| Split your Privacy Policy into parts along technological borders like "site, crm, app" instead of one size fits all. Disclose what you are actually doing and restrict yourselve to that instead of trying to have as much wiggle room as possible. This sounds counter-intuitive because web-business standard is to be as consumer unfriendly as legally possible, but the privacy tool market likes higher standards. After reading your policy and tos i think someone should check the app for facebook scraping, because the legal texts sure imply you are doing that: > "By granting Trix access to any Third-Party Accounts, you understand that Trix may access, .. any information .. that you have provided to and stored in such Third-Party Account (“SNS Content”) ... all SNS Content shall be considered to be your User Content" Some great advice from the privacy policy: > "You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to Trix’s websites or Service." Statements like this are red flags: > "We may collect metadata associated with User Content. Metadata typically consists of how, when, where and by whom a piece of User Content was collected and how that content has been formatted." > "Trix may transfer information that we collect about you, including personal information, to affiliated entities, or to other third parties" ... "for the purpose of providing the Service" This is a typical blank. Basically they reserve the right to do as they please with your data and all data they can access through services you link with their service. |
we absolutely do not (and would not) scrape data from your social media accounts. unfortunately, terms like this are standard for many tech companies today.