The Stalirov&Co team developed the Terms of Use and Privacy Policy for the secure messenger Dober
About company and product
Dober is a secure messenger for Android, iOS and desktop. Users maintain complete confidentiality because the IT solution is not tied to a mobile phone number or email address.
The messenger uses post-quantum cryptography, includes a server based on the Linux operating system, and allocates separate servers for corporate clients.
🔸Audit the product and draw up documents based on the requirements of the App Store / Google Play for the collection, processing and storage of personal data.
🔸Check the compliance of the product with international laws in the field of personal data protection, information security, and privacy.
🔸Develop the Terms of Use and the Privacy Policy in accordance with the requirements of the GDPR and CCPA to regulate relations with users and protect the intellectual property of the company.
Realization
Age limits and the list of rules for using the messenger
Users are prohibited from storing, distributing or transmitting illegal materials through the messenger. The use of Dober for illegal purposes may result in criminal or civil liability, account termination or suspension. The users are responsible for all activities that occur under their account.
The messenger is not intended for use by persons under 16 years old.
Business account creation
A business account provides an opportunity to use the messenger as a closed communication channel, available only to employees of the business client or authorized users.
The business clients use their account server to store and process the personal data of their users. Dober does not collect business customers’ data.
Notification regarding account suspension caused by suspicious activity
If Dober recognizes an account in violation of laws or regulations, or an account that has been illegally accessed, Dober may block such an account.
Security measures for account creation and restoration
1. The users need to create a password, which can consist of any number of characters.
2. The users can specify a secret word or set of characters that will be known only by them and the Dober support team.
3. In addition, users are encouraged to create an additional "question", "answer" and "hint" to restore access to the account in case of password loss. In case of loss of access to the account, it will be impossible to restore access without the activated secret question-answer function.
4. For additional account protection, users can create a PIN code to access the messenger.
List of disclaimers
◾Dober has no control over login details or password security, and is not responsible for an account breach if a user chooses a weak password, security question, or answer.
◾Dober is not responsible for restoring access to the user account in the event of a lost password, secret question, or answer, as the company does not store hashes and backup copies of passwords.
◾Dober is not responsible for damages, lost profits, loss of business opportunities, or business interruption.
◾Dober does not guarantee that the functions of the messenger will be available, uninterrupted, or error-free.
◾Dober does not claim that customer support will provide instant responses.
Personal data collected and stored by Dober and user notification concerning the automatic collection of user data
Users’ personal data includes login, account name, nickname, secret question-answer, public key, profile picture, and metadata.
When interacting with the messenger, some information about users is collected automatically from a computer or mobile device, such as server logs, device data, location, date and time, and business account server.
Legal grounds, methods and purposes of personal data collection
◾Dober collects personal data to provide access to the messenger, comply with laws, resolve and prevent disputes, and detect and prevent fraud or other illegal activities.
◾Dober collects data when users create their accounts and use the messenger.
◾Dober processes data to provide information about the messenger, manage devices, track unauthorized access, and provide internal quality and security controls.
Period and location of data storage
Dober retains users' personal data until their account is deleted. When deleting an account from a public server, the encryption keys that were used for correspondence are deleted, but messages in chats remain allowing users to read the history of correspondence.
Data is encrypted and stored in Ukraine on public servers owned or rented by Dober.
Measures for improving data security
◾ End-to-end data encryption. Messages, multimedia and chat files, as well as call content and data, are processed only on the device of the sender and recipient. Before this data reaches public servers, it is encrypted with a key known only to the sender and recipient. Public Dober servers process this end-to-end encrypted data to deliver it to the recipient or store it.
◾Post-quantum cryptography ensures data privacy. Information transmitted using the messenger is available only to the sender and addressee without the possibility of interception or eavesdropping.
Disclaimers for the use of business accounts
Dober is not responsible for the leakage, unauthorized collection and disclosure, resale or misuse of user data that occurs on the business account server.
If a business client uses a server to store and process data, Dober is not responsible for the security of data processing, transmission and storage. The business client independently ensures data security measures and is responsible for their safety.
