Privacy Policy

Detailed information on how the Spectre applications handle personal information.

In Short

Spectre has adopted a zero-PII (personally identifiable information) policy by default, with the intent of making your sensitive personal information effectively inaccessible to us.

What does this mean?

Spectre apps will never:

  • Transmit your name, passwords, personal or contact information.
  • Transmit any information which could be used to identify you.

It is for these reasons that:

  • You do not actually hold an account with us.
  • We can not recover your lost credentials.
  • Your payments or refunds are not handled by us.
  • We do not sync passwords between devices.
  • Your collaboration may be required when you report an issue.
  • We are unable to provide details to authorities on your use of Spectre.

What motivates our dedication to your privacy?

  • Keeping zero user records reduces our internal and legal risk profile.
  • Statelessness is a core operating principle underpinning privacy control.
  • We believe your trust is earned only by proving our commitments through transparency.

Spectre has not been compelled to turn over any personal information since Nov, 2011 (inception).
Last update: Jul, 2021.

Data Protection Officer

For any questions or requests about Spectre’s handling of your personal data, please contact our Data Protection Officer.

Collection

With the important bit out of the way, the Spectre app does collect or transmit some information, and users may sometimes submit personal information to us.

The following details how that collection takes place in order to ensure that our zero-PII policy is honoured.

Device Logs

Device logs are available only to you, or (anonymous critical logs) via Diagnostics if enabled by you.

Transparency and self-empowerment are important values at Spectre. For this reason, the app collects logs on its own operation in the background for you to review.

These logs are intended to help you keep track of what is happening, to enable you to investigate unexpected behaviour and to ensure you are the gatekeeper when you recruit our assistance to diagnose a problem with the app.

Logs can be viewed by you at any time. Logs are not saved to disk and disappear as soon as the app is quit.

Identifiers

Identifiers are fully anonymized and available only to you, or via Diagnostics if enabled by you.

The purpose of identifiers is to help diagnose information at your request. They can only be correlated if you choose to self-identify yourself to our support staff using your own identifiers.

Spectre is determined to limit its own ability to correlate information with individuals, intent on making it impossible to use its identifiers for tracking or tracing. We do this by severing the link between you and your identifiers. Consequently:

  1. Having an identifier, it is impossible to determine the user or device that it represents.
  2. Knowing the user or device, it is impossible to determine what their identifier would be.

User Identifier

Spectre’s user identifiers are fully authenticated tokens passed through a one-way cryptographic encoding algorithm. This means a user’s identifier can only be computed by that user and is effectively protected by the user’s Spectre secret.

Device Identifiers

Spectre exclusively uses fully randomized device identifiers. As a result, there exists no discernible correlation between the identifier and the device that created it.

Crash Monitoring

Crash monitoring is fully anonymous and turned off, unless Diagnostics is enabled by you.

It is important to us that your experience using the app is as flawless as possible. To that end, Spectre was designed with the ability to take action should the app crash for any reason.

When the app crashes, the software can make a best-effort attempt to write to disk some information that will assist in determining the cause of the crash. This information is commonly referred to as a “crash report”.

When the app is started next, Spectre will find this crash report on disk and attempt to send it to our crash monitoring service. Once there, our developers will be notified and investigate the cause of your crash. Using this information, Spectre’s code can be improved to help prevent these crashes from occurring in the future.

Metrics

As part of recording a crash event, Spectre discloses the following metric categories:

  • Information describing the device model (eg. device name, model, screen, memory)
  • Information describing the operating system version (eg. system name, version, kernel)
  • Information describing the application version (eg. application build, version, distribution)
  • Information describing the state of the device (eg. time zone, orientation, carrier, locale)
  • Information describing the cause of the crash (eg. binaries, libraries, call stack)
  • Spectre’s critical operation logs, void of any personal information
  • Spectre user and device identifiers as described above

As a result of our zero-PII policy, this information cannot trace back to you.

Analytics

Analytics are anonymous and turned off by default, unless Diagnostics is enabled by you.

To ensure we are adequately serving the needs of our many users, avoid creating confusing user experiences and build our features such that they are maximally helpful to people of all abilities, we use analytics to build statistical user interaction models.

Metrics

Spectre’s statistical user interaction models consist of the following device information:

  • Information describing the device model (eg. device name, model, screen, memory)
  • Information describing the operating system version (eg. system name, version, kernel)
  • Information describing the application version (eg. application build, version, distribution)
  • Information describing the state of the device (eg. time zone, orientation, carrier, locale)
  • Information describing application interaction (eg. controls used, timing, problems)
  • Spectre user and device identifiers as described above

As a result of our zero-PII policy, this information cannot trace back to you.

Communication

Notifications are disabled unless you consent to turning them on in the app.

To keep our users appraised of significant developments in digital security and raise awareness of relevant important events, Spectre users can opt-in to receiving one-way notifications in their app. If security information needs to be communicated, such as a critical bug in the app or a widely used website has been compromised, Spectre may use notifications to appraise and advise its user-base.

Turning notifications off causes your device’s known registration to be deleted.

Metrics

To facilitate participation in Spectre’s notifications, Spectre discloses the following details:

  • Information describing the device model (eg. device name, model, screen, memory)
  • Information describing the operating system version (eg. system name, version, kernel)
  • Information describing the application version (eg. application build, version, distribution)
  • Information describing the state of the device (eg. time zone, orientation, carrier, locale)

As a result of our zero-PII policy, this information cannot uniquely trace back to you.

Updates

Update e-mails are only sent if you have registered for an update stream.

Some of our users are interested in keeping up-to-date on Spectre’s development, the roadmap, and opportunities for testing out new capabilities and early releases.

If you would like to subscribe to receive updates, please fill in this form. If you would like to manage your existing subscription or unsubscribe, please use the custom links at the bottom of our emails.

Personal Information

To facilitate participation in Spectre’s update e-mails, the following details are submitted to and retained by Spectre:

  • E-mail address
  • Given and family name (optional)
  • Device information (optional)
  • User-submitted notes (optional)

This information is expunged when users unsubscribe from future updates.

Community

Community participation is entirely optional and user-driven.

Some of our users are eager to participate in Spectre’s community, where people gather to discuss topics related to privacy and personal security.

Participation in this forum is entirely user-driven and subject to our Community Guidelines. We have no control over which personal information is submitted willingly by users to this platform. Any users that wish to have their personal account deleted may contact the enforcement officer.

Personal Information

To facilitate participation in Spectre’s community forums, the following details are submitted to and retained by Spectre:

  • E-mail address
  • User-submitted content (optional)

Support

Our support staff is always ready to assist and advise on your request.

Spectre maintains several support channels. Your participation in these support channels is entirely opt-in. Spectre retains user information submitted through support requests for internal use, reference and training.

Users who wish to have any of their information deleted may submit such a request through any of our official support channels and we will follow up promptly, deleting the information after sending out our final confirmation.

Personal Information

Communication with Spectre’s support channels is a two-way street and therefore requires that Spectre retains the following details:

  • E-mail address
  • User-submitted content

Payment

Spectre does not see your financial information or share user information with payment providers.

Spectre is determined to hold no account, payment or transaction information on you. To that end, any payments for services or subscriptions are handled exclusively by trusted partners.

These partners share their income from your payments with us but do not disclose any information on the origin of this income, barring statistics in aggregate.

We work with the following payment processors:

  • iOS and macOS devices: Apple’s iTunes Store