--- a/marketing-site/src/longform/privacy-policy.md +++ b/marketing-site/src/longform/privacy-policy.md @@ -1,6 +1,6 @@ # Privacy Policy -_Effective: 7 February 2017_ +_Effective: 1 September 2017_ An updated copy of this document can be found at https://rumuki.com/privacy-policy.html @@ -11,56 +11,57 @@ your data. Your privacy is our top priority and we are committed to being as transparent as possible with how these things are managed. Our approach to security is to transmit and store only the minimum amount of -data necessary. Because what isn't transmitted can never be intercepted, and -what isn't stored can never be stolen. +data necessary. Because what isn't sent can never be intercepted, and what isn't +stored can't be stolen. More details from a technical perspective can also be found in [our whitepaper](https://docs.google.com/document/d/1g3TQsyCVHT8Z5vzqXiOJ0mZxccjG0198CnRtmIc7t78). -### What Rumuki stores +## How we handle certain types of data -Below are some of the things that Rumuki either transmits or stores on our servers: +* Device tokens: these help us identity your device in order to deliver things + such as push notifications, online-mode videos or playback grants. It is + randomly generated by your phone, and isn't associated with any personal + information or the username that you choose in the app. -* Device tokens: this helps us identify your device when it sends updated Apple - Push Notification tokens. It is a randomly generated token created by your - phone. +* Playback grants: when you send someone a playback grant, it is stored + temporarily on Rumuki servers until consumption. Each playback grant contains + a copy of the sender's key part, encrypted in a way whereby only the recipient + can decipher it. -* Playback grants: when you send someone a playback grant, the grant is stored - temporarily on Rumuki servers until it is consumed. Each playback grant - contains a copy of the sender's key part, encrypted in a way so that only the - grant recipient can decipher it. +* Video names: these are never sent to our servers in plaintext. They are + encrypted in a way whereby only the recipient of the video can decipher + them. -* Crash reports: if enabled, we use a service called - [Crashlytics](https://crashlytics.com) to retrieve and store anonymous data - related to any problems with the app in order to provide a better experience - in the future. This information includes, but is not limited to, device state - information, unique device identifiers, device hardware and OS information, - information relating to how an application functions, and the physical - location of a device at the time of a crash. +* Encrypted videos: in *nearby mode* your content is delivered encrypted over + peer-to-peer local WiFi or bluetooth and never reaches Rumuki servers. In + *online mode*, your video is stored temporarily on Rumuki servers. It is + encrypted in a way whereby only the recipient with a playback grant can + decipher it, therefore it is safe in transit. Online mode videos are stored + for a maximum of up to 30 days on Rumuki servers. -* Logs: the Rumuki server stores access logs for up to 7 days. These logs - include the timestamp, ip address, user agent, http method and url. Logs - may contain recording unique identifiers when used in the request url, however - they will never contain information originating from the user, such as - usernames, or recording names. - -### Things that we do not store - -Below are notable pieces of information that Rumuki _does not_ store. We take -care not to keep anything on our servers that can personally identify our users. +* Email addresses: if you do choose to subscribe to our mailing list, your email + address is never stored in association to your device or its videos. -* We **don't store your content**. Recordings are never transmitted to or stored - on our servers. They are kept encrypted on the two devices that recorded it. +* Crash reports: if enabled, we use a service + called [Crashlytics](https://crashlytics.com) to retrieve and store anonymous + data related to any problems with the app in order to provide a better + experience in the future. This information includes, but is not limited to, + device state information, unique device identifiers, device hardware and OS + information, information relating to how an application functions, and the + physical location of a device at the time of a crash. -* If you do choose to subscribe to our mailing list, your email is never stored - in connection to your device or its recordings. - -* The names that you choose for your recordings are never sent to our servers. +* Logs: the Rumuki server stores access logs for up to 7 days. These logs + include the timestamp, ip address, user agent, http method and url. Logs may + contain unique device tokens in the URL, however they will never contain + information originating from the user, such as usernames, or video names. ## Looking ahead Rumuki is a new product, and we understand that just like any relationship, it takes time to build trust. -Looking forward, Rumuki will be open-sourcing the majority of the components -used to build it. +We plan to open-source the majority of the components used to build it. This +will provide better visibility into exactly what happens to your data. As of +now, the [rumuki-server](https://github.com/rumuki/rumuki-server) source is +available for viewing. --- a/marketing-site/src/longform/terms-of-use.md +++ b/marketing-site/src/longform/terms-of-use.md @@ -1,6 +1,6 @@ # Terms of use -_Effective: 7 Februrary 2016_ +_Effective: 1 September 2017_ An updated copy of this document can be found at https://rumuki.com/terms-of-use.html @@ -32,7 +32,7 @@ this occurs a cryptographic key (the "Key") is generated. You retain all ownership rights to the Original Content and the Content that you had to begin with. You accept that Rumuki is not responsible for the storage, or -reproducability of the Original Content, and understand that the Content or +reproducibility of the Original Content, and understand that the Content or Original Content may become lost or in-accessible due to events outside of your control. @@ -45,17 +45,20 @@ take all reasonable measures to ensure the safe transit of the Key. At times the Content may need to be sent to another device. You accept that this will occur under circumstances and to a device that is either implicitly or explicitly approved by you. You accept that this means the content will be -transferred locally via data exchange technologies such as bluetooth or WiFi. +transferred locally via data exchange technologies such as bluetooth or +WiFi. You accept that the Content may need to be stored on Rumuki servers +temporarily in order to facilitate this transfer. Rumuki will take all +reasonable measures to ensure the safe transit of the Content. ## Your safety Although Rumuki makes an effort to make security easy for you, you acknowledge that ultimately you are responsible for the safety and security of your device -and account. Many security measures can be taken, we reccommend that you at a -bare minimum do the following: +and account. Many security measures can be taken, we recommend that you at a +bare minimum take the following measures: * Keep your device locked with a passcode known only to you. -* Never take recordings in an untrusted environment. +* Never make recordings in an untrusted environment. * Never send a playback grant to someone who you do not or no longer trust. ## Your privacy