At NEW VECTOR LIMITED we are committed to protecting and respecting your privacy.
Your access to http://riot.im (the “Website”), and use of the Services, whether as a guest or registered user means that you have read and accept the practices described in this policy.
In order to access the Services as a registered user, you must first read this policy and agree to the terms by clicking on the “ACCEPT” button.
When we refer to “NEW VECTOR LIMITED”, “we”, “us” or “our” in this agreement (the “Agreement”), we mean NEW VECTOR LIMITED of 26 Red Lion Square, London, WC1R 4AG, United Kingdom with company number 10873661. For the purpose of the Data Protection Act 1998 (the “Act”), NEW VECTOR LIMITED is the data controller.
The Riot services (the “Services”) provide a communication service to end users, storing and forwarding text messages, files, voice/video-over-IP calls and other communication data between users on Matrix “Home Servers” in the Matrix ecosystem, for example the “Matrix Home Server” hosted at https://matrix.org/_matrix, or the “Riot Home Server” hosted at https://riot.im/_matrix or any other Home Server in the wider Matrix ecosystem and/or applications provided by third parties on the internet. The Services include client software running on the web (https://riot.im/app), iOS and Android devices (available in the relevant application stores) and the “Riot Home Server” and server hosted at https://riot.im/_matrix. The Riot server is currently operated by NEW VECTOR LIMITED or an affiliate of NEW VECTOR LIMITED.
applies to information we collect on the Website or through providing the
Children Under the Age of 14
The Riot website http://riot.im (the “Website”) and the Service are not intended for children under 14 years of age. No one under age 14 may provide any personal information to or on the Website or in connection with the Service. We do not knowingly collect personal information from children under 14. If you are under 14, do not use or provide any information on this Website or in connection with the Service, or on or through any of the features/register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 14 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 14, please contact us at the contact information provided in the Contact section below.
What kinds of information do we collect?
Personally identifiable data includes information by which you may be personally identified, such as name, postal address, e-mail address, telephone number, any other identifier by which you may be contacted online or offline (such as a Matrix ID), any credentials to external systems that you’re requesting Riot to bridge you to or any other information the Website collects that is defined as personal or personally identifiable information under an applicable law. In order to provide the Services we may also collect, process and store your communications via the Service and the content, attachments and metadata associated with such communications.
Personally non-identifying data includes information that is about you but individually does not identify you, such as any access token associated with your account.
We’ve set out the different types of data that we may receive, collect, and process below:
Š Information you give us
When you use the Service on our Website, you automatically create a Riot account. By default, this is a “guest account” with no explicit username or password, but users can upgrade this to a full Riot account or register a new one. This will require you to provide a user name and password. You may choose to provide your email address.
If you report a problem with our Website, in corresponding with us by phone, e-mail or otherwise we may collect certain information including your name, address, e-mail address and phone number.
Š Information we collect about you
Each time you visit our Website or use the Services, we may automatically collect the following information:
Š technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type, browser version and settings, time zone setting, language preferences, browser plug-in types and versions, operating system and platform;
Š information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the page;
Š the communication content that you send and receive while using our Service. This may include message content and timing information, including text, photo, video and other media files in the context of the communication history of a room. This content may be encrypted by your client;
Š other information about your user activity to aid communication on the service: details of the rooms you participate in (name, topic, address, participant list, access permissions, and any other extensible data associated with that room), whether your user account is discoverable using which identifiers, optional public directory listing of your user identifiers and user trust/reputation data associated with your account;
Š information about you made available to us through your client, including (where supplied by your client) user presence information (whether your client is currently active/idle/offline or other extensible presence data), user profile information (display name, avatar, encryption public key data, other extensible profile data), ‘typing notifications’ (whether you are typing a message in a given room or not), ‘read notifications’ (whether you have read a message in a given room or not), ‘push notification rules’ (which messages should trigger notifications and how to notify you), ‘search history’ (which terms you have searched for). You may be able to limit the information about you that your client provides to us via the account settings in your client application; and
Š information about your mobile device (if the service is accessed through a smartphone application). In addition to the above, this may include the application name and version, device model and version, device OS version, and push notification client identifier.
Š Information we receive from other sources
Š We may receive information about you if you use any of the other websites we operate, the other Services we provide or through third party applications you require us to bridge to. We are also working closely with third parties who assist us in providing the Service to you (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers and credit reference agencies) and may receive information about you from them.
Š We may also receive information about you made available to us through your client, including (where supplied by your client) user presence information (whether your client is currently active/idle/offline or other extensible presence data), user profile information (display name, avatar, encryption public key data, other extensible profile data), ‘typing notifications’ (whether you are typing a message in a given room or not), ‘read notifications’ (whether you have read a message in a given room or not), ‘push notification rules’ (which messages should trigger notifications, and how to notify you), ‘search history’ (which terms you have searched for). You may be able to limit the information about you that your client provides to us via the account settings in your client application.
We will store information for as long as it is necessary to provide the Service to you or as is required to meet any legal obligations.
We may choose to use additional cookies in future. If we do we will update this policy and keep you informed.
Uses made of the information
We may use information held about you in the following ways:
Š Information you give to us
We will use this information:
Š to authenticate you so that we can securely deliver communications to and from you;
Š to provide the Service to you, including to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
Š to notify you about changes to the Service;
Š to better understand and improve our Service to ensure that content from our Service is presented in the most effective manner for you and for your computer, and to keep our Service always secure; and
Š to identify you such that other users within the Matrix ecosystem can communicate with you.
Š Information we collect about you
We will use this information:
Š to administer our Service and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
Š to improve our Service to ensure that content is presented in the most effective manner for you and for your computer;
Š to allow you to participate in interactive features of our Service, when you choose to do so;
Š as part of our efforts to keep our Service safe and secure; and
Š to provide user and content discovery features within the Service (e.g. letting other users within the Matrix ecosystem discover your existence and contact you or optionally letting you share information about your activity on the service (presence, profile, user directory) with users to aid discovery and communication.
Š Information we receive from other sources
We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
When might we disclose your information?
We will generally only disclose your personal information with your consent, but in certain circumstances, we may need to, or believe it is appropriate to, disclose your personal information. More information on these limited circumstances are below:
Š To comply with our legal obligations or to protect the interests of our users.
If we are or believe that we are under a duty to disclose or share your personal data, we will do so in order to comply with any legal obligation, the instructions or requests of a governmental authority or regulator, including those outside of the UK.
We may also choose to share information when we believe it is necessary to detect, prevent and address illegal activity or to otherwise protect the safety of our users.
Š To improve the Website and our Services
We may share personal information with analytics and search engine providers that assist us in the improvement and optimisation of our Website and Service.
Š Within our group.
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
Š With our third party suppliers.
We may need to share your personal information with our business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you. We will only disclose information to third parties who are under obligations of confidentiality in respect of the personal data they receive.
Š If NEW VECTOR LIMITED is sold.
In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.
If we or substantially all of our assets are acquired by a third party, personal data held by us about our users will be one of the transferred assets.
Where we store your personal data
All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Service, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Service; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Keeping information updated
We have a legal obligation to ensure that all information held and processed about you complies with the principles of the Act. This includes taking reasonable steps to keep personal data we hold about you accurate, complete and current. If you discover that the personal data we are holding about you is inaccurate, please notify us as soon as possible.
We will not process your personal data for marketing purposes. If we intend to use your data for such purposes, or if we intend to disclose your information to any third party for such purposes, we will inform you before collecting your data. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org.
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. If you want to obtain a copy, please write to us at the address below (see Contact) and mark your letter "Subject Access Request". Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.
We may revise the terms of this policy at any time and at our discretion. The date the policy was last revised is identified at the top of the page. When we make material changes to the Agreements, we’ll provide you with notice as appropriate e.g., by displaying a prominent notice within the Service or by sending you an email. Your continued use of the Website and Services after any changes will constitute acceptance by you of those amendments. Please therefore make sure you read any such notice carefully.
NEW VECTOR LIMITED
26 Red Lion Square
London, WC1R 4AG