• We believe in a secure digital communications experience that provides solutions for people to communicate with the confidence that their data is protected and private.
  • We believe in transparency and have made every effort to clearly state our Terms of Use. We want you to know your rights and obligations when using Ciphr applications (the Apps) and Ciphr real-time secure communication services (collectively, the Services).
  • Our Services must be used for legitimate communication purposes, in compliance with applicable laws. You cannot use our Services for any unlawful, illegal, immoral, or unethical purpose, such as harassment, defamation, criminal activities, misrepresentation, cyberattack or intellectual property infringement. Any prohibited use may result in the suspension or termination of your Ciphr account (your Account).
  • Please read and understand our terms and conditions of use (Terms of Use) as they are a legal, binding agreement between Ciphr and you. By using our Services, you confirm your acceptance of our Terms of Use. If you do not agree to our Terms of Use, you may not use our Services.

Terms of Use

Updated:  April 28th, 2021

1. Rights of Use

Ciphr hereby grants you a temporary, limited, non-exclusive, personal, non-transferable, non-sub-licensable and revocable right and license to access and use the Services for the Permitted Purposes through your Account on one or more of your personal or business devices and for no other purposes.

At all times, you must use the Services in compliance with applicable laws, these Terms of Use and our Privacy Policy, which is incorporated by reference herein: https://ciphr.io/privacy-policy).

You expressly agree that all intellectual property rights, titles, and interests in and to the Services, whether registered or not, are and will remain at all times the sole and exclusive property of Ciphr. Accordingly, and except as expressly provided in these Terms of Use, no right or license, whether express or implied, by estoppel, or otherwise is granted to you with respect to the Services or in or under any patent, trademark, copyright, or other intellectual property or proprietary right of Ciphr or any third party. Any use of any of the trademarks, service marks, logos or other form of intellectual property appearing in connection with the Services without the express written consent of Ciphr or the owner of themark, as applicable, is strictly prohibited.

Ciphr reserves all rights in and to the Services that are not expressly granted in these Terms of Use. Ciphr may terminate this license in its sole discretion at any time for any reason whatsoever.

2. Using Services

You agree to use the Services solely for lawful purposes, in full compliance with applicable laws and in a manner not to harm Ciphr or negatively affects its activities (the Permitted Purposes).

By using the Services, you represent and warrant that (i) you are not a minor in the jurisdiction(s) in which you use the Services, (ii) you will abide by these Terms of Use at all times, and (iii) your use of the Services does not violate any applicable law.

3. Non-Permitted Use

Your conversations are private. Ciphr does not and cannot access the content of your communications or your access to the Services, due to the means by which the Services are offered and their nature.

However, because we do not condone illegal activities, we must expressly prohibit some uses of our Services. As such, you may not, and you agree not to, use the Services:

  • for any unlawful purpose, including soliciting or encouraging others to perform or participate inunlawful acts;
  • for any obscene or immoral purpose;
  • in any manner that infringes upon or violates any intellectual property rights;
  • to harass, abuse, insult, harm, defame, slander, disparage, intimidate, or discriminate based ongender, sexual orientation, religion, ethnicity, race, age, national origin, or disability;
  • to submit false or misleading information;
  • to upload or transmit viruses or any other type of malicious code;
  • to collect or track the personal information of others;
  • to spam, phish, pharm, pretext, spider, crawl, or scrape;
  • to transmit any advertising or promotional material, including any “junk mail”, “chain letter” or any other solicitation;
  • to create or use a false identity, or impersonate any person or entity or otherwise misrepresent your affiliation with any person or entity;
  • to interfere with or circumvent the security features of the Services;
  • to disrupt or interfere with any other person's use or enjoyment of the Services, all affiliated orlinked sites, or any services thereof; or
  • for any similar purposes (each a Non-Permitted Use). If Ciphr finds out or reasonably suspects that you used or are using the Services for any Non-Permitted Use, Ciphr reserves the right to suspend or terminate your Account or otherwise refuse to provide you access to the Services (or any part thereof), even if the order was placed and confirmed or the Non-Permitted Use has ceased. The right of Ciphr to suspend or terminate your Account is without prejudice to any other remedy that Ciphr may have or reasonable action that Ciphr may take.

4. Personal Information

Because our mission is to provide secure and private digital communications, we do not require personal information such as your name, email address, or phone number to create an Account or access the Services. However, please carefully read our Privacy Policy, which provides for the rare circumstances where Ciphr may collect limited personal information about you in the course of providing its Services. By using the Services, you agree to be bound by the provisions of our Privacy Policy.

5. Your Account

You will need to create an Account to access and use our Services. However, you will not be required to provide personal information to create an Account. In setting up your Account, you will be assigned a randomly generated Ciphr Identification Number (CID) and/or Ciphr Mail email address to facilitate secure communications with other Ciphr users. You can then set your Alias (which your contacts will be able to see).

Your Account is for your personal use only. You acknowledge that you are the sole authorized user of your Account and that you are not authorized to use the account, username or password of anyone else at any time. Furthermore, you are responsible for the confidentiality of your Account and any personal username and/or password required by you to access the Services. You cannot share your password, let anyone else access your Account and/or the Services or do anything that might jeopardize the security of your Account. As your Account is personal to you, you agree that you are fully responsible for all activities that occur when conducted under your Account. If you suspect that any unauthorized party may be using your Account, or you suspect any other breach of security, you must notify Ciphr immediately at legal@ciphr.io. We will not be liable for any damages or losses that you incur as a result of someone else using your Account, either with or without your knowledge.

You can cease to use the Services and terminate your Account at any time. If you cancel your Account prior to the conclusion of your current subscription period with respect to any fee-based feature, you will remain responsible for payment for all fees through the conclusion of your current subscription period. These Terms of Use will survive the voluntary termination of your Account. Please note that it may not be possible to reactivate your CID or Ciphr Mail email address after termination of your Account.

Nothing in this section will affect Ciphr’s right to suspend or terminate your Account or right to use of the Services.

6. User Content

You are responsible for all information, content or elements that you upload, submit, exchange or transfer using the Services, and you can only submit legal content that you are allowed to upload, exchange or transfer via the Services. If you make any content available, you represent that you have the right to do so. You acknowledge that Ciphr will not, under any circumstances, be liable in any way for any information, content or elements uploaded, submitted, exchanged or transferred by you or any other user of the Services.

7. User Feedback

You may voluntarily provide Ciphr with any suggestions, ideas, comments, questions or other feedback (Feedback) relating to your use of the Services. If you do so, you agree that your Feedback is provided on a voluntarily basis, is not private or confidential, and may be used by Ciphr in connection with the Services or any other products or services offered by Ciphr. You hereby grant Ciphr a non-exclusive, transferable, sub-licensable, irrevocable, royalty-free, perpetual, worldwide license to store, use, copy, reproduce, modify, adapt, edit, translate, publish, perform and display any such Feedback without any payment or restriction, for any purpose whatsoever, although Ciphr is not required to use any of your Feedback.

8. Update and Upgrade of the Services

Ciphr may review, update, upgrade or modify the Services, including any features therein (collectively, the Updates), at any time, in its sole discretion, and without notice to you. Any Update will also be governed by and subject to these Terms of Use. Should any Update be accompanied by a separate license or subject to other terms of use, then such other license and terms of use will also govern the Services. You understand and agree that temporary interruptions of the Services may occur as normal events and that Ciphr assumes no responsibility for any delays or disruption of the Services.

For fee-based versions of Ciphr, access and use of the Services will be charged at rates applicable to the relevant Ciphr version. We may, at any time and at our sole discretion, change the subscription cost for the Services and/or add any fee-based features. We may, at our sole discretion, add, remove or change the Services or any features we offer or the fees (including the amount and type of fees) we charge at any time. If we introduce a new fee-based feature or charge a new fee, we will establish and notify you of the fees for that service at the launch of the service or start of charging a new fee. If we notify you of new fees or changes to fees for an existing service, then you agree to pay all fees and charges specified and all applicable taxes for your continued use of the applicable service.

9. Suspension and Termination of Services

Ciphr reserves the right to suspend or terminate at its sole discretion your Account or right to use the Services at any time, without notice to you, for any or no reason (including, without limitation, in the event that Ciphr becomes aware or believes that you have breached these Terms of Use or the Privacy Policy (each, a Prohibited Conduct)). Any fees paid by you in advance with respect to any fee-based feature may not be reimbursed to you in the event that Ciphr suspends or terminates your Account or right to use the Services due to any Prohibited Conduct.

If your Account or right to use the Services is suspended or otherwise terminated, you hereby agree that Ciphr will have no liability or responsibility of any kind or any nature whatsoever to you, except as provided for herein and to the fullest extent permitted under applicable laws. You expressly agree that you will not make any claim against Ciphr as a result of any such change, modification, suspension or termination of your Account, including, without limitation, with respect to any lost revenue, profits or opportunities or on account of any expenditures made or actions taken in reliance on the expected continuation of the Services or these Terms of Use.

These rights to suspend, interrupt or terminate the Services are in addition and without prejudice to other remedies Ciphr may have at law or in equity. These Terms of Use will survive the suspension or termination of your right to access the Services.

10. Data Deletion

Any data deletion or removal feature offered by Ciphr through the App or otherwise (Data Deletion) will generally be available in the following circumstances:

  • you wish to delete your communications or other data within the App;
  • you have performed the maximum failed attempts (2-10) to enter your password to sign into your Account, as set in your App settings configuration;
  • you delete your encrypted cloud backup of your Ciphr contacts and/or notes in the App settings;
  • your Account expires or is terminated;
  • a Ciphr reseller partner uses the “Lost My Phone” feature , which sends a data deletion request to the lost device, facilitated by the mobile device management (MDM) software.

We recommend that you back up the information stored on your devices on a regular basis, or prior to using any Data Deletion feature (otherwise than through any Ciphr back-up feature). When your Account expires or is terminated, the Ciphr data contained on your device will generally be irrevocably erased.

Any Data Deletion feature must be used solely for lawful purposes, in full compliance with applicable laws. Please note that Ciphr may restrict or disable the “Lost My Phone” feature if your device has been lawfully seized, in addition to its right to suspend or terminate your Account or right to use of the Services if you use or attempt to use any Data Deletion feature to obstruct justice or any other unlawful purpose. Even if you purchased a fee-based Ciphr version, any Data Deletion feature may be restricted or disabled at any time by Ciphr for any reason, without compensation.

Ciphr assumes no responsibility for the use of any Data Deletion feature and is not responsible for any loss of data on your devices. In particular, the Ciphr Parties will in no event be liable for the loss of any data on your or their devices resulting from use of the use of Data Deletion features. Ciphr will not be responsible for any delays in performing data deletion under the “Lost My Phone” feature arising out of any circumstances, nor will Ciphr be responsible if the data is not deleted in its entirety. This exclusion of liability will apply to the fullest extent permitted by law.

Please note that sections 15 and 16 of these Terms of Use also apply to Data Deletion.

11. Restrictions

You agree and acknowledge that you will not (i) copy, change, disassemble, reverse engineer, decompile, modify, derive, reproduce, duplicate or otherwise extract by any other means, or attempt to discover, the source code of the Services, (ii) attempt to access any account or Services by automated means such as robots, (iii) upload viruses, spyware or malicious software and/or other content that could be harmful, or that could infringe, misappropriate or otherwise violate intellectual property rights or other rights or that could otherwise be in contravention of applicable laws, (iv) remove, circumvent, disable, damage or otherwise interfere with security features of the Services, (v) access the Services via any means other than through the App, (vi) hide, hinder, remove or conceal copyrights, trademarks and other intellectual property marks, references, symbols or rights, (vii) combine, merge, reproduce or duplicate the Services unless authorized to do so, and (viii) use the Services to create competing or similar services or to publish benchmark or other information with respect to the Services.

The Services are not intended for sale to, or use by, individuals or entities that are subject to applicable economic, export or other sanctions or for use in countries that are subject to applicable economic, export or other sanctions. In this regard, you expressly agree to comply with all laws applicable to your use of the Services and online conduct, including any laws restricting the export or import of the Services. You cannot make available, whether directly or indirectly and regardless of form, including through visual access, the Services or any technology or technical data used to provide said Services or derived therefrom in a manner that would or could contradict these Terms of Use or applicable laws. The fact that you may access the Services from a particular location does not constitute a representation or covenant that the Services are made available in such location. Whoever chooses to access the Services in a particular jurisdiction does it at its own initiative and at its own risk, including as importer of the Services, and understands that such access may be contrary to the laws applicable therein.

12. Intellectual Property of Ciphr

You acknowledge and agree that the Services (including, without limitation, their respective content, features, components, functionalities, graphics, interface, software, data and source codes and all improvements of the foregoing (collectively, the Ciphr Content)) are the sole and exclusive property of, or licensed to, Ciphr, its affiliates, its affiliated companies and/or third party licensors, and are protected by copyright and other intellectual property laws and treaties. Ciphr reserves the right to modify, suspend or remove permanently any Ciphr Content without prior notice. Any use of the Ciphr Content is strictly prohibited without the prior written consent of Ciphr, except to the extent necessary to access and use the Services for the Permitted Purposes.

You hereby agree and represent that the use of the Services in combination with any other form of intellectual property does not and will not infringe or constitute misappropriation or any other form of violation of another’s intellectual property rights, and no action for infringement or other action with respect to such rights is pending or threatened to be brought before any court or forum. Should such an action be threatened or foreseen, then you will immediately stop using the Services in combination with any other form of intellectual property and forthwith notify Ciphr of such situation.

13. Third Party

Use of the Services requires Internet access and may require you to accept additional third-party terms of services. Ciphr may provide links and plug-ins from sites or applications owned, operated or controlled by third parties (collectively, Third-Party Sites), and such links do not constitute the endorsement by Ciphr of the Third-Party Sites or their content. Such links and plug-ins are provided as an information service, for reference and convenience only. Ciphr does not control any Third-Party Sites and is not responsible for their content. The use of any Third-Party Site is governed by any terms and conditions of use and privacy policy of that Third-Party Site and you are strongly advised to check them before making use of the Third-Party Sites.

14. Emergency Services

Please note that unlike telephone services, our Services do not allow you to contact emergency services, which include, but are not limited to, ambulance services, hospitals, fire departments, police forces and any other law enforcement agencies (the Emergency Services).

By using our Services, you acknowledge that (i) you cannot use our Services in order to contact Emergency Services and (ii) you are responsible to ensure that you have access to telephone services for that specific purpose.

15. Services Provided “AS IS”

Your communications will be end-to-end encrypted, such as the communications can only be read or accessed by you and the intended recipient(s), and by nobody else, including Ciphr. Your encrypted communications can only be decrypted with a private encryption key, which is only held by your intended recipient(s). Ciphr focuses profound attention on updating and upgrading its applications and services in order to provide best-in-class protection against current and developing data security risks.

As such, to the fullest extent allowed under applicable laws: (a) the Services are provided on an “as is” and “as available” basis without any warranty of any kind, and (b) Ciphr disclaims all express implied, oral or written guarantees, warranties and representations pertaining to: (i) the communication, (ii) the suitability of the services and content for a particular purpose or the fact that the Services and content will meet your expectations, (iii) the fact that they will run without delays, errors or interruptions and that such delays, interruptions or errors will be addressed in a timely fashion (or can be addressed at all), (iv) the fact that the Services and their content are or will remain compatible with your devices, (v) the absence of adverse effect on your system, technology or data, and (vi) the Services’ merchantability other than as provided for herein.

Furthermore, even if Ciphr makes reasonable efforts in order for the description of the Services and other content to be complete and current, the foregoing may include inaccuracies, typographical errors (and other errors) and omissions relating to the description and availability, or other information. For instance, the Services may display information about some features that are no longer available (or slightly changed). Likewise, some features may be deleted, upgraded or modified. Furthermore, Ciphr does not control the information offered or made available on or through the Services. Accordingly, Ciphr insists on the fact that it is not making representations or warranties that the information will be accurate or complete, up-to-date or relevant, and accordingly any decision, action taken, or failure to act, in reliance on any content or Services is your sole responsibility and liability.

You understand and agree that the access or use of the Services is left to your entire discretion and hence, is made at your own risks. Ciphr disclaims any responsibility regarding the use of the Services, and is not responsible for any damage, including damages caused by use or misuse of the Services, subject however to applicable laws.

16. Limitation of Liability

Under no circumstances will Ciphr or any other entity of the Ciphr group, their respective directors, officers, employees, shareholders, affiliates, business partners and third-party contractors, suppliers and licensors (collectively, the Ciphr Parties) be liable to you, or to any other party, for any losses, costs or damages of any kind or nature whatsoever that are suffered or incurred in any connection with the use of (or the inability to use) the Services, or any Ciphr Content (regardless of the form of action or theory of liability, including for breach of contract, tort, negligence, equity, strict liability, by statute or otherwise and regardless of the occurrence of a fundamental breach or failure of essential purpose).

In no event whatsoever will any of the Ciphr Parties be liable for any special, exemplary, punitive, consequential, incidental or indirect damages of any kind or nature whatsoever that are suffered or incurred in connection with the provision of the Services (including in connection with the transmission or downloading or storage of any data or submissions to or from the Services or the use of, or reliance on, any Ciphr Content or other information or data contained on or provided through the Services, or loss of or damage to files or data or theft of your data or information that may occur if you do not implement passcodes or your failure to protect your device or other access safeguards or any costs of recovering or reproducing any files or data or loss of use or lack of availability of services or any business interruption or loss of revenue, opportunity or profit or any other economic loss whatsoever) however caused and regardless of the form or cause of action and whether or not foreseeable, even if the Ciphr Parties or any of them has been informed in advance or ought reasonably to have known of the potential for such damages. This exclusion of liability will apply to the fullest extent permitted by law.

17. Indemnification

You are responsible and agree to defend, indemnify, and hold harmless the Ciphr Parties from and against any claims, actions, demands, losses, liabilities, damages, costs and expenses suffered by such persons, including without limitation, reasonable legal and accounting fees, alleging or resulting, directly or indirectly, from: (a) your breach of these Terms of Use, your access or use of the Services, (b) any act, omission, negligence, fault, misconduct, breach of applicable laws or of these Terms of Use, the Privacy Policy, and (c) any of the information provided, uploaded or used, including User Content, or other disclosure to Ciphr of any other information or data and the use of same by Ciphr or other Ciphr Party as contemplated hereunder.

18. References to Services

You agree that you will not, directly or indirectly, orally, in writing or through any medium, including, but not limited to, the press or other media, (i) make any false, misleading or inaccurate statement regarding Ciphr and/or the Services, (ii) suggest that you are affiliated, associated or partnered with or in any other form of business relationship with Ciphr, and (iii) make any representation, warranty or guarantee with respect to the Services, in each case unless otherwise expressly authorized by Ciphr.

19. Modification of these Terms of Use

Ciphr reserves the right, in its sole discretion, to modify, replace or otherwise update these Terms of Use at any time. Ciphr may notify you of any material change to these Terms of Use by sending you a notification through the App, or by other appropriate communication means. Furthermore, an updated version of these Terms of Use will be published on our website, currently located at https://www.ciphr.io/terms-of-use, each time a change is made.

You can tell if these Terms of Use have changed by checking the last updated date that appears at the beginning of these Terms of Use. Ciphr strongly encourages you to review these Terms of Use periodically, as your continued use of the Services will constitute acceptance of any updated, modified or replaced Terms of Use. Should you disagree with any updates or amendments made to the Terms of Use, you must immediately stop accessing or using the Services.

20. Governing Law; Dispute Resolution

These Terms of Use are governed by the laws of the Province of Alberta and any federal laws applicable therein, excluding any conflict of laws provisions that could lead to the application of the laws of another jurisdiction.

To expedite resolution and reduce the cost of any dispute, controversy or claim between you and Ciphr, including without limitation any dispute or claim related to or arising out of this Agreement, you and Ciphr agree to attempt to negotiate any dispute or claim informally before initiating any court proceeding.

21. Force Majeure

Ciphr will not be liable or responsible for any failure to perform, or delay in performance of, any of its obligations under these Terms of Use or in connection with the Services that is caused by events outside its reasonable control, including, without limitation, fire, flood, pandemic, extreme climatic conditions or other acts of God, failure by telecommunication providers, strikes, picketing, lockout or other labour disputes and/or governmental acts; and such failure or delay will not constitute a breach of these Terms of Use.

22. Waiver

No delay or omission by Ciphr to exercise any right or power it has under these Terms of Use or to object to the failure of any covenant of you to be performed in a timely and complete manner, will impair any such right or power or be construed as a waiver of any succeeding breach or any other covenant or to affect the validity of these Terms of Use. Any waivers by Ciphr must be in writing and signed by an authorized representative of Ciphr.

23. Entire Agreement

These Terms of Use, together with the Privacy Policy, constitute the entire agreement between you and Ciphr as it relates to the access to, and use of, the Services, and supersede all prior or contemporaneous agreements, negotiations, representations and proposals, written or oral between Ciphr and you relating thereto, except any applicable agreement entered into with you as an authorized partner of Ciphr.

24. Severability

If any provision of these Terms of Use is held by a court of competent jurisdiction to be invalid or unenforceable in any respect, then the remaining provisions of these Terms of Use, or the application of such provisions to persons or circumstances other than those as to which it is invalid or unenforceable will not be affected thereby, and each such provision of these Terms of Use will be valid and enforceable to the extent permitted by law.

25. Assignment

These Terms of Use may not be assigned or transferred by you without our prior written consent. Ciphr may assign, transfer, or delegate any of its rights and obligations hereunder without your consent.

26. Contact / Notices

If you have any questions about the Terms of Use, or need to provide notice to, or communicate with, Ciphr under the Term of Use, please contact Ciphr by email at legal@ciphr.io. Ciphr may provide notices or communications to you through the Apps and you agree that such notices will constitute notice to you whether or not you actually access the notice.

  • We believe in transparency and want you to know how we handle the limited personal information we may collect. This data is collected in order to provide our secure communication services (Services) or to allow you to interact with our website located at https://ciphr.io/ (Website).
  • We prepared this privacy policy (Privacy Policy), which should be read together with our Terms of Use, to explain how Ciphr uses and protects your personal information. We have made every effort to ensure clarity in our Privacy Policy.
  • You can contact us at any time by email at legal@ciphr.io for any inquiries, questions, comments regarding your data and personal information or this Privacy Policy.
  • By using our Services, you confirm your acceptance of our Privacy Policy. If you do not agree to our Privacy Policy, you may not use our Services.

Privacy Policy

Updated:  June 16th, 2021

1. Security FOR COMMUNICATION DATA

Ciphr takes its commitment to protect the security and privacy of your personal information seriously. Our security measures aim to maintain data accuracy and to protect your personal information from losses, theft or unauthorized access, disclosure, copying, misuse or modification.

Keeping your information safe: We care about the security of your information and employ safeguards designed to preserve the integrity and security of all information transmitted through our Services. Our algorithmic process ensures that all communication data sent through our Services is end-to-end encrypted to ensure that your encoded communication is delivered to the recipient securely. Only the recipient has access to a unique decryption key to transform the coded information into a readable text.

The integrity of your communication is assured during its transit because Ciphr uses:

  • end-to-end encryption protocols that verify integrity, i.e. protect against modification by an attacker.
  • transport layer security with pinned certificates, such that it would be very challenging for a man-in-the-middle to inject malicious certificates into the device’s trust store and/or decrypt traffic or modify any data in transit.

Ciphr’s security measures also include:

  • ensuring server authentication and data encryption using Secure Sockets Layer technology (SSL) when Services are accessed via the Internet;
  • maintaining a strict control of the residual data retained on Ciphr’s servers;
  • limiting access to the actual data transmitted to only you and its intended recipient; and
  • locating Ciphr’s platform and servers in various data centers and deploying them at random. Ciphr may use, among other things, content delivery networks and proxies to mitigate threats.

To increase the privacy of your data, please keep in mind that:

  • the information (including documents and attachments) you send to your contacts may remain on their device(s) even after you deleted it from your own device(s), depending on the parameters selected for such transmission or whether, for example, the recipient(s) took a photo or otherwise recorded it;
  • when sending or receiving any information, you should validate the identity and trustworthiness of the recipients; and
  • you should take security measures to ensure that the confidentiality of the information you send or receive is preserved after the transmission.

2. PAYLOAD SECURITY

Our Services retain as little data as possible for as little time as possible. The communication data transmitted on the servers (Payload) using our Services is end-to-end encrypted before its transmission to Ciphr servers and relayed to the recipient’s device, such that Ciphr cannot have access to your conversations through our communication services. The Payload is automatically deleted as soon as it is successfully delivered to the recipient. In the event the Payload cannot be immediately delivered, it is only temporarily stored on Ciphr’s servers until the sooner of its successful delivery to the recipient or 14 days, after which it is automatically purged.

Temporary payload storage and transfer: Your encrypted communication information may be stored temporarily in any country in which Ciphr’s or its service providers’ servers are hosted, for the purposes of facilitating and securely completing your communication through the Services. Please note that we may transfer information to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, including any country in which Ciphr or its affiliates or service providers maintain servers or facilities.

Security protocols: Your encrypted communications can only be decrypted with a private encryption key, which is only held by your intended recipient(s). In the unlikely event that personal information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised and take other appropriate steps, in accordance with any applicable law.

3. AUTOMATICALLY COLLECTED INFORMATION

Automatic collection of limited information is required to ensure the reliability of access to the Service. When you download, access, or use the Services, we may automatically collect the following information depending on your Ciphr version:

Ciphr Lite (App Platforms)

  • Last login
  • Device model
  • App version
  • Operating system version

Ciphr (MDM)

Accessing Ciphr through our mobile device management (MDM) deployment provides you with additional security measures such as a virtual private network (VPN) and strict information technology (IT) policies to increase data protection. This requires additional information to facilitate access to the Services:

  • Crash logs
  • Device model
  • Network state
  • SIM#, IMEI#, IMSI#
  • Mobile network information

Ciphr’s applications leverage an on-premise crash reporting system in order to gather application performance and crash data, which does not contain any personal information. Additionally, Ciphr’s applications allow you to trigger a reporting feature which contains application stack traces and information regarding events that occurred prior to and after a crash. Such a report also contains a plain text comments string allowing you to report comments related to the issue.

If any bug or error occurs, we may collect diagnostic information about your device. We use this additional information to enhance the security controls around the access to the Services and to resolve the bugs and errors that may exist. Diagnostic information includes:

  • Last login
  • Device model
  • App version
  • Operating system version
  • Time zone
  • Language
  • Battery level
  • Free memory
  • Screen resolution

4. USER-PROVIDED INFORMATION FOR ACCESS TO SERVICES

We do not associate personal information such as email address or phone number to Ciphr accounts. No user information is required for account creation and Services access. Should we have access to any personal information about you from third-party sources, such as online application stores and platforms, we will not correlate such information with any account you create to use and access the Services.

Ciphr account information: To provide you with access to the Service and to facilitate communication between Ciphr contacts, Ciphr stores your randomly generated Ciphr Identification Number (CID), Alias information, and/or Ciphr Mail email address. Since we do not collect personal information for account creation, Ciphr Identification Number (CID), Alias information, and/or Ciphr Mail email address is not associated with any personally identifiable information. Ciphr will also request your password for entry to the application. We do not store passwords on our servers.

Payment information: Only if and when purchasing any fee-based feature of the Services, you may provide payment information to us or a third-party payment provider. We do not store your payment information.

5. USER-PROVIDED INFORMATION FOR COMMUNICATING WITH CIPHR

User-provided information for communication with Ciphr: You may voluntarily provide Ciphr with any suggestions, ideas, comments, questions or other feedback relating to your use of the Services, typically through our Website. We will handle the information received to (i) categorize the communication, (ii) respond to your feedback, (iii) send any information requested and/or (iv) ensure compliance with the Terms of Use.

Data storage and transfer: Any information which you submitted for the purposes of communicating with Ciphr may be stored in any country in which Ciphr’s or its service providers’ servers are hosted. Please note that we may transfer information to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, including any country in which Ciphr or its affiliates or service providers maintain servers or facilities.

Retention of your information. We will only retain voluntarily submitted personal information for as long as necessary to fulfil the purposes for which we received it, for the purposes of our legitimate business interests and for satisfying any legal requirement.

6. INFORMATION PROVIDED BY OUR Ciphr reseller PARTNERS

Our reseller partners (Ciphr Reseller Partners) may share Ciphr account details like Ciphr ID (CID), Ciphr Mail email address, or subscription details, with us so that we can deliver support services, update, upgrade or otherwise improve the Services, or to develop new services. Ciphr Reseller Partners are not required to disclose personally identifiable information with us unless otherwise required by applicable law. Please note that our Ciphr Reseller Partners are required to comply with applicable privacy and data collection laws.

7. WEBSITE

Process and security cookies: Our Website uses process cookies that allow it to work properly in keeping track of the sequence of orders or requests or when browsing from one page to the other, as well as security cookies that are used each time the Website is used for authentication, security, network management, and accessibility purposes. Through the use of cookies, Ciphr may collect your browser information, Internet Protocol addresses, the interactions taking place with the Website and similar general information. While cookies cannot be blocked as they are essential for ensuring that the Website functions properly, they are of a temporary nature and will disappear when the browser software is closed, the device is turned off or restarted or if you manually delete them. Further, cookies are almost always assigned a validity period after which they are automatically purged from a browser’s local storage.

Privacy policies of third-party partners: We also engage with certain third-party partners, who share our profound dedication to the protection of privacy, to help us improving our Services. We use an email marketing platform on the Website to create and manage mailing lists, newsletters and automated marketing campaigns. We also use an open source, self-hosted web analytics application that tracks online visits to websites and displays reports.

Our Website may collect information only in connection with your browsing activity, as opposed to your use of our Services. We may collect for internal evaluation of the performance of our Services information about your device, browsing actions, and patterns such as: (i) usage details (including but not limited to traffic data, and the resources you access and use through our Website); and (ii) device information (including IP address, operating system and browser type).

8. LIMITING COLLECTION OF ALL USER DATA

We have made it a priority to retain as little data as possible. The very limited information obtained about you, as detailed in this Privacy Policy, is always retained in a highly secure manner for the shortest possible period of time, only as long as it is necessary to provide you with the Services or to comply with applicable law.

9. DO WE DISCLOSE YOUR DATA TO THIRD PARTIES?

We do not sell any data and we do not disclose your personal information to any third parties, unless required to provide you with the Services or by applicable law.

If you obtained our Services through any of our Ciphr Reseller Partners, please note that we may disclose limited information to the extent necessary with our Ciphr Reseller Partners that facilitate the provision of the Services (e.g. by providing assistance with respect to the maintenance and development of our Services).

While we generally do not disclose personal information to third parties, for full transparency we note that the suppliers we use in connection with the Services include our Website suppliers which create and manage mailing lists, newsletters and automated marketing campaigns, and website analytics platforms may have access to information provided voluntarily by a user through the Website or when communicating with Ciphr, as detailed in the “Website” section of this Privacy Policy.

Ciphr always makes reasonable efforts to ensure that suppliers and third parties use the limited personal information they may have access to in a manner that is consistent with this Privacy Policy.

10. TERMINATION OF YOUR ACCOUNT

You can decide to cease using the Services and delete Ciphr’s applications from your device at any time, or we can terminate your account in accordance with our Terms of Use. After your account is deleted, the data contained on your devices will be irrevocably erased and you will not be able to retrieve your information.

11. law enforcement

Our Services must be used solely for lawful purposes, in full compliance with applicable laws. While Ciphr is committed to protecting your privacy and security, we may be required by applicable law to disclose personal information to law enforcement authorities. However, we will only release the information requested by law enforcement authorities when compelled to do so by court order, warrant, subpoena or other legal authority issued by a court or competent authority, in compliance with applicable laws.

12. miNimum age

We recognize the importance of protecting the privacy and safety of children. The Services are not intended for minors, who should not use the Services.

13. YOUR DATA RIGHTS

We are committed to respecting the highest standards on data protection and privacy and, as such, this section applies to all users of our Services around the world, and not only to users in the European Union.

Data Controller: Ciphr is the data controller for the processing of your Personal Information (as defined in the European Union General Data Protection Regulation (GDPR)).

Legal Bases for Processing. This Privacy Policy describes the legal bases we rely on for the processing of your Personal Information. Please contact us if you have any questions about such specific legal basis. As used in this Privacy Policy, “legitimate interests” means our interests in conducting our business and developing a business relationship with you. This Privacy Policy describes when we process your Personal Information for our legitimate interests, what these interests are and your rights. We will not use your Personal Information for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

Your Rights. You have the following rights in relation to your Personal Information, under certain circumstances:

  • Right of access: If you ask us, we will confirm whether we are in possession of Personal Information about you and, if so, provide you with a copy of that Personal Information along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
  • Right to rectification: If your Personal Information is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Information with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Information so you can contact them directly.
  • Right to erasure: You may ask us to delete or remove your Personal Information, such as where you withdraw your consent. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Information with so you can contact them directly.
  • Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Information in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing. If we shared your Personal Information with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal information so you can contact them directly.
  • Right to data portability: You have the right to obtain your Personal Information from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and that is processed by automated means. We will give you your Personal Information in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
  • Right to object: You may ask us at any time to stop processing your Personal Information

we will do so:

  • If we are relying on a legitimate interest to process your Personal Information -- unless we demonstrate compelling legitimate grounds for the processing or we need to process your data in order to establish, exercise, or defend legal claims; and
  • If we are processing your Personal Information for direct marketing. We may keep minimum information about you in a suppression list in order to ensure your choices are respected in the future and to comply with data protection laws (such processing is necessary for our and your legitimate interest in pursuing the purposes described above).
  • Right to withdraw consent: If we rely on your consent to process your Personal Information, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we received notice that you wished to withdraw consent.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Information, you can report it to the data protection authority of the country in which you are located.

Please see the “Contacting Ciphr” section below for information on how to exercise your rights.

14. AccessING, correcting and updating PERSONAL information

Requests for access to, or for necessary corrections, additions or deletions of, personal information in accordance with applicable laws may be made by contacting Ciphr by email at legal@ciphr.io. We will respond to your request as quickly as possible and will need to verify your identity before providing you with access to the personal information we hold about you. In some cases, we may be unable to accommodate your request if we are unable to verify your identity, if we are prohibited by law, if disclosure would result in the disclosure of the personal information of others, or if the request is unreasonable or impractical. If we are unable to process your request for these or any other reasons, we will provide you with an explanation of the reason for denial, and you will be permitted to request a review.

15. notifications AND WITHDRAWING OF CONSENT

Ciphr may communicate with you to inform you about changes, important information with regard to the Services, information we believe may interest you, or with your consent. Ciphr will generally use the same means of communication you chose to contact Ciphr or the preferred means specified by you. You can always unsubscribe from any promotional e-mails.

If you are a registered user of our messaging service, you may receive notifications in the notifications section within the applications. With your consent, we may send push notifications or alerts to your mobile device even when you are not logged in. At any time, you can manage your push notification preferences or deactivate these notifications at any time by turning off the notifications settings in the device settings of your mobile device.

16. CHANGES TO THIS PRIVACY POLICY

Ciphr reserves the right, in its sole discretion, to modify, replace or otherwise update this Privacy Policy at any time, so please be sure to check back periodically. You can tell if this Privacy Policy has changed by checking the last updated date that appears at the beginning of this Privacy Policy. Ciphr may notify you of any material change to this Privacy Policy by sending you a notification to your mobile device, or by other appropriate communication means. Ciphr strongly encourages you to review this Privacy Policy periodically, as your continued use of the Services will constitute acceptance of any updated, modified or replaced Privacy Policy. Should you disagree with any updates or amendments made to this Privacy Policy, you must immediately stop accessing or using the Services.

17. Contacting CIPHR

All questions, comments or requests regarding this Privacy Policy should be directed to Ciphr by email at legal@ciphr.io. Ciphr will respond to questions and requests as soon as possible.

  • Ciphr is committed to operating in an environment of transparency to foster the trust of the users and the general public towards its business practices and its Services.
  • In this report, Ciphr outlines the requests it received from law enforcement authorities (including police and government agencies) between 2018 and 2021 and how it responded to these requests. For more information on how Ciphr deals with law enforcement requests, please see our Information Request Guidelines (the Guidelines).
  • Ciphr will typically only release End Users Information to law enforcement authorities when compelled to do so by court order, warrant, subpoena or other legal authority having jurisdiction to compel Ciphr to disclose the information.

Transparency Report

Updated:  August 18th, 2021

DEFINITIONS

In this Transparency Report, the terms set forth below have the following meanings:

  • Ciphr means Luxon Software Distribution Limited, a corporation duly constituted under the Companies Act (Nova Scotia), RSNS 1989, c 81, and doing business under the name Ciphr.
  • Disclosures made pursuant to a court order, warrant, subpoena or other legal authority means disclosure of user information made by Ciphr pursuant to Section 4 of the Guidelines.
  • Users means any person having access to the Services, who must comply with the representations and warranties and all other provisions of the Terms of Use and the Privacy Policy.
  • User Information means information concerning the users, as described more fully in Section 2 and Section 3 of the Guidelines.
  • Preservation Requests means requests from law enforcement authorities to preserve User Information pursuant to Section 8 of the Guidelines.
  • Requests for User Content means requests made by law enforcement authorities to obtain User Content.
  • Services means the Ciphr real-time secured communication services for mobile applications, e-mails, text messages and data storage.
  • User Content means encrypted ephemeral communication data or information sent and received using the Services.
  • Emergency disclosures at the request of law enforcement means the disclosure of User Information at the request of law enforcement authorities where Ciphr determines that there is a legal basis supporting the disclosure and there is an urgency for the disclosure in the circumstances, pursuant to Section 6 of the Guidelines.

2. REPORT

Requests Between 2018 / 2021
Type
Number of Requests
Number of Disclosures
(full or partial information disclosed)
Number of Requests
Rejected or Contested
Disclosures made pursuant to a court order, warrant, subpoena or other legal authority
18 10 8
Emergency disclosures at the request of law enforcement
Requests for User Content
Preservation Requests
Requests Between 2018 / 2021
Disclosures made pursuant to a court order, warrant, subpoena or other legal authority
Number of Requests
18
Number of Disclosures
(full or partial information disclosed)
10
Number of Requests
Rejected or Contested
8
Emergency disclosures at the request of law enforcement
Number of Requests
Number of Disclosures
(full or partial information disclosed)
Number of Requests
Rejected or Contested
Requests for User Content
Number of Requests
Number of Disclosures
(full or partial information disclosed)
Number of Requests
Rejected or Contested
Preservation Requests
Number of Requests
Number of Disclosures
(full or partial information disclosed)
Number of Requests
Rejected or Contested

As outlined in Section 3 of the Information Request Guidelines, Ciphr does not store, have access to or review User Content. Therefore, where the information sought pursuant to a valid law enforcement request relates to User Content, Ciphr’s response to this request will reflect the fact that Ciphr does not have access to the content, that the encrypted ephemeral files and information sent and received using the Services are not stored on its servers and that such content, in any case, is encrypted and indecipherable.

This website uses cookies to ensure you get the best experience on our website. Learn More
Learn More