This privacy policy documents how and when Sisma stores, handles and processes user data, specifically your sensitive, private and ‘personal identifiable’ information as well as your rights regarding this data.. Please read this document carefully. If you have any questions, please don’t hesitate to contact us at. sismauserapp@gmail.com. As a user of Sisma entrust us with some of your most sensitive and private data and we recognise the immense responsibility that comes with this. Sisma is built from the ground up with a focus on security, privacy and transparency and we employ these principles every step along the way when handling your data. As a security-sensitive service, cryptography and information security is at the very heart of our product and while these topics can be very hard to grasp for non-technical users, we do our best to describe the most important principles in simple words.

Information We Collect And How We Use It

While we treat all your data with the same high standard of security, there are different types of data and it is important to understand the distinction between them.

Secure Data

Your secure data is all the information you store within the Sisma app, like passwords, credit card details, secure notes and other sensitive (or non-sensitive) information. By design this data is readable by you and only you. Your secure data is encrypted locally on your devices using encryption keys that are derived from your master password that only you know and your data is never stored or transmitted in plain text. While we do store your encrypted data on our servers for synchronization or backup purposes we are never in the position to decrypt this data.We never store your master password in any way and will never ask you to reveal it to us. Please note that this also means that we won’t be able to help you recover you plain text data in case you loose your password.Your secure data is your property and you have full control over it. You may read, edit or delete your data at any point without our permission. Accessing your secure data stored on our servers requires authentication via your email address and master password.

Account Meta Data

In order to authenticate you with our servers and to provide some of the essential functionality offered by Sisma, we require some additional information from you. The first and most important piece of information is your email address. Your email address is used to uniquely identify your account and serves as a means of authentication. In addition to your email address, we also ask you for a display name. This information is optional and does not have to be your real name.

This information is essential for preventing fraud and to provide you fine-grained control of which devices you want to allow (and continue to allow) access to your account. Information about your device model, operating system and OS version also helps us notifying you in case we are made aware of security vulnerabilities specific to your device or operating system.1 Your devices “Universal Unique Identifier” is a unique, random string of characters used to uniquely identify a given device in our systems. This string is generated automatically and is not directly tied to your devices serial number, mac address or other immutable identifiers unique to your device. In other words, this is only useful for our internal use and is not considered personal identifiable information.

Usage Data

For our internal use, we track basic usage data like app installs, updates and device activity. Since Sisma is a security-sensitive application that requires constant maintenance and security updates to patch vulnerabilities and maintain it’s high standard in security, it is essential for us to know which app versions are in circulation and on which kind of devices. For instance, knowing which operating systems make up the majority of our user base, we are able to prioritize OS-specific vulnerabilities should they arise. This usage data is completely anonymised and does not contain any personal identifiable information.

Who Has Access To Your Data

Your personal information is stored behind secured networks and is only accessible by a very limited number of persons who have special access rights to such systems and are required to keep the information confidential.

Third Party Disclosure

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.