In the following policy, Kiefer Networks refers to the service offered by Kiefer Networks LLC (the "Company" or "We") through the kiefernetworks.com or kaikiefer.com website (the "Service"). This Privacy Policy explains (i) what information we collect through your access and use of our Service (ii) the use we make of such information; and (iii) the security level we provide for protecting such information.

By visiting Kiefernetworks.com or kaikiefer.com and using the Services provided here, you agree to the terms outlined in this privacy policy.

Legal Framework

The Company is domiciled in the United States of America.

All data storage infrastructure is also located solely within the United States of America, and thus governed by the laws and regulations of the United States of America.

Data Collection

Our company’s overriding policy is to collect as little user information as possible to ensure a completely private and anonymous user experience when using the Service. We also have no technical means to access your encrypted message contents.

Service's user data collection is limited to the following:

Visiting our website:  Analytics are anonymized whenever possible.

Communicating with Kiefer Networks: Your communications with the Company, such as support requests, bug reports, or feature requests may be saved by our staff. The legal basis for processing is our legitimate interest to troubleshoot more efficiently and improve the quality of the Kiefer Networks service.

IP Logging: By default, Kiefer Networks does not keep permanent IP logs. However, IP logs may be kept temporarily to combat abuse and fraud, and your IP address may be retained permanently if you are engaged in activities that breach our terms and conditions (spamming, DDoS attacks against Kiefer Networks infrastructure, brute force attacks, etc). The legal basis of this processing is our legitimate interest to protect our service against nefarious activities.

Your login IP address is also kept permanently (until you delete it) if you enable authentication logging for your account (by default this is off). The legal basis of this processing is consent, and you are free to opt-in or opt-out at any time in the security panel of your Kiefer Networks account.

Payment Information: The Company relies on third parties to process credit card, PayPal, and Bitcoin transactions so the Company necessarily must share payment information with third parties. Anonymous cash or Bitcoin payments and donations are accepted however. The legal basis of this processing is the necessity to the execution of the contract between you and us.

Native Applications: When you use our native applications, we (or the mobile app platform providers) may collect certain information in addition to the information mentioned elsewhere in this Policy. We may use mobile analytics software (such as fabric.io app statistics and crash reporting, Play Store app statistics, App Store app statistics, or self-hosted Sentry crash reporting) to send crash information to our developers so that we can fix bugs rapidly. Some platforms (such as the Google Play Store or the Apple App Store) may also collect aggregate, anonymous statistics like which type of devices and operating systems that are most commonly used (like percentage of Android 6.x vs Android 7.x), the total number of installs, total number of uninstalls, and the total number of active users, and may be governed by the privacy policy and terms and conditions of the Google Play Store or the Apple App Store. None of the software on our apps will ever access or track any location-based information from your device at any time. Any personal data acquired during this process is anonymized.

Data Use

We do not have any advertising on our site. Any data that we do have will never be shared except under the circumstances described below in the Data Disclosure Section. We do NOT do any analysis on the limited data we do possess with two exceptions:

·         Emails sent unencrypted to Kiefer Networks accounts (e.g. Gmail to Kiefer Networks) are scanned automatically pursuing the legitimate interest of detecting spam so we can block IPs which are sending a lot of spam to Kiefer Networks users and place spam messages in a spam directory. Inbound messages are scanned for spam in memory, and then encrypted and written to disk. We do not possess the technical ability to scan messages after they have been encrypted.

·         Emails sent by Kiefer Networks users to outside (e.g. Gmail) users with encryption disabled are scanned automatically pursuing the legitimate interest of detecting spam in the same manner as incoming email. This is to ensure a Kiefer Networks account which is being used for spamming purposes can be detected and locked so email deliverability for legitimate users is not degraded.

Data Storage

All servers used in connection with the provisioning of the Service are located in the United States of America. Only employees of the Company have physical or other access to the servers. Data is ALWAYS stored in encrypted format on our servers. Offline backups may be stored periodically, but these are also encrypted. We do not possess the ability to access any user encrypted message content on either the production servers or in the backups.

Third Party Networks

Kiefer Networks alternative routing technology allows apps to bypass many censorship blocks, but your network traffic may go through third party networks which we do not control. This could enable a third party to record your IP address or see that you are using Proton apps (the same information that your Internet Service Provider is able to see). These third parties cannot see your actual data, which remains encrypted. By default, alternative routing is not used for Kiefer Networks apps unless they detect that censorship measures are active on your network.

Data Retention

When a Kiefer Networks account is closed, data is immediately deleted from production servers. Active accounts will have data retained indefinitely. Deleted emails are also permanently deleted from production servers. Deleted data may be retained in our backups for up to 14 days.

Data Disclosure

We will only disclose the limited user data we possess if we are instructed to do so by a fully binding request coming from the competent American authorities (legal obligation). While we may comply with electronically delivered notices (see exceptions below), the disclosed data can only be used in court after we have received an original copy of the court order by registered post or in person, and provide a formal response.

If a request is made for encrypted message content that Kiefer Networks does not possess the ability to decrypt, the fully encrypted message content may be turned over. If permitted by law, Kiefer Networks will always contact a user first before any data disclosure.

Kiefer Networks may from time to time, contest requests if there is a public interest in doing so. In such situations, the Company will not comply with the request until all legal or other remedies have been exhausted. Therefore, not all requests described in our Transparency Report will lead to data disclosure.

Modifications to Privacy Policy

Kiefer Networks reserves the right to periodically review and change this policy from time to time and we will notify users who have enabled the notification preference about changes to our Privacy Policy. Continued use of the Service will be deemed as acceptance of such changes.