Privacy Policy
Your privacy is critically important to us. At JotterPad we have a few fundamental principles:
- We are thoughtful about the personal information we ask you to provide and the personal information that we collect about you through the operation of our services.
- We store personal information for only as long as we have a reason to keep it.
- We help protect you from overreaching government demands for your personal information.
- We aim for full transparency on how we gather, use, and share your personal information.
Below is our Privacy Policy, which incorporates and clarifies these principles.
Who We Are and What This Covers
We’re Two App Studio Pte. Ltd. (“Two App Studio”), the folks behind the JotterPad application and its related websites (each, an “App” or a “Site”, respectively). Through JotterPad, we provide users with a professional rich-text writing program that supports Markdown, Fountain, and LaTeX document creation and editing. Below we explain how we collect, use, and share information about you, along with the choices that you have with respect to that information.
Throughout this Privacy Policy we’ll refer to JotterPad’s Sites, Apps, and other services collectively as “Services.”
Information We Collect
We only collect information about you if we have a reason to do so — for example, to provide our Services, to communicate with you, or to make our Services better.
We collect this information from three sources: if and when you provide information to us, automatically through operating our Services, and from outside sources. Let’s go over the information that we collect.
Information You Provide Us
It’s probably no surprise that we collect information that you provide to us directly. Here are some examples:
- Account Information: If you register and open an “Account” with us in order to use services like Sync and Backups, you provide us basic account information including your email address and a password.
- Transactional Information: When you purchase Services, we may collect information to complete and record the transaction. For example, if you buy something from us we’ll collect information, like your name and credit card information, to process those payments. We also keep a record of the purchases you’ve made.
- Communications with Us: You may also provide us with information when you provide us feedback or communicate with our customer support about a support question. When you communicate with us via form, email, phone, or otherwise, we store a copy of our communications (including any call recordings as permitted by applicable law). You can choose not to provide us with certain information, but this may limit the features of the Services you are able to use.
Information We Collect Automatically
We also collect some information automatically:
- Log information: Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, including the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. We collect log information when you use our Services — for example, when you log into your account or publish a document to blog.
- Device and Usage Information: We collect your device type, your wireless carrier, your individual device ID, and how you use our Services. In addition, in the event our App(s) crash on your mobile device, we will receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of our App(s).
- Location Information: We may determine the approximate location of your device from your IP address. We collect and use this information to understand where our users are located so we can identify what features might be meaningful to them.
- Information from Cookies & Other Technologies: Like many online services, we use cookies to collect information. A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Pixel tags (also called web beacons) are small blocks of code placed on websites and emails. JotterPad uses cookies and other technologies like pixel tags to help us identify and track visitors, usage, and access preferences for our Services, as well as track and understand email campaign effectiveness. For example, we use Google Analytics to help analyze how users use the Site. We do not combine the information generated through the use of Google Analytics with your personal information. Google’s ability to use and share information collected by Google Analytics about your visits to the Site is governed by the Google Analytics Terms of Use and the Google Privacy Policy.
Information We Collect from Other Sources
We may also get information about you from other sources. For example:
- Third Party Account Information: When you connect an account from another service we typically get some basic information about your account with them. For example, when you connect JotterPad to your Apple or Google account in order to log in, we may access certain user data such as your name, user ID, email, etc. to provide our Services. Link to privacy policy of third party service providers used by the app:
- Google Privacy Policy
- Privacy and Security in Firebase
- Sign in with Apple & Privacy
- Dropbox Privacy Policy
- Privacy at Microsoft
You may refer to the third party services Terms of Use (EULA).
How We Use the Information We Collect
We use your personal information to:
- Provide you with Services and customer support;
- Market Services to you and send you news and information that we believe interests you;
- Respond to your requests, resolve disputes, and/or troubleshoot problems;
- Improve the Services and personalize your experience;
- Communicate with you about the Services;
- Monitor and analyze trends, usage, and activities in connection with our Services;
- Detect, investigate, and help prevent security incidents and other malicious, deceptive, fraudulent, or illegal activity, and help protect rights and property of ours and others; and
- Comply with our legal and financial obligations.
We will communicate with you primarily in the form of texts, push alerts, and emails. You can manage the frequency and/or opt out of receiving these communications by changing your settings on the App, texting STOP in reply to our daily reminders, and/or clicking the “Unsubscribe” link at the bottom of each marketing email. Please note that even if you unsubscribe or opt-out of our emails, we may still send you Services related communications (e.g., emails related to your account or the App).
How We Share Information
We share information about you in limited circumstances, and with appropriate safeguards to protect your privacy. These are spelled out below:
- Third Party Vendors: We may share information about you with third party vendors, consultants, and advisors who help us provide our Services or who otherwise perform services for us. This includes vendors that help us provide our Services to you (like payment providers that process your credit and debit card information, cloud storage services, SMS messaging services, and customer chat and email support services that help us communicate with you), those that assist us with our marketing efforts (like sending emails to our marketing list), those that help us understand and enhance our Services (like analytics providers), those that make tools to help us run our operations (like programs that help us with task management, scheduling, word processing, email and other communications, and collaboration among our teams), and other third-party tools that help us manage operations. We require vendors to agree to privacy commitments in order to share information with them;
- Subsidiaries: We may disclose information about you to a current or future parent company, any subsidiaries, joint ventures, or other companies under a common control (collectively, “Affiliates”), in which case we will require our Affiliates to honor this Privacy Policy;
- Business Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that we go out of business or enter bankruptcy, user information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Policy would continue to apply to your information and the party receiving your information may continue to use your information, but only consistent with this Privacy Policy;
- Legal, Regulatory, & Other Obligations: We may disclose information about you if we believe in good faith that such disclosure is necessary to (a) resolve disputes, investigate problems, or enforce our Terms of Service; (b) comply with relevant laws, or warrants, subpoenas, court orders, and other enforceable legal process; or (c) protect the property or rights belonging to JotterPad, you, third parties, or the public at large. For example, if we have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose the least amount of information as possible to address the emergency without delay; and
- With Your Consent: We may share and disclose information with your consent or at your direction.
Anonymous Information
We reserve the right to disclose anonymous information or other information that cannot reasonably be used to identify you publicly without restriction.
How Long We Keep Information
We generally discard information about you when it’s no longer needed for the purposes for which we collect and use it — described in the section above on “How We Use the Information We Collect” — and we’re not legally required to keep it.
For example, we keep web server logs for a few months. We retain the logs for this period of time in order to, among other things, analyze traffic, and investigate issues if something goes wrong.
As another example, when you close your account we wait for a 30-day recovery window and then permanently delete all of your account information, their attachments, and your account data.
Security
While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so. We monitor our Services for potential vulnerabilities and attacks.
Your Choices
You have several choices available when it comes to information about you:
- Limit/Update the Information You Provide: You can review, change, and/or delete certain of your personal information by logging into the Site or the App and accessing your account.
- Delete the App: You can stop all collection of information by the App(s) by uninstalling the App(s). You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
- Opt out of marketing communications: You may opt out of receiving promotional communications from us. Just follow the instructions in those communications or let us know. If you opt out of promotional communications, we may still send you other communications, like those about your account and legal notices.
- Set your browser to reject cookies: You can usually choose to set your browser to remove or reject browser cookies before using our Sites, with the drawback that certain features may not function properly without the aid of cookies.
- Opt out of our internal analytics program: You can do this through your app settings. By opting out, you will stop sharing information with our analytics tool about events or actions that happen after the opt-out.
Your Rights
If you are located in certain parts of the world, including some US states and countries that fall under the scope of the European General Data Protection Regulation (aka the “GDPR”), you may have certain rights regarding your personal information, like the right to request access to or deletion of your data.
European General Data Protection Regulation (GDPR)
If you are located in a country that falls under the scope of the GDPR, data protection laws give you certain rights with respect to your personal data, subject to any exemptions provided by the law, including the rights to:
- Request access to your personal data;
- Request correction or deletion of your personal data;
- Object to our use and processing of your personal data;
- Request that we limit our use and processing of your personal data; and
- Request portability of your personal data.
You also have the right to make a complaint to a government supervisory authority.
A note here for those in the European Union about our legal grounds for processing information about you under EU data protection laws, which is that our use of your information is based on the grounds that:
- The use is necessary in order to fulfill our commitments to you under the applicable terms of service or other agreements with you or is necessary to administer your account — for example, in order to enable access to our service on your device or to charge you for a paid plan; or
- The use is necessary for compliance with a legal obligation; or The use is necessary in order to protect your vital interests or those of another person; or
- We have a legitimate interest in using your information — for example, to provide and update our Services; to improve our Services so that we can offer you an even better user experience; to safeguard our Services; to communicate with you; to understand our user retention and attrition; to monitor and prevent any problems with our Services; and to personalize your experience; or
- You have given us your consent — for example before we place certain cookies on your device and access and analyze them later on.
If you are located in the EEA, the United Kingdom, or Switzerland and you have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the Data Protection Authority where you reside. Contact details for your Data Protection Authority can be found using the links below:
For individuals in the EEA: https://edpb.europa.eu/about-edpb/board/members_en
For individuals in the UK: https://ico.org.uk/global/contact-us/
For individuals in Switzerland: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html
US Privacy Laws
Laws in some US states, including California, Colorado, Connecticut, Utah, and Virginia, require us to provide residents with additional information about the categories of personal information we collect and share, where we get that personal information, and how and why we use it.
In the last 12 months, we collected the following categories of personal information, depending on the Services used:
- Identifiers (like your name, contact information, and device and online identifiers);
- Commercial information (your billing information and purchase history, for example);
- Characteristics protected by law (for example, you might provide your gender as part of a research survey for us);
- Internet or other electronic network activity information (such as your usage of our Services);
- Geolocation data (such as your location based on your IP address); and
- Audio, electronic, visual or similar information (such as your photos, if you upload them);
You can find more information about what we collect and sources of that information in the Information We Collect section above.
We collect personal information for the business and commercial purposes described in the “How We Use the Information We Collect” section. And we share this information with the categories of third parties described in the “How We Share Information” section. We retain this information for the length of time described in our “How Long We Keep Information” section.
In some US states you have additional rights, subject to any exemptions provided by your state’s respective law, including the right to:
- Request a copy of the specific pieces of information we collect about you and, if you’re in California, to know the categories of personal information we collect, the categories of business or commercial purpose for collecting and using it, the categories of sources from which the information came, and the categories of third parties we share it with;
- Request deletion of personal information we collect or maintain;
- Request correction of personal information we collect or maintain;
- Opt out of the sale or sharing of personal information;
- Receive a copy of your information in a readily portable format; and
- Not receive discriminatory treatment for exercising your rights under the CCPA.
We do not “sell” or “share” your personal data as those terms are defined under the privacy laws of the relevant US states. We also do not have any knowledge of any “sales” or “sharing” of the personal data of minors under 16 years of age. We do not collect or process your sensitive personal information except where it is strictly necessary to provide you with our service, where the processing is not for the purpose of inferring characteristics about you, or for other purposes that do not require an option to limit under California law.
Contacting Us About These Rights
You can usually access, correct, or delete your personal data using your account settings and tools that we offer, but if you aren’t able to or you’d like to contact us about one of the other rights, scroll down to “How to Reach Us” to, well, find out how to reach us.
When you contact us about one of your rights under this section, we’ll need to verify that you are the right person before we disclose or delete anything. For example, if you are a user, we will need you to contact us from the email address associated with your account. You can also designate an authorized agent to make a request on your behalf by giving us written authorization. We may still require you to verify your identity with us.
Appeals Process for Rights Requests Denials
In some circumstances we may deny your request to exercise one of these rights. For example, if we cannot verify that you are the account owner we may deny your request to access the personal information associated with your account. As another example, if we are legally required to maintain a copy of your personal information we may deny your request to delete your personal information.
In the event that we deny your request, we will communicate this fact to you in writing. You may appeal our decision by responding in writing to our denial email and stating that you would like to appeal. All appeals will be reviewed by an internal expert who was not involved in your original request. In the event that your appeal is also denied this information will be communicated to you in writing.
If your appeal is denied, in some US states (Colorado, Connecticut, and Virginia) you may refer the denied appeal to the state attorney general if you believe the denial is in conflict with your legal rights. The process for how to do this will be communicated to you in writing at the same time we send you our decision about your appeal.
Other Things You Should Know
Third Party Software and Services
This Privacy Policy addresses only our use and disclosure of information we collect from and/or about you on our Services. If you’d like to use third party software and services, any information you disclose to that third party is not covered by this Privacy Policy.
Our Sites may contain content or links to other websites that are not owned or controlled by us. We have no control over the privacy policies or content displayed on websites run by third parties.
Child Usage Restrictions
Our Services are not directed to children, and children are not eligible to use our Services. Protecting the privacy of children is very important to us. We do not collect or maintain personal information from people we actually know are under 13 years of age, and no part of our Services is designed to attract people under 13 years of age. If we later learn that a user is under 13 years of age, we will take steps to remove that user’s personal information from our databases and to prevent the user from utilizing the Services.
Transferring Information
Because our Services are offered worldwide, the information about you that we process when you use the Services in the EU may be used, stored, and/or accessed by individuals operating outside the European Economic Area (EEA) who work for us, other members of our group of companies, or third-party data processors. This is required for the purposes listed in the “How We Use the Information We Collect” section above.
When providing information about you to entities outside the EEA, we will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with this Privacy Policy as required by applicable law. These measures include entering into European Commission approved standard contractual arrangements with entities based in countries outside the EEA.
You can ask us for more information about the steps we take to protect your personal information when transferring it from the EU.
Changes to this Privacy Policy
Although most changes are likely to be minor, JotterPad may change its Privacy Policy from time to time. JotterPad encourages visitors to frequently check this page for any changes to its Privacy Policy. We will post any revised version of the Privacy Policy on this page, and, in some cases, we may provide additional notice (like adding a statement to our homepage or sending you a notification through email or the app). Your further use of the Services after a change to our Privacy Policy will be subject to the updated policy.
How to Reach Us
If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at help@2appstudio.com.
Credits
This policy is adapted from “Automattic” under Creative Commons Sharealike License.