davidjgraph/gist:9609136

## gistfile1.txt
draw.io Online Privacy and Security Policy
------------------------------------------

This is the privacy and security policy of JGraph Ltd (JGraph) for usage of the online draw.io tool. This policy applies to usage of www.draw.io and drive.draw.io. It does not apply to other sites and applications that embed the draw.io application.

We are JGraph Limited, a company registered in England and Wales - No. 04051179. Our registered office is at:

JGraph Ltd
Artisans' House
Queensbridge
Northampton
Northamptonshire
United Kingdom
NN4 7BF
E-mail: legal@jgraph.com

Version 2.1 - 4th November 2013

Communications
--------------

To opt-out of any communications we send, you can either click the 'unsubscribe' link at the bottom of any emails, or send an email to to let us know you want to opt-out.


Cookies
-------

A cookie is a small text file which is transferred from a website and stored on your computer's hard drive. We store a small number of cookies to remember configuration options.

We do not use draw.io cookies for authentication, tracking or linking you to any personal information.

When using Google Drive or Dropbox or storage, those services will store authentication cookies. Please refer to the privacy and security policies of those services for more details.

http://www.google.com/intl/en/policies/privacy/
https://www.dropbox.com/terms#privacy


Google Analytics
----------------

This website uses Google Analytics; a web analytics service provided by Google, Inc. ("Google"). The Google Analytics service collects information on the page you have visited and helps us to improve our services to you. No data which is collected through this service is personally identifiable. You can find out more about this service at . Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address which we do not link to any personally identifiable information) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for us and providing other services to us relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

To switch Google Analytics off add the URL parameter "analytics=0"


Your data / information and our access to it
------------------------------------------

We collect no personal information when you use the draw.io web site.

draw.io is delivered largely as a static web site. All communications with third-party storage services (Google Drive and Dropbox) are performed directly from your browser, none of your data travels through our servers in these cases.

The functions of draw.io that do involve your data passing through our servers are:

Loading/Saving from/to your local file system. If you use a modern browser with FileAPI (Chrome, Opera, , IE 10+), then we load your XML locally, without using the server. The latest versions of all major browsers support FileAPI, you can check support using http://caniuse.com/fileapi.

For saving locally the data is echoed from our server to your computer to be saved. The data is only in memory on the server and the memory re-claimed shortly after the operation. If you wish to avoid this operation, copy and paste the XML of the diagram from dialog that displays from the Options->Advanced->Edit and copy that XML to your file to save it.

Visio imports are performed on the server, your Visio file is uploaded to the server, converted and the draw.io diagram format sent to your browser. This happens entirely in memory which is re-claimed shortly after the operation. If you wish to avoid this operation, copy and paste the XML of the diagram from the dialog that displays from the Options->Advanced->Edit and copy that XML to your file to save it.

When exporting raster (PNG, JPG, GIF) or PDF versions of your diagram, an SVG representation is sent to our image export server farm, the export representation created and returned. This happens entirely in memory which is re-claimed shortly after the operation. If you wish to avoid this operation, use a browser like Google Chrome that has a save as PDF function in the print dialog, this entirely a client-side operation. Exporting as SVG is also a client-side operation, this may be suitable as an alternative to exporting as PDF. There are a number of free desktop tools that convert SVG to other formats, also.

Performing a search in the image library sends a request to the iconfinder.com service. This responds with a set of images (if any) that match the keyword(s). We do not pass any additional information onto iconfinder.com. Making the search provides Iconfinder with your IP address, browser user agent, search keywords and the fact that you are using draw.io. Refer to the Iconfinder privacy policy, https://www.iconfinder.com/about/privacypolicy, for more information.

Performing a search using Google Image is subject to Google's privacy policy, http://www.google.com/intl/en/policies/privacy/.


Server Security
---------------

www.draw.io (and drive.draw.io) is hosted on Google App Engine, located within Google's secure data centres. See Google's security policies for more details. Only two draw.io team members have access to upload the draw.io application, both Google accounts used are protected by 2 factor authentication. Once the application is deployed there is no reasonable to externally log into the servers the application is running.

To access the information stored about you
------------------------------------------

We store no information about you when you use the draw.io web site. Any request to access the information would provide the same response.

Changes to the Privacy Policy
-----------------------------

JGraph Ltd reserves the right to amend or modify the policies on this page by giving 30 days written notice on the www.jgraph.com website. We will endeavour to ensure the your privacy is not eroded to any significant degree from the promises made in this policy.
	draw.io Online Privacy and Security Policy
	------------------------------------------

	This is the privacy and security policy of JGraph Ltd (JGraph) for usage of the online draw.io tool. This policy applies to usage of www.draw.io and drive.draw.io. It does not apply to other sites and applications that embed the draw.io application.

	We are JGraph Limited, a company registered in England and Wales - No. 04051179. Our registered office is at:

	JGraph Ltd
	Artisans' House
	Queensbridge
	Northampton
	Northamptonshire
	United Kingdom
	NN4 7BF
	E-mail: legal@jgraph.com

	Version 2.1 - 4th November 2013

	Communications
	--------------

	To opt-out of any communications we send, you can either click the 'unsubscribe' link at the bottom of any emails, or send an email to to let us know you want to opt-out.


	Cookies
	-------

	A cookie is a small text file which is transferred from a website and stored on your computer's hard drive. We store a small number of cookies to remember configuration options.

	We do not use draw.io cookies for authentication, tracking or linking you to any personal information.

	When using Google Drive or Dropbox or storage, those services will store authentication cookies. Please refer to the privacy and security policies of those services for more details.

	http://www.google.com/intl/en/policies/privacy/
	https://www.dropbox.com/terms#privacy


	Google Analytics
	----------------

	This website uses Google Analytics; a web analytics service provided by Google, Inc. ("Google"). The Google Analytics service collects information on the page you have visited and helps us to improve our services to you. No data which is collected through this service is personally identifiable. You can find out more about this service at . Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address which we do not link to any personally identifiable information) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for us and providing other services to us relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

	To switch Google Analytics off add the URL parameter "analytics=0"


	Your data / information and our access to it
	------------------------------------------

	We collect no personal information when you use the draw.io web site.

	draw.io is delivered largely as a static web site. All communications with third-party storage services (Google Drive and Dropbox) are performed directly from your browser, none of your data travels through our servers in these cases.

	The functions of draw.io that do involve your data passing through our servers are:

	Loading/Saving from/to your local file system. If you use a modern browser with FileAPI (Chrome, Opera, , IE 10+), then we load your XML locally, without using the server. The latest versions of all major browsers support FileAPI, you can check support using http://caniuse.com/fileapi.

	For saving locally the data is echoed from our server to your computer to be saved. The data is only in memory on the server and the memory re-claimed shortly after the operation. If you wish to avoid this operation, copy and paste the XML of the diagram from dialog that displays from the Options->Advanced->Edit and copy that XML to your file to save it.

	Visio imports are performed on the server, your Visio file is uploaded to the server, converted and the draw.io diagram format sent to your browser. This happens entirely in memory which is re-claimed shortly after the operation. If you wish to avoid this operation, copy and paste the XML of the diagram from the dialog that displays from the Options->Advanced->Edit and copy that XML to your file to save it.

	When exporting raster (PNG, JPG, GIF) or PDF versions of your diagram, an SVG representation is sent to our image export server farm, the export representation created and returned. This happens entirely in memory which is re-claimed shortly after the operation. If you wish to avoid this operation, use a browser like Google Chrome that has a save as PDF function in the print dialog, this entirely a client-side operation. Exporting as SVG is also a client-side operation, this may be suitable as an alternative to exporting as PDF. There are a number of free desktop tools that convert SVG to other formats, also.

	Performing a search in the image library sends a request to the iconfinder.com service. This responds with a set of images (if any) that match the keyword(s). We do not pass any additional information onto iconfinder.com. Making the search provides Iconfinder with your IP address, browser user agent, search keywords and the fact that you are using draw.io. Refer to the Iconfinder privacy policy, https://www.iconfinder.com/about/privacypolicy, for more information.

	Performing a search using Google Image is subject to Google's privacy policy, http://www.google.com/intl/en/policies/privacy/.


	Server Security
	---------------

	www.draw.io (and drive.draw.io) is hosted on Google App Engine, located within Google's secure data centres. See Google's security policies for more details. Only two draw.io team members have access to upload the draw.io application, both Google accounts used are protected by 2 factor authentication. Once the application is deployed there is no reasonable to externally log into the servers the application is running.

	To access the information stored about you
	------------------------------------------

	We store no information about you when you use the draw.io web site. Any request to access the information would provide the same response.

	Changes to the Privacy Policy
	-----------------------------

	JGraph Ltd reserves the right to amend or modify the policies on this page by giving 30 days written notice on the www.jgraph.com website. We will endeavour to ensure the your privacy is not eroded to any significant degree from the promises made in this policy.