Things we do with your data.   ( ͡° ͜ʖ ͡°)

Before you start

We just wanna let you know that we truly believe in your right to know how all data that we collect is being used. That's why we sat down and tried to explain every single point of data as humanly as possible - no lawyer talk!

Meta Data

This data tells us when and how you interact with our service. We use this data exclusively to figure out how our userbase develops and to measure if people successfully get to where they wanted in a reasonable time. This helps us greatly when we try to determine if a feature is well-designed or needs an overhaul.

To collect this type of data, we use Google Analytics and our own analytics service which does not share data with anyone else.

Password Storage

We store all passwords using the bcrypt hash algorithm with 15 salt rounds. Tech talk aside - it's pretty secure. This means that in case of a security breach, it'll be as hard as possible for attackers to get your actual password. That doesn't mean it's impossible to crack the password however, so make sure you have a unique password with reasonable complexity.

User data

Any usernames, emails or other data that needs to be looked up on demand will have to remain stored in plaintext. So if we ever do a whoopsie in our database setup and data starts leaking, an attacker could combine this data to get some insights into who you are.

To combat this, we heavily suggest using a unique password for your email account that is not shared with any other service. We also recommend having a look at haveibeenpwned to see if your password has been leaked on another service.

Luckily, we don't force you to register with an email address. While this is not recommended as it makes the password recovery process very difficult, it also means that nobody will track down more of your data in case of a security breach.

Actions upon a security breach

Should somebody sneak into our systems and leak sensitive user information, we'll make sure to prepare an announcement within 7 days after the issue has been resolved.

If this ever happens, there's no need to freak out. No passwords will be leaked, and we'll provide detailed instructions on how to avoid further issues depending on the situation.