| Wolfram Alpha |
info given about security practices |
|
disputed |
user 428 |
| DuckDuckGo |
"" |
|
declined |
import script |
| mastodon.social |
"How do we protect your information? <p>We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.
Among other things, your browser session, as well as the traffic between your applications and the API, are secured with SSL, and your password is hashed using a strong one-way algorithm.
You may enable two-factor authentication to further secure access to your account." |
|
approved |
Vincent |
| WhatsApp |
"" |
|
declined |
import script |
| WhatsApp |
"" |
|
declined |
import script |
| RapidShare |
"" |
|
draft |
import script |
| Facebook |
Facebook |
|
declined |
import script |
| Flattr |
flattr terms updated 29 aug |
|
declined |
import script |
| Steam |
Steam - users defend and indemnify Valve |
|
declined |
import script |
| Tartle |
"TARTLE secures your personal information from unauthorized access, use, or disclosure.
TARTLE uses the following methods for this purpose:</p>
<p>– SSL Protocol</p>
<p>– AES-256bit Military Grade VPN Connecti" |
|
approved |
Geographyisdestiny |
| PayPal |
paypal |
|
declined |
import script |
| Facebook |
Article: What Facebook knows (data mining, etc;) |
|
declined |
import script |
| livejournal |
LiveJournal terms of service |
|
declined |
import script |
| Dropbox |
[Good] Dropbox can cancel your account without notice but they'll try to avoid it |
|
declined |
import script |
| Dropbox |
[Bad] Dropbox uses cookies to track users |
|
declined |
import script |
| couchsurfing |
Couchsurfing TOS |
|
declined |
import script |
| twitter |
Regarding Twitter |
|
declined |
import script |
| Delicious |
Delicious previous terms |
|
draft |
import script |
| Facebook |
Unofficial ToS;DR Facebook Page |
|
declined |
import script |
| TwitPic |
a good article with real life examples with broad copyright licenses from Twitpic, twitter |
|
draft |
import script |
| ToS;DR |
"Passwords and encrypted in our database with the bcrypt algorithm." |
|
approved |
Michael |
| Qwant |
"We commit to do anything we can to ensure the security and confidentiality of our users personal data, including by preventing data damage, loss, or access by unauthorized third parties.
Qwant’s URL has the HTTPS header that shows users they communicate with Qwant through a secure channel using the TLS protocol.
Technically, TLS ensures users that their data can’t be intercepted by fraud.
Moreover, the green lock that you see on most browsers when using Qwant certifies that you are browsing a secure website." |
|
approved |
user 435 |
| WhatsApp |
WhatsApp doesn't collect personal information besides the phone number |
|
draft |
import script |
| Wordfeud |
Wordfeud |
|
declined |
import script |
| Facebook |
[Bad] Facebook UI induces oversharing |
|
declined |
import script |
| nikitin.photo |
The user is informed about security practices |
|
pending |
NN |
| Akshit's Blog |
"If you have any questions about the security of your personal information, you can contact me at questions@akshit.me.</p>" |
|
approved |
akshitk |
| WhatsApp |
[Bad] WhatsApp may use your phone number for non-marketing or administrative purposes |
|
declined |
import script |
| ISODME |
"You are solely responsible for the activity that occurs on your Account, whether authorized by you or not, and you must keep your Account information secure, including without limitation your customer number/login, password.
For security purposes, ISODME recommends that you change your password at least once every six (6) months for each Account .
" |
|
changes-requested |
jonathanlei |
| Minds |
info given about security practices |
|
approved |
Therapy Snek |
| TopTree.cc |
"How we protect your data" |
|
approved |
metacoz |
| App.net |
"" |
|
draft |
import script |
| GitHub |
"We use a number of third party analytics and service providers to help us evaluate our users' use of GitHub.
compile statistical reports on activity.
and improve our content and website performance.
We only use these third party analytics providers on certain areas of our website, and all of them have signed data protection agreements with us that limit the type of personal information they can collect and the purpose for which they can process the information." |
|
draft |
import script |
| Liberapay |
"<p>All network connections are encrypted, except for some communications between machines located in the same datacenter.</p>
<p>As a precaution against identity theft in case of data leak, the identity information of Liberapay account owners is stored encrypted in our database.</p>" |
|
pending |
ArloJamesBarnes |
| fotocommunity |
"" |
|
declined |
import script |
| (NONE) |
"" |
|
declined |
import script |
| chromewebstore |
"" |
|
declined |
import script |
| JoinDiaspora.com |
"" |
|
declined |
import script |
| WhatsApp |
"<p> <strong>Address Book.</strong> You provide us the phone numbers of WhatsApp users and your other contacts in your mobile phone address book on a regular basis. You confirm you are authorized to provide us such numbers to allow us to provide our Services. </p>" |
|
changes-requested |
Photon |
| Kink.com |
"We employ technical and organizational measures such as firewalls and encryption that are designed to appropriately protect your information that is under our control and that we process on your behalf from unauthorized access collection, use, disclosure, copying, modification or disposal, both during transmission and once we receive it.
We store all information that you provide to us on secure servers.
" |
|
approved |
alison |
| Pole-Emotion |
"<p>Chez nous, vos données personnelles sont transmises en toute sécurité grâce à un codage.
À cette occasion, nous utilisons le système de codage SSL (Secure Socket Layer).
Personne ne peut garantir une protection absolue.
Cependant, nous protégeons notre site web et nos autres systèmes par des mesures techniques et organisationnelles contre la perte, la destruction, l’accès, la modification et la diffusion de vos données par des personnes non autorisées.</p>" |
|
approved |
PoleEmotion |
| privacytoolsIO |
"How do we protect your information? <p>We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.
Among other things, your browser session, as well as the traffic between your applications and the API, are secured with SSL, and your password is hashed using a strong one-way algorithm.
" |
|
approved |
(deactivated) |
| Tutanota |
"Your password is salted and hashed with Bcrypt on your device before being transmitted to Tutanota.
Bcrypt is the most reliable method because brute-force attacks need much more time in comparison to conventional methods such as MD5 or SHA.
With this method we guarantee an integrated confidentiality and we allow you to access and decrypt your emails from desktops and mobile devices instantly.</p>" |
|
approved |
(deactivated) |
| Associação de Defesa da Privacidade Digital |
"1 – Nós iremos tomar todas as providências possíveis para evitar a perda de seus dados, investindo na segurança do site;" |
|
declined |
victorrms |
| Associação de Defesa da Privacidade Digital |
"2 – Seus dados estão protegidos em um servidor seguro, com Firewall e senha;</p>" |
|
declined |
victorrms |
| Associação de Defesa da Privacidade Digital |
"1 – Nós iremos tomar todas as providências possíveis para evitar a perda de seus dados, investindo na segurança do site;</p>
<p>2 – Seus dados estão protegidos em um servidor seguro, com Firewall e senha;</p>
<p>3 – Você está ciente que mesmo a segurança na internet está suscetível a falhas, e não podemos nos assegurar de todos os dados enviados pela internet." |
|
declined |
victorrms |
| CCleaner |
"11.
Data Security <p>11.1 Safeguards for protection of personal information
We maintain administrative, technical, and physical safeguards for the protection of your personal data.
" |
|
approved |
user 104 |
| tosdr |
"Passwords and encrypted in our database with the bcrypt algorithm." |
|
approved |
(deactivated) |
| repl.it |
"Unfortunately, no security measures are 100% foolproof, and as such no network or system (including ours) can be guaranteed to be 100% secure against destruction, loss, alteration, unauthorized disclosure of, or access to information we collect and store." |
|
changes-requested |
Esmooth |
| InfoSec Handbook |
"No logging by default – ✅ Minimal data processing</p>
<p>We decided to choose the best protection for your personal data: We simply do not collect it.
You don’t have to trust us, because you keep your data.
By default, we do not log anything, and we concluded a data processing agreement according to Article 28 GDPR with our server provider (see our privacy policy).</p>
<p>✅ Single-purpose server – ✅ No databases</p>
<p>For security, we provide our blog using a dedicated virtual server.
There aren’t any other public services on this server (e.g., no database server, no mail server, no messaging server).
For instance, the decentralized Dat version of our blog runs on another virtual server.</p>
<p>✅ Security monitoring – ✅ Strong authentication – ✅ Defined processes</p>
<p>Our server is permanently monitored to check for modified files and login attempts.
Two-factor authentication is needed to access our server.
The core of our server is a hardened Linux installation.
This means that we removed unnecessary packages and applied strict configuration at kernel level.
Finally, we implemented processes to ensure installation of security updates within a narrow time frame and quick reaction to reported potential security vulnerabilities.</p>
<p>✅ 100% static content – ✅ No CMS, PHP, or JavaScript – ✅ No 3rd party content</p>
<p>Our blog consists of 100% static content.
There is no content management system (CMS) installed and there is no dynamically-served content like PHP or JavaScript.
We do not embed any third-party content, and all links to third-party websites are marked.
Actually, third-party websites, which you access from our blog, run in a separate process in your web browser, and we strip any Referrer information.</p>" |
|
approved |
komo |
| ExpoBeds |
"Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.
In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL/TLS) technology." |
|
approved |
oxeno |
| 420A3.Com |
"<li>Email Address, Stored Encrypted.
Never shown onscreen, or shared, unless you otherwise allow it.</li>
<li>Passwords are NEVER sent in emails or displayed onscreen.
Passwords ARE stored in our database, encrypted via a 1-way salted hash.</li>
<li>We will NEVER store Credit Card data on our servers or database" |
|
approved |
ken@kensblog.com |
| tosdr |
"We must not store your passwords unencrypted.
We undertake to review our security technologies from time to time, for example if our encryption or hash functions are not considered good enough any more.</p>" |
|
approved |
Esmooth |
| La Girafe Extraordinaire |
"<p>Les renseignements personnels que nous collectons sont conservés dans un environnement sécurisé.
Les personnes travaillant pour nous sont tenues de respecter la confidentialité de vos informations.<br>Pour assurer la sécurité de vos renseignements personnels, nous avons recours aux mesures suivantes :</p>
<ul>
<li>Protocole SSL (Secure Sockets Layer)</li>
<li>Gestion des accès – personne autorisée</li>
<li>Gestion des accès – personne concernée</li>
<li>Logiciel de surveillance du réseau</li>
<li>Sauvegarde informatique</li>
<li>Identifiant / mot de passe</li>
<li>Pare-feu (Firewalls)</li>
</ul>
<p>
<strong>Nous nous engageons à maintenir un haut degré de confidentialité</strong> en intégrant les dernières innovations technologiques permettant d’assurer la confidentialité de vos transactions.
" |
|
approved |
Frankie |
| Signal |
"Technical information Specifications Encryption in messaging environments integrates many ideas which often need to be composed separately in different applications.
We make an effort to break out ideas into independent specifications so that they can be integrated as appropriate for different projects." |
|
declined |
user 104 |
| protonmail |
"<p>In order to pursue our legitimate interest of preventing the creation of accounts by spam bots or human spammers, ProtonMail uses a variety of human verification methods.
You may be asked to verify using either reCaptcha, Email, or SMS.
IP addresses, email addresses, and phone numbers provided are saved temporarily in order to send you a verification code and to determine if you are a spammer.
If this data is saved permanently, it is always saved as a cryptographic hash, which ensures that the raw values cannot be deciphered by us." |
|
declined |
denishdk |
| Bitwarden |
"Bitwarden enforces a written security information program.
Our program:</p>
<ul>
<li>aligns with industry recognized frameworks;</li>
<li>includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our users' data;</li>
<li>is appropriate to the nature, size, and complexity of Bitwarden's business operations;</li>
<li>includes incident response and data breach notification processes.
and</li>
<li>complies with applicable information security related laws and regulations in the geographic regions where Bitwarden does business.</li>" |
|
approved |
(deactivated) |
| Apple iCloud |
"iCloud security overview" |
|
pending |
omhqit |
| pinterest |
"We care about the security of our users.
While we work to protect the security of your content and account, Pinterest cannot guarantee that unauthorized third parties will not be able to defeat our security measures.
Please notify us immediately of any compromise or unauthorized use of your account.</p> More simply put: <p>You can help us fight spammers by keeping these security tips in mind" |
|
pending |
kitcallie |
| NextDNS |
"We protect our users from privacy exposure to other services that we must interact with in order to operate properly.For example, we enforce Query Name Minimisation and we do not forward our users IP subnets to the authoritative name servers when EDNS Client Subnet has been disabled." |
|
pending |
alostengineer |
| mastodon.social |
"How do we protect your information? <p>We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.
Among other things, your browser session, as well as the traffic between your applications and the API, are secured with SSL, and your password is hashed using a strong one-way algorithm.
" |
|
pending |
mikwee |
| The Button Box |
"Technology <p>Security" |
|
draft |
bboxjon |
| keybase |
"SECURITY
<p>Keybase takes reasonable security measures such as password protection and client-side encryption as we deem appropriate to protect the information we collect from misuse, unauthorized access, disclosure, alteration and destruction.
Some hosting details for the technically-minded:</p>
<ul>
<li>(a) The Service is currently hosted on Amazon’s AWS;</li>
<li>(b) All data is transferred with industry standard TLS during transmission.
and</li>
<li>(c) Keybase’s website does not serve any 3rd party hosted JavaScript." |
|
pending |
Joe |
| Dendreo |
"Dendreo recommande aux Utilisateurs de modifier régulièrement leurs mots de passe et de choisir des mots de passe complexes comprenant des lettres, chiffres et caractères spécifiques." |
|
pending |
|
| Dendreo |
"ses informations puissent être transférées de manière non cryptée" |
|
pending |
|
| Dendreo |
"Dendreo emploie le protocole TLS-SSL qui permet de crypter n'importe quelle information" |
|
pending |
|
| AnonAddy |
"All information you provide to us is stored on our secure servers in the Netherlands (Greenhost.net).
Sensitive data in our database such as your recipient email addresses are encrypted using OpenSSL and the AES-256-CBC cipher.
Furthermore, all encrypted values are signed with a message authentication code (MAC) to detect any modifications to the encrypted string.
" |
|
pending |
TOS_editor_02 |
| FastMail |
"How we protect and store your information Security " |
|
pending |
lemmings |
| Turnitin |
"<strong>Cyber Essentials <br>(certified November 2019)</strong>
</p>
<p>
</p> Cyber Essentials accredits a company's IT infrastructure ensuring that its firewalls, secure configurations, user access control, malware protection, and patch management are of a high enough standard to protect any data within the company.
Turnitin obtained the Cyber Essentials certification at the request of several international customers.
Turnitin successfully completed a third-party audit of the effectiveness of our basic security controls.
<p>
<strong>SOC 2 Compliance</strong>
</p>
<p>
</p> SOC2 is an audit of a company's readiness to protect their user's privacy and the security of their data.
The company must show protections for both the data itself and the physical security of the locations it is stored.
Turnitin obtained the SOC2 certification to demonstrate our commitment to security, privacy, and availability.
To obtain this certification, over 160 controls aligned to the SOC2 criteria were designed for Turnitin and audited for effectiveness.
Turnitin successfully satisfied 100% of the controls audited." |
|
pending |
AD59 |
| Turnitin |
"Our data is stored in the EU or USA with robust physical, digital, and procedural safeguards in place to protect your personal data, including the use of SSL encryption, redundant servers and data centers, and sophisticated perimeter security.
We continuously audit for security vulnerabilities and make software patching a priority." |
|
pending |
AD59 |