Tuxis Internet Engineering
VERSION 2024-09-24
last reviewed on 24-09-2025

 

Our Sensible Use Policy sets out what specific products are designed for. ‘Sensible’, refers to the wisest use of the service. This lets you determine whether additional measures need to be taken to secure your data so that you can meet GDPR guidelines.

When reading this policy it is important to understand that it refers to the systems we manage. Settings and configurations that you may change yourself are not covered by this policy.

The following applies to all services:

  • The Tuxis policies used to manage these services can be found here: https://www.tuxis.nl/policies
  • Unless otherwise stated, data is on equipment owned by Tuxis;
  • Unless otherwise stated, data is exchanged internally across infrastructure managed by Tuxis;
  • Equipment is in Security Class 2 data centres;
  • Data is stored in the Netherlands by default and Germany if you choose so.

Explanation of the items:

  • Purpose: Here is a description of what we consider the product suitable for;
  • Types of personal data: The types of personal data the security is designed for;
  • Security: The way data can be secured. This does not mean that it is also secured in this way by default;
  • Updates: The way updates are performed;
  • Migration: In what format is it stored, what are the tools to migrate;
  • Note: An explanation.

 

SaaS: FilesOnline.eu

Purpose: 
Storing and using files for daily use. 
Synchronising this data with devices.

Types of personal data:
With client-side encryption: All types of data. Without client-side encryption: All types of data, other than sensitive personal data .

Security:

  • Each instance runs on its own VPS;
  • Connections between client and FilesOnline.eu are secured by SSL;
  • Data can be stored in encrypted form (setting);
  • 2FO can be enabled (setting);
  • Version management is on by default (setting);
  • Recycle bin is on by default (setting). Files are deleted after a maximum of 180 days;
  • Logging of activities (create, modify, delete) (setting);
  • Brute force security can be switched on by the customer;
  • User-defined password policy (minimum number of characters, prohibited generic passwords, required upper and lower case letters, required digits, required special characters);
  • List of devices with access to files;
  • Data is stored in triplicate across multiple data centres;
  • Data is backed up daily with retention of the 3 last, the 7 last days, the 2 last weekly and 3 last monthly;
  • Files that are synchronised to a device must be secured on/by the device.

Updates:
Updating of the OS, services and software is performed automatically.

Migration:
Files can be copied via drag and drop, webDAV and synctool. For other data to be usable, you need an Nextcloud instance. This software is publicly available and can run on Debian and alike.

 

SaaS: Kerio Connect

Purpose: 
Saving and synchronising email, calendars, contacts, tasks and notes for daily use.
Synchronising this data with devices.

Types of personal data:
Name and contact data, IP addresses and other personally identifiable information other than legal documents and personal data.

Security:

  • Each instance runs on its own VPS;
  • Connections between the client and the service can be secured by forcing the use of SSL (setting);
  • Passwords can be saved in heavily secured SHA format (setting).
  • Recycle bin is on by default. Retention can be set per domain and per user.
  • Automatic clearing of items older than a configurable number of days for the following folders: recycling bin, spam/junk, sent items;
  • Automatic clearing of all items older than a configurable number of days, with the exception of contacts and notes;
  • Logging of all activities (creating, modifying, move, deleting, receiving and sending) (setting);
  • Log retention (setting);
  • Brute force security;
  • Enforcable password policy (minimum 8 characters, minimum 3 types of characters such as lowercase, uppercase, numbers, special characters, and may not contain any parts of the account information);
  • List of devices that have access to the data;
  • Extensive filtering possible;
  • Data is stored in triplicate across multiple data centres;
  • Data is backed up daily with a 7-day retention;
  • Files that are synchronised to a device must be secured on/by the device.

Updates:
Updating of the OS, services and software is performed automatically.

Migration:
Mail can be migrated via IMAP and EAS. Calendars via calDAV and EAS, addressbooks via carDAV en EAS, Notes and taks via EAS. To use the full functionality like this service supplies, than you need a server with Kerio Connect. This can run on Debian and alike.

 

Shared web hosting

Purpose: 
Hosting content.

Types of personal data:
Name and contact data, IP addresses and other personally identifiable information other than legal documents and personal data.

Security:

  • Every customer has their own vhost;
  • Processes in that vhost are executed on behalf of the customer’s user;
  • Connections between the client and the service can be secured by forcing the use of SSL (can be requested);
  • Connections from the client for FTP data are secured by SFTP;
  • Connections between client and phpMyadmin are secured by SSL;
  • Data is stored in triplicate across multiple data centres;
  • Data is backed up once (Purpose: disaster recovery);

Updates:
Updating of the OS, services and software is performed manually in accordance with the fixed maintenance schedule.

Migration:
Files can be copied via SFTP. The database can be exported via phpMyAdmin or dumped via the supplies shell access. 

Note:
The above relates to the hosting platform itself. In your website you determine which data can actually be stored. It is also up to you to make sure that your website is fully up to date.

 

VPS

Purpose: 
To have virtual hardware (CPU, memory, storage) available

Types of personal data:
All types of data

Security:

  • The separation of virtual hardware is controlled by the hypervisor (hardware emulator);
  • Data is saved in triplicate
  • Data is backed up daily with a 7-day retention or optional 6 months;

Updates:
Updating of the OS, services and software is performed manually in accordance with the fixed maintenance schedule.

Migration:
If we supply a VPS, you will be the one placing content on it. We do not control how you do that and what protocosl you use. Therefore we can’t know how the data IN the VPS can be migrated. We can however supply you with an image suited for Proxmox or a raw image.

Note:
The above relates to the platform on which the VPS is running. You determine which operating system, functionalities and security are applied to the VPS.

 

daDup.eu

Purpose: 
To store data

Types of personal data:
With client-side encryption: All types of data. Without client-side encryption: All types of data, other than personal data . 

Security:

  • Connections between the client and daDup.eu can be secured by the use of SSL;
  • Verification is done by means of access key and secret key;
  • Data is saved in triplicate;
  • No data is backed up;

Migration:
Files can be downloaded the same way they can be placed in this service. The data can’t be accessed by us. So if you use S3 to upload the data, you can use S3 to download it.

Updates:
Updating of this services is performed manually in accordance with the fixed maintenance schedule.

Diskbayonline.nl

Purpose: 
The colocation of a hard disk and making it available in a VPS

Types of personal data:
All types of data

Security:

  • The separation of virtual hardware is controlled by the hypervisor (hardware emulator);

Updates:
Updating of the OS, services and software is performed manually in accordance with the fixed maintenance schedule.

Migration:
Since you get a VPS and configure this VPS, we do not control the way data is written or can be read. This service writes data on disks owned by you and there is an arrangement in place to ship the disks physicaly to you.

Note:
The above refers to the platform on which the VPS is running and your disk is installed. You determine which operating system, functionalities and security are applied to the VPS.

 

Private Cloud/Private Cluster

Purpose: 
To have a hypervisor available;

Types of personal data:
All types of data

Security:

  • The separation of virtual hardware is controlled by the hypervisor (hardware emulator);
  • Connections between client and administration console are forced to be secured by SSL;
  • Data is in triplicate stored unless otherwise agreed;

Updates:
Updating of the OS, services and software is performed manually in accordance with the fixed maintenance schedule.

Migration:
If you run this service on hardware owned by you, you can pickup the entire cluster with all the data and functionality. If you use this service as an IaaS, we can supply you with raw disk images suitable for Proxmox that can be converted to other hypervisors.

Note:
The above relates to the platform on which the hypervisor is running. You determine which operating system, functionalities and security is running on that hypervisor.

 

Proxmox Backup Server

Purpose:

Creating backups to a Proxmox Backup Server cloud

Types of personal data:
All types of data.

Security:

  • Proxmox VE encrypts data with EAS 256 before sending it to our service.
  • Connections between client and FilesOnline.eu are secured by SSL;
  • 2FO can be enabled (setting);
  • Retention can be enabled and is customisable;
  • Data is written to three disks (2 duplicates);
  • Data is stored in the Netherlands or Germany (option when ordering).

Migration:
Since backups are encrypted on the source, we can’t read the content of these backups. Therefore we can only supply the datastore. If you want to use the functionality, you need a Proxmox Backup Server. That can be a VPS of Physical server with that software. This software is publicly available and can run on Debian and alike. 

Updates:
Updating of the OS, services and software is performed manually in accordance with the fixed maintenance schedule.

 

1 vacature