Preside (The App) is a mobile email application made in Santa Cruz California by GoodHumans ("Preside", "us", "we", "our"). We respect your privacy. By default, the app does not communicate any information to our servers, and the app functions quite well without enabling any of the features that require such transmission.
Collection and Use of Personal Information
The App collects personally identifiable information necessary to perform its functions. This information resides on your device, and, aside from the opt-in features listed below, this information is not transmitted to our servers.
Some opt-in features do require the transmition of personally identifiable information and/or email content to external servers. These features are clearly demarcated, and they are not central to the functionality of the app. In other words, you can choose not to use these features after you are presented with a privacy warning when they are invoked. A list of these features and their respective privacy implications follows:
- Preside.io accounts When you register for a Preside.io account (which is required for a Premium subscription or remote notifications), we collect and store your email address as a login identifier. Additionally, we use that email address to communicate with you, when necessary. We don't perform any analysis or analytics of the data stored in Preside.io accounts.
- Remote notifications If you enable remote notifications by setting the Background sync preference to 'Remote syncing (private servers)', we must collect information about your device in order to send those notifications. Also, the nature of these notifications is that some of your email data might pass through our servers during the notification process. Like all requests going through our servers, that data is recorded into log files. Most of the information in those log files is purged daily, while some of it is purged every 3 months. We do not perform any analysis or analytics of that data. Since these notifications are coming from your computer, you have full control over what gets sent. You can choose to send a notification such as, "You've got mail", or you can choose to use one of the local notification facilities that do not require communication with our servers.
- Defer When you make use of the app's Defer feature, and you choose to sync the deferral information between devices, and you choose 'iCloud' as the Defer syncing preference, the app stores information about those the deferred emails in your iCloud account. That information is NOT personally idenfiable (or meaningful in any way other than a time-stamp), and it is not something we can access. Apple, presumably, does have access to this anonymous, meaningless information.
- Support emails When you email us for support, you usually provide us with your name & email address. That information along with the content of your email and our reply is stored in our email account. We do not perform any analysis or analytics on these emails, but we might re-read your prior emails when responding to a subsequent support request by you or someone else who is experiencing a similar problem.
- Preside newsletter When you sign up for the Preside Newsletter, you provide your email address. We also collect information about your interactions with the newsletter. This is discussed further in the MailChimp section of this document.
Google user data
This section provides details about how the app accesses, uses, and stores Google user data. Data from Google/gmail is treated the same as data from other providers so this section generally applies all email providers.
All data used by the app is stored locally on your device in the app's sandbox. This data is stored using iOS File protections, which means that it is encrypted at rest. Additionally, passwords and oauth tokens are stored with an extra layer of encryption. It is also possible to store passwords and tokens in the iOS Keychain by selecting that option when setting up the account. Aside from that, all data from your email account that stored by the app is stored in SQLite databases. Some additional, app specific data, and possibly your email address, is stored in property list, JSON, plain text and/or html files. The app stores the following email data:
- The full MIME text of your small and medium sized emails
- The text and html parts of your larger emails
- Attachments that you have explictly downloaded within the app
- Your list of gmail labels (IMAP folders)
- IMAP flags that indicate the status of emails (like read/unread or flagged)
- Your email address
- If you are using PLAIN authentication, rather than OAUTH, and you have enabled "Less secure accounts" in your gmail account, the app also stores your gmail password
If you have also added your Google Drive account to the app, the app also stores:
- Meta information about many of the files on your Google-drive
- The contents of many of your smaller files
- The contents of files you have explictly downloaded within the app
- The list and structure of your folder (directory) hierarchy
The app accesses your gmail user data using the IMAP protocol. If you've added your Google Drive account to the app, it is accessed using the Google Drive REST API.
The app makes use of gmail user data to perform the following functions
- View emails
- Mark emails read/unread
- Flag emails
- Move emails between folders/labels
- Copy emails
- Delete emails
- Archive emails
- Rename labels/folders
- Creating new labels/folders
- Move labels/folders
- Delete labels/folders
- Reply to emails
- Forward emails
- Send new emails
- Create draft emails
- Search email contents & meta data
The app makes use of Google Drive user data to perform the following functions:
- Attach files to emails
- Save email attachments
- Rename file folders
- Move files between folders
- Copy files
- Create new file folders
- Delete files
- Delete folders
- Search file contents
Webhooks and Remote Notifications
If you have enabled Inbox monitoring by setting the Background Sync type option in Preside to 'Remote (email provider)', the app makes use of webhooks to monitor your Inbox. When this is enabled, your email address along with a device identitifcation token is stored on the Preside.io servers. When a new email is received into your Inbox, Google informs our servers that your Inbox (identified by your email address) has changed. No email, account or other useful information is included in these requests. When our servers receive one of this requests, we send an Apple Push Notification to the device identification tokens we've stored for your devices. The notifications inform the app on those devices that your Inbox has changed. The app then re-syncs your Inbox locally. Our servers never have access to your account or email. They merely act as a relay to inform the app on your device that it should re-sync your Inbox.
It should be noted that, like all requests going through our servers, these webhook requests are recorded into log files. Most of the information in those log files is purged daily, while some of it is purged every 3 months. We do not perform any analysis, analytics, or any other processing of succesful webhook requests. Occasionally, these requests result in errors, in which case we might perform some investigation as to why the error occurred.
Disclosure to Third Parties
GoodHumans has no knowledge of and is not responsible for the information that Apple collects and/or processes from users of The App. Apple is the processor for any data they collect while you use The App, and you are the controller. The App does not make use of any features, such as CloudKit containers, whereby Apple would store personally identifiable information on our behalf. Any information stored by the app in iCloud is governed by Apple's policies.
Our website is hosted through Amazon Web Services (AWS). When you visit our website, Amazon might collect information about your activities on our website. Our website uses the default AWS settings, which are fully compliant with the GDPR.
Some features on our website and in our app make use of the Fat Fractal backend service. Specifically, these are requests releated to Preside.io accounts described above. Requests to Fat Fractal are collected on their website and stored for a varying amount of time, depending on the type of request and response. That time frame ranges from 1 hour to 3 months.
Additionally, The App stores your Preside.io account information on the Fat Fractal backend. That database does contain some personally identifiable information, as described in the Preside.io accounts section of this document.
It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence − for GoodHumans to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all personal information we collect to the relevant third party.
The app contains links to web sites and other internet resources. These include both links within the App itself as well as links within emails and other downloaded content. Please be aware that GoodHumans is not responsible for the privacy practices of such other sites. We encourage our users to be aware when they access websites from within the app and to read the privacy statements of each and every web site that collects personally identifiable information. This privacy statement applies solely to information collected by this App.
This app takes precaution to protect our users' information. Unless configured otherwise, transmitted information is encrypted with the latest SSL/TLS encryption technology. At rest data on your device uses iOS file protection, and all passwords and authentication tokens are further encrypted such that even if the iOS file protection was circumvented, these would still be protected. If you have any questions about the security of our app, you can send an email to firstname.lastname@example.org
GoodHumans has the utmost respect for your privacy, and we are striving to comply with the GDPR. We have ceased all collection and processing of usage data, and the only personally identifiable data we collect is for the opt-in features described above. Even then, this collection doesn't go beyond your email address, and the only 'processing' we perform is storage. That said, we do rely on external services (as described above) for some tasks not directly related to the mobile app. We are still learning how to comply with GDPR request related to those services. As such, please send us an email if you need any help with GDPR requests related to those services, even if you are the 'controller' for that data. We will help guide you through the process.
Notification of Change
Please upgrade to the latest version of The App to increase your privacy.