policy: quick links
- website disclaimer
- licensed works
- contacting us
- do not track
- security measures
- legal obligations
- code of conduct
- ethics and clientele
Derwen, Inc., develops its products and services based on a privacy by design approach. Our efforts are intended to be proactive not reactive, with privacy as the default. We strive to embed these practices into our designs: on the one hand providing visibility and transparency, while on the other hand prioritizing full lifecycle protection and end-to-end security, Utimately our policies are based on respect for customer privacy; in fact, our products and services originated in response to the general ineffectiveness of online marketing which places undue emphasis on commercializing consumer surveillance.
What personal information do we collect from people who visit our website?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, or other details to help you with your experience.
In addition, any agreements (such as account registration, API key generation, etc.) which are construed as legal documents may also record your IP address, browser agent info, and timestamp of the agreement. That data will be retained as needed by Derwen, Inc.
For those who register for an account, when you login we record usage of online materials, including presentations.
When do we collect information?
We collect information from you when you register on our site, place an order, subscribe to a notification, fill out a form, or enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, or use certain other site features, in the following ways:
- to process your transactions
- to follow-up after correspondence
- to notify you about changes in policy or in the event of a data breach
- to notify you about your account and billing
How do we protect your information?
- an external PCI-compliant payment gateway handles all credit card transactions, such that all transactions are processed through their network and are not stored or processed on our servers
- any sensitive information which you supply is encrypted via Transport Layer Security (TLS), including Secure Socket Layer (SSL) technology
- your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential
- we implement a variety of security measures -- whenever someone registers for an account, places an order, or enters, submits, or otherwise accesses their information -- to maintain the safety of their personal information
- we use vulnerability scanning, though not necessarily to PCI-compliance standards
- we use regular scanning for malware and other known attack vectors
Do we use "cookies"?
Yes. Cookies are small files which a site or its service providers transfer to your computer's hard drive through your web browser (if you allow) enabiling the site's or service provider's systems to recognize your browser and capture and remember certain information.
- provide sessions, i.e., preserve state when you login again (within a month)
- use trusted third-party services (Cloudflare) which track anonymized information on our behalf, for the purpose of web cache performance and improved security measures on this site
Through your browser settings, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. Since each browser may be different, refer to your browser's Help Menu to learn the correct way to modify your cookie settings.
If you turn cookies off, it may degrade the performance of your experience on this site, though it will not reduce your access to the publically available content.
We do not sell, trade, share, or otherwise transfer to outside parties your Personally Identifiable Information data.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. Therefore we have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these third-party sites.
Does our site allow third-party behavioral tracking?
It's also important to note that we do not allow third-party behavioral tracking.
California Online Privacy Protection Act (CalOPPA)
According to CalOPPA, we agree to the following:
- people can visit our site anonymously
- you can change your personal information:
- by sending email to us
- by login to your account
Children Online Privacy Protection Act (COPPA)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission -- the consumer protection agency within the US -- enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online:
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
To be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- we will notify you via email, within 7 business days
- we will notify all clientele via in-site notification, within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have rights enforceable against those who use their data, but also that individuals have recourse to courts or government agencies to investigate and prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and specifies strict penalties for violations.
We collect your email address in order to:
- send information, respond to inquiries, and other requests or questions
- process orders, and send information or updates pertaining to orders
- send you additional information related to your product or service
- notifiy you regarding changes in policy or about your account
To be in accordance with CAN-SPAM, we agree to the following:
- not use false or misleading subjects or email addresses
- identify the message as an advertisement in some reasonable way
- include the physical address of our business or site headquarters
- monitor third-party email marketing services for compliance, if one is used
- honor opt-out/unsubscribe requests quickly
- allow clientele to unsubscribe by using the link at the bottom of each email
If at any time you would like to unsubscribe from receiving future emails, you can contact us by following the instructions at the bottom of each message and we will promptly remove you from ALL correspondence.
We honor Do Not Track signals and thus we do not track, plant cookies, or use any targeted advertising when a Do Not Track (DNT) browser mechanism is in place. DNT represents a complete and explicit opt out for any data collection or other stateful interactions.
By continuing to use this site with DNT you acknowledge that many services will no longer be available to you, and you agree to those terms.
For more details, please refer to our Do Not Track policy document.
This site implements an https-only approach, such that remote requests are transacted over encrypted communications (TLS) as much as possible. This helps to:
- protect the privacy and security of our clientele
- verify the site's authenticity and integrity
- support the upcoming "Browser deprecated HTTP" changes
- improve search ranking
DNS, SMTP, HTTPS, and other services related to this site use cryptographically secured approaches. Similarly, we encourage all of our clientele to employ encrypted methods for any email as well as text messaging and voice when communicating with us.
Overall, this site employs a range of contemporary security measures involving HTTP Strict Transport Security, certificates, symmetric keys, and public/private key encryption. In addition, our security measures receive periodic audits. For more information about these methods and more, please see the excellent article "Building web apps that respect a user's privacy and security" by Adam Scott.
The content contained in this website is for general information purposes only. That information is provided by Derwen, Inc., and while we endeavor to keep this content up-to-date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website you are able to link to other websites which are not under the control of Derwen, Inc. We have no control over the nature, content, and availability of those sites. The inclusion of any links does not necessarily imply a recommendation nor endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. Derwen, Inc., however takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.
Note that any automated processes or services (e.g., "crawlers") accessing this site, and its associated APIs and services, must observe the limitations defined by the Robot Exclusion Protocol, which we specify in the https://derwen.ai/robots.txt file.
All product names, logos, and brands are property of their respective owners. Unless otherwise noted, all other works herein are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
By continuing to use the resources presented through this site -- even as an anonymous viewer of this site -- you agree to observe the rights asserted for these licensed works. Moreover, you agree that any automated processes or services accessing this site and any associated APIs or services also observe the obligations of their respective owners.
If you have any questions regarding these policies, you may contact us using any of the following methods:
970 Gravenstein Highway South
Sebastopol, CA 95472 USA
Derwen, Inc., does not provide staffing, job placement, or recruiting services, nor any services in which its employees act as sales or marketing agents for another organization.
Limits of engagement
The firm reserves the right to perform due diligence for any persons affiliated with clientele -- including but not limited to executives, directors, employees, contractors, vendors, and customers. Any and all determinations resulting from due diligence are confidential and proprietary, as are the risk models used to assess pricing surcharges for clientele.
The firm reserves the right to decline to work directly with anyone who has been determined to violate our policies for security, privacy, ethics, and code of conduct, or who has been determined to exceed reasonable limits of business risk exposure.
All requests for non-disclosure agreements are subject to prior review by corporate counsel.
Any public representation of executives, directors, employees, or contractors of Derwen, Inc., made by clientele or other third parties -- beyond "Fair Use" cases -- must have written approval in advance from the management of Derwen, Inc.
Restrictions, requirements, and protections for employees
Employees of Derwen, Inc., have the following restrictions, requirements, and protections:
- Employees are restricted from working more than fifty percent (50%) of their total billable hours in a given month for any one client.
- Employees are restricted from accepting any meeting (online or in-person) outside of existing contract work without prior full dislosure in writing of the intents of the other parties involved in the meeting.
- Employees are restricted from use of email or calendar systems managed by other organizations, sharing calendars outside the firm, or use of the following platforms for communications: Zoom, Telegram, Keybase, Messenger.
- Employees and contractors are encouraged to declare their support of anti-fascism in public. When arrested during a civil rights protest, employees will have their bail and legal costs covered by the firm.
- All members of the Board of Directors for Derwen, Inc., are required to declare their support of anti-fascism in public.
Employees of Derwen, Inc., per their work agreements and the laws of the State of California, have legal protections in the workplace against any and all requests for:
- non-compete agreements
- non-disparagement agreements
- mandatory attendance
- loyalty oaths
- drug testing
- salary history disclosure
- required contributions to political action committees
- forced binding arbitration
- any religious requirements
Under no circumstances will requests related to these items be recognized as legitimate, signed, or otherwise honored by the company or its employees.
Actions requiring board approval
Furthermore, the employees, contractors, and other representatives and associates of Derwen, Inc., including but not limited to clientele and their representatives, are not authorized to:
- enter into commercial engagements on behalf of the company
- create or transact within financial accounts of the company
- disclose confidential information regarding our staff or clientele
- attempt to recruit current employees of Derwen, Inc., for another organization
- expose online services and other resources to be unprotected by security measures
- republish any content that is otherwise only available via login
- breach other legal agreements or duties of confidentiality
- offer investment advice
... unless specifically granted authorization for such actions by the Board of Directors of Derwen, Inc.
Attempts by any parties outside of our firm to coerce, restrict, or otherwise interfere with corporate policy will be considered extra-jurisdictional and presumed hostile, and may become subject to criminal prosecution. Any other aggressions conducted by our clientele or their representatives, related to the prohibitions and restrictions listed above, will be enforced to the maximum extent permitted by law.
We do not condone harassment or offensive behavior at our consulting engagements, nor at our events nor within our discussion forums, whether those are held online or in-person.
We invite you to help us make each engagement or event organized by Derwen, Inc., a place which is welcoming and respectful to all participants regardless of gender, gender identity and expression, age, sexual orientation, disability, physical appearance, race, ethnicity, or national origin.
Examples of harassment include: offensive comments; verbal threats or demands; overtly sexualized images in public spaces; intimidation; stalking; harassing photography or recording; sustained disruption of events or discussion forums; and unwelcome physical contact or sexual attention. Harassment also includes slights and negative messages (both unintended and intentional) and other forms of microaggression, as well as advocating for, or encouraging, any of the offensive behaviors listed above.
Participants asked to stop any harassing behavior are expected to comply immediately and may be expelled from an event without a refund and banned from future engagement at the discretion of Derwen, Inc.
Please bring any concerns to the immediate attention of our staff.
We reserve the right to refuse service. While some businesses espouse a belief such that the customer is always right, the character of any business is partly defined by the integrity of its clientele. To that end, some expectations of civil behavior define minimum requirements for inclusion over and beyond simply engaging in transactions in commerce.
Conversely, per the ethical stance embraced by this business, exclusion may be based on attempted abuses of our staff and resources, including: misogyny, racism, bullying, nationalism, and other creepiness; abuse or aggression toward staff or other clientele; attempts to tamper with our web site, APIs, or other resources; promoting self-righteousness or righteous indignation in any form; promoting corporatism; proselytizing for religions based on sacred texts; technology scouts and other actors working on behalf of hostile states; engaging in cyberthreats, spam, trolling, or related actions; or advocating for, or encouraging, any of the behaviors listed above. Those activities are strictly forbidden here.
Accounts which get shutdown for ethical reasons will be fully refunded for their remaining balances. All associated data (excepting financial records and legal documents) will be purged immediately.
Be advised that Derwen, Inc., enforces a zero-tolerance policy toward individuals and organizations which support climate science denial -- also called "climate change skepticism" -- as well as adjacent creeds and political insurgencies including nationalism, gender and racial bias, and religious extremism. This extends to said individuals' and organizations' funding sources, political alliances, and activities outside of the workplace. We invite other business organizations to join in this effort.
Meanwhile, our company has committed to engaging in ethical professional conduct which abides by the ACM Code of Ethics and Professional Conduct in all consulting engagements on behalf of our clientele.
[Updated and effective: d878d05 Wed Jun 3 06:24:57 2020 +0000]