Privacy is the foundation of our business. Our service provides users with the ability to connect and share in a private environment, and we've implemented both our user experience and security model to support this fundamental requirement. This policy will outline how our platform, our APIs our external clients and third party service providers store and transmit the content created within the system.
This policy includes all Glassboard client applications released by Sepia Labs (Android, iOS, Windows Phone 7, Silverlight) as well as the Glassboard Platform.
Further inquiries can be sent to email@example.com.
The Glassboard Platform is deployed in Microsoft Windows Azure. Data is stored encrypted in table storage and blob storage. Supplemental data such as analytical data is stored in a SQL Azure database. All analytical data is de-personalized and obfuscated prior to being recorded.
- Protection of Personal Information
Sepia Labs takes numerous precautions, including administrative, technical, and physical measures, to safeguard your personal information against loss, theft, and misuse, as well as against unauthorized access, disclosure, alteration, and destruction.
- Personally-Identifiable Data
Glassboard collects email addresses for all users. Our platform will accept an email address as a username for authentication as well as a user's system-generated unique ID. The platform has the ability to correlate multiple email addresses with a single Glassboard unique user ID. We may also store multiple phone numbers per user if the user has supplied them.
This data is never shared with any outside entities, except when necessary to supply services as specified. For example, email addresses are shared with our email service provider so that we can send email.
All statuses, comments, user locations, board names, and phone numbers in the Glassboard Platform are encrypted using well-recognized practices before being written to storage. Glassboard Platform-generated metadata such as unique identifiers and messages counts are not encrypted. Uploaded files such as photos and videos are also not encrypted.
Encrypted Glassboard data is decrypted only on our production servers. No other machines, including those of the developers, have the ability to decrypt production data. All certificates are uniquely password-protected. Certificates are stored in source control for backup but are stored as an encrypted and password-protected archive.
Any Sepia Labs employee with access to all of these certificates and passwords is strictly prohibited from using that access except in the case of catastrophic system failure or in compliance with any law enforcement agency with legal right to the information requested.
When requested by the user (via a switch on the message interface) Glassboard will request your location only when you would like to use it. End users have the ability to choose whether to include their location with each message. Glassboard for Windows Phone 7 uses Microsoft's Location Service APIs.
All connections to the Glassboard Platform are made via SSL. The Glassboard Platform does not support non-SSL HTTP requests. All data transmitted between client applications and the Platform is secured in accordance with current standard practices.
Data sent in push notifications and/or email alerts is not encrypted. If you disable those features, the messages will not be sent.
Decrypted data is accessible on the Glassboard Platform servers as requests are processed, as well as on client applications making web service requests to the platform.
Sepia Labs strives to maintain the strictest privacy and security practices recommended by each platform and service provider.
Microsoft Windows Azure hosts the servers and data storage for the Glassboard Platform. Microsoft outlines its physical and data security measures in this document (PDF). Glassboard adds further data protection by encrypting sensitive user data prior to writing to storage.
We DO NOT sell, rent, or otherwise share personal information to Third Party companies for marketing purposes. We may share your personal information with other companies who work on our behalf or to improve our products and services. In some cases, your purchase of Sepia Labs products or services may be handled by a third-party store or service, over whose privacy policies we do not have control.
We may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our website and services and welcome any feedback about these third party sites.
For more information send inquiries to firstname.lastname@example.org