StormWatch+ Alerts Privacy Policy

Updated: 1/13/2019

Cirrus Weather Solutions, LLC (“CWS”) offers and provides the StormWatch+ Alerts (“Service”) within CWS’s portfolio of applications, including the MemphisWeather.net and StormWatch+ apps (“Apps”).

Collected information & its usage

Account Registration

After purchasing access to the Service, you are required to register an account, having an associated email address and password. This email address used during registration is used to perform account management tasks, such as resetting your account password, and authentication with the Service.

During Usage of the Service

You may choose to provide your GPS-indicated location to the Service. This information is not shared with any third-parties, nor is it used by CWS beyond the scope required by the Service to send or display severe alert notifications to your device.

A token is stored by the Service to send notifications to your device. Notifications sent by the Service to your device relate solely to alerting you of severe alerts or public safety concerns; they are not used for marketing purposes.

A vendor-specific unique token identifier for your device (for Apps running on iOS, an “identifier for vendor”; for Apps running on Android, an “Android ID”), is collected during registration and is associated with your account. This identifier is not shared with third-parties. It is stored to allow you to utilize the Service on more than one device, e.g., to 1) restrict the association of locations to one device, and 2) receive notifications on that device.

The Service stores information you provide regarding notification preferences.

You may provide the service with a referral code received by one of CWS’s affiliates. Submission of a referral code in this manner is anonymized and not associated with you or your account.

Under no circumstance is your data provided or sold to third-parties for marketing purposes.

Support

When you submit a support request pertaining to the Service from the Apps, it is transmitted to ZenDesk, a third-party service provider. ZenDesk receives your email address from this support request. Your email address may be used to receive follow-up correspondence from CWS service agents. This correspondence is limited to the scope of the request for support and is not used for marketing purposes. The ZenDesk Privacy Policy is available for review.

Reviewing & changing information you provide

Information you provide to the Service is accessible through the Apps where it may be changed or deleted.

Your account and any related collected information may be also be deleted by requesting such in a support request via the Apps.

Deleted information may be retained in backups until they are discarded; see "Disaster recovery".

Security measures

Communication with the Service by the Apps is secured using HTTPS. The Service supports an industry best-practice TLS cipher-suite limited to ephemeral, ECDHE ciphers, ensuring robust perfect-forward secrecy.

Other features employed include HTTP Strict Transport Security (“HSTS”) and OSCP stapling.

Your account password is not stored in plain text.

Your IP address may be retained temporarily in logs on systems running the Service. Logs are purged and deleted on a regular basis.

Software constituting the Service is updated on a regular, periodic basis to adopt security improvements.

Disaster recovery

Backups of data collected by the Service are generated on a daily basis for the sole use of disaster recovery. These backups are secured both in transport (to our backup provider using HTTPS) and in-rest, using AES256 encryption. Backups are retained for no longer than 90 days.

Physical security

The Service runs on hardware in a secured data center facility. Access to CWS’s service infrastructure is limited only to explicitly authorized agents of CWS.

Disclosure of your information

CWS complies with search warrants or court orders requiring disclosure of your information, and will provide notice of such a disclosure when possible, e.g., in all but the most exigent of circumstances.

CWS reserves the right to disclose your information in cases of suspected abuse of the Service, or to investigate or report fraudulent behavior or illegal acts.

Compliance statements

Children’s Online Privacy Protection Act

The Service is not marketed nor intended for use by any persons under the age of 13. CWS does not solicit, store, or collect information through the Service from any persons known by CWS to be under the age of 13.

California Online Privacy Protection Act

CWS complies with the requirements enumerated in the California Online Privacy Protection Act and will not distribute your personal information to outside parties without your consent.

Changes to this Policy

We reserve the right to update this Privacy Policy as needed. Each time it is updated, a new date will appear at the top and a summary of changes will appear below. Regularly reviewing this page ensures that you are always aware of what information we collect, how we use it, and under what circumstances, if any, we will share it with other parties.