We want to be completely open about how we handle your information. This page explains our approach to privacy and data security, which we've carefully designed to be respectful and comprehensive.
We collect and store as little of your information as possible.
For most users, the only info you need to give us is your email address. For users on a team, we may also require your name and country, to help team supervisors review your learning progress. This information is visible to you, other people on your team, and our site admins. You can update it through our website, or by emailing our support staff. When your account is deleted, we delete this information too.
We record your IP address to assist with support inquiries, measure site traffic, prevent fraud, and detect malicious usage. It is only visible to our site admins, and is deleted after 30 days.
All other information we store about you is based strictly on how you use the site, is not personally identifiable on its own, and is destroyed or becomes completely anonymous when you delete your account.
Finally, to ensure we're storing as little personal information as possible, we automatically delete most accounts after 3 years of inactivity.
We will only email you:
We use DMARC and other modern email technologies to fight spam.
Your password is never stored or logged. We cannot recover your password if you forget it.
We use BCrypt for one-way encryption, with a high cost factor.
We use HTTPS secure connections between your browser and our servers, and between our backend services. We do everything we can to keep your data safe in transit.
Our SSL score is A+.
We use a small number of service providers to host LunchBox Sessions, store data, securely process payments, and communicate with you. We don't use any analytics, tracking, targeting, advertising, or remarketing integrations.
These services are responsible for transmitting, processing, and storing data for the essential operation of the site, and have access to the personal information you give to us:
We use these services to host our learning content. They see your IP address, but no other personal info:
We use these services for communication with you. They have access to any information included in email messages to or from us, including your name and email address:
If you have a question about these services, please email our designated employee in charge of privacy, Ivan Reese at email@example.com.
If you discover a vulnerability in LunchBox Sessions, let us know via firstname.lastname@example.org or email@example.com, and we will immediately work with you to address the issue.