When you register with Your Data Inc, we collect your email addres, a customizable username of your choosing, profile photo, and an Auth0 authorization key. This information is used to share with other users when joining or creating spaces, sending out invites, and sending notifications to other space users.
All the media (photos, videos, and/or audio files) that you upload are doubly encrypted with our key and your personal key that only you know referred to as the “Sanctuary Key”. The Sanctuary Key is never sent to our backend or saved anywhere outside of your device, meaning we have no ability to decrypt your files without logging into your device (which is not possible given we do not store your authentication information for Auth0) and also knowing your Sanctuary Key (which is also not possible given we do not store it anywhere, but the device you register with and/or device(s) you login successfully with by providing your Sanctuary Key). The key on the device is never sent from the phone (whether through an Internet connection or other mechanism) to any data store we own.
Other non-personal data includes:
Use of Information
The information we collect is used to enable app functionalities, such as uploading files, creating spaces, sharing files, sending notifications, and more. We never use your personal information for any other purpose such as third-party marketing or tracking tools.
Information Sharing and Disclosure
We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect. We do not share your information with anyone and will never do so.
User Choice and Control
You are always free to delete your account at any time, which will erase everything that is attached to your user in our system.
We employ robust security measures to protect your data. All user files are doubly encrypted, once with our key and then again with your personal key that is never sent to our backend or saved anywhere other than your device. Mapping information is secured in a database with strong credentials. Access to these credentials requires logging into our secure account, which is protected with two-factor authentication and only the CEO has access to it.
Our services are designed for users of all ages. We do not distinguish between age groups, as all the content on our platform is uploaded by the users themselves.
Data Breach Policy
In the highly unlikely event of a data breach, we will notify affected users with information about the breach, including details about what we know and which files and/or spaces may have or definitely have been affected.