- Before or at the time of collecting any personal information, we will identify the purposes for which information is being collected.
- We will collect and use of personal information only when necessary, solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
- We will only retain personal information as long as necessary for the fulfillment of those purposes.
- We will protect personal information by security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
- We collect and use limited data with Google Analytics on our corporate site (cyph.com), as well as through a sandboxed iframe in the Cyph application. Events logged to Google Analytics indicate numbers of: cyph sessions, messages, timeouts, voice/video calls, file transfers, signups, cyphertext UI views, help UI views, and calls to our API.
- We do not and will never view, log, or transfer plaintext versions of your encrypted data, nor the private keys and mutually shared secrets needed in order to decipher them.
- We have not been approached by any agency, government or otherwise, with a request to backdoor our code. We are currently working on implementing a better warrant canary system.
We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.
If you have any questions about our policy, please email us at firstname.lastname@example.org.