Data Rights

We believe all people deserve certain rights to their control their data, regardless of our legal obligations as a company. You can be sure that we will respect the following data rights.

Right to Access

You have a right at any moment to request access to your data and a detailed overview of all data we have about you.

Right to Rectification

You have a right at any moment to request we update or otherwise make changes the data we have on record.

Right to Deletion

You have a right at any moment to request delete to your data and for that deletion to be permanent in nature.

Right to Portability

You have a right at any moment to request that your data be given to you in a machine-readable format.

Right to Opt-out

You have a right at any moment to request to opt-out of any data sharing, processing or other data activities you desire.

Right to Deny Automated Decisions

You have a right at any moment to deny our ability to use your data in order to generate automated decisions.

Third-Party Access

We use the following services in order to make our product work the way it does. These companies have access to your data and are what the industry would call either data controllers, data processors, or both.

Data Points

We use the following services in order to make our product work the way it does. These companies have access to your data and are what the industry would call either data controllers, data processors, or both.

Email

Payment information

Work Address

Cookies & Other Trackers

Many companies across the internet use cookies and other trackers but that's changing. Until then, it's important to know if a company is using these tools, and if so, why. Reasons my vary, including but not limited to: Basic Functionality, Website Traffic Analytics, Improved Service Offerings, Marketing and Advertising

Collects Cookies

Yes

We use cookies and other trackers throughout their site.

Collects Cookies

No

We do not use cookies and/or other trackers on our site.

How do you take control?

The reality is that the best way for you to take control of your digital footprint is to choose a browser that protects your privacy by default:

Learn more about your digital footprint

Most people have no idea where all of there data is or how they can take control of it. Say Mine is a service that will allow you to understand your digital footprint better.

Data Storage, Transfers & Access

We use the following services in order to make our product work the way it does. These companies have access to your data and are what the industry would call either data controllers, data processors, or both.

Data Ownership

No

We and/or our data-sharing partners view data we collect as an asset owned by our company and may transfer and store your data as it wishes, within constraints of the law.

Data Ownership

Yes

We and/or our data-sharing partners do not view your data as an asset owned exclusively by our company and we are committed to asking you for permission before any new partnerships, integrations or other data transfers occur.

Data STorage

Yes

We may need to share data with storage partners who may move your data to various places across the world

Where is your data stored?

More than 60 percent of internet companies rely on Amazon, Microsoft and/or Google to manage and store their data. This means your data is stored in different places all across the globe. This is both for security and business purposes.

Your information, including Personal Data, may be transferred to - and maintained on - computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

We will use commercially reasonable efforts to ensure that no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Assist Law Enforcement

Yes

We and/or our data-sharing partners will share data with government and law enforcement agencies if legally required by valid warrant, subpoena or other obligation.

Why assist government?

It's important to assist law enforcement when possible in order to uphold law and order within society. Some companies may encrypt information, which means they can not share all information but they may still participate in legal obligations up until the point they're incapable of sharing information.

End-to-End Encryption (E2EE)

Yes

We use E2EE to provide private communications and interactions.

End-to-End Encryption (E2EE)

No

This company does not use E2EE to provide private communications and interactions on their site.

What does End-to-End Encryption do for privacy?

Encryption is the process of converting information or data into a code, especially to prevent unauthorized access. End-to-end encryption means a company has made it so that even if they wanted to know about what you're doing on their platform, they couldn't. And if they can't know, then nobody can know.

This can be good in the sense that you don't have to worry about being hacked but could also be bad because law enforcement, platform owners, and others have no way of tracking or managing criminal behavior on the platform.

Data Protection & Security

Companies that do not write their own code often have limited control over the security of your data. Often the security of your data is reliant on the bigger companies that provide the digital services to the smaller companies. There are, however, several things that smaller, less technical companies can do to improve the security of your data, including the following:

Password Management System

Yes

We require our company's employees to use a password management system.

Password Management System

No

We do not require our employees to use a password management system.

What is a password manager?

A password manager is a computer program that allows users to store, generate, and manage their personal passwords for online services. A password manager assists in generating and retrieving complex passwords, potentially storing such passwords in an encrypted database or calculating them on demand.

If used appropriately, the people using the password manager don't even know their own password most of the time, which makes it that much harder for someone to hack.

Two-Factor Authentication (2FA)

Yes

We require our employees to use 2FA where possible.

Two-Factor Authentication (2FA)

No

We do not require our employees to use 2FA.

What is 2FA?

Multi-factor authentication is an electronic method in which a computer user is granted access to a website or application only after successfully presenting two or more pieces of evidence that they are the correct individual to whom access should be given.

Additional Details

A few other details about how we will respect you and your experience with our service.

Terms Subject to Change

Yes

We will, at times, need to update our policies as our services grow and evolve. We promise to make sure you're aware of all these changes.

Why do policies change so much?

Most companies are constantly working to improve their products and services. This means their policies are due to update. Being required to ask for permission from every individual before making changes would make innovation excessively difficult. The most important part of change is that it is properly communicated, which we promise to do.

Frequently Asked Questions

Understanding what all of this means can be overwhelming. Here is some basic information to help you understand the fundamentals of data privacy and your rights as a data subject.

What is 2-Factor Authentication and should I use it?

https://www.youtube.com/watch?v=0mvCeNsTa1g

Should I use a password manager?

https://www.youtube.com/watch?v=xHSnHj-zKF4

What is a password manager and what are the benefits?

https://www.youtube.com/watch?v=xHSnHj-zKF4

What benefits do companies get from my data?

https://www.youtube.com/watch?v=zDboy_RMaXk

How do companies track me across platforms?

Can companies track my keystrokes as I type?

https://www.csoonline.com/article/3326304/what-is-a-keylogger-how-attackers-can-monitor-everything-you-type.html

Can companies track my eyes as I use the screen?

Do companies really record my browsing experience?

Can trackers evade the blockers I have set up?

Does disabling Third-Party Cookies and Ad Trackers really do anything?

https://builtin.com/adtech-martech/third-party-cookies-privacy

How do I disable Third-Party Cookies and Ad Trackers?

What is a Third-Party Cookie?

What is an Ad Tracker?

https://digiday.com/media/know-cookies-guide-internet-ad-trackers/

What is Google Analytics?

https://www.fastcompany.com/90300072/its-time-to-ditch-google-analytics

What is Facebook Pixel?

https://www.facebook.com/business/learn/lessons/overview-of-how-facebook-pixels-work

Do I have the legal right to delete my data?

The short answer is that it depends, but probably not. The truth is it depends on the company.

Why? Data protection laws in the US are very fragmented. A small handful of states have decided to legally protect their citizens from the extractive model of most companies on the internet but many states have not.

You can learn more about what rights you have in your state here: https://iapp.org/resources/article/state-comparison-table/

How long does it take to respond to a data access request?

The short answer is that it depends. The first question is whether or not your state protect you at all. You can find out more here: https://iapp.org/resources/article/state-comparison-table/

If your state has legal requirements for companies to protect its citizens, time to respond to data request still varies and in most cases is not automated. Some states require companies to respond within 30 days, some give companies 45 days, some give 60 days.

The number of days is also dependent upon when the request is received. For example, if it took the company 10 days to get to your email, most companies then have the legally defined response days from the date the email was opened.

What are my rights as a user (or "data subject")?

This is a tricky question that depends on where you live. The most common data rights being fought for are:

  1. Right to Access
  2. Right to Rectification
  3. Right to Deletion
  4. Right to Restriction
  5. Right to Portability
  6. Right to Dispute Automated Decisions

These rights are not guaranteed for everyone around the globe. For full detail as to what rights you have as a citizen of the United States, you can view the US State Comprehensive Privacy Law Comparison by the International Association of Privacy Professionals (IAPP).