New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I'd like to see how you enforce the clauses on an American or any other foreign citizen
I do not understand what type of provider you are used to dealing with. We are a legitimate provider and if you submit false information we are required by law, and in order to maintain a high quality of service, to request a manual verification of your data. This is not a privacy violation. It concerns potential unlawful activities that you could commit and that we would have no way to trace. You are also requesting free credit while remaining completely anonymous. You can understand how unusual this appears. When we asked for a manual verification of your account, this was your reaction. There is nothing more to add.
this is your rude reply:
https://imgur.com/a/Si3N9YD
I consider this unfortunate episode closed.
You never asked for a verification of my data.
Probably you can't handle normal worldwide business owners who are living as expats in nice countries and using international legal entities and business addresses for their companies. Very common in a worldwide business sphere, which rarely occurs in Italian companies.
Glad to see that you are happy to publish customer communication on a public board, good start!
And then you flag Aruba clients and demand ID from them.
As a start, you should translate the rest of the website into English, especially the legal documents, and provide a safe method for identification.
ID + selfie over email is a no-go for many, whereas a proper third-party GDPR-compliant solution would be acceptable. For example, Signicat.
this is going about as well as i expected
i sent the selfie and i'm happy with the 50€ of free credit
Sorry to jump in but just to make clear that there is not such italian law that forces to ask for ID and selfies to our potential customers. Of course, we have to do our due diligence during the antifraud process, but there are other elements to base it to. Furthermore, pictures/selfies nowadays are completely useless, given the quality of deepfakes/synthetic media. Unless there is a team of experts in synthetic media forensics, which I highly doubt hosting companies have...
So please let's not make this an "italian" issue, thank you.
As mentioned earlier, I never stated that this is a legal requirement in Italy. It is not even one of our usual procedures. What I described as misleading is the reference to “vexatious clauses” and other clauses from European and Italian regulations.
The request for a selfie holding the identification document is used for this specific promotion because it involves free credit. Since there is no transaction or payment, an important element of antifraud verification is missing. When clearly false information is detected, as in the example provided earlier together with the inappropriate reply we received, an additional verification becomes necessary to correct the data. In Italy, and I believe this applies elsewhere although I cannot speak for foreign jurisdictions, it is mandatory to provide accurate personal information when ordering a service. This is a basic requirement, and I assume it is the same in most countries.
We normally do not request an identity document with a selfie. We require it for this promotion because of the reasons stated above and due to the high number of registrations with false information that we are receiving.
this offer basically is: seflow spends 50 credits, to buy your ID details with selfie.
But it's in the original post.
You made it sound like you have it already translated and it's just a matter or replacing the link on your website. I doubt that's the case as it doesn't take this long to replace the link.
Email is not a safe method to transfer personal data and even worse in your case we are talking about biometric data and that's special category of data under article 9 gdpr. Just for this, you can expect a nice fine if someone reports you.
You don't ask consent for the use of reCAPTCHA on your website. As far as I know bots are better at solving those than humans, but never mind that, there's a neat trick on your website to get rid of it without solving anything.
@maxxxxx We never required customers to send personal data by email. This was assumed by you. You are drawing conclusions based on assumptions made by individuals who never tested our procedures.
The process is clear. When there is no money transaction, the fraud prevention system applies stricter controls. If the system identifies patterns that indicate possibly false data, the customer is asked to upload a selfie in a secure area. A human operator checks the integrity of the information. Whether the verification is approved or rejected, the photo is fully removed from our systems.
We are a large company with 1700 employees. At this scale, processes follow strict internal rules. Even changing a link requires several departments to review and approve it.
Which process at your company allowed advertising your service to international audience when your terms and conditions are only in Italian and therefore not enforceable for any non Italian customer?
Sorry for that, if that's the case. But there's a post above in this thread and you didn't address it.
It's a small 50 euro credit and it actually doesn't cost you 50 euro but much much less. Even for order of magnitude larger credits from my experience it has always been just a matter to verify my payment method after registering. In rare cases where a company required selfie with id i bypassed it just by asking support.
Well. No comment.
@jnd SeFlow, like any company, can make mistakes and no one is perfect. We have already received a report indicating that the Terms of Service are shown in Italian even on the English checkout page. A remedy process is already in progress to correct this.
What you are pointing out is defined within internal processes as Bug Fixing and Continuous Improvement. These are standard procedures in companies and are used to correct errors and to improve the service on an ongoing basis. At SeFlow we constantly review all reports we receive and we work to enhance the service in a continuous and structured way.
Thank you for bringing this to our attention. I remain available to clarify any further questions related to the service or any matter not already addressed.
Not even a team of experts in synthetic media forensics will be of any use. There's too many breached websites already and selfies with photo ids are floating around the black market. Once it's leaked it's used for anything like opening bank accounts or crypto exchage accounts in your name, money laundering and illegal transactions, breaking into bank accounts or resetting 2FA.
Also, some people will sell you their firstborn for a bottle of beer, a selfie is not such a big deal.
I registered as a new user a few days ago.
Then, when I logged in today, I found a message saying my order was fraudulent.
I then submitted a support ticket.
Just now, I checked again and found my account had been deleted.
How ironic.
@136168643
We have cancelled only those orders where a data verification was requested and the customer refused to cooperate, or where the provided information was clearly false. For example, we received registrations where name, surname and address all contained the word Pony, or where the name field contained only di and the surname field only H. These are clear cases where the account could not be accepted. All other accounts remain active and usable.
I apologise, but I will not reply further to these requests. It is unreasonable for a legitimate company to be asked to justify why it does not accept orders from users who submit false personal information. We are not required to justify this. It is simply the law.
of course not, but you are required to be appealing to potential buyers. guess what you need to work on?
You send me this email:
There are no instructions on how to submit the selfie and ID, so yes, you are asking for it over email.
Secondly, with the legal documents only in Italian, the trust is gone.
And then there’s the Star Wars reference at the end of the email. Are kids processing our legal documents?
I think your intentions are good, but when you ask for an ID number on the checkout page without specifying what you are asking for and why, you create confusion. A lot of people will enter the wrong information because this is an Italian document and isn’t used this way in other countries.
You have copied the ticket ID, so you cannot refer to it as an email when you have already stated it is a ticket. Please open the link to the indicated ticket and you will be able to enter the requested information inside the secure area.
I understand the situation. I have checked your order using the email address you provided. I must clarify that both MaxMind and MinFraud identify you as a fraudulent user, with previous reports linked to activities considered not lawful. In addition, the residential address you provided does not exist..
hello,
i opened a ticket where i deleted the vps and re-created and loss the credits . can you pls add them back? i had some problem with reinstall and suport did not noticed i actually deleted the vps even in ticket it was mentioned but i dont know how will i get those credit back?
https://my.seflow.net/viewticket.php?tid=015950&c=DQPYkxyW
I am going to ask you about this in the ticket, and then I will remind you there is something called GDPR.
This is just stupid. I have send you a pm with a google maps link with my address.
@amsaal you can check logs on https://admin.services.seflow.cloud/Usage.aspx
By reviewing the link you provided, you will see that 50 euro of credit were added to your account in May. You will also see that the amount related to the mistake you made was subsequently refunded. After that, you created an additional virtual machine, and the corresponding charges were applied for this second instance.
All debit and credit transactions are fully listed in the history available on the page you referenced.
Gentlemen, we can leave our comments here as well:
https://www.trustpilot.com/review/seflow.net
I can see so far 73% of total comments are 1 star (very poor), I have not post my review, but I'm considering to spend 5 mins to post.
I kindly invite you to consider the dates of the reviews as well. With the exception of two, all of them were posted before 2021, which is the year SeFlow became part of the Aruba Group. You are referring to two completely different companies that simply share the same name. Thank you for your understanding.
I encourage you to evaluate SeFlow based on experiences you have personally had, and I also invite anyone currently testing our services to address any concerns you may have.
I don't really understand why this turned into such a big issue. At the end of the day, a provider is offering a service, not forcing anything on anyone. If a customer is comfortable with their terms — including KYC — they can go ahead and buy. If they’re not, they’re free to go elsewhere. That’s how the market works.
From a provider’s perspective, some level of verification is often used simply to reduce fraud, chargebacks, spam, and abuse. It’s not always about distrust — sometimes it’s just risk management or compliance. Yes, it may cost them some customers, but if that’s the operational model they’ve chosen, that’s their business decision.
Criticizing a company for trying to be cautious or follow their own risk policies doesn’t really help anyone. If their approach doesn’t suit you, there are plenty of alternatives.
I don't know how your system works. That being said, it is very common for those support tickets to be sent as a copy over email so you can reply over email or over the web interface. Very often when I make a support request over email in few minutes I get an email back saying a support ticket has been created and I can normally reply to those tickets through email without even logging in to the website. This might be the case here that people get those emails and with your lack of clear instructions how to handle sensitive data they assume to send it over email.
I hope you understand that generally those fraud databases contain false reports and inaccuraces and not to mention data from questionable sources. False positives are not uncommon.
P.S. Since I'm writing this post. There's a word "Array" at the bottom left of your webpage. Meaning your software is doing something wrong.
I agree with you that antifraud systems are not infallible. For this reason, when an antifraud alert is triggered and a customer is flagged as a potential risk, we do not permanently block the account. Instead, we request additional verification. This has happened before and will happen again. In many cases, customers mistakenly flagged as fraudulent simply provided the requested information, we confirmed their legitimacy, deleted the additional data from their account and our database, and then activated the service.
You will certainly understand that when an account is flagged by antifraud systems and, during our manual checks, we also find indicators that the account may indeed be fraudulent or not legitimate, we must request further details. If the customer refuses to provide them, regardless of citing privacy concerns, this becomes a clear red flag.
In such cases, it is fully within your rights not to provide additional information, and equally within our rights not to activate the service.
@ahson I am pleased that someone has finally understood.
Peoples' reactions have clearly showed that this thing is not like you say, basically Seflow's this activity, it's kind of lying, cheating, and wasting peoples' time.