Cirrus Weather Solutions, LLC (“CWS”) offers and provides the StormWatch+ Alerts (“Service”) within CWS’s portfolio of applications, including the MemphisWeather.net and StormWatch+ apps (“Apps”).
After purchasing access to the Service, you are required to register an account, having an associated email address and password. This email address used during registration is used to perform account management tasks, such as resetting your account password, and authentication with the Service.
You may choose to provide your GPS-indicated location to the Service. This information is not shared with any third-parties, nor is it used by CWS beyond the scope required by the Service to send or display severe alert notifications to your device.
A token is stored by the Service to send notifications to your device. Notifications sent by the Service to your device relate solely to alerting you of severe alerts or public safety concerns; they are not used for marketing purposes.
A vendor-specific unique token identifier for your device (for Apps running on iOS, an “identifier for vendor”; for Apps running on Android, an “Android ID”), is collected during registration and is associated with your account. This identifier is not shared with third-parties. It is stored to allow you to utilize the Service on more than one device, e.g., to 1) restrict the association of locations to one device, and 2) receive notifications on that device.
The Service stores information you provide regarding notification preferences.
You may provide the service with a referral code received by one of CWS’s affiliates. Submission of a referral code in this manner is anonymized and not associated with you or your account.
Under no circumstance is your data provided or sold to third-parties for marketing purposes.
Information you provide to the Service is accessible through the Apps where it may be changed or deleted.
Your account and any related collected information may be also be deleted by requesting such in a support request via the Apps.
Deleted information may be retained in backups until they are discarded; see "Disaster recovery".
Communication with the Service by the Apps is secured using HTTPS. The Service supports an industry best-practice TLS cipher-suite limited to ephemeral, ECDHE ciphers, ensuring robust perfect-forward secrecy.
Other features employed include HTTP Strict Transport Security (“HSTS”) and OSCP stapling.
Your account password is not stored in plain text.
Your IP address may be retained temporarily in logs on systems running the Service. Logs are purged and deleted on a regular basis.
Software constituting the Service is updated on a regular, periodic basis to adopt security improvements.
Backups of data collected by the Service are generated on a daily basis for the sole use of disaster recovery. These backups are secured both in transport (to our backup provider using HTTPS) and in-rest, using AES256 encryption. Backups are retained for no longer than 90 days.
The Service runs on hardware in a secured data center facility. Access to CWS’s service infrastructure is limited only to explicitly authorized agents of CWS.
CWS complies with search warrants or court orders requiring disclosure of your information, and will provide notice of such a disclosure when possible, e.g., in all but the most exigent of circumstances.
CWS reserves the right to disclose your information in cases of suspected abuse of the Service, or to investigate or report fraudulent behavior or illegal acts.
The Service is not marketed nor intended for use by any persons under the age of 13. CWS does not solicit, store, or collect information through the Service from any persons known by CWS to be under the age of 13.
CWS complies with the requirements enumerated in the California Online Privacy Protection Act and will not distribute your personal information to outside parties without your consent.