Data Privacy at Citizen
Citizen’s mission is to keep you safe and informed.
Our principles for protecting your data
- First, we record as little information as we need. Informing you of emergencies happening around you is our utility and our purpose.
- Second, the data we do collect we store for as short a duration as possible. And, where possible, we store only aggregate data that is not tied to you.
- Third, we involve as few 3rd party service providers as possible when touching your data. The 3rd parties we work with have contracts in place to prevent reuse or sale of your data.
- Fourth, we generally limit access to your data to a small subset of the engineering team. We have specific systems to control data access, and all access is logged and regularly audited. We perform a privacy review for all new features.
- Fifth, we take protecting your location data seriously. We need accurate real-time location data to alert you of any emergencies, but we lower the accuracy of historical location data where possible.
- Sixth, we test the stability and security of our infrastructure, including yearly penetration testing and review of our security systems and their configuration. We use an information security firm to provide these services under a strict non-disclosure agreement. We have never had our systems compromised.
- Seventh, our services are designed to provide real-time notifications of incidents occuring near you. We can only provide those services in certain areas, so if you are located outside of one of those areas the services may not work for you. We only provide our service in the United States, so we apply U.S. law to our privacy practices.
Public vs. private data
Content visible to any other user on the Citizen platform is considered public data (i.e. publicly posted comments and videos.) You have control over public data on Citizen tied to your account and can delete comments and videos you have posted. Furthermore, you can email email@example.com to request to delete your account and coordinated information.
Content not accessible to any other user on the platform is considered private data.
Private data we collect and why
- Contact information: We use your email address and phone number to set up and validate your user account and to prevent abuse of the platform. We may also send you emails about Citizen – you can choose to opt out of any marketing emails by following the instructions at the bottom of the email, but we may still send you some important emails, such as to respond to a question or request you send us.
- User locations: We use your location data to send you safety notifications for incidents reported near you. You can always revoke Citizen’s access to your location data in your device settings, but the app will not function if the app can’t access location data.
- User activity: We aggregate user activity data (like how you interact with Citizen, what times you use Citizen, what kind of device you have, etc.) for analysis to improve Citizen’s user experience. We remove anything that makes information personally identifiable when we do this.
- User contacts: If you want to use Citizen’s Inner Circle feature to inform your family and close friends of incidents near you, you can choose to share your contacts.
- Content you capture through Citizen: If you use Citizen to capture a video or other content, we collect that content and additional information about the content and device you used (like the metadata associated with the content, unique device identifier, wireless network, etc.).
Services we use and why
We may share your data with service providers, but we only partner with service providers that abide by the GDPR and therefore tightly control the use and retention of our users’ data.
- Segment: Segment allows us to manage high volumes of analytical events from the app and ensure they reliable and anonymous (“a user posted a comment”).
- Branch: Branch allows us to attribute when content is shared from Citizen to the platform and source.
- Facebook and Google ads integrations: These integrations allow us to track efficacy of our own advertising campaigns. We do not use these integrations to provide any manner of advertising on the platform.
- Twilio: Twilio allows us to send you a SMS message to validate your account.
- Google Cloud Services: We use Google to host our infrastructure.
Limited circumstances where we do share data
- We do not share information with the government, unless required by a court order. Our Law Enforcement Guide, details the kinds of data and the conditions under which we’ll share that data with law enforcement. Our Law Enforcement Guide is available online.
- We share videos posted publicly on the Citizen platform to news outlets in select circumstances. We do not sell these videos, and our users retain the rights to redistribute videos they create.
Feel free to contact us with your questions, requests, comments, or concerns at firstname.lastname@example.org.