When you sign-up, the only data we ask for is a private key and a personal riddle. We do not ask for any personally identifiable information on sign-up or after. Also, we do not have any mechanism to restore or reset your account in case you forget your private key or riddle. These are stored encrypted in our database and can be decrypted only when you re-enter them.
What you enter in riddlock is encrypted and stored in the database and on our servers. Our encryption mechanism uses your private key, riddles and other dynamically generated keys to encrypt. To this extent data encryption is unique for every user. All data items are encrypted with a public-private key pair to enable user connects. Every data item is thus uniquely encrypted as well.
The only way for a user to expose oneself is by creating a share handle and disclosing it to others. First, in order to not reveal your identity, users should not use their name or personal data in the share handle. Secondly, users should connect with trusted users only. Thirdly, users who do not want to connect at all need not create their share handle.
Users in a group are identified by their user-id in the group which is created by group admins. Group user-ids are stored encrypted in the database and not known outside the group. For this reason, riddlock has no control over groups that decide to include names of their users in the user-ids.
In general, your data remains with us for perpetuity, except when you delete it or if you delete your account. In account deletion, data of only those groups in which you are the sole group admin is deleted. This is because groups in riddlock are not owned by a single user but the whole group.
Deleted data is permanently removed (purged) from our database and servers periodically through automated processes. Presently the frequency of such data purge is once in 24 hours, but this may change from time to time without intimation. Additionally, we may ourselves delete user accounts that remain inactive for a period of 6 months or more.
We do not ask for any personally identifiable information from our users. We do not profile users or track their preferences, device id or IP address. Our goal is to comply fully with privacy laws worldwide.
Non-personal data is your browsing history, websites you visit, your language preferences and other such information which does not uniquely identify you. The only non-personal data riddlock captures is our screens (pages) you open. We use this information to know the usage and popularity of our screens and to identify areas of improvement. We do not use any information for user profiling or advertising.
Many websites and apps use cookies to track user behavior and preferences. The only cookies we use are server-side cookies meant for riddlock to run effectively. We do not use cookies for any type of user profiling or advertising. We recommend that you do not block our cookies in your web browser settings as you may not be able to use riddlock if you do so.
Riddlock or your data may contain links to other websites. You must note that since we do not have any control over such other websites, we cannot be responsible for their user and data protection policies.
Your data may be transmitted to and stored on servers in your home country or elsewhere. We choose our data hosting locations based on technical, administrative and financial parameters with the objective of providing unhindered and high-quality service to our users. We may also similarly delegate the maintenance, administration and management of data to employees, affiliates and third parties in different locations.
In order to prevent unauthorized access or leakage of user data, we have used several measures and tools to ensure adequate security in data access, storage and transmission. We continue to enhance these on an ongoing basis to the best of our ability as data security is a forever evolving field that cannot be fully guaranteed in all respects at all times.
This privacy policy is part of our terms of use and must be read and understood in conjunction with those terms. We may change this privacy policy from time to time. We recommend that you check it regularly for changes.