Effective date: 8/16/2019
Questions? Contact us!
We collect anonymous data about visits to our website, including pages viewed, browser/device type and approximate geographic location. We gather this information to improve the visitor experience and performance of our website, and for statistical purposes to track how many visitors we have and what resources are accessed most often.
When using our demo environment, you will provide usage data (specifically HTTP request and response data) by adding a logger to a test application. Usage data is only accessible with a unique URL generated when a new demo session is started, and cannot be accessed by other demo users or by our staff. Usage data is collected only for display and rendering by our demo application. Usage data is retained temporarily in volatile server memory until the demo session ends, when all session data is deleted. The source code for our demo application is available for you to verify these claims.
For customers of our hosted databases, you will provide usage data (specifically HTTP request and response data) by adding a logger to your applications. This usage data is processed and loaded into your database, so that you can query this data from your favorite database tools.
We collect email addresses and credit card numbers for customers of our hosted databases, which we use for customer support and for billing purposes. We keep customer records about payment history and interactions with technical support. We'll provide you with any data about your account history upon request.
When you visit our website, we do not collect any personal information about you. We do not collect IP addresses, cookies or any other data to uniquely identify or track you. We don't use any third-party tracking services, like Google Analytics, because those are totally lame.
When you use our demo environment, this interaction will remain anonymous. Demo users are not required to create user accounts, nor do we require providing any personal information (including email address or credit card) to uniquely identify demo users. We do not store demo session data in any type of database or non-volatile storage.
We do not intentionally collect any sensitive personal information that might be present in usage data provided to our demo environment. Our terms of service assert that our demo environment is never to be used with a production application where sensitive personal information is expected. If your usage data does include sensitive personal information, you are responsible for complying with any regulatory controls regarding that data, and are consenting to temporarily retain that information on our demo server in the United States.
We do not intentionally collect any usage data outside the context of your hosted database. We do not maintain any copies or backups of your usage data. No data stored in your hosted database is visible to Resurface staff. If your usage data includes sensitive personal information, you are responsible for complying with any regulatory controls regarding that data.
We do not share, sell, rent or trade any collected data with any third parties for any purpose.
We do not host advertising on resurface.io, nor do we sell any information to advertisers or marketers. We may occasionally embed content from third-party sites, such as YouTube, and that content may include ads. While we try to minimize any ads our embedded content contains, we can't always control what third parties show.
Our online services use first-party persistent cookies for the sole purpose of optimizing and load-balancing network communication to our services. These cookies are strictly necessary for us to provide these services. By using our online services, you consent to allow storing these cookies on your computer or device. These cookies are very small and are not stored for more than one year. These cookies do not store any personal information that identifies you.
We take all measures reasonably necessary to protect your data from unauthorized access, alteration or destruction; to maintain data accuracy; and to help ensure the appropriate use of your data. We follow generally accepted industry standards to protect data submitted to us, both during transmission and once we receive it.
We maintain proper SSL certificates and require use of HTTPS by default for all our online services. Our logging libraries only transmit usage data over secure HTTPS unless specifically configured otherwise. While we strongly advise using HTTPS, we do still allow HTTP for some kinds of testing and validation.
No method of transmission or retention of user data is 100% secure. We cannot guarantee absolute security, but we strive for the highest standards of care, and we put security first when designing and running our online services.
For our demo environment, usage data is only retained in volatile memory on our demo server, and is never persisted to disk or stored in any kind of central database. All usage data for a demo session is deleted immediately if the demo session is ended by the user. Our demo server is recycled every 24 hours, which ends all active sessions and deletes all data stored in volatile server memory. We do not permanently retain any usage data provided to our demo environment.
Demo sessions are uniquely identified by a randomly generated 32-character alphanumeric key. This random key is used to build a unique URL for each demo session. We do not maintain any logs that might identify what demo session ids were generated by our demo application, nor do we have any other mechanism for listing what demo session ids might currently be active. Users do not have to rely on random alphanumeric strings generated by our application, but can can generate their own custom URLs as needed.
For customers of our hosted databases, your usage data will be stored to a database instance that is dedicated to your account. Your usage data is never stored on any system that also stores data for another Resurface customer. Your usage data cannot be accessed by other customers or by our staff. Usage data will be retained in your database until removed to make room for newer data, or after a predefined interval of time has passed. All usage data is immediately destroyed if you cancel your service or ask that your database be deleted. When requested, we will collect an audit trail of all access to your database.
If you have questions or concerns about the way resurface.io is handling your data, please contact us immediately. We want to help and will respond promptly.
Data Protection Officer:
5323 Deer Creek Ct, Boulder CO 80301 USA
You have the right to lodge a complaint with the appropriate supervisory authority in your jurisdiction, in the unlikely event that we are unable to resolve your complaint to your satisfaction.
Our logging libraries are always configured with logging rules that control what information is collected. Strict logging rules are active by default, so that common forms of personally identifying information are automatically removed. Users may configure logging rules to allow additional detail to be collected (when it is appropriate to do so), for detecting user consent or to randomly sample usage data. Please see our online documentation or YouTube channel for more information about logging rules.
We communicate company updates through our blog, our public Slack channel, and through social media.
We use email to communicate with individual customers, except for those who ask to use Slack instead. We only collect email addresses from customers who sign up for a hosted database. We do not currently maintain a mailing list for sending bulk emails.