Security Overview

Our promise to you

Your information is sacred, and its security is always our highest priority. With that in mind, we make the following commitments to you:

  1. We will strive to use industry-best standards and practices to keep your data safe.
  2. We will be 100% open about how we store and use your data (see below).
  3. We will never rent, sell, or lend any personally-identifiable data, nor expose it to anyone other than you.
  4. We will never store your information beyond the length of your membership. If you go, so will your data.

How we use your data (and keep it safe)

It is important to understand when and how your data is being used by others. We strongly believe that every company has a responsibility to present this information as fully, clearly, and accurately as possible.

For Syphir Rules&trade, Syphir SmartPush&trade, and related applications, you can find that information here. Please check back regularly for updates, which will be time-stamped and annotated.

Gmail credentials

last updated: March 20 (using OAuth; Gmail credentials are not stored)

Gmail's servers rely on the IMAP protocol, and require full credentials for login. However, we support the popular OAuth protocol, which allows you to share your data without giving us your password. We also support the the OpenID protocol, allowing you to login to both Syphir Rules and Syphir SmartPush using your Google (or Google Apps) account.

  • We never store, retrieve, or even have access to your Gmail credentials.

Mailbox analysis

last updated: June 22 (only accessing necessary email fields; only storing data for SmartPush users; any stored data is temporary)

In order to apply the rules you create to your email, Syphir analyzes new emails as they arrive. The level of this analysis is dependent on the complexity of your rules. Specifically, the bodies of your emails are never accessed unless you have a rule with a condition that requires searching the body. If you are a Syphir SmartPush user, email bodies will be temporarily stored in order to be displayed on your phone. Otherwise, no data is stored.

  • You can remove your account at time from your main account page in Syphir Rules. This will clear all data related to your account.
  • We use 128-bit SSL encryption -- the same technology used by leading banks -- to ensure your data is never transmitted in the clear.
  • We protect your information against attacks from hackers in the form of SQL injection, cross-site reference forgery, cross-site scripting, and many other malicious techniques.