Effective Date: September 1, 2018
- 1) Promise We have designed our business model around the dignity and privacy of individuals. We have adopted rigorous physical, technical, procedural, and legal safeguards to protect your information. We encrypt your information when in transit, we don't sell your information, we limit internal and external access to your information, and if you ever need to close your account we remove your personally identifiable information.
Codias and our affiliates may collect information about you when you use our
applications, websites, other products and services, and through other interactions and
communications you have with us (collectively "Services"). We use this information to
provide, maintain, protect, and improve our Services.
- 2.1 Personal Information We may collect personal information about you such as your name, email, phone, address, sex, age, and other similar types of information when you use our Services. Most of this information is used on your profile so other users can find, connect, and interact with you on our network, but we may also use it to communicate with you and for other similar purposes. If you ever choose to close your account, we remove personally identifiable information that you have provided to us.
- 2.2 Content Information We may collect content that you create and provide while using our Services such as updates, news, messages, comments, replies, likes, shares, images, videos, and other similar types of information. We use your content primarily to display to other users on our network. When you send a message to another Member, only that Member can view your message. When you create a group message and send a message to that group, the only users who can view your message are users who are part of the group. When you post an update, we give you the option of sharing your update with only your allies, all members on Codias, or the public Internet. When you post an update as news, every member on Codias can view your content and we allow you to make your news visible to the public Internet. If you choose to make any content viewable by the public Internet, any user on the Internet can view your content and your content may be indexable by search engines.
- 2.4 Technical Information We may collect technical information about your usage of our Services, such as your device, browser, and other similar types of information contained in server logs and related sources. We use this information to understand how you and other users are using and interacting with our Services, so we can optimize and improve our Services in the future. We also use this information to protect you and other users from external and inside threats, and to resolve technical issues that inevitably arise in the context of software development.
- 2.5 Third-Party Information We may collect and combine information about you from third-party sources. For example, if you choose to import contacts, integrate your social media accounts, or if you engage with a separate app or website that uses our API (or whose API we use), we may receive information about you or your connections from the third-party. We use this information to deliver and enhance our Services.
We are serious about protecting your information and have taken extraordinary steps to
protect your information from both external and internal threats.
- 3.1 Physical Premises Your information must physically reside somewhere and those premises must be protected. We host your information in the physical data centers operated by Amazon Web Services which has developed one of the premier data security regimes in the world and can provide a level of protection for your information that we simply cannot provide on our own at this time.
- 3.2 Data Encryption We employ a variety of technical safeguards to protect your information. We encrypt all traffic sent to or from our servers using an Extended Verification SSL Certificate issued by DigiCert. We encrypt your passwords and private messages while they are being stored.
- 3.3 Strong Passwords We require all users to use strong passwords which must have 8 or more characters and include upper and lowercase letters, and at least one number.
- 3.4 Two-Step Verification To prevent a third-party who may gain access to your password from accessing your account, we equip you with an advanced security option called "two-step verification" that requires both a password and a secret code that is sent to your device in order to login successfully. In other words, even if someone obtains your password, they would still need access to your device to access your account.
- 3.5 Employee Security We place strict access controls on our Services so employees can only access information that they "need to know". Employees never have access to your sensitive information. We require all employees to sign non-disclosure agreements and all independent contractors are required to meet minimum privacy standards. We log and monitor all API calls to our servers so we can audit and detect any irregularities.
- 3.6 Vendor Security We require third-party vendors to sign non-disclosure agreements and/or to meet certain minimum privacy standards. We have also sought to limit our reliance on third-party vendors to the maximum extent possible in order to minimize external risks to your information.