-scale virus outbreaks and smaller, non-viral attacks, such as phishing scams and malware distribution, as they occur.
Global traffic patterns are used to develop rules that determine if an incoming message is safe or part of an outbreak. Messages that may be part of an outbreak are quarantined until they are determined to be safe based on updated outbreak information  or new anti-virus definitions are published by Sophos and McAfee.

Outbreak Filters analyze a message’s content and search for URL links to detect this type of non-viral attack.  

The reputation and category of links in messages, in conjunction with other spam-identification algorithms, to help identify spam. For example, if a link in a message belongs to a marketing web site, the message is more likely to be a marketing message.

5.7 Blackmail (SPAM)

All our incoming mails are scanned by an anti-spam engine. This engine has a very large rule base (thousands of rules) to check mails and give them an overall spam score.
If mails get a score between 50 en 90 they will get a tag [SUSPECTED SPAM].
If mails get a score between 90 en 100 they will get a tag [SPAM].
We cannot check why the overall score is what it is. Nor can we read the current score or get insight on past scores.

5.8 Graymail (SOCIAL/MARKETING/BULK)

Graymail messages are messages that do not fit the definition of spam, for example, newsletters, mailing list subscriptions, social media notifications, and so on. These messages were of use at some point in time, but have subsequently diminished in value to the point where the end user no longer wants to receive them.

The difference between graymail and spam is that the end user intentionally provided an email address at some point (for example, the end user subscribed to a newsletter on an e-commerce website or provided contact details to an organization during a conference) as opposed to spam, messages that the end user did not sign up for.

The graymail engine classifies each graymail into one of the following categories:

  • Marketing Email. Advertising messages sent by professional marketing groups, for example, bulletins from Amazon.com with details about their newly launched products.
  • Social Network Email. Notification messages from social networks, dating websites, forums, and so on. Examples include alerts from: LinkedIn, for jobs that you may be interested in, CNET forums, when a user responds to your post.
  • Bulk Email. Advertising messages sent by unrecognized marketing groups, for example, newsletters from TechTarget, a technology media company.

5.9 Suspected Domain

When our colleagues keep receiving "clean" unwanted messages from the same domain, we classify the domain as SUSPECTED and all mail from that domain will be quarantined!

If you have further questions, please contact your Protime consultant or our helpdesk.