Last updated: January 12, 2021

This document provides an overview of principles and technology we use in capturing and managing personal information about you via our business operations or our apps and services. 

This document applies to the Priiv iOS app and our websites hosted at ThePrivacyCo.com, The Privacy.com, GetPriiv.com, and other tools or online platforms we may release in the future. This overview is not a replacement for our Privacy Policy. Our data uses fall into five major categories – commerce, marketing, analytics, integrations, and operations – each of which is discussed below.

 

We respect your privacy

This company was founded, and we work hard everyday, to help you manage and protect your privacy. Our products and services all relate to helping you limit the amount of data you share or others can take from you. So we hold ourselves to a high standard in terms of how we capture, manage, and treat your data and your rights surrounding that data.

We’d love to have a zero-personal-data footprint, but it’s not yet technically feasible. We need to email you to support your use of our app, we need to process payments, we need to track how our app is working (or not working) and we need to promote our products in order to find and win customers. Each of those requires us to collect and manage personal data.

The rules by which we plan to do this are outlined in our Privacy Policy. As a legal document, this isn’t always the most understandable or friendly language, and in some cases the language necessary to cover the operational necessities of our business, sound a lot less privacy friendly than our intention or actual activities. So we’ve written this to share – in hopefully clearer language – our intentions regarding your personal data.

Six Guiding Principles:

Let’s start with a review of the principles that drive all of our decisions relating to personal data:

 

  1. Minimize data collection. We strive to only collect the information we need to operate our service and effectively manage and grow our business. There are many more opportunities for a company like ours to acquire data and tools to leverage this data, than we choose to employ, but we consistently choose to acquire the least data and use that data as minimally as possible while still enabling our operations and growth.
  2. Minimize data sharing, Maximize data respect. We want to minimize the number of integrations with 3rd parties so that your data is transferred to fewer places as possible, choose the most privacy-friendly 3rd parties (For example, we use Matomo instead of Google Analytics.), and generally treat your data as we’d want our data to be treated.
  3. Default to opt-in, wherever possible. We don’t like opt-out business practices, where companies take data unless you go to the trouble of telling them you’d prefer that they didn’t. So when we can give users the choice to opt-in to sharing additional data, we take the approach.  
  4. Help you opt-out, where necessary. Some of our 3rd-party tools don’t support opt-in mechanisms, but do themselves have opt-out methods. In these cases, we explicitly show you how to choose to opt out – right within the Priiv App. In most cases, opting out of these tools not only stops us from getting data, but prevents your data from going to those companies when any other app or company uses those same 3rd parties.
  5. Build quality products, and a successful company. We want to ensure that our application is both functional and responsive, and that means we have to monitor how it performs for users, when it crashes, how fast it loads, and more. We want to stay in business and thrive, so we need to find and attract customers. 
  6. Make reasonable tradeoffs. There is a tension in trying to build and grow a business, digitally interact with prospects and customers, use a world of technology and tools that were not built with a privacy-first outlook, and live up to the principles stated above. When we need to resolve this tension, or a conflict between our business needs and our privacy ideals, we will endeavor to make a reasonable choice; we’re neither privacy extremists nor growth-at-all-costs extremists. 

We pledge to do our best to balance all of these. We understand our audience and expect they will have high expectations. We don’t expect we’ll get everything right but we’ll remain open to feedback and improving where and when it is necessary. 

 

Summary of Data & Services

Commerce

We use Stripe, WooCommerce, and TaxJar to sell software and services via our websites. Via these tools we collect email addresses, and billing information, as required to process and fulfil orders. In this transaction, Priiv never has access to your credit card information and these services are fully PCI compliant.

Marketing

We use Hubspot as our primary customer and app-based messaging and marketing platform. This captures the email address you provide during registration or sign up, the name of the website or channel where you responded to our ad, and information on use of our app (such as last login date). Any messages you send us and any messages we send you are stored here as well. This platform is used to communicate via email to share tips and progress related to your use of our app, to share our weekly newsletter, and to share promotions. You may opt-out of our email communications at any time.

Analytics

To understand the use of our products and help us to improve them, we use Sentry and Mixpanel. Sentry is an application performance monitor that we host in our data center so your data are not sent to a 3rd party. Sentry is a more privacy-friendly alternative to Crashlytics. 

Mixpanel is used to track feature usage within the application. Your data is only obtained by Mixpanel if you opt-in to its use from within the app. 

On websites, we use Matomo to provide basic website analytics telling us how many people visited, where they came from, and how each person (including you) interacted with our sites. Matomo is a more privacy-friendly alternative to Google Analytics.

Integrations

Our iOS application and certain web tools that are part of our product use some embedded tool to enable their capabilities. We use Zapier to pass information between services. Specifically, it is used to pass basic billing confirmations from Recurly and Stripe to Hubspot to provide customer support. 

These services transmit aggregate stats and some user-specific data between other tools we use. For example, the contents of email messages, purchase transactions, and score data are transmitted using these services. We do not use these services to store customer information.

Lastly, we use Sign In with Apple. This is a secure and private way to authenticate with applications. As a user you choose whether Apple shares your actual email address with us, or uses an alias which then forwards email to you.

Operations

Our platform is hosted using the Amazon AWS suite of tools, and features and capabilities of the iOS app – including scoring and personalization, run on AWS servers and software. We use an ElasticSearch, Logstash, and Kibana (ELK) stack for logging. We keep logs on activity to help us both understand performance, find bugs, and troubleshoot errors we encounter. While these logs are not permanent, unprocessed customer data such as the exact API calls made are stored here until they are purged. Our primary customer data is stored in Mongo Atlas, a managed database that provides us with a secure and stable platform for storing your data. All of your activity in the platform, along with most of the content in the platform is stored here. 

If you have any additional questions about our use of your data, please do not hesitate to ask us via support@priiv.app