‘INEX’ means Internet Neutral Exchange Association Company Limited by Guarantee, registered in Ireland No. 253804.
The ‘GDPR’ means Regulation (EU) 2016/679 (General Data Protection Regulation).
An ‘IXP’ (Internet Exchange Point) is a network facility that enables the interconnection of more than two independent Autonomous Systems, primarily for the purpose of facilitating the exchange of Internet traffic.
The terms ‘Personal Data’, ‘Data Controller’ and ‘Data Subject’ are used in this document as they are defined in the GDPR.
Internet Neutral Exchange Association CLG is the Data Controller of all Personal Data that is stored by INEX.
INEX stores the following categories of Personal Data:
All this data is held either by explicit permission from the individual, or for performance of a contract, or compliance with legal obligations.
This Personal Data is subject to the rights listed below.
INEX uses Personal Data for the following purposes:
Employees, contractors, service providers and legal or other professional advisers to INEX may be given access to Personal Data held by INEX. This is required to fulfil INEX’s obligations of service and support to its membership and support to users of INEX services.
Some INEX mailing list archives are published on the INEX web site. All subscribers of these mailing lists are notified during the subscription process that anything they post will be made public.
INEX may provide Personal Data to Government authorities, regulatory authorities, law enforcement bodies, the Courts Service of Ireland or the Board of Directors of INEX for the purposes of compliance with legal requirements, or for the exercise or defence of legal claims.
INEX has strict security procedures for storing Personal Data to protect it against loss or damage. All Personal Data stored by INEX is protected by TLS (Transport Layer Security) and firewalls.
INEX requires all agents and subcontractors outside the European Economic Area (EEA) to sign a data processor agreement which provides protection of Personal Data at least equivalent to that provided for by the GDPR.
INEX does not store or process Childrens’ Data.
INEX deletes or pseudonymises IXP Manager login records, WWW logs and email logs after 6 months.
INEX maintains backups of all data systems and maintains these backups for no more than 13 months.
Data Subjects have the following rights in relation to Personal Data stored by INEX:
An IXP is a traffic clearing-house. This means that all data transmitted to INEX IXP peering networks is either forwarded to its destination network or else dropped. Traffic data on the IXP is neither stored nor processed under the definition of these terms in the GDPR.
All communications concerning privacy related issues should be sent by electronic mail to firstname.lastname@example.org or by post to Internet Neutral Exchange Association CLG, 4027 Kingswood Road, Citywest Business Campus, Dublin D24 AX06, Ireland.
INEX will respond to and, where appropriate, act on privacy-related communications within one calendar month.