Changeset View
Changeset View
Standalone View
Standalone View
landing/privacy.react.js
// @flow | // @flow | ||||
import * as React from 'react'; | import * as React from 'react'; | ||||
import css from './legal.css'; | import css from './legal.css'; | ||||
function Privacy(): React.Node { | function Privacy(): React.Node { | ||||
return ( | return ( | ||||
<div className={css.legal_container}> | <div className={css.legal_container}> | ||||
<h1>Privacy Policy</h1> | <h1>Privacy Policy</h1> | ||||
<p> | <p> | ||||
Effective date: <strong>June 29, 2021</strong> | Effective date: <strong>February 2, 2023</strong> | ||||
</p> | </p> | ||||
<h2>Introduction</h2> | <h2>Introduction</h2> | ||||
<p> | <p> | ||||
We built Comm as a privacy-focused alternative to the cloud-based | We built Comm as a privacy-focused alternative to the cloud-based | ||||
community chat apps that exist today. In order to protect the privacy of | community chat apps that exist today. In order to protect the privacy of | ||||
user content, communities on Comm are hosted on private keyservers, and | user content, communities on Comm are hosted on private keyservers, and | ||||
messages transmitted through the platform are encrypted, preventing us | messages transmitted through the platform are encrypted, preventing us | ||||
from being able to access their contents. While Comm does collect a | from being able to access their contents. While Comm does collect a | ||||
minimal amount of information as necessary to power and maintain the | minimal amount of information as necessary to power and maintain the | ||||
Services, Comm will never be able to access or view your messages or | Services, Comm will never be able to access or view the substance of | ||||
content. This Privacy Policy describes the limited ways in which Comm | your Content. This Privacy Policy describes the limited ways in which | ||||
uses information in connection with its Services. | Comm uses information in connection with its Services. | ||||
</p> | </p> | ||||
<p> | <p> | ||||
<strong> | <strong> | ||||
By using or accessing our Services, you acknowledge that you accept | By using or accessing our Services, you acknowledge that you accept | ||||
the practices and policies outlined below. | the practices and policies outlined below. | ||||
</strong> | </strong> | ||||
</p> | </p> | ||||
<h2>Table of Contents</h2> | <h2>Table of Contents</h2> | ||||
<ul> | <ul> | ||||
<li> | <li> | ||||
<strong>Information We Collect</strong> | <strong>Information We Collect</strong> | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Public Blockchain Information</strong> | |||||
</li> | |||||
<li> | |||||
<strong>How We May Share Your Information</strong> | <strong>How We May Share Your Information</strong> | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Retention of Information</strong> | <strong>Retention of Information</strong> | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Your Rights in the Personal Data You Provide to Us</strong> | <strong>Your Rights in the Personal Data You Provide to Us</strong> | ||||
</li> | </li> | ||||
Show All 16 Lines | <div className={css.legal_container}> | ||||
<p> | <p> | ||||
We collect the following categories of information, some of which might | We collect the following categories of information, some of which might | ||||
constitute personal information: | constitute personal information: | ||||
</p> | </p> | ||||
<ol> | <ol> | ||||
<li> | <li> | ||||
<strong>Account Information.</strong> In order to use Comm, you will | <strong>Account Information.</strong> In order to use Comm, you will | ||||
be required to create an account, and in doing so, will be required to | be required to create an account, and in doing so, may be required to | ||||
provide a username and password to us. We only store salted and hashed | provide a username and password to us. We only store salted and hashed | ||||
versions of your password – we never store the plaintext version. No | versions of your password – we never store the plaintext version. No | ||||
other information is required to create an account and we do not want | other information is required to create an account and we do not want | ||||
you to provide any other information. | you to provide any other information. | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Blockchain Account Information.</strong> You may instead | |||||
choose to log into Comm using a third-party blockchain provider (such | |||||
as, Sign-In with Ethereum or similar functionality), in which case you | |||||
will be required to provide your blockchain address to us. The only | |||||
information we collect as part of this process is information that is | |||||
already publicly available. | |||||
</li> | |||||
<li> | |||||
<strong>Backup Service.</strong> You have the option to back up your | |||||
Content on Comm’s hosted servers, allowing you to recover any | |||||
backed-up Content. If you do not opt out of the backup service, your | |||||
Content will be stored in our automated backup service.{' '} | |||||
<strong> | |||||
Your Content will always remain end-to-end encrypted, even when | |||||
stored through our backup service. | |||||
</strong>{' '} | |||||
You may recover your backed-up Content through an automatic recovery | |||||
process available through your account. If you request your Content, | |||||
Comm will verify your identity cryptographically to verify that the | |||||
Content you are requesting belongs to you; however, such request will | |||||
not allow Comm to collect or view any information that is not already | |||||
outlined in this Privacy Policy and your backed-up Content will only | |||||
be associated with your account. The backup service only allows Comm | |||||
to collect encrypted versions of your Content – at no point will Comm | |||||
have the ability to access or view the substance of your Content nor | |||||
will Comm ever have the ability to decrypt your Content collected | |||||
through the backup service. You may opt-out of this backup service at | |||||
any time by doing so within the app. | |||||
</li> | |||||
<li> | |||||
<strong>Updates About the Services.</strong> If you choose to receive | <strong>Updates About the Services.</strong> If you choose to receive | ||||
updates on Comm’s progress, you will be required to provide your email | updates on Comm’s progress, you will be required to provide your email | ||||
address to us. These email addresses will not be associated with any | address to us. If you choose to send any emails to us in response to | ||||
accounts, and will not be used for any purpose other than to provide | such updates or otherwise, we may collect the content of such emails. | ||||
updates on Comm. | These email addresses, and any emails received from you, will not be | ||||
associated with any accounts, and will not be used for any purpose | |||||
other than to provide updates on Comm and to otherwise respond to you. | |||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Time Zone Detection.</strong> When responding to a web | <strong>Time Zone Detection.</strong> When responding to a web | ||||
request, we use the requester’s IP address in order to determine which | request, we use the requester’s IP address in order to determine which | ||||
time zone to render timestamps in. We do not store these IP addresses | time zone to render timestamps in. We do not store these IP addresses | ||||
or associate them with specific accounts. | or associate them with specific accounts. | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Security, Fraud and Abuse.</strong> In order to detect and | <strong>Security, Fraud and Abuse.</strong> In order to detect and | ||||
prevent abuse of our Services and cyberattacks, we keep track of | prevent abuse of our Services and cyberattacks, we keep track of | ||||
request metadata, which includes requests made by IP addresses as well | request metadata, which includes requests made by IP addresses as well | ||||
as the frequency of those requests. This data is only stored on a | as the frequency of those requests. This data is only stored on a | ||||
short-term basis and is never associated with specific accounts, even | short-term basis and is never associated with specific accounts, even | ||||
if the requests themselves originate from or are associated with | if the requests themselves originate from or are associated with | ||||
specific accounts. Additionally, we may view and block certain IP | specific accounts. Additionally, we may view and block certain IP | ||||
address ranges as necessary to comply with applicable United States | address ranges as necessary to comply with applicable United States | ||||
export control laws and regulations. | export control laws and regulations. | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Optimizing the Services.</strong> In order to optimize the | |||||
Services provided to you, we keep track of which version of Comm’s | |||||
code you are running as well as the platform that you are using to run | |||||
Comm’s code (e.g., iOS, Android, web server, keyserver). We only | |||||
collect this information to provide the Services to you, and are not | |||||
able to access or view the substance of your Content in connection | |||||
with such collection. | |||||
</li> | |||||
<li> | |||||
<strong>Crash Reports.</strong> If you choose to send us a crash | <strong>Crash Reports.</strong> If you choose to send us a crash | ||||
report, we may collect data from such reports for purposes of | report, we may collect data from such reports for purposes of | ||||
debugging and system maintenance. These reports contain operational | debugging and system maintenance. These reports contain operational | ||||
information such as telemetry data (e.g., information with respect to | information such as telemetry data (e.g., information with respect to | ||||
the recent connection between the client and server), metadata (e.g., | the recent connection between the client and server), metadata (e.g., | ||||
time stamps from messages sent in a conversation or chat), and device | time stamps from messages sent in a conversation or chat), and device | ||||
data (e.g., your device’s operating system) but never contain the | data (e.g., your device’s operating system) but never contain the | ||||
content of your messages. | content of your messages. | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Push Notifications.</strong> If you choose to allow push | <strong>Push Notifications.</strong> If you choose to allow push | ||||
notifications to your device, your device’s operating system’s | notifications to your device, your device’s operating system’s | ||||
provider will know that you are using the Services and may be able to | provider will know that you are using the Services and may be able to | ||||
see the content of the messages you transmit using the Services. We | see the Content you transmit using the Services. We only collect push | ||||
only collect push tokens required to send you such notifications and | tokens required to send you such notifications and these tokens do not | ||||
these tokens do not permit us to access or view the content of your | permit us to access or view your Content. | ||||
messages. | |||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Contact List.</strong> If you allow us to do so, we can | <strong>Contact List.</strong> If you allow us to do so, we can | ||||
discover which contacts in your address book are Comm users by using | discover which contacts in your address book are Comm users by using | ||||
technology designed to protect the privacy of you and your contacts. | technology designed to protect the privacy of you and your contacts. | ||||
If you opt to discover other Comm users in your contact list, phone | If you opt to discover other Comm users in your contact list, phone | ||||
numbers from the contacts on your device, as well as your own phone | numbers from the contacts on your device, as well as your own phone | ||||
number, will be hashed and transmitted to Comm in order to match you | number, will be hashed and transmitted to Comm in order to match you | ||||
and your friends on the Services. Since this contact information is | and your friends on the Services. Since this contact information is | ||||
hashed, Comm cannot view or access the plaintext version. | hashed, Comm cannot view or access the plaintext version. | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Cookies.</strong> We only use a single cookie per user in | <strong>Cookies.</strong> We only use a single cookie per user in | ||||
order to authenticate a user as being logged in to Comm. Most browsers | order to authenticate a user as being logged in to Comm. Most browsers | ||||
allow you to decide whether to accept these cookies and whether to | allow you to decide whether to accept these cookies and whether to | ||||
remove any cookies already on your device. If you disable these | remove any cookies already on your device. If you disable these | ||||
cookies, you will not be able to stay logged into Comm. | cookies, you will not be able to stay logged into Comm. | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Content.</strong> Other Comm users may have access to all or | <strong>Bots.</strong> We may communicate with you through the | ||||
some of the Content owned by you.{' '} | Services by using bots, and we will have access to any information you | ||||
voluntarily provide in response to those bots. We only collect this | |||||
information to provide the Services to you, and are not able to access | |||||
or view the substance of any other Content in connection with such | |||||
collection. | |||||
</li> | |||||
<li> | |||||
<strong>Content.</strong> Other Comm users may have access to, and | |||||
have the ability to store, all or some of the Content owned by you.{' '} | |||||
<strong> | <strong> | ||||
However, as this Content is end-to-end encrypted, we have no ability | However, as this Content is end-to-end encrypted, we have no ability | ||||
to access, view or control your Content. | to access or view the substance of your Content. | ||||
</strong>{' '} | </strong>{' '} | ||||
For more information on how Comm works, please{' '} | For more information on how Comm works, please{' '} | ||||
<a href="https://www.notion.so/How-Comm-works-d6217941db7c4237b9d08b427aef3234"> | <a href="https://www.notion.so/How-Comm-works-d6217941db7c4237b9d08b427aef3234"> | ||||
click here | click here | ||||
</a> | </a> | ||||
. | . | ||||
</li> | </li> | ||||
<li> | <li> | ||||
<strong>Anonymized Data.</strong> We may create aggregated, | <strong>Anonymized Data.</strong> We may create aggregated, | ||||
de-identified or anonymized data from the information we collect from | de-identified or anonymized data from the information we collect from | ||||
you, including by removing information that makes the data personally | you, including by removing information that makes the data personally | ||||
identifiable to you. We may use such aggregated, de-identified or | identifiable to you. We may use such aggregated, de-identified or | ||||
anonymized data for our own lawful business purposes, including to | anonymized data for our own lawful business purposes, including to | ||||
analyze, build and improve the Services and promote our business, | analyze, build and improve the Services and promote our business, | ||||
provided that we will not use such data in a manner that could | provided that we will not use such data in a manner that could | ||||
identify you. | identify you. | ||||
</li> | </li> | ||||
</ol> | </ol> | ||||
<h2>Public Blockchain Information</h2> | |||||
<p> | |||||
Information posted on a blockchain is publicly available and auditable. | |||||
When you and other users use the Services, Comm’s applications will | |||||
automatically make calls to third-party blockchain providers using | |||||
users’ blockchain addresses (including yours) to access publicly | |||||
available information about those blockchain addresses (e.g., ENS name, | |||||
ENS avatar). Such publicly available information will then be displayed | |||||
through the Services to you and/or other Comm users. This information is | |||||
not shared or stored by Comm, and the only information accessible and | |||||
displayed is information that is publicly available on the blockchain. | |||||
</p> | |||||
<p> | |||||
Additionally, if you choose to use Comm’s applications, third-party | |||||
blockchain providers may also have access to your IP address. While your | |||||
IP address is not shared by Comm, it is automatically accessible by such | |||||
providers through your use of Comm’s applications, regardless of whether | |||||
you intend to make such information available. This access is required | |||||
in order to allow Comm users to make calls to third-party blockchain | |||||
providers, and Comm has no control over what such third-party blockchain | |||||
provider may do with your IP address. | |||||
</p> | |||||
<h2>How We May Share Your Information</h2> | <h2>How We May Share Your Information</h2> | ||||
<p> | <p> | ||||
We have no access to your Content and therefore have no ability to share | We may share the information we collect with third parties for the | ||||
it. As for the very limited information we do collect, we would{' '} | reasons listed below.{' '} | ||||
<strong>never</strong> sell, rent or monetize that information. However, | <strong> | ||||
we may share this information with third parties for the following | However, your Content will always remain end-to-end encrypted, even | ||||
reasons: | when stored in the backup service, and Comm has no ability to decrypt | ||||
that information for any third party.{' '} | |||||
</strong> | |||||
Moreover, we will <strong>never</strong> sell, rent or monetize your | |||||
information. | |||||
</p> | </p> | ||||
<ol> | <ol> | ||||
<li> | <li> | ||||
To fulfill our legal obligations under applicable law, regulation, | To fulfill our legal obligations under applicable law, regulation, | ||||
court order or other legal process. | court order or other legal process. | ||||
</li> | </li> | ||||
<li> | <li> | ||||
To protect the rights, property or safety of you, Comm Technologies or | To protect the rights, property or safety of you, Comm Technologies or | ||||
another party as required or permitted by law. | another party as required or permitted by law. | ||||
</li> | </li> | ||||
<li>To enforce any agreements with you.</li> | <li>To enforce any agreements with you.</li> | ||||
<li> | <li> | ||||
Pursuant to a merger, acquisition, bankruptcy or other transaction in | Pursuant to a merger, acquisition, bankruptcy or other transaction in | ||||
which that third party assumes control of our business (in whole or in | which that third party assumes control of our business (in whole or in | ||||
part). | part). | ||||
</li> | </li> | ||||
</ol> | </ol> | ||||
<p> | |||||
While sharing your email address is entirely optional, if you do choose | |||||
to share it, we may share that email address, and the contents of any | |||||
email sent by us or you, with our third-party service providers who may | |||||
assist us in providing updates to you. Such information would be shared | |||||
with such third-party service providers for the sole purpose of | |||||
providing you updates on Comm, and will never be associated with your | |||||
account or sold, rented or otherwise monetized. | |||||
</p> | |||||
<p> | |||||
Additionally, Comm uses third-party hosting providers to host its | |||||
central cloud servers, therefore we may share the information we collect | |||||
with such hosting providers in order for them to host this information. | |||||
This information will be shared with such hosting providers for the sole | |||||
purpose of providing the Services to you, and your Content will always | |||||
remain end-to-end encrypted when shared with such hosting providers, | |||||
even when stored in the backup service. | |||||
</p> | |||||
<h2>Retention of Information</h2> | <h2>Retention of Information</h2> | ||||
<p> | <p> | ||||
For any of your personal information that we collect, we retain such | For any of your personal information that we collect, we retain such | ||||
personal information for as long as you have an open account with us or, | personal information for as long as you have an open account with us or, | ||||
only with respect to the association between your username and public | only with respect to the association between your account and public | ||||
key, as otherwise necessary to provide our Services. | key, as otherwise necessary to provide our Services. | ||||
</p> | </p> | ||||
<h1>Your Rights in the Personal Data You Provide to Us</h1> | <h1>Your Rights in the Personal Data You Provide to Us</h1> | ||||
<h2>Your Rights</h2> | <h2>Your Rights</h2> | ||||
<p> | <p> | ||||
▲ Show 20 Lines • Show All 61 Lines • ▼ Show 20 Lines | <div className={css.legal_container}> | ||||
</p> | </p> | ||||
<p> | <p> | ||||
Termination of your account may or may not result in destruction of | Termination of your account may or may not result in destruction of | ||||
Content associated with your account, and other Comm users may continue | Content associated with your account, and other Comm users may continue | ||||
to have access to and control over your Content. | to have access to and control over your Content. | ||||
</p> | </p> | ||||
<p> | |||||
If you would like to delete any backed-up Content from our backup | |||||
service, you may do so at any time by making a request within the app. | |||||
</p> | |||||
<h2>Changes to this Privacy Policy</h2> | <h2>Changes to this Privacy Policy</h2> | ||||
<p> | <p> | ||||
We may update this Privacy Policy from time to time. If you use the | We may update this Privacy Policy from time to time. If you use the | ||||
Services after any changes to the Privacy Policy have been posted, that | Services after any changes to the Privacy Policy have been posted, that | ||||
means you agree to all of the changes. Use of information we collect is | means you agree to all of the changes. Use of information we collect is | ||||
subject to the Privacy Policy in effect at the time such information is | subject to the Privacy Policy in effect at the time such information is | ||||
collected. | collected. | ||||
Show All 39 Lines |