Element App Privacy Policy

Implications

• Privacy policy is written in plain English for better understanding.
• Element is the Data Controller for your data.
• Element collects IP addresses for operational maintenance and security purposes.
• Data may be shared with third parties in compliance with legal requests.
• Users have rights under GDPR, including access, rectification, and erasure of data.
• Element uses third-party services like AWS and Cloudflare for hosting and security.
• Amazon employees may have access to some of your data.
• Passwords are stored hashed and encrypted.
• Users can set up 2-Factor Authentication for added security.
• Data may be disclosed if Element is sold or acquired.
• Element does not knowingly collect data from users under 16 years old.
• Users can request a copy of their data via email.
• Element logs IP addresses for 30 to 180 days depending on the service.
• Element uses open-source analytics platform Matomo for usage tracking.
• Location data may be collected if you use location-sharing features.
• Element uses Stripe for payment processing and does not store full credit card information.
• Data may be shared with third parties for tax automation and billing purposes.
• Element uses Sentry for error reporting, which may collect IP addresses and other details.
• Users can delete or block cookies set by the payment processor.
• Element restricts data access to employees and contractors who need it for maintenance.
• Element hosts data in AWS data centers in Amsterdam and Stockholm.
• Gitter app data is hosted in AWS data centers in the US.
• Element uses secure private keys for server access via SSH.
• Element encourages good password hygiene and use of password managers.
• Element provides a password reset facility if you forget your password.
• Element's privacy policy is subject to change, with reasonable notice provided to customers.
• Users are responsible for keeping their username, password, and other sensitive information confidential.
• Element may share data to protect against harm or illegal activities.
• Element may share data to respond to emergencies.
• Element uses MapTiler for displaying maps in the app.
• Element uses Twilio for 2FA over SMS.
• Element uses Hubspot, Matomo, and Posthog for website analytics and marketing automation.
• Element uses Salesforce and Pipedrive for CRM systems.
• Element uses Outplay for marketing automation.
• Element uses Quaderno for tax automation in billing.
• Element may share data with third parties to validate payments.
• Element logs changes to billing contact information for financial records.
• Element prevents search engines from indexing invoice links.
• Element may collect lead generation and marketing information through third-party platforms.
• Element may collect location data if you use location-sharing features.
• Element may collect information for error reporting via Sentry.
• Element may collect usage data to improve services.
• Element may collect connection information to mitigate abuse and monitor traffic.
• Element may collect transaction and billing information for hosted homeserver services.
• Element may collect account and profile information for Element Matrix Services.

Data Collection

• IP address
• Email address
• Authentication identifier (Email address and password, Twitter ID, Google ID)
• Phone number (for 2FA over SMS)
• Billing contact information
• Credit card information (processed by Stripe)
• Room list, power levels, and avatar (for Element Home account setup)
• Lead generation and marketing information (Email address, Organization, Job title)
• Location data (longitude, altitude, latitude)
• Usage data
• Connection information

Things to watch out for

• Data may be shared with third parties in compliance with legal requests.
• Amazon employees may have access to some of your data.
• Data may be disclosed if Element is sold or acquired.
• Location data may be collected if you use location-sharing features.
• Data may be shared with third parties for tax automation and billing purposes.

FAQs

What data does Element collect about me?

Element collects your IP address, email address, authentication identifier, phone number (for 2FA), billing information, and usage data. If you use location-sharing features, location data is also collected.

Can I access or correct my information?

Yes, if you are a customer of Element Matrix Services (EMS), you can access and download your data through the account management interface. If you are a user of the Element chat app, you can request your data via email.

How does Element protect my data?

Element stores passwords hashed and encrypted, uses secure private keys for server access, and restricts data access to necessary employees and contractors. They also use third-party services like AWS and Cloudflare for hosting and security.