Compliance and data security have become a real struggle. Sadly, the Web host OVH Cloud is of no help. Therefore this website will remain dormant until an issue is found.
We do not collect any personal data nor add any cookie. We have disabled comments to avoid to collect any personal information. This explains the absence of cookie banner. However, the website has been built using a WordPress copatible Theme.
The website is sometimes secure, sometimes not !
We are working on building a privacy compliant website. This site does not use any analytics. It has recently migrated to OVH Cloud based in EU to be more compliant. It has been a painful operation.
We do not use cookies unless strictly functional. We are trying our best to not allow third parties to track our visitors by cookies or by Java Script embeded code. It’s hard job. We might lose traffic and SEO. We have used a Word Press template. WP templates are mainly server side PHP scripts full of board cascading code built on code. We can’t even see the actual code. When using the WP admin, the templates are loaded in the back. We wanted to let make you aware that this potential risk. Help us by spreading the word. If you see anything suspicious, lets us know.
OVH Cloud promise a standard SSL encryption Let’s Encrypt that is actually not performing its job.
Here is what they replied to my request:
Please be advised that it is shared hosting and we do our best to implement all security policies.
In addition, other features can be added by activating our firewall from the multisite section [already activated] or with third-party plugins.
If upon completion you verify that the service is not suitable for your needs, I invite you to switch to a server where you will have complete control.”.
here is there promise to provide SSL
This is a very wide issue with most websites online. We dont request any personal data here. No sensitive information is produced. At this stage, I can only advise anyone to still be vigilent. Have a look at the issues spotted by this Mozilla tool :
A cloud provider should be more supportive of ensuring web security.
We believe our visitors deserve protection and privacy.
We want your trust. In particular, we do not use Google analytics, avoiding to share data with external third parties.
When links are posted, beware that they will take you to an external website that is hosted by a third-party provider not necessarily in your regional jurisdiction or that of DataRainbow. The company may collect, store and use information independent of DataRainbow including but not limited to IP address, browser details etc. DataRainbow has no control over the collection or use of this information. For more information on the linked sites Privacy Policy and the Lawful basis for this data collection, read their privacy notice/policy.
As such please always be mindful of clicking on links to third party web sites – we would recommend that you have various tools and plugins installed on your web browser to protect you such as:
- AdBlock Plus
- NoScript
- Privacy Badger
Make sure that third party cookies and pop-ups are disabled in your web browser settings. We will produce a video showing you how to do this in the near future.
For any further question, please contact us at data@datarainbow.eu