Last updated: 8 March 2026 · Eastall Software Systems Limited
Overview
Eastall Software Systems Limited ("ESS", "we", "us") is committed to protecting your personal information. This Privacy Policy explains what data we collect when you use our website (eastallss.com) and our services (eCloud, ePanel, eAuth), how we use it, and your rights regarding that data.
By using our services you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of our services.
Data We Collect
We collect the following categories of personal data:
- Account Information: Name, email address, and password (hashed) when you register for an ESS account.
- Payment Information: Billing details processed through our payment provider (Stripe). We do not store card numbers on our servers.
- Discord Data: If you use eAuth, we receive your Discord user ID, username, discriminator, and guild membership status as part of the OAuth flow. We do not store your Discord access token beyond the session.
- Usage Data: IP addresses, browser type, pages visited, and timestamps for security and analytics purposes.
- Cookies: Theme preference and session cookies. See our Cookie Policy for details.
- Support Communications: Messages you send us via email or Discord are retained to provide support.
How We Use Your Data
We use your personal data for the following purposes:
- To provision and operate your requested services (VPS, ePanel, eAuth)
- To process payments and send invoices
- To authenticate your identity and prevent unauthorised access
- To communicate service updates, maintenance notices, and security alerts
- To improve our products and diagnose technical issues
- To comply with legal obligations
We do not sell your personal data to third parties. We do not use your data for targeted advertising.
Storage & Security
Your data is stored on servers located in New Zealand and Australia. We implement industry-standard security measures including:
- HTTPS/TLS encryption for all data in transit
- Bcrypt password hashing for stored credentials
- Access controls limiting data access to authorised personnel only
- Regular security reviews and dependency updates
Despite these measures, no transmission over the internet is 100% secure. In the event of a data breach that affects your personal data, we will notify you within 72 hours of becoming aware of it.
Third-Party Services
We use the following third-party services that may process your data:
- Stripe — Payment processing. Subject to Stripe's Privacy Policy.
- Discord — OAuth authentication via eAuth. Subject to Discord's Privacy Policy.
- Cloudflare — DNS, DDoS protection, and CDN. May log IP addresses and request metadata.
- Shielded NZ — Site verification badge. Subject to Shielded's Privacy Policy.
- Nexure Solutions LLP — Any data uploaded to a VPS or Domain. Not held for longer than 6 months.
Your Rights
Under applicable New Zealand Privacy Act 2020 provisions (and where applicable, GDPR), you have the right to:
- Request access to the personal data we hold about you
- Request correction of inaccurate personal data
- Request deletion of your account and associated data
- Object to or restrict processing of your data in certain circumstances
- Data portability — receive your data in a structured, machine-readable format
To exercise any of these rights, contact us at legal@eastall.software. We will respond within 20 working days.
If you have questions about this Privacy Policy or how we handle your data, please contact us:
Eastall Software Systems is incorporated in New Zealand under NZBN 9429052218668.