Our Privacy Principles
If you read nothing else, please read this:
- The most fundamental privacy principle we follow is that by default, anything you post to eRipple is private to your community. That is, viewing the messages and files shared within a specific community requires authentication as a member of that community.
- eRipple is the custodian of data on behalf of the communities that use eRipple. We don’t own community communication data. Communities own their data. They like it that way and so do we.
- At eRipple we believe that more transparency is better than less. We try to make our product easy to use, with settings and options that are easy to find and understand. This is good for privacy, good for the product, and good for eRipple customers and users.
- We think that having more information be easily accessible and searchable wherever you go, whatever device you have, is better than having less. So this is how we built eRipple. Communities can select their own data retention policies (depending on their level of service) but our defaults show our bias. Administrators and owners can change these settings but we want you to know where we stand.
- Privacy goes hand in glove with security and confidentiality. We see these things being the three legs that keep the stool balanced and upright. Each is as important as the other and if one is missing the stool won’t stand. They are all very important to us and we take them very seriously.
Effective: February 1, 2015
This policy describes how eRipple treats your information, not how other organisations treat your information. If you are using eRipple in a workplace or on a device or account issued to you by your employer or another organisation, that company or organisation likely has its own policies regarding storage, access, modification, deletion, and retention of communications and content which may apply to your use of eRipple. Content that would otherwise be considered private to you or to a limited group of people may, in some cases, be accessible by your community owner or administrator. Please check with your employer, community owner or administrator about the policies it has in place regarding your communications and related content on eRipple. More on this below.
In this policy we talk about various roles within a eRipple community and the privileges that come with each. It’s helpful to understand these roles and the relationships between them. Here’s the breakdown: primary owner > community owner > community administrator > community member. Primary owners have the most control over their community’s settings on eRipple, followed by community owners and then community administrators.The person who establishes the eRipple community is considered the primary owner with the most control over the community (which is why it’s not a good idea for this person to be a contractor or temp employee). Communities can have more than one owner, but only one can be the primary owner. Primary ownership can be transferred to another user after the community is created (see prior note about temp workers and flaky people). All community owners are administrators, and all owners and administrators are also community members.
Information we collect and receive
We collect different kinds of information. Some of it is personally identifiable and some is non-identifying or aggregated. Here are the types of information we collect or receive:
- Community information. When you create a community on eRipple, we collect your email address (as the community owner), your community name, eRipple domain (ex: your-community-name.eripple.co), your user name that appears in your eRipple community, and password. Optionally, you can provide an email domain to allow people on that domain to sign up for your community without an invitation or individually add email addresses for people you’d like to invite to your community.
- Account and profile information. The only information we require to create your eRipple account is an email address and password. Optional information you can enter into your profile includes information such as your first and last name, what you do, your Skype username, and your phone number. Any information you add to your profile is visible to other people on your community as described on your profile management page.
- Billing information. We collect billing address and credit card information if you purchase a premium version of eRipple. Credit card information is securely passed to our payment processing partner and is not stored at eRipple.
- Log data. When you use eRipple, our servers automatically record information including information that your browser sends whenever you visit a website or your mobile app sends when you’re using it. This log data may include your Internet Protocol address, the address of the web page you visited before coming to eRipple, your browser type and settings, the date and time of your request, information about your browser configuration and plug-ins, language preferences, and cookie data.
- Device information. In addition to log data, we may also collect information about the device you’re using eRipple on, including what type of device it is, what operating system you’re using, device settings, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on what type of device you’re using and its settings.
- Geo-location information. Precise GPS from mobile devices is collected only with your permission. WiFi and IP addresses received from your browser or device may be used to determine approximate location.
- eRipple usage information. This is information about which communities, channels, groups, people, features, content, and links you interact with within eRipple and what integrations with related services you use.
- Service integrations. If you integrate with a service on eRipple we will connect that service to ours.
- Depending on community settings, community members may be able to add integrations to a channel, private group, or direct message conversation. Those integrations are viewable and editable by the administrator.
- We do not receive or store your passwords for any of these services.
- You can remove an integration at any time which unbinds that integration on a go-forward basis. That does not, however, delete the content that was received from them and indexed within eRipple. That content must be deleted manually.
- Communication content that you send and receive within eRipple. This includes:
- The message content itself. This content can include messages, pictures, files and video among other types of files.
- When messages or files were sent and by whom, when or if they were seen by you, and where you received them (in a channel, private group, or direct message, for example).
- Information from partners or other 3rd parties. eRipple may receive information from partners or others that we could use to make our own information better or more useful. This might be aggregate level information about which IP addresses go with which zip codes or it might be more specific information about how well an online marketing or email campaign performed.
Cookies are small text files sent by us to your computer and from your computer to us, each time you visit our website. They are unique to your eRipple account or your browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.
Some cookies are associated with your eRipple account and personal information in order to remember that you are logged in and which communities you are logged into. Other cookies are not tied to your eRipple account but are unique and allow us to do site analytics and customisation, among other things. If you access eRipple through your browser, you can manage your cookie settings there but if you disable all cookies you may not be able to use eRipple.
eRipple sets and accesses our own cookies on our company-owned domains. In addition, we use 3rd parties like Google Analytics for website analytics. Google Analytics provides their own opt-out. We do not currently recognise or respond to browser-initiated Do Not Track signals as there is no consistent industry standard for compliance.
How we use your information
We use your information for the following:
- Providing the eRipple service. We use information you provide to authenticate you and deliver message content to you and from you
- Understanding and improving our products. To make the product better we have to understand how users are using it. We have a fair bit of data about usage and we intend to use it many different ways to improve our products, including research. This policy is not intended to place any limits on what we do with usage data that is aggregated or de-identified so it is no longer tied to a eRipple user.
- Investigating and preventing bad stuff from happening. We work hard to keep eRipple secure and to prevent abuse and fraud.
- Communicating with you
- Solving your problems and responding to your requests. If you contact us with a problem or question, we will use your information to respond to that request and address your problems or concerns.
- In-product communications. We may use the information your provide to contact you through eRipple using eRippleDM or other in-product messaging tools. For example, if, after, a few weeks of using eRipple we notice that your notification setting is set to notify you of all messages, we may send you a eRippleDM message that suggests you change this in case you are getting too many notifications. This is just one example of how we use information about your usage of the product to make suggestions to you.
- Email messages. We may send you service and administrative emails, such as when we notice that you are nearing a message or integration limit. We may also contact you to inform you about changes in our services, or our service offerings. These messages are considered part of the service and you may not opt-out of them. In addition, we sometimes send emails to eRipple users about new product features or other news about eRipple. You can opt-out of these at any time.
When you use eRipple, you have control over a number of things with respect to your own privacy and choices about how your content is visible to others or not. If you are a eRipple community owner or administrator, you have additional choices that impact your community’s privacy. Some users will not have access to all of the same choices that their community owner(s) or administrator(s) do. That is because eRipple is set up to be community-oriented, and provides community owners with the maximum ability to control their communities.
Message Retention Settings and Export Options
eRipple offers different options for message retention and export to community owners and administrators, depending on the level of service they have signed up for. These service levels are likely to change so please see our pricing page to learn more about which features are associated with which level of service. We describe the feature variations here.
- Message Retention Settings
- The default message retention settings retain all channel, private group, and direct messages of all community members for as long as the community exists. If a message is edited, only the last edited version of the message is retained. If a message is deleted, it is removed from the archive. Note that administrators can manage editing and deletion settings as well to limit or prevent editing and deletion of messages in the first place.
- Once a community has moved to a premium, paid version of eRipple, administrators can manage message retention settings in a much more granular way. They can reduce the message retention setting duration for all channel, private group, and direct messages. They can also increase the scope of message retention by retaining all copies of edited and deleted messages for channels, private groups, and direct messages for the duration of time allocated. Administrators can manage retention settings across all channels uniformly, or on a per-channel basis. This capability does not allow administrators to see the names or members of private groups.
- Message Exports
- Only owners for communities who have the appropriate level of eRipple service and have enabled Compliance Exports can export their community’s private group messages and direct messages.
Choices for Community Members
- Depending on your community settings, you may have the ability to delete some or all of your messages and to deactivate your account. Deactivating your account, however, will not remove messages you posted before you initiated deactivation as those messages will still be valuable to your community.
- You can view your community’s message retention settings at any time via Your Community Settings. You can update your profile information at any time and modify your email settings. You can also change your user name from time to time.
- When you upload a document or a file on eRipple, you can decide where to share it and with whom. You can also share documents with your entire community, or in private groups. You can also share them externally by creating a public link if you choose.
Choices for Community Owners and Administrators
- Administrators have the ability to manage and change most of the community settings including message retention settings and can modify whether or when community members can edit or delete messages. Administrators can also disable member accounts for their community.
- Only a primary owner can delete a community.
- For more about these privileges, choices, and permissions, see our FAQ page.
- The browser you use may provide you with the ability to control cookies or other types of local data storage.
- Your mobile device may provide you with choices around how and whether location or other data is shared with us.
Sharing and Disclosure
There are times when communications and related content and other user information may be shared by eRipple. This section discusses only how eRipple may share user information. Organisations that use eRipple may have their own policies for sharing and disclosure of information they can access through eRipple. eRipple may share information:
- With consent, to comply with legal process, or to protect eRipple and our users. When we have your consent or if we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public, any person, or eRipple; or to detect, prevent, or otherwise address fraud, security or technical issues. If we receive a legal or law enforcement request for information we will do our best to notify the subject of the request if we are able.
- About you with your organisation or community administrator(s).
- We may share your email address and community name with your organisation. If the email address under which you've registered your account belongs to or is controlled by an organisation (to be clear, we’re not talking about free web-based email providers like Gmail, Hotmail or Yahoo! Mail) we may disclose that email address and associated community names to that organisation in order to help it understand who associated with that organisation uses eRipple, and to assist the organisation with its enterprise accounts. Please do not use a work email address for our services unless you are authorised to do so, and are therefore comfortable with this kind of sharing.
- In addition, there may be times when you contact eRipple to help resolve an issue specific to a community you are a member of. In order to help resolve the issue, we may need to share your concern with your administrator. When possible, we will try to mask or remove any identifying information before sharing these communications.
- That is aggregated and non-identifiable. We may also share aggregated or non-personally identifiable information with our partners or others for business or research purposes. For example, we may tell a prospective eRipple customer the average number of messages sent within a eRipple community in a day or may partner with research firm or academics to explore interesting questions about workplace communications. Again, this policy is not intended to prohibit the disclosure and use of aggregated or de-identified data.
eRipple takes reasonable steps to protect information you provide to us as part of your use of the eRipple service from loss, misuse, and unauthorised access or disclosure. When you enter sensitive information (such as sign-in credentials) we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. However, no electronic or email transmission or digital storage mechanism is ever fully secure or error free.
To learn more about current practices and policies regarding security and confidentiality, please see our Security Practices; we keep that document updated as these practices evolve over time.
eRipple is not directed to children under 13. If you learn that a minor child has provided us with personal information without your consent, please contact us.
We may change this policy from time to time, and if we do we’ll post any changes on this page. If you continue to use eRipple after those changes are in effect, you agree to the revised policy. If the changes are material, we may provide more prominent notice or seek your consent to the new policy.
1 St Katherine’s Way