Privacy policy.
1. Introduction
1.1 English, Not Legalese
Most Terms of Use and Privacy Policy documents are unreadable. They are written by lawyers and for lawyers, and in our opinion are not very effective.
Privacy is important, and we want you to understand the issues involved. For that reason we decided to use plain English as much as possible, to make our terms as clear as possible. Some sections still have room for improvement - we plan to tackle these over time.
Where you read 'GlobeKeeper', ‘GlobeKeeper Services’, ‘the GlobeKeeper app store’ or ‘globekeeper.com’ it refers to all services made available at https://globekeeper.com for:
The GlobeKeeper chat app, a client which you can use to connect to our services.
The purchase, provisioning, configuration, monitoring and management of hosted homeservers and associated services via GlobeKeeper Services, or the GlobeKeeper app store.
Where you read 'homeserver', 'homeservers' or 'the Homeserver', it refers to the services configured within GlobeKeeper which store the user account and personal conversation history, provide additional functionality such as bots and bridges, and (where enabled by the Customer) communicate via our decentralised communication protocol.
Where you read ‘the Service’ in this document, it refers to the GlobeKeeper chat app instances exposed on https://globekeeper.com (or subdomains) by GlobeKeeper Tech Ltd (trading as GlobeKeeper).
Where you read 'GlobeKeeper' or 'we' or 'us' below, it refers to GlobeKeeper, a trading name of GlobeKeeper Inc., its Israeli subsidiary: GlobeKeeper Tech Ltd, and their agents.
GlobeKeeper is the Data Controller for your data. We can be contacted as per the details below:
Email: info@globekeeper.com
Postal address:
1313 N MARKET ST, Wilmington, DE 19801, USA
MWE Corporate Services, LLC.
Should you have other questions or concerns about this document, please send us an email at info@globekeeper.com.
1.2. Scope of This Document
This document explains how we process personal data, as it relates to:
GlobeKeeper chat app users: GlobeKeeper chat app users use GlobeKeeper to connect to any server that implements the GlobeKeeper Protocol.
GlobeKeeper Customers: GlobeKeeper Customers use GlobeKeeper Services to provision and manage hosted homeservers. Apart from where otherwise noted, this document does not address data protection issues relating to the messaging and file data submitted by Users to the hosted homeserver instances, as this is the legal responsibility of the Customer. For general Terms of Use for Homeserver users, please see: EULA.
This document does not cover:
Your relationship with the GlobeKeeper server if it isn't provided by GlobeKeeper: Your account details and preferences, messages, files and any other data you share via the GlobeKeeper protocol are the responsibility of the GlobeKeeper server, and it is the provider of that server's job to make sure your data is handled appropriately and that you are well informed.
Your relationship with identity servers: you might choose to use an identity server, to allow other GlobeKeeper users to discover you via the GlobeKeeper app. This is optional and requires your explicit consent to discover users from your personal contacts. For the identity server made available by us, please see the Identity Server Privacy Notice.
1.3. The Customer and the User
This document is designed to explain Data Protections issues relating to GlobeKeeper Customers and Users. Put simply, you're a Customer if you're paying (or otherwise compensating) GlobeKeeper to provide a dedicated hosted messaging service. If you have an account registered on a homeserver that you use to send and receive messages, or use the GlobeKeeper chat app to connect any server within the GlobeKeeper Protocol, you are a User.
It is possible to be both a Customer and a User, but we encourage you to consider these roles separately when thinking about Data Protection concerns.
1.4. Changes to This Document
Over time we may make changes to this document. If we make a material change we will provide the Customer with reasonable notice prior to the change. We will set forth the date upon which the changes will become effective; any use of GlobeKeeper by the Customer, or any use of a hosted homeserver from GlobeKeeper Services by a User will constitute the Customer's acceptance of these changes.
Your access and use of GlobeKeeper is always subject to the most current version of this document.
2. Access to Your Data
2.1. What is the legal basis for processing my data and how does this affect my rights under GDP (General Data Protection Regulation)?
2.1.1 Legal Basis for Processing
GlobeKeeper has different legal basis for processing, based on which product you are using:
GlobeKeeper chat app users: we collect your IP address when you request access to the GlobeKeeper client from our web server. This data is collected under Legitimate Interest, to support operational maintenance and to protect against malicious actions against our infrastructure.
GlobeKeeper customers: your data is processed under Performance of Contract. This means that we process your data only as necessary to meet our contractual obligations to you, or to engage with you to do something before entering into a contract (such as providing a quote);
2.1.2. Data Ownership - Messaging and File data within hosted homeservers
The Customer can use GlobeKeeper Services to provision and manage hosted Matrix homeservers. The Customer owns and controls all messages and files submitted to their homeserver by User accounts registered natively on their homeserver. This ownership does not extend to messages and files submitted over federation or bridging.
This means that, in addition to the usual data access controls defined by the Matrix protocol, all unencrypted messages and files can be accessed by the Customer, and that access is retained even if no User account within the system retains access to the data.
2.1.3. Your rights as Data Subject
You have rights in relation to the personal data we hold about you. Some of these only apply in certain circumstances. Some of these rights are explored in more detail elsewhere in this document. For completeness, your rights under GDPR are:
The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling.
For more information about these rights, please see the guidance provided by the ICO. If you have any questions or are unsure how to exercise your rights, please contact us at info@globekeeper.com.
2.2 What information do you collect about me and why?
The information we collect is for the purpose of supporting your management of hosted homeservers through GlobeKeeper Services, or to support operational maintenance of the GlobeKeeper client. We do not profile homeserver Users or their data, but we might profile metadata pertaining to the configuration and management of hosted homeservers so that we can improve our products and services.
2.2.1 Information you provide to us:
We collect information about you when you input it to the GlobeKeeper or GlobeKeeper Services apps or otherwise provide it directly to us.
GlobeKeeper Services and GlobeKeeper Home Customer Account and Profile Information
We collect information when you register for an account. This information is kept to a minimum on purpose, and is restricted to:
Email address
Authentication Identifier; one of:
Email address and password
You will be given the choice to set up 2-Factor Authentication to secure your account. For 2FA over SMS, we will require your phone number. This information will be shared with Twilio, a SMS service provider.
GlobeKeeper Home Account Setup
When setting up an GlobeKeeper Home account via the setup wizard, we will temporarily access your account data, in order to migrate your existing GlobeKeeper account to your new GlobeKeeper Home account. This includes:
List of rooms you have joined
Power levels in those rooms
Your avatar
Email address
2.2.2 Information we collect automatically as you use the service:
Connection Information
We log the IP addresses of everyone who accesses GlobeKeeper. This data is used in order to mitigate abuse, debug operational issues, and monitor traffic patterns. Our logs are kept for:
30 days, for GlobeKeeper Services Customer IP addresses;
180 days, for GlobeKeeper chat app IP addresses;
Usage Information
We track usage data for GlobeKeeper hosting services. When you are signed in to your account we may track your usage of the site and associate that information with your account details. This data helps us understand how our users are using the application so that we can make improvements to the Service.
When reporting errors we might collect some information to help us find a solution. This may include your IP address, hostname, full name and email address. This information is collated in the application monitoring platform Sentry and is subject to strict retention policies.
Location Information
We may collect location data on you, if you choose to use the static or live location sharing features within the GlobeKeeper app. This includes your longitude, altitude and latitude data in order to accurately calculate your precise location.
Location data is held within the room in which it is shared, so it will be encrypted in encrypted rooms and not encrypted in rooms where encryption is switched off. You will be shown a disclaimer during your first time using this feature, but please apply caution and consideration when sharing your personal data within the app.
The GlobeKeeper clients use the third-party service MapTiler to provide the images used to display maps.
2.3. Sharing Data in Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights
In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to
comply with any applicable law, regulation, legal process or governmental request,
protect the security or integrity of our products and services (e.g. for a security audit),
protect GlobeKeeper and our users from harm or illegal activities, or
responding to an emergency which we believe in good faith requires us to disclose information to assist in preventing the serious bodily harm of any person.
2.4. How do you handle passwords?
We never store password data in plain text; instead they are stored hashed (with at least 12 rounds of bcrypt, including both a salt and a server-side pepper secret). Passwords sent to the server are encrypted using SSL.
It is your sole responsibility to keep your user name, password and other sensitive information confidential. Actions taken using your credentials shall be deemed to be actions taken by you, with all consequences including service termination, civil and criminal penalties.
If you become aware of any unauthorized use of your account or any other breach of security, you must notify GlobeKeeper immediately by sending an email to info@globekeeper.com. Users should manage good password hygiene (e.g. using a password manager) and change their password if they believe their account is compromised.
If you forget your password (and you have registered an email address) you can use the password reset facility to reset it.
2.5. Our commitment to Children’s Privacy
We never knowingly collect or maintain information in GlobeKeeper, through any of the Services provided, from those we know are under 16, and no part of GlobeKeeper is structured to attract anyone under 16. If you are under 16, please do not use the Service.
2.6. How can I access or correct my information?
If you are a customer of GlobeKeeper Services you can access all personal information that we collect by using the account management interface at https://globekeeper.com You can download a copy of all your data as per section 2.1.3.
If you are a user of the GlobeKeeper chat app you can request a copy of your data by emailing info@globekeeper.com. We are working on a solution which will allow you to download the data automatically.
2.7. Who can see my homeserver configuration?
Data stored in GlobeKeeper is accessible by the Customer's account and by GlobeKeeper engineers (employees and contractors) under the conditions outlined below.
2.8. What are the Guidelines GlobeKeeper follows when accessing my data?
We restrict who at GlobeKeeper (employees and contractors) can access GlobeKeeper non-encrypted data to roles which require access in order to maintain the health of the GlobeKeeper apps and services.
We never share what we see with other users or the general public.
2.9. Who else has access to my Data?
We host the GlobeKeeper Services on Google Cloud Platform (GCP), specifically:
Our admin server is hosted in an GCP data centre in Amsterdam;
Our deployment server is hosted in an GCP data centre in Stockholm;
Customer deployments have the option to select the geographical location which is the most convenient for them;
We use Cloudflare to mitigate the risk of DDoS attacks. Here's CloudFlare's privacy policy.
Physical access to our offices and locations use typical physical access restrictions.
We use secure private keys when accessing servers via SSH, and protect our GCP console passwords locally with a password management tool.
Nobody at GlobeKeeper, or any of our processors, is able to access encrypted data.
2.10. What happens if GlobeKeepery is sold?
In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.
If we or substantially all of our assets are acquired by a third party, personal data held by us about our users will be one of the transferred asset
2.11. How is my Data protected from another user’s Data?
All of the GlobeKeeper user data resides within the same dedicated cluster. We use software best practices to guarantee that only the Customer can access it. In other words, we segment User data via software. We do our best and are very confident we're doing a good job at it, but, like every other service that hosts User data on the same database, we cannot guarantee that it is immune to a sophisticated attack.