Effective date: 4/8/2019
Questions? Contact us!
If you're just browsing our website, we do not collect any personally identifiable information about you. We do collect anonymous data about use of our website, including pages viewed, browser/device type and approximate geographic location. We gather this information to improve the visitor experience and performance of our website, and for statistical purposes to track how many visitors we have and what resources are accessed most often.
If you use our demo environment, you will provide usage data (specifically HTTP request and response data) by adding a logger to your application. Usage data is only accessible with a unique URL generated when a new demo session is started, and cannot be accessed by other demo users or by our staff. We collect usage data only for display and rendering by our demo application. Usage data is retained temporarily in volatile server memory until the demo session ends, when all session data is deleted. The source code for our demo application is available for you to verify these claims.
If you visit our website or demo environment, we do not intentionally collect any personal information about you. We do not collect IP addresses, cookies or any other data to uniquely identify or track you.
If you use our demo environment, this interaction will also remain anonymous. Demo users are not required to create user accounts, nor do we require providing any personal information (including email address or credit card) to uniquely identify demo users. We do not store demo session data in any type of database or non-volatile storage.
We do not intentionally collect any sensitive personal information that might be present in usage data provided to our demo environment. Our terms of service assert that our demo environment is never to be used with a production application where sensitive personal information is expected. If your usage data does include sensitive personal information, you are responsible for complying with any regulatory controls regarding that data, and are consenting to temporarily retain that information on our demo server in the United States.
We do not share, sell, rent or trade any collected data with any third parties for any purpose.
We do not host advertising on resurface.io, nor do we sell any information to advertisers or marketers. We may occasionally embed content from third-party sites, such as YouTube, and that content may include ads. While we try to minimize any ads our embedded content contains, we can't always control what third parties show.
Our online services (both website and demo environment) use first-party persistent cookies for the sole purpose of optimizing and load-balancing network communication to our services. These cookies are strictly necessary for us to provide these services. By using our website or demo application, you consent to allow storing these cookies on your computer or device. These cookies are very small and are not stored for more than one year. These cookies do not store any personal information.
We take all measures reasonably necessary to protect user data from unauthorized access, alteration or destruction; to maintain data accuracy; and to help ensure the appropriate use of user data. We follow generally accepted industry standards to protect data submitted to us, both during transmission and once we receive it.
For our demo application, usage data is only retained in volatile memory on our demo server, and is never persisted to disk or stored in any kind of central database. All usage data for a demo session is deleted immediately if the demo session is ended by the user. Our demo server is recycled every 24 hours, which ends all active sessions and deletes all data stored in volatile server memory. We do not permanently retain any usage data provided to our demo environment.
Demo sessions are uniquely identified by a randomly generated 32-character alphanumeric key. This random key is used to build a unique URL for each demo session. We do not maintain any logs that might identify what demo session ids were generated by our demo application, nor do we have any other mechanism for listing what demo session ids might currently be active. Users do not have to rely on random alphanumeric strings generated by our application, but can can generate their own custom URLs as needed.
We maintain proper SSL certificates and require use of HTTPS by default for all our online services. Our logging libraries only transmit usage data over secure HTTPS unless specifically configured otherwise. While we strongly advise using HTTPS, we do still allow HTTP for some kinds of testing and validation.
No method of transmission or temporary retention of user data is 100% secure. Therefore, we cannot guarantee its absolute security. Users that are very concerned about security may request a dedicated demo environment, or may run the demo application on their own infrastructure.
If you have questions or concerns about the way resurface.io is handling your data, please contact us immediately. We want to help and will respond promptly.
Data Protection Officer:
5323 Deer Creek Ct, Boulder CO 80301 USA
You have the right to lodge a complaint with the appropriate supervisory authority in your jurisdiction, in the unlikely event that we are unable to resolve your complaint to your satisfaction.
Any usage data collected in our demo environment is only retained temporarily. Your data can be immediately purged by ending the demo session. Sessions are automatically purged every 24 hours, including those that are still being actively used.
Our logging libraries apply strict data filtering rules by default, so that common forms of personally identifying information are automatically removed from all usage data in our demo environment. Users may configure custom filtering rules to provide additional protection, or to allow logging additional detail when appropriate. Please see our online documentation or YouTube channel for more information.
We do not collect email addresses from our users, nor do we maintain a mailing list. Unless there are special circumstances, we will only contact you by email in response to emails sent to us. We communicate updates through our blog, our Slack channel, and through social media rather than email.