Effective: 7 February 2017
An updated copy of this document can be found at https://rumuki.com/privacy-policy.html
This document outlines what happens to, who has control over, and how we handle your data. Your privacy is our top priority and we are committed to being as transparent as possible with how these things are managed.
Our approach to security is to transmit and store only the minimum amount of data necessary. Because what isn't transmitted can never be intercepted, and what isn't stored can never be stolen.
More details from a technical perspective can also be found in our whitepaper.
Below are some of the things that Rumuki either transmits or stores on our servers:
Device tokens: this helps us identify your device when it sends updated Apple Push Notification tokens. It is a randomly generated token created by your phone.
Playback grants: when you send someone a playback grant, the grant is stored temporarily on Rumuki servers until it is consumed. Each playback grant contains a copy of the sender's key part, encrypted in a way so that only the grant recipient can decipher it.
Crash reports: if enabled, we use a service called Crashlytics to retrieve and store anonymous data related to any problems with the app in order to provide a better experience in the future. This information includes, but is not limited to, device state information, unique device identifiers, device hardware and OS information, information relating to how an application functions, and the physical location of a device at the time of a crash.
Logs: the Rumuki server stores access logs for up to 7 days. These logs include the timestamp, ip address, user agent, http method and url. Logs may contain recording unique identifiers when used in the request url, however they will never contain information originating from the user, such as usernames, or recording names.
Below are notable pieces of information that Rumuki does not store. We take care not to keep anything on our servers that can personally identify our users.
We don't store your content. Recordings are never transmitted to or stored on our servers. They are kept encrypted on the two devices that recorded it.
If you do choose to subscribe to our mailing list, your email is never stored in connection to your device or its recordings.
The names that you choose for your recordings are never sent to our servers.
Rumuki is a new product, and we understand that just like any relationship, it takes time to build trust.
Looking forward, Rumuki will be open-sourcing the majority of the components used to build it.