Skip to Content

Insight into how ASD Engineering protects your data

At ASD Engineering, we take your privacy seriously. That’s why we design our infrastructure according to the principles of privacy-by-design and privacy-by-default. This means collecting as little data as possible, encrypting where necessary, and being transparent about how our services operate and no vague legal jargon, but clear tech talk.

What we don’t do

  • We don’t log user IP addresses in our databases.
  • We never inspect your traffic through our tunnels. ​
  • We never share data from our tunneling or dashboard services with third parties, trackers, or analytics companies.

What we do (and why)

Pseudonymous monitoring with encrypted IP hashes

To detect misuse of our tunneling service, such as brute force attacks, we store an encrypted hash of the IP address. ​

  • The hash is irreversible.
  • It is secured with a salt that’s only available internally.
  • This allows us to detect whether an attack comes from the same IP address, without knowing who you are.
💡

This method is fully compliant with the GDPR as a form of pseudonymization.

Temporary logging in secured memory ​

In case of exceptional behavior (e.g. hundreds of failed login attempts), we temporarily store IP addresses in encrypted memory (not in databases) so we can protect the platform. These records are automatically purged after a short time, or added to a blacklist if needed to block access.

Minimal data storage

Voor de ASD Tunnelservice kan elke gebruiker tijdelijke en unieke tokens aanmaken. Aan elk token zijn de volgende gegevens gekoppeld.

ColumnPurpose
tunnel_user Subdomain suffix for access and multi-tenancy. We don’t see the full URL and therefore don’t store where your service is reachable or tunneled to.
usage_countThe number of times a tunnel has been used.

last_used

The timestamp of the last successful connection.​

auth_user_idA link to your account in our database.
expires_atThe moment when the token expires.
💡

We do not store user data like IP addresses, names, emails or behavioral logs unless you explicitly request analytics. If so, your data is processed only on private servers. This analytics feature is optional, premium, and only provided upon request and consultation.

Transparent control

You can:

  • Manage or delete your tokens
  • View when they were used
  • Limit or disable logging (where applicable)
💡

What we log is also visible to you. Everything we see, you can see too.

Technical measures

  • All traffic is encrypted using TLS end-to-end
  • Thanks to Row-Level Security (RLS), only you can access your own data
  • Token usage is verified in real time for each SSH connection
  • Privacy-sensitive data is always pseudonymized, hashed, and salted ​
  • Stdout logs from tunnel services are automatically purged to prevent accidental exposure of sensitive information (e.g. in URLs).

Conclusion

Our mission is to provide secure, fast, and transparent infrastructure without the shadow of surveillance or tracking. We believe it’s possible to build powerful tools that center your rights as a user, without compromising the security of our systems. ​

Insight into how ASD Engineering protects your data
Kelvin Wuite April 3, 2025
Share this post
Tags
Our blogs
Archive
Sign in to leave a comment