Last update: December 8, 2015
We have created this page to explain, very clearly and without legal speak, how
we collect and use your information while the Turtl app is connected to our
Note that this document will update as new features are added to Turtl. However,
parts of this document that state that something will never happen will not be
changed in any material way other than to clarify any possible ambiguity. When
we say never, we mean it.
Times when Turtl collects user information:
- When users join Turtl. They do so with a username and password: the username
is currently never sent to the servers, but in future versions may be sent in
plain text to our servers. The password, along with the username, create two
pieces of data: an authentication token used to verify that the user logging
in is the same user we have on our servers, and a master key used to encrypt
and decrypt your profile. The master key is never sent outside of the Turtl
app. The authentication token is created by one-way hashing the username and
password and then encrypting using the master key. It does not contain any
personally identifiable information, nor can any be reversed from the token.
- When users add a persona. Personas allow your account, which is private by
default, to be shared with by other people. So when you create a persona,
Turtl asks for an email address (required), name (optional), and in the future
possibly more optional fields (such as an avatar photo).
- When you add data to your profile. The notes/bookmarks/files you add will all
be encrypted (in the client) then sent to the Turtl service (where all your
data remains encrypted). Your data is only ever decrypted when inside the
application, and the only way to decrypt your profile is with your master key
or if you purposefuly share with another person. Your profile cannot even be
read by us.
Times when Turtl shares your information:
- When you successfully log in to your account, Turtl will download your data
profile (notes/bookmarks/files) to your local computer, in encrypted form,
and then decrypt your data when it arrives.
- When someone is searching for your email in the sharing interface, Turtl will
indicate whether or not the email typed in belongs to a current Turtl persona.
However, one must be logged in to the Turtl service to perform this search,
and there is no way to search multiple emails based on a wildcard. An email
must be known beforehand.
- When United States law enforcement or a government agency has a court order
or warrant which mandates that we share information on a specific user, we
must comply. However, keep in mind that your data profile remains encrypted
during this process. We have no way to decrypt your data, and most likely
neither does any law enforcement agency. Whether or not you choose to share
your encryption key with them is your decision.
The above may change, but with the restriction that Turtl will never share your
information with any third party other than a law enforcement agency which has
a valid, legal court order mandating us to turn over information. We will not
give your information to third parties.
Turtl has no third-party advertisements of any kind. Turtl will never have any
form of third-party advertisement. Doing so would cripple the security measures
Turtl takes to protect your information.
At times, Turtl may advertise, endorse, or promote features or other products,
but at no time will any third-party advertiser be allowed to place any hooks
into our codebase. Any advertisements run on the Turtl application will be run
by Turtl and no one else.