These brief summaries are not legally binding, because us founders don't know enough about the law. They are our best effort to make long-winded legal documents easy to quickly understand!
Before being uploaded, your data is encrypted in your browser. Your encrypted data is then sent using standard HTTPS encryption in transit (2 layers total) until it reaches our servers.
Your encrypted data is stored with a second layer of standard "encrypted at rest" encryption.
When you use the Ethi platform, your data and the encryption key are both sent with HTTPS encryption to a secure serverless cloud computing environment, where your data gets decrypted and analysed so we can show you the awesome insights we've extracted from it.
These insights then get sent with HTTPS encryption to your browser! It is not perfect end-to-end encryption because we do a lot of heavy data processing which at the moment needs to be done in the cloud. We do plan on creating a local-only and a fully end-to-end encrypted version that doesn't do any heavy processing, but we're still working on it!
No humans at Ethi can ever see your data, it is only ever decrypted when it's being processed for you. We salt and hash your password, so we never have a plaintext copy of it on our servers. To learn more about this, look up 'password hashing'. This means that even if our entire system is compromised, your data will still be safe. We will never ask for you to send us your password. Please report to email@example.com if you are ever asked for this kind of information.
Up front, any data that you add to Ethi to analyse is only used for the sole purpose of providing you with the Ethi Service. We don't sell, share, or use this data for anything else. We believe your data should only be used in ways that you clearly consent to, that benefit you.
I hope this helps, let us know if you have any questions, or suggestions on how we can make this page, or our policies simpler and better!
Oops! Something went wrong while submitting the form