I’ll note again that they send statistical data to several services known for bad privacy policies (Google, Facebook) to which there’s no way to opt out. They also use Amplitude to track how you use the app. Personal data is used (without explanation) “to improve the Product”.
Their security? An “appropriate level” of protective measures. Gives me the warm fuzzies, that.
“We only obtain information necessary to provide you
with our services…Some of the data of our users is
aggregated for statistical purposes and processed in the
legitimate interests as stated in section 2 above”
Indeed: they’re admitting that they scrape your data and sell it as their business model. They say “we” don’t market to you, but your data is indeed scraped and promised to be anonymized when sold, and promised to have ‘appropriate’ security.
Finally, opting out is only possible on a browser-by-browser basis via cookie, and if you have a policy of deleting cookies regularly (I have an app which does this every 45 minutes) then this doesn’t help you either.
They state that: “We do not rent, sell or share your personal data with any third parties, except where We have to comply with Our legal obligation. Some of the data of our users is aggregated for statistical purposes and processed in the legitimate interests as stated in section 2 above.”
So they should not send any personal data. Just statistical data that does not allow the identification of any particulat person or his/her behaviour. I am not saying it is okay, but it is better than Edison and Co.
This raises another question. Email passes through multiple servers before it reaches its destination. Last I heard, this information is not encrypted, which would mean any server lucky enough to transfer your email could scrape it for data.
Email is never 100 % secure. I use ProtonMail for sensitive matters. That is probably the best security you can get as a normal user without a huge budget.
I recently looked on my security and its not easy. For example I do my writing in Drafts and Ulysses but they sync over iCloud. And any authorised Apple technician can get to iCloud and see your data.
The fact is they plumb your email data, and you are relying on them to securely maintain privacy and security for you. And even if in this case deanonymization cannot be teased out of large data sets (as it most certainly does in web browsing and other online spheres) via field matching or weak data masking, the fact that they want to use my data to package and sell is sufficient for me to never ever use them. YMMV.
1 Like