Privacy

Privacy Policy

August 25, 2017

1) Promise

We have designed our business model around the dignity and privacy of individuals. We have adopted rigorous physical, technical, procedural, and legal safeguards to protect your information. We encrypt your information when in transit, we don't sell your information, we limit internal and external access to your information, and if you ever need to close your account we remove your personally identifiable information.

2) Information

Codias and our affiliates may collect information about you when you use our applications, websites, other products and services, and through other interactions and communications you have with us (collectively "Services"). We use this information to provide, maintain, protect, and improve our Services.

2.1 Personal Information

We may collect personal information about you such as your name, email, phone, address, sex, age, and other similar types of information when you use our Services. Most of this information is used on your profile so other users can find, connect, and interact with you on our network, but we may also use it to communicate with you and for other similar purposes. If you ever choose to close your account, we remove your personally identifable information.

2.2 Content Information

We may collect content that you create and provide while using our Services such as updates, news, blogs, messages, images, videos, actions you take, and other similar types of information. We use your content primarily to display to other users on our network. When you send a message, the only member that can view your message is the recipient(s). When you post an update, the only members who can view your post are allies who you have chosen to connect with. When you post news or a blog, every member on Codias can view your post. When you post news and blogs, you may choose to make them visible to the public Internet. If you choose to make your content viewable by the public Internet, any user on the Internet can view your content and your content may be indexable by search engines.

2.3 Sensitive Information

We may collect certain information we classify as sensitive information for purposes of our Privacy Policy such as your password, any third-party credentials you choose to provide, and billing details. We use your password and third-party credentials to give you access to our Services. We use your billing details to streamline any payments you may choose to make for our Services.

2.4 Technical Information

We may collect technical information about your usage of our Services, such as your device, browser, and other similar types of information contained in server logs and related sources. We use this information to understand how you and other users are using and interacting with our Services, so we can optimize and improve our Services in the future. We also use this information to protect you and other users from external and inside threats, and to resolve technical issues that inevitably arise in the context of software development.

2.5 Third-Party Information

We may collect and combine information about you from third-party sources. For example, if you choose to import contacts, integrate your social media accounts, or if you engage with a separate app or website that uses our API (or whose API we use), we may receive information about you or your connections from the third-party. We use this information to deliver and enhance our Services.

2.6 Cookie Information

We may collect information through the use of "cookies" or other similar technologies. We use this information to make your life easier by allowing our Servers to remember your preferences and details you've already entered so you don't have to enter the same information twice and for other similar purposes. We never use cookies to track your web browsing activity after you've left our website and most browsers will allow you to block cookies in the settings options if you'd prefer not to use them.

3) Protection

We are serious about protecting your information and have taken extraordinary steps to protect your information from both external and internal threats.

3.1 Physical Premises

Your information must physically reside somewhere and those premises must be protected. We host your information in the physical data centers operated by Amazon Web Services which has developed one of the premier data security regimes in the world and can provide a level of protection for your information that we simply cannot provide on our own at this time.

3.2 Data Encryption

We employ a variety of technical safeguards to protect your information. We encrypt all traffic sent to or from our servers (data in transit) using an Extended Verification SSL Certificate issued by DigiCert which features the maximum 256-bit encryption with the SHA-2 hashing algorithm. We encrypt your sensitive information while it is being stored (data at rest) using the AES-256 encryption standard with the bcrypt hashing algorithm.

3.3 Strong Passwords

We require all users to use strong passwords which must have 6 or more characters and include upper and lowercase letters, and at least one number. To prevent bruteforce attacks, we limit the number of unsuccessful logins to 10 attempts before you are required to reset your password using your email account that we have on file.

3.4 Two-Step Verification

To prevent a third-party who may gain access to your password from accessing your account, we equip you with an advanced security option called "two-step verification" that requires both a password and a secret code that is sent to your device in order to login successfully. In other words, even if someone obtains your password, they would still need access to your device to access your account.

3.5 Employee Security

We place strict access controls on our Services so employees can only access information that they "need to know". Employees never have access to your sensitive information. We require all employees to sign non-disclosure agreements and all independent contractors are required to meet minimum privacy standards. We log and monitor all API calls to our servers so we can audit and detect any irregularities.

3.6 Vendor Security

We require third-party vendors to sign non-disclosure agreements and/or to meet certain minimum privacy standards. We have also sought to limit our reliance on third-party vendors to the maximum extent possible in order to minimize external risks to your information.

Our Privacy Policy covers your information that Codias and our affiliates collect and use. Third-parties that are linked or redirected to or from our Services may have their own privacy policies. Please be careful using third-parties to ensure their privacy policies align with your expectations before using them. We expect to update our policy in the future and when we do, we will post an updated policy at www.codias.com/privacy and we will attempt to notify our users by email. If you have any questions or concerns about our policy, please contact us at privacy@codias.com.