Our systems are built for data collection, and to integrate with various devices. The system continuously collects information, stores it locally, and then propagates the data to central services for processing and long term storage.
Other than the data our customers require, Modio logs metadata about devices and the systems for our own internal usage, this data is used internally for quality and debugging purpose.
Data kept by Modio
For our own usage, we collect data including the following:
- Software version information
- System performance information
- Hardware performance information
- Count of successful or failed readings from connected equipment
- Data and Bandwidth usage of the system
- Status data about connected devices
Beyond this, the public IP address of devices will be seen in log files and other active connections.
As a rule, we rotate data after a few months, and retain only trend data for future analytics purpose.
With "status data" about connected devices we mean things like battery status, firmware revisions, transmission quality, and similar.
Modio does not collect measurements from connected sensors, hardware or devices.
How data is transmitted
We transmit data securely, using TLS with Perfect Forward Secrecy, both to our systems and our customers. We follow Modern Guidelines when transmitting data over the Internet.
How data is kept
Our primary data centre is located in Sweden, and we strive to keep personal data under European privacy laws. Data in transit is always encrypted, both in the field, and in the data centre.
Data stored for Customers
For customers, what is collected and how it is stored depends on the customers' own requirements. Customer systems are split away from Modio's systems, and while Modio may administer them for the customer, it is ultimately the customer's decision on what needs to be stored and for how long.
Personally identifiable information
For some services, Modio needs to deal with personally identifiable information. This includes our management system a.fa.se. As a rule, we try to keep as little personal information as possible, and only use it for the intended purpose.
We may share personal information with our customers as necessary, but not with other third parties.
An example of personally identifiable information is your name and email-address, which we will keep as long as required for authentication, authorization and alerting.
As a rule, if we don't have it, we can't leak it.