New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
And am customer to MXroute LLC
Maybe it's time to get into other hosting services, such as shared/reseller or vps?
@jar I have such a request. Could you somehow convince me to buy your service? I wonder what the difference is from the usual shared hosting, that you can get for half the price of your service.
I also understand that NextCloud capacity does not count towards account capacity?
Is buying mxroute for people living in the European Union a good idea?
Can I somehow sign a Data Processing Agreement?
Shared hosting providers are focused on web hosting and mostly a "best effort" for email. The gap between buying shared hosting and hiring a sysadmin to run a mail server for you is huge. For starters: https://mxroute.com/our-unique-outbound-infrastructure/
I run my own RBL that learns from the logs of a full email service but also takes into context client needs to not blacklist providers you need to receive mail from. I open source our custom inbound filters. I monitor your stats 24/7 and make sure that if your password gets compromised, your domain reputation isn't trashed for 48 hours before you notice, I let you know immediately. I militantly hunt anyone trying to hurt our IP reputation so that even though we have that outbound infrastructure linked above, it won't all go to shit because someone managed to ruin it and slip under the radar. You're literally hiring a mail admin for my prices.
For now. That may be changing with Crossbox integration.
I don't feel qualified to answer that. We're based out of Texas.
I don't think that would be of legal value. We're based out of Texas and have no relationship with any governing authority within the EU.
I mean ping, the maximum transfer speed or the fact that the addresses sending emails are not from the RIPE address pool.
MXroute recipient servers are in Hetzner, DE, now.. You could check yourself MTR/ping to Hetzner servers.
In that case, if the servers are in Europe, can I (or rather, I even have to) sign a Data Processing Agreement?
Jarland already answer that.
If you are based in the EU and storing personal data, then it is on you to obtain data processing agreements from your vendors.
The EU technically also require this of US companies selling within the EU, but whether they have the scope to actually implement this is questionable. There’s certainly no immediate punishment for most US companies (smaller/medium) in essentially ignoring the requirement.
There very well may be legal requirements that you need to hold yourself to when doing business, and this may be part of it for you. If so, it may be a good reason to not do business with MXroute if it cannot be mitigated by any laws that give you room to do business with companies that do not operate within the jurisdiction of your governing entities. In such an event it is more appropriate that you speak to your legal counsel as MXroute would not be well equipped to provide any advice as to what your legal requirements are, nor would MXroute be prepared to begin cooperating with such requirements of any governing authority outside of the United States and the state of Texas at this time in relation to this specific topic.
As a customer of Hetzner it has not been communicated to MXroute by the vendor that MXroute needs to take any measures toward this end to meet our obligations to them as a customer. Should Hetzner change their requirements for MXroute to purchase their servers in order to meet any of their legal obligations, MXroute would happily weigh their request and the options for moving forward. Neither MXroute LLC nor it's owners/employees (not to be confused with it's vendors and service providers) are registered entities/citizens in any jurisdiction of any trade agreements in which their direct government authority has agreed to require them to submit to such laws, and whether or not that makes it legal/illegal for you to do business with MXroute is something you need to take into account.
The way I see it GDPR wise if your a European company then your required to implemented, companies based outside of the EU can just ignore it is quite obvious when you think about GDPR is a EU law only enforceable within EU states.
Some user will point out large American companies E.g Google/Amazon/Facebook can get burnt by gdpr that because they have offices/headquarters and companies registered in the EU.
But companies with no physical presences or subsidiaries based in EU seriously doubt anyone can sue them for GDPR violation.
It's a pretty sensitive topic that obliviously triggers a lot of cultural differences. Hopefully this time I've found the right words to not be divisive on it.
Hetzner certainly provide a DPA and encourage EU companies to comply with it. However, beyond the scope of the EU it's difficult to see how it will be enforced.
I do think privacy is extremely important and I judge this based on the company more than any legal fallback. As it goes, I have no issues with @jar and entrust my data with MXroute on the basis of how it is operated and history with the company.
Thank you. I can't state enough that my lack of compliance with the laws of certain places has nothing to do with my commitment to security or privacy. A lot of places have privacy and security related laws that I don't specifically comply with (or I may and I just don't know, my standards might match some of them). Some may be sound, others may be lip service. I always saw PCI compliance as the latter for example, but I don't store CC data so I get to outsource that.
In fact in an hour I'm meeting with a new vendor that I think has identity verification down to as much of a science as one can, so that I can draft a policy and procedure for 2FA removal requests that sets a high standard.