Data Policy

Introduction

Achivist.com, a non-profit platform focused on self-improvement, is committed to the highest standards of data privacy and security. Our data storage and management practices are designed to ensure the safety and confidentiality of user data.

Data Storage and Security

AWS EU Storage & PlanetScale: Data is securely hosted on AWS servers in the EU, managed by PlanetScale.

Data Encryption: All data is encrypted both in transit and at rest, as ensured by PlanetScale.

Database Security: Utilizing Vitess for enhanced scalability and MySQL for ACID compliance, ensuring reliable and consistent data storage.

Safe Migrations and Revert: Protective measures against destructive database actions, with a focus on data integrity.

Data Use and Privacy

No Data Sale: We do not sell user data.

Limited Data Viewing: Access to data is limited to the owner Murat Bock.

Privacy Assurance: Handled with strict confidentiality.

User Rights and Data Retention

Data Removal: Request data deletion at support@achivist.com. Account deletion feature to be added.

Retention Period: Data kept as long as the user is active and the business operates.

Third-Party Services and Data Sharing

No Third-Party Data Sharing: Data is not shared with third parties.

Third-Party Authentication: Services like Google or GitHub are used for authentication; users are informed of data sharing by these services.

Data Breach Protocol

Notification: Users will be informed via email in case of a data breach, with details of the affected data.

Network Security and Compliance

Network Security: Advanced options like AWS PrivateLink or VPC Peering used for enhanced security.

Compliance Standards: PlanetScale complies with SOC 2 Type II, PCI DSS, and supports HIPAA compliance under specific plans.

Contact

For inquiries: support@achivist.com.

Owner, Murat Bock: me@muratbock.com.