Přeskočit na stránku
MojeIDJak na InternetNebojte se InternetuEdiceAkademieLaboratořeDobrá doménaCSIRT.CZTurris Omnia
Háčky čárkyJak funguje DNSDoménový prohlížečKatalog routerůSkener webuCAPTCHA HelpTablexiaDatovkaCertifikace registrátorů
Konference ITFREDBIRDKnot DNSKnot ResolverTest IPv6IPv6 widgetDNSSECODVR
DNSSEC validátorDNS CheckDNS CollectorDSCngBlog


version: OMNIA_001






The TURRIS Project is a research project of CZ.NIC, z. s. p. o. Association, with Business ID No. 67985726, and headquarters at Milešovská 1136/5, Prague 3, Czech Republic (hereinafter as "the CZ.NIC Association"). The purpose of this project is to protect home networks via a special router (the TURRIS OMNIA router, hereinafter as the "Device").


The Device enables the execution of remote automatic updates and monitoring, analysis and collection of information on security incidents related to computer networks, particularly the Internet. Detailed information is available on the project website www.turris.cz.




The Owner or user of the Device (hereinafter referred to as the "Owner") participates in the project under these terms and conditions by actively volunteering to enable data collection, which is performed by enabling this feature in the user interface. By turning this feature on, the Owner agrees with the Device‘s involvement in monitoring, analysing and collecting information in accordance with these terms and conditions, and undertakes to allow the CZ.NIC Association to perform activities described in these terms and conditions throughout the duration of participation in the project.


The prerequisite for participating in this part of the project is to enable automatic updates for the Device, which are governed by separate Terms and Conditions of participation in the TURRIS project (Device’s automatic updates).


The Owner is entitled to terminate their participation in the project at any time without giving a reason, by disabling the feature on the Device interface.


The CZ.NIC Association is entitled to terminate the Owner’s participation in the project or the project itself at any time without giving a reason, even without prior notice to the Owner.




The CZ.NIC Association is authorised to monitor and collect data passing through the Device for the purpose of security analyses and generating statistics. The following data will be monitored and collected:


data identifying the communication protocol, the source and destination (technical description - data at the level of packet headers especially allowing to differentiate IPv4/IPv6 or TCP/UDP, packet type, to identify the source and destination address, source and destination port, time of the communication)


data from the application layer, that have the nature of metadata (e.g. the contents of the DNS packets, HTTP protocol header, certificates used within the initialisation of TLS connection, etc.), solely provided that they are essential for the security analysis and under the conditions set out in Article 3.2,


session statistics, including packet size, the protocol used, the volume of data transferred under a single session and


data from the logs of unauthorised accesses from the firewall to the extent corresponding to the Article 3.1.1.


The monitored and collected data will not include the content of communication (the internal packet content). The CZ.NIC Association undertakes not to monitor or collect data on the content of communications, including personal data, passwords and the like, which are contained in the transmitted packets, with the exception of data analysis according to Article 3.1.2.


For the purposes of testing the network connectivity (e.g. the analysis of the network service availability) the CZ.NIC Association shall be entitled to establish a connection between the Device and third party network devices. The CZ.NIC Association undertakes to keep the volume of the such generated data streams to the necessary minimum and not to use this service in conflict with the rights and legitimate interests of the owners/operators of the target devices, as well as the Owner.


The CZ.NIC Association is only entitled to monitor and analyse the network traffic between the internal network and the Internet, the traffic within the internal network is not monitored in any way, nor analysed.


The CZ.NIC Association is also entitled to collect, monitor and analyse technical data regarding the Device status, in particular:


Data on temperature, voltage and current from the Device´s internal sensors,


the use of CPU and RAM, capacity and health (i.e. bad blocks) of internal flash memory,


errors (application log listings) in software pre-installed by the CZ.NIC Association or software installed by the CZ.NIC Association in the Device during the Owner’s participation in the TURRIS project.




The CZ.NIC Association undertakes to analyse the data to the maximum possible extent directly in the Device if possible with respect to the analysis nature, and to only transfer results obtained from such analysis to servers under the direct supervision of the CZ.NIC Association. In other cases, only the data that cannot be directly processed on the Device will be transferred to servers under the direct supervision of the CZ.NIC Association. Data transfer from the Device to servers under the direct supervision of the CZ.NIC Association will take place over an encrypted connection with explicit checking of the server certificate.


The CZ.NIC Association undertakes to store the data obtained from the Device within a dedicated data repository, accessible to only a limited number of employees of the CZ.NIC Association authorised to carry out the tasks under these terms and conditions.


Data collected for analysis purposes will be stored separately from the database of Owners. During the analysis, the CZ.NIC Association employees have no access to the information about the Owner, but only to the unique identification of the Device. Connecting the information obtained through the Device, and the identity of the Owner is only possible for displaying the selected information (especially logs and statistics) to the Owner via a web interface of the project, or to inform the Owner about a possible security incident or threat where, for example, the risk is of such a nature that informing about the results of the analysis using the general form of communication would be insufficient.


The CZ.NIC Association is entitled to store and process the obtained data only during the period of time necessary for the analysis and processing thereof, but not longer than 10 days (unless the user sets otherwise in the project web interface) from their acquisition from the Device. After that time the CZ.NIC Association is entitled to store and process only aggregated data not allowing simultaneous identification of the source and destination of the communication. This obligation does not apply to the technical data described in Article 3.5 of these terms and conditions, which the CZ.NIC Association is entitled to store and process without restriction.


The CZ.NIC Association is entitled to provide data to third parties, in particular to inform them about potential security risks, but always in such a manner that such data does not allow for any unambiguous identification of the Owner. Third parties may also be provided with data obtained by analysing traffic on the Device for the purpose of further research, development and information sharing which is important to the objectives of the project under these terms and conditions (e.g. the exchange of data concerning malware). In such cases, however, the data must always be anonymised, making it impossible to identify a specific Device from which they came from, or their Owner.


The CZ.NIC Association undertakes to provide a statistical overview of information to the Owner derived from the data collected on the Device upon their request. This overview will also be available to the Owner on the user site of the project.


The CZ.NIC Association is not liable for any damage incurred by the Owner as a consequence of suspicious data flows, malicious network traffic or external attack. The purpose of the Device is primarily monitoring, analysis and collection of information about security incidents, research activities in the area of network security and activities leading to improvements in this area. In any case the CZ.NIC Association does not provide to the Owner with protection against network attacks, malicious data flows and other security incidents that may occur within the Internet network.




In the event that the Owner allows the Device to be used by other people, then they are required to inform such people about the Device features under these terms and conditions, and also on the extent and manner of handling the data obtained under these terms and conditions.


The Owner acknowledges that any modifications or changes to the Device’s software system (e.g. installation of additional software) may limit or completely prevent from working the functionality described in these terms and conditions.


The Owner acknowledges and agrees that, for the purposes of fulfilling the subject and purpose of the project, under these terms and conditions, there will be data transfers to and from the Device. The volume of such transfers is made available on the Project user site, at least for the previous time period (usually a calendar month), and it usually does not exceed 500 MB per calendar month. All payments for data transfers through the Device, will be paid for by the Owner in full, and the Owner shall not be entitled to any refund of the costs or any part thereof from the CZ.NIC Association.


The Owner is not entitled to interfere in any way with communications between the Device and the CZ.NIC Association servers, nor to communicate with the CZ.NIC Association servers designed to collect data from the Device outside the automatic communication between the Device and these servers.




The Owner declares to be thoroughly acquainted with the subject and purpose of the project in accordance with these terms and conditions and objectives of the project, and agrees to the processing of their personal data which the CZ.NIC Association obtains under these terms and conditions to the extent necessary to achieve the subject and purpose of the project under these terms and conditions. The Owner also declares that the data provided are correct and undertakes to notify their changes to the CZ.NIC Association without undue delay.


The Owner is entitled to ask the CZ.NIC Association for information regarding the processing of their personal data, which shall be provided without undue delay.


Should the Owner discover or suspect that the CZ.NIC Association is processing the Owner´s personal data that is inconsistent with the protection of private and personal life or in conflict with the applicable legislation, especially if the data are inaccurate with regard to the purpose of their processing, the Owner is entitled to require explanations from the CZ.NIC Association, as well as removal of the situation (especially by blocking, correcting, supplementing or destroying of the personal data).


The Owner agrees to the use of their e-mail address for sending information about the project and other the CZ.NIC Association activities related to the project. The information will not be sent more frequently than once a week and the Owner will have the option to refuse their further sending in accordance with law.


The Owner acknowledges that the analyses under these terms and conditions are advisable to be carried out on the largest possible range of the Devices in various types of networks. It is therefore recommended to use the Device as the main access point to communicate with the Internet, in accordance with its purpose, throughout the duration of participation in the project, 24 hours a day, 7 days a week, preferably under a public IP address. If the Owner places any other network element, for example modem, in front of the Device, it is recommended to configure this device to be fully transparent in terms of network traffic.




Communication between the Owner and the CZ.NIC Association is done electronically through the e-mail address of the Owner provided during the registration process in the project. For communication with the CZ.NIC Association the following e-mail address info@turris.cz is used.


The CZ.NIC Association is entitled to change these terms and conditions at any time. CZ.NIC is obliged to disclose the change in these terms and conditions at least one month before the effective date of such change, by publishing the changes on http://www.turris.cz and notification displayed in the Device’s web interface and notification of this change sent to the email address of the Owner. The Owner is entitled to refuse the changes in these terms and conditions by terminating the participation in the project in accordance with Article 2.3 of these terms and conditions. If the Owner continues to participate in the Project after the effect of changes in the terms and conditions, then they agree with the change.


Any amendments, reservations, limitations or variations to these terms and conditions are excluded.


The relationship between the CZ.NIC Association and the Owner is governed by the laws of the Czech Republic.

Do you want to join the project?

Join in!