Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
476 lines (256 sloc) 51.8 KB

The fine print.

This page contains a lot of legalese pertaining to policies and terms. It's all very formal but everything here is guided by the following principles:

Our Guiding Principles

  • Your data is safe.
  • You own your data.
  • Stability and uptime of the Graphcool cloud platform are paramount.
  • Graphcool is built by developers for developers. We will strive to make every interaction with Graphcool an easy and painless experience.

Last Updated: 1/31/2017

Terms of Service

1. Your Agreement with Graphcool

1.1 Your use of the Graphcool service is governed by this agreement (the "Terms"). "Graphcool" means Graphcool, Inc and its subsidiaries or affiliates involved in providing the Graphcool Service. The "Graphcool Services" means the services Graphcool makes available through this website, including this website, the Graphcool cloud computing platform, the Graphcool API, the Graphcool Add-ons, and any other software or services offered by Graphcool in connection to any of those.

1.2 In order to use the Graphcool Services, you must first agree to the Terms. You can agree to the Terms by actually using the Graphcool Services. You understand and agree that Graphcool will treat your use of the Graphcool Services as acceptance of the Terms from that point onwards.

1.3 You may not use the Graphcool Services if you are a person barred from receiving the Graphcool Services under the laws of the United States or other countries, including the country in which you are resident or from which you use the Graphcool Services. You affirm that you are over the age of 13, as the Graphcool Services may not be used by children under 13.

1.4 You agree your purchases of Graphcool Services are not contingent on the delivery of any future functionality or features or dependent on any oral or written public comments made by Graphcool or any of its affiliates regarding future functionality or features.

2. Your Account and Use of the Graphcool Services

2.1 You must provide accurate and complete registration information any time you register to use the Graphcool Services. You are responsible for the security of your passwords and for any use of your account. If you become aware of any unauthorized use of your password or of your account, you agree to notify Graphcool immediately.

2.2 Your use of the Graphcool Services must comply with all applicable laws, regulations and ordinances, including any laws regarding the export of data or software.

2.3 You agree not to (a) access (or attempt to access) the administrative interface of the Graphcool Services by any means other than through the interface that is provided by Graphcool in connection with the Graphcool Services, unless you have been specifically allowed to do so in a separate agreement with Graphcool, or (b) engage in any activity that interferes with or disrupts the Graphcool Services (or the servers and networks which are connected to the Service).

2.4 You may use the Graphcool Services only to develop and run applications on the Graphcool infrastructure. You may not access the Graphcool Services for the purpose of bringing an intellectual property infringement claim against Graphcool or for the purpose of creating a product or service competitive with the Graphcool Services.

3. Service Policies and Privacy

3.1 You agree to comply with the Graphcool Acceptable Use Policy available at acceptable use policy (the "Acceptable Use Policy") which is incorporated herein by this reference and which may be updated from time to time.

3.2 The Graphcool Services shall be subject to the privacy policy. You agree to the use of your data in accordance with Graphcool's privacy policies.

3.3 You agree that you will protect the privacy and legal rights of the End Users of your application. You must obtain any consents required by applicable data protection laws and provide legally adequate privacy notice, access, and protection for End Users. If End Users provide you with user names, passwords, or other login information or personal information, you must make the End Users aware that the information will be available to your application and to Graphcool.

4. Fees for Use of the Graphcool Services

4.1 Subject to the Terms, the Graphcool Services are provided to you without charge up to certain limits. Usage over this limit requires your purchase of additional resources or services. The pricing for additional resources and services can be found at https://www.graph.cool/pricing (or such URL as Graphcool may provide).

4.2 For all purchased resources and services, we will charge your credit card on a monthly basis or at the interval indicated in Graphcool fees and payment policies, if different. Late payments may bear interest at the rate of 1.5% per month (or the highest rate permitted by law, if less). Charges are exclusive of taxes. You are responsible for paying all taxes and government charges, and all reasonable expenses and attorneys fees Graphcool incurs collecting late amounts. To the fullest extent permitted by law, you waive all claims relating to charges unless claimed within 60 days after the charge (this does not affect your credit card issuer rights). Charges are solely based on Graphcool's measurements of your use of the Graphcool Services, unless otherwise agreed to in writing. To the fullest extent permitted by law, refunds (if any) are at the discretion of Graphcool and only in the form of credit for the Graphcool Services. Nothing in these Terms obligates Graphcool to extend credit to any party. You acknowledge and agree that any credit card and related billing and payment information that you provide to Graphcool may be shared by Graphcool with companies who work on Graphcool's behalf, such as payment processors and/or credit agencies, solely for the purposes of checking credit, effecting payment to Graphcool and servicing your account. Graphcool may also provide information in response to valid legal process, such as subpoenas, search warrants and court orders, or to establish or exercise its legal rights or defend against legal claims. Graphcool shall not be liable for any use or disclosure of such information by such third parties. Graphcool reserves the right to discontinue the provision of the Graphcool Services to you for any late payments.

4.3 Graphcool may change its fees and payment policies for the Graphcool Services by notifying you at least fifteen (15) days before the beginning of the billing cycle in which such change will take effect. Changes to the fees or payment policies will be posted on the website (or such other URL Graphcool may provide from time to time). Any outstanding balance becomes immediately due and payable upon termination of the Terms for any reason.

4.4 You may not develop multiple Applications to simulate or act as a single Application or otherwise access the Graphcool Services in a manner intended to avoid incurring fees.

5. Content on the Graphcool Services and Take Down Obligations

5.1 You understand that all information (such as data files, written text, computer software, music, audio files or other sounds, photographs, videos or other images) to which you may have access as part of, or through your use of, the Graphcool Services are the sole responsibility of the person from which such content originated. All such information is referred to below as the "Content." The term Content shall specifically exclude the web application that you create using the Graphcool Services and any source code written by you to be used with the Graphcool Services (collectively, "Applications").

5.2 Graphcool reserves the right (but shall have no obligation) to remove any or all Content from the Graphcool Services. You agree to immediately take down any Content that violates the Acceptable Use Policy, including pursuant to a take down request from Graphcool. In the event that you elect not to comply with a request from Graphcool to take down certain Content, Graphcool reserves the right to directly take down such Content or to disable Applications.

5.3 In the event that you become aware of any violation of the Acceptable Use Policy by an End User of Applications, you shall immediately terminate such end user's account on your Application. Graphcool reserves the right to disable Applications in response to a violation or suspected violation of the Acceptable Use Policy.

5.4 You agree that you are solely responsible for (and that Graphcool has no responsibility to you or to any third party for) the Application or any Content that you create, transmit or display while using the Graphcool Services and for the consequences of your actions (including any loss or damage which Graphcool may suffer) by doing so.

5.5 You agree that Graphcool has no responsibility or liability for the deletion or failure to store any Content and other communications maintained or transmitted through use of the Service. You further acknowledge that you are solely responsible for securing and backing up your Applications and any Content.

6. Proprietary Rights

6.1 You acknowledge and agree that Graphcool (or Graphcool's licensors) own all legal right, title and interest in and to the Graphcool Services, including any intellectual property rights which subsist in the Graphcool Services (whether those rights happen to be registered or not, and wherever in the world those rights may exist).

6.2 Except as provided in Section 8, Graphcool acknowledges and agrees that it obtains no right, title or interest from you (or your licensors) under these Terms in or to any Content or Applications that you create, submit, post, transmit or display on, or through, the Graphcool Services, including any intellectual property rights which subsist in that Content and the Application (whether those rights happen to be registered or not, and wherever in the world those rights may exist). Unless you have agreed otherwise in writing with Graphcool, you agree that you are responsible for protecting and enforcing those rights and that Graphcool has no obligation to do so on your behalf.

7. License from Graphcool and Restrictions

7.1 Graphcool grants you a revocable, personal, worldwide, royalty-free, non-assignable and non-exclusive license to use the software provided to you by Graphcool as part of the Graphcool Services as provided to you by Graphcool. This license is for the sole purpose of enabling you to use and enjoy the benefit of the Graphcool Services as provided by Graphcool, in the manner permitted by the Terms.

7.2 You may not (and you may not permit anyone else to): (a) copy, modify, create a derivative work of, reverse engineer, decompile or otherwise attempt to extract the source code of the Graphcool Services or any part thereof, unless this is expressly permitted or required by law, or unless you have been specifically told that you may do so by Graphcool, in writing (e.g., through an open source software license); (b) attempt to disable or circumvent any security mechanisms used by the Graphcool Services or any applications running on the Graphcool Services; or (c) use the Graphcool Services in any way that may subject the Graphcool Services to any obligations under any open source software license, including, without limitation any license which imposes any obligation or restriction with respect to Graphcool’s patent or other intellectual property rights in the Graphcool Services.

7.3 Open source software licenses for components of the Graphcool Services released under an open source license constitute separate written agreements. To the limited extent that the open source software licenses expressly supersede these Terms, the open source licenses govern your agreement with Graphcool for the use of the components of the Graphcool Services released under an open source license.

8. License from You

8.1 Graphcool claims no ownership or control over any Content or Application. You retain copyright and any other rights you already hold in the Content and/or Application, and you are responsible for protecting those rights, as appropriate. By submitting, posting or displaying the Content on or through the Graphcool Services you give Graphcool a worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute such Content for the sole purpose of enabling Graphcool to provide you with the Graphcool Services. Furthermore, by creating an Application through use of the Graphcool Services, you give Graphcool a worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute such Application for the sole purpose of enabling Graphcool to provide you with the Graphcool Services.

8.2 By adding a collaborator to your Application, you hereby grant to that user a non-exclusive, royalty-free, non-transferable license, with no right to sub-license, to use, display, perform, reproduce, modify, publish, distribute, list information regarding, edit, translate and analyze such Application(s) and Content as permitted by the relevant Graphcool Services functionality or features for the sole purpose of collaborating on development of the Application(s).

8.3 You may choose to or we may invite you to submit comments or ideas about the Graphcool Services, including without limitation about how to improve the Graphcool Services or our products (“Ideas”). By submitting any Idea, you agree that your disclosure is gratuitous, unsolicited and without restriction and will not place Graphcool under any fiduciary or other obligation, and that we are free to use the Idea without any additional compensation to you, and/or to disclose the Idea on a non-confidential basis or otherwise to anyone.

8.4 You agree that Graphcool, in its sole discretion, may use your trade names, trademarks, service marks, logos, domain names and other distinctive brand features in presentations, marketing materials, customer lists, financial reports and Web site listings (including links to your website) for the purpose of advertising or publicizing your use of the Graphcool Services.

9. Modification and Termination of the Graphcool Services

9.1 Graphcool is constantly innovating in order to provide the best possible experience for its users. You acknowledge and agree that the form and nature of the Graphcool Services which Graphcool provides may change from time to time without prior notice to you, subject to the terms in Section 4.3. Changes to the form and nature of the Graphcool Services will be effective with respect to all versions of the Graphcool Services; examples of changes to the form and nature of the Graphcool Services include without limitation changes to fee and payment policies, security patches, added functionality, and other enhancements.

9.2 You may terminate these Terms at any time by canceling your account on the Graphcool Services. You will not receive any refunds if you cancel your account.

9.3 You agree that Graphcool, in its sole discretion and for any or no reason, may terminate your account or any part thereof. You agree that any termination of your access to the Graphcool Services may be without prior notice, and you agree that Graphcool will not be liable to you or any third party for such termination.

9.4 You are solely responsible for exporting your Content and Application(s) from the Graphcool Services prior to termination of your account for any reason, provided that if we terminate your account, we will provide you a reasonable opportunity to retrieve your Content and Application(s).

9.5 Upon any termination of the Graphcool Services or your account these Terms will also terminate, but Sections 6.1, 9, 10, 11, 12, and 16 shall continue to be effective after these Terms are terminated.

10. EXCLUSION OF WARRANTIES

10.1 NOTHING IN THESE TERMS, INCLUDING SECTIONS 10 AND 13, SHALL EXCLUDE OR LIMIT GRAPHCOOL'S WARRANTY OR LIABILITY FOR LOSSES WHICH MAY NOT BE LAWFULLY EXCLUDED OR LIMITED BY APPLICABLE LAW.

10.2 YOU EXPRESSLY UNDERSTAND AND AGREE THAT YOUR USE OF THE GRAPHCOOL SERVICE IS AT YOUR SOLE RISK AND THAT THE GRAPHCOOL'S SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE."

10.3 GRAPHCOOL, ITS SUBSIDIARIES AND AFFILIATES, AND ITS LICENSORS MAKE NO EXPRESS WARRANTIES AND DISCLAIM ALL IMPLIED WARRANTIES REGARDING THE GRAPHCOOL'S SERVICES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, GRAPHCOOL'S, ITS SUBSIDIARIES AND AFFILIATES, AND ITS LICENSORS DO NOT REPRESENT OR WARRANT TO YOU THAT: (A) YOUR USE OF THE GRAPHCOOL'S SERVICES WILL MEET YOUR REQUIREMENTS, (B) YOUR USE OF THE GRAPHCOOL'S SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE OR FREE FROM ERROR, AND (C) USAGE DATA PROVIDED THROUGH THE GRAPHCOOL'S SERVICES WILL BE ACCURATE.

11. LIMITATION OF LIABILITY

11.1 SUBJECT TO SECTION 10.1 ABOVE, YOU EXPRESSLY UNDERSTAND AND AGREE THAT Graphcool, ITS SUBSIDIARIES AND AFFILIATES, AND ITS LICENSORS SHALL NOT BE LIABLE TO YOU FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL CONSEQUENTIAL OR EXEMPLARY DAMAGES WHICH MAY BE INCURRED BY YOU, HOWEVER CAUSED AND UNDER ANY THEORY OF LIABILITY. THIS SHALL INCLUDE, BUT NOT BE LIMITED TO, ANY LOSS OF PROFIT (WHETHER INCURRED DIRECTLY OR INDIRECTLY), ANY LOSS OF GOODWILL OR BUSINESS REPUTATION, ANY LOSS OF DATA SUFFERED, COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR OTHER INTANGIBLE LOSS.

11.2 THE LIMITATIONS ON Graphcool'S LIABILITY TO YOU IN PARAGRAPH 11.1 ABOVE SHALL APPLY WHETHER OR NOT Graphcool HAS BEEN ADVISED OF OR SHOULD HAVE BEEN AWARE OF THE POSSIBILITY OF ANY SUCH LOSSES ARISING.

12. Indemnification

12.1 You agree to hold harmless, defend and indemnify Graphcool, and its subsidiaries, affiliates, officers, agents, employees, advertisers, licensors, suppliers or partners (collectively "Graphcool and Partners") from and against any third party claim arising from or in any way related to (a) your breach of the Terms, (b) your use of the Graphcool Services, (c) your violation of applicable laws, rules or regulations in connection with the Graphcool Services, or (d) your Content or your Application, including any liability or expense arising from all claims, losses, damages (actual and consequential), suits, judgments, litigation costs and attorneys' fees, of every kind and nature. In such a case, Graphcool will provide you with written notice of such claim, suit or action.

13. Copyright Policy

13.1 You agree to set up a process to respond to notices of alleged infringement that comply with the United States' Digital Millennium Copyright Act ("DMCA notices"). It is Graphcool's policy to respond to DMCA notices or other applicable copyright laws and to terminate the accounts of repeat infringers. We reserve the right to take down content in your Application or, if necessary, the Application itself upon receipt of a valid DMCA notice.

14. Other Content

14.1 The Graphcool Services may include hyperlinks to other web sites or content or resources or email content. Graphcool may have no control over any web sites or resources which are provided by companies or persons other than Graphcool.

14.2 You acknowledge and agree that Graphcool is not responsible for the availability of any such external sites or resources, and does not endorse any advertising, products or other materials on or available from such web sites or resources.

14.3 You acknowledge and agree that Graphcool is not liable for any loss or damage which may be incurred by you or your End Users as a result of the content or availability of those external sites or resources, or as a result of any reliance placed by you on the completeness, accuracy or existence of any advertising, products or other materials on, or available from, such web sites or resources.

15. Changes to the Terms

15.1 Graphcool may make changes to the Terms from time to time. If we change the Terms in any substantive way, we will give you at least seven (7) days notice before the changes take effect, during which period of time you may reject the changes by terminating your account.

15.2 You understand and agree that if you use the Graphcool Services after the date on which the Terms have changed, Graphcool will treat your use as acceptance of the updated Terms.

16. General Legal Terms

16.1 Except to the extent you and Graphcool have entered into a separate written agreement that is expressly intended to supersede these Terms either in whole or in part, the Terms constitute the whole legal agreement between you and Graphcool and govern your use of the Graphcool Services (but excluding any services which Graphcool may provide to you under a separate written agreement), and completely replace any prior agreements between you and Graphcool in relation to the Graphcool Services.

16.2 There are no third party beneficiaries to these Terms. The parties are independent contractors, and nothing in these Terms creates an agency, partnership or joint venture.

16.3 If Graphcool provides you with a translation of the English language version of these Terms, the English language version of these Terms will control if there is any conflict.

16.4 You agree that Graphcool may provide you with notices, including those regarding changes to the Terms, by email, regular mail, or postings on the Graphcool Services. By providing Graphcool your email address, you consent to our using the email address to send you any notices required by law in lieu of communication by postal mail.

16.5 You agree that if Graphcool does not exercise or enforce any legal right or remedy which is contained in the Terms (or which Graphcool has the benefit of under any applicable law), this will not be taken to be a formal waiver of Graphcool's rights and that those rights or remedies will still be available to Graphcool.

16.6 Graphcool shall not be liable for failing or delaying performance of its obligations resulting from any condition beyond its reasonable control, including but not limited to, governmental action, acts of terrorism, earthquake, fire, flood or other acts of God, labor conditions, power failures, and Internet disturbances.

16.7 The Terms, and your relationship with Graphcool under the Terms, shall be governed by the laws of the State of California without regard to its conflict of laws provisions. You and Graphcool agree to submit to the exclusive jurisdiction of the courts located within the county of Santa Clara, California to resolve any legal matter arising from the Terms.

16.8 You may not assign any of your rights or obligations under these Terms, whether by operation of law or otherwise, without the prior written consent of Graphcool (not to be unreasonably withheld).

Last Updated: 1/31/2017

Security

We enable our customers to focus on their apps without worrying about infrastructure, scaling, security, and ops. The Graphcool platform protects customers from threats by employing strict security controls at every layer from physical to application level. The Graphcool team can rapidly deploy security updates to keep customer applications protected.

Security Assessments and Compliance

Data Centers

Graphcool’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:

  • ISO 27001
  • SOC 1/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)
  • PCI

We use payment processor Stripe for encrypting and processing credit card payments. Stripe is PCI Level 1 compliant.

Physical Security

Graphcool utilizes ISO 27001 and FISMA certified data centers managed by Amazon. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in nondescript facilities, and critical facilities have extensive setback and military grade perimeter control berms as well as other natural boundary protection. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication no fewer than three times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.

Amazon only provides data center access and information to employees who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical and electronic access to data centers by Amazon employees is logged and audited routinely.

For additional information see: AWS Security.

Environmental Safeguards

Fire Detection and Suppression

Automatic fire detection and suppression equipment has been installed to reduce risk. The fire detection system utilizes smoke detection sensors in all data center environments, mechanical and electrical infrastructure spaces, chiller rooms and generator equipment rooms. These areas are protected by either wet-pipe, double-interlocked pre-action, or gaseous sprinkler systems.

Power

The data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day, and seven days a week. Uninterruptible Power Supply (UPS) units provide back-up power in the event of an electrical failure for critical and essential loads in the facility. Data centers use generators to provide backup power for the entire facility.

Climate and Temperature Control

Climate control is required to maintain a constant operating temperature for servers and other hardware, which prevents overheating and reduces the possibility of service outages. Data centers are conditioned to maintain atmospheric conditions at optimal levels. Monitoring systems and data center personnel ensure temperature and humidity are at the appropriate levels.

Management

Data center staff monitor electrical, mechanical and life support systems and equipment so issues are immediately identified. Preventative maintenance is performed to maintain the continued operability of equipment.

Network Security

Firewalls

Firewalls are utilized to restrict access to systems from external networks and between systems internally. By default all access is denied and only explicitly allowed ports and protocols are allowed based on business need. Each system is assigned to a firewall security group based on the system’s function. Security groups restrict access to only the ports and protocols required for a system’s specific function to mitigate risk.

Host-based firewalls restrict customer applications from establishing localhost connections over the loopback network interface to further isolate customer applications. Host-based firewalls also provide the ability to further limit inbound and outbound connections as needed.

DDoS Mitigation

Our infrastructure provides DDoS mitigation techniques including TCP Syn cookies and connection rate limiting in addition to maintaining multiple backbone connections and internal bandwidth capacity that exceeds the Internet carrier supplied bandwidth. We work closely with our providers to quickly respond to events and enable advanced DDoS mitigation controls when needed.

Spoofing and Sniffing Protections

Managed firewalls prevent IP, MAC, and ARP spoofing on the network and between virtual hosts to ensure spoofing is not possible. Packet sniffing is prevented by infrastructure including the hypervisor which will not deliver traffic to an interface which it is not addressed to. Graphcool utilizes application isolation, operating system restrictions, and encrypted connections to further ensure risk is mitigated at all levels.

Port Scanning

Port scanning is prohibited and every reported instance is investigated by our infrastructure provider. When port scans are detected, they are stopped and access is blocked.

Data Security

Customer data is stored in separate access-controlled databases per application. Customers with multiple applications are assigned separate databases per application to mitigate the risk of unauthorized access between applications.

System Security

System Configuration

System configuration and consistency is maintained through standard, up-to-date images, configuration management software, and by replacing systems with updated deployments. Systems are deployed using up-to-date images that are updated with configuration changes and security updates before deployment. Once deployed, existing systems are decommissioned and replaced with up-to-date systems.

System Authentication

Operating system access is limited to Graphcool staff and requires username and key authentication. Operating systems do not allow password authentication to prevent password brute force attacks, theft, and sharing.

Vulnerability Management

Our vulnerability management process is designed to remediate risks without customer interaction or impact. Graphcool is notified of vulnerabilities through internal and external assessments, system patch monitoring, and third party mailing lists and services. Each vulnerability is reviewed to determine if it is applicable to Graphcool’s environment, ranked based on risk, and assigned to the appropriate team for resolution.

Backups

Application Databases

All of your application data is snapshotted every thirty minutes. Graphcool can restore data from the last snapshot if data loss occurs.

Application Configurations

All of your application configuration is snapshotted every three hours. Graphcool can restore configuration from the last snapshot if data loss occurs.

Disaster Recovery

Application Databases and Configurations

Our platform automatically restores customer applications and databases in the case of an outage.

Graphcool Platform

The Graphcool platform is designed for stability, scaling, and inherently mitigates common issues that lead to outages while maintaining recovery capabilities. Our platform maintains redundancy to prevent single points of failure, is able to replace failed components, and utilizes multiple data centers designed for resiliency. In the case of an outage, the platform is deployed across multiple data centers using current system images and data is restored from backups. Graphcool reviews platform issues to understand the root cause, impact to customers, and improve the platform and processes.

Access to Customer Data

Graphcool staff does not access or interact with customer data or applications as part of normal operations. There may be cases where Graphcool is requested to interact with customer data or applications at the request of the customer for support purposes or where required by law. Graphcool may also inspect customer data to debug and troubleshoot platform issues.

Last Updated: 1/31/2017

Privacy Policy

1. Web Site Covered

This Privacy Statement covers the information practices of https://www.graph.cool and https://www.prisma.io.

2. Information Collected

Graphcool offers a variety of services that are collectively referred to as the “Services.” Graphcool collects information from individuals who visit the Company’s Web site (“Visitors”) and individuals who register to use the Services (“Customers”).

When expressing an interest in obtaining additional information about the Services or registering to use the Services, Graphcool requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, Graphcool requires you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). Graphcool may also ask you to provide additional information, such as company annual revenues, number of employees, or industry, or you may choose to provide information about the end users of your application (“Optional Information”). Required Contact Information, Billing Information, and Optional Information, are referred to collectively as “Data About Graphcool Customers.”

As you navigate the Company’s Web site, Graphcool may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Web site (such as the Web pages viewed and the links clicked).

3. Use of Information Collected

The Company uses Data About Graphcool Customers to perform and support the services. For example, if you fill out a “Contact Me” Web form, the Company will use the information provided to contact you about your interest in the Services.

The Company may also use Data About Graphcool Customers for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding the Company and its partners, such as information about promotions or events.

Graphcool uses credit card information solely to check the financial qualifications of prospective Customers and to collect payment for the Services. Graphcool uses Web Site Navigational Information to operate and improve the Company’s Web site. The Company may also use Web Site Navigational Information alone or in combination with Data About Graphcool Customers to provide personalized information about the Company.

Customers can request that Graphcool not use their data for a specific purpose or request that Graphcool delete all collected data by contacting:

privacy@graph.cool

4. Web Site Navigational Information

Graphcool uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web site (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information that may be collected on the Company’s Web site and how this information may be used.

4.1 Cookies - Graphcool uses cookies to make interactions with the Company’s Web site easy and meaningful. When you visit the Company’s Web site, Graphcool’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you. They merely recognize your Web browser. Unless you choose to identify yourself to Graphcool, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Me” or a “30 Day Free Trial” Web form), you remain anonymous to the Company. Graphcool uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer.

If you have chosen to identify yourself to Graphcool, the Company uses session cookies containing encrypted information to allow the Company to uniquely identify you. Each time you log into the Services, a session cookie containing an encrypted, unique identifier that is tied to your account is placed your browser. These session cookies allow the Company to uniquely identify you when you are logged into the Services and to process your online transactions and requests. Session cookies are required to use the Services.

Graphcool uses persistent cookies that only the Company can read and use to identify browsers that have previously visited the Company’s Web site. When you purchase the Services or provide the Company with personal information, a unique identifier is assigned you. This unique identifier is associated with a persistent cookie that the Company places on your Web browser. The Company is especially careful about the security and confidentiality of the information stored in persistent cookies. For example, the Company does not store account numbers or passwords in persistent cookies. If you disable your Web browser’s ability to accept cookies, you will be able to navigate the Company’s Web site, but you will not be able to successfully use the Services.

Graphcool may use information from session and persistent cookies in combination with Data About Graphcool Customers to provide you with information about the Company and the Services.

4.2 Web Beacons - Graphcool uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web site and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Graphcool may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web site. Graphcool uses Web beacons to operate and improve the Company’s Web site and email communications.

Graphcool may use information from Web beacons in combination with Data About Graphcool Customers to provide you with information about the Company and the Services.

4.3 Flash Cookies - Graphcool may use local shared objects, also known as Flash cookies, to store your preferences or display content based upon what you view on our site to personalize your visit. Third parties, with whom the Company partners to provide certain features on our site or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information.

Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies.

4.4 IP Addresses - When you visit Graphcool’s Web site, the Company collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, Graphcool uses IP addresses to monitor the regions from which Customers and Visitors navigate the Company’s Web site.

4.5 Third Party Cookies - From time-to-time, Graphcool engages third parties to track and analyze usage and volume statistical information from individuals who visit the Company’s Web site. Graphcool may also use other third-party cookies to track the performance of Company advertisements. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after the Company receives it.

Graphcool may also contract with third-party advertising networks that collect IP addresses and other Web Site Navigational Information on the Company’s Web site and emails and on third-party Web sites. Ad networks follow your online activities over time by collecting Web Site Navigational Information through automated means, including through the use of cookies. They use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other Web sites. This process also helps us manage and track the effectiveness of our marketing efforts.

5. Public Forums, Refer a Friend, and Customer Testimonials

Graphcool may provide bulletin boards, blogs, or chat rooms on the Company’s Web site. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Graphcool is not responsible for the personal information you choose to submit in these forums.

Graphcool may post a list of Customers and testimonials on the Company’s Web site that contain information such as Customer names and titles. Graphcool obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.

6. Sharing of Information Collected

Graphcool may share Data About Graphcool Customers with the Company’s service providers, vendors and other partners so that they can support the services you use and contact Customers and Visitors who have provided contact information on our behalf. Graphcool may also share Data About Graphcool Customers with the Company’s service providers, vendors and other partners to ensure the quality of information provided. Unless described in this privacy statement, Graphcool does not share, sell, rent, or trade any information provided with third parties for their promotional purposes.

From time to time, Graphcool may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Graphcool, the Company may share Data About Graphcool Customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). Graphcool does not control our business partners’ use of the Data About Graphcool Customers we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.

Graphcool uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company’s behalf.

Graphcool reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.

Graphcool is responsible for the processing of personal information it receives, and subsequently transfers to a third-party acting as an agent on its behalf in accordance with our subscription agreements. Graphcool may use from time to time third-party service providers, contractors, and sub-processors to assist in providing the Services on our behalf. Graphcool maintains contracts with these third-parties restricting their access, use, and disclosure of personal information.

7. International Transfer of Information Collected

To facilitate Graphcool’s global operations, the Company may transfer and access Data About Graphcool Customers from around the world, including the United States. This Privacy Statement shall apply even if Graphcool transfers Data About Graphcool Customers to other countries.

Graphcool complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information red from the European Union and Switzerland to the United States. Graphcool has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

In compliance with the Privacy Shield Principles, Graphcool commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Graphcool at:

privacy@prisma.io

Graphcool will respond to your inquery within 45 days. Graphcool commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human and non-human resources data transferred from the EU and Switzerland

Graphcool is subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC) and the US Department of Transportation

If, after contacting us, we fail to adequately address your concern please contact the EU data protection authorities (DPAs), acting as our independent recourse mechanism, at https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en. Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

If you are in the EEA or Switzerland and feel we have not dealt with your concerns and that we are failing to meet our legal obligations, you can report this to your local data protection regulator or the Information Commissioner's Office ("ICO") in the United Kingdom. More information on reporting a concern to the ICO can be found at https://ico.org.uk.

8. Communications Preferences

Graphcool offers Customers and Visitors who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may send a request specifying your communications preferences to community@graph.cool. Customers cannot opt out of receiving transactional emails related to their account with Graphcool or the Services.

9. Requestiong, Correcting and Updating Your Information

Customers may update or change their registration information by logging in to their accounts at https://www.graph.cool. Requests to access, change, or delete your information will be handled within 30 days.

Customers may request a copy of their data by contacting Graphcool at:

privacy@prisma.io

10. Security

Graphcool uses appropriate administrative, technical, and physical security measures to protect Data About Graphcool Customers.

11. Changes to this Privacy Statement

Graphcool reserves the right to change this Privacy Statement. Graphcool will provide notification of the material changes to this Privacy Statement through the Company’s Web site at least thirty (30) business days prior to the change taking effect.

Last Updated: 4/21/2018

Support Policy

Graphcool offers tools to help users running applications on the Graphcool Platform. These include Bug Reporting Tools, Billing Inquiries, and Community Channels, and are listed in our Help page for your convenience.

Official Channels

Bug Reports

Graphcool provides a Bug Reporting Tool to assist with bug reports. Graphcool's bug support offering is available only for official SDKs and APIs provided by Graphcool. Graphcool actively monitors and helps users resolve bugs and incidents.

Graphcool supports the following use cases for bug reports:

  • Identifying problems preventing an application from working on Graphcool
  • Providing workarounds or resolutions for known problems

Graphcool does not offer support for the following through the bug report system:

  • General debugging of user applications
  • Rewriting application code for compatibility with Graphcool
  • Modifying and/or patching third party or Open Source software packages for compatibility with Graphcool
  • Installation and configuration of SDKs
  • General questions about SDKs and APIs
  • Answering general how-to questions, and providing pointers to documentation
  • Incorrect documentation
  • Feature requests
  • Troubleshooting

Bug reports will only be processed if:

  • The report is made through the Bug Reporting Tool.
  • The report originates from a registered Graphcool account email address.
  • The reporter has collaborator access to any specific Graphcool applications pertaining to the request.
  • The reported issue can be reproduced by a Graphcool team member with the provided information.

Billing Inquiries

Graphcool provides a Billing Inquiry Tool to assist with the following use cases:

  • Questions regarding your account statements

Graphcool does not offer support for the following through the billing inquiry system:

  • Development questions
  • Bug reports
  • Sales questions

Hours

Graphcool Bug Reporting offers 24×5 coverage, Monday through Friday, excluding US Holidays.

Community Help

Graphcool team members participate in community channels at Graphcool's discretion but we do not guarantee any response or resolution to issues beyond those submitted through the official bug and billing channels. We participate in and encourage peer-to-peer support and discussion in the following communities:

  • Stack Overflow via the #Graphcool tag
  • Twitter via @graphcool

Documentation

Graphcool's documentation is generated from markdown sources available on GitHub. Please refer to the issue tracker when reporting a documentation issue.

Platform Status

The Graphcool Cloud Platform is monitored 24x7 by comprehensive automated systems. In the event of any issue affecting the health and operation of Graphcool's infrastructure, core systems, or tools, our dedicated operations team is notified and will work to immediately diagnose and correct any issues. Our Help page reflects our current platform status and we also maintain Graphcool Status and @GraphcoolStatus Twitter pages.

Last Updated: 1/31/2017

Acceptable Use Policy

Your use of the Service is subject to this Acceptable Use Policy. Graphcool reserves the right to terminate your account and cease all service if you are found to be in violation of this policy. We may change these policies at any time. It is your responsibility to keep up-to-date with and adhere to them. All capitalized terms used herein have the meanings stated in the Terms, unless stated otherwise.

Prohibited Content

The Content displayed and/or processed through your Application or other web site utilizing the Service shall not contain any of the following types of content:

  • Content that infringes a third party's rights (e.g., copyright) according to applicable law;
  • Excessively profane content;
  • Hate-related or violent content;
  • Content advocating racial or ethnic intolerance;
  • Content intended to advocate or advance computer hacking or cracking;
  • Other illegal activity, including without limitation illegal export of controlled substances or illegal software;
  • Drug paraphernalia;
  • Phishing;
  • Malicious content;
  • Other material, products or services that violate or encourage conduct that would violate any criminal laws, any other applicable laws, or any third-party rights.

Prohibited Actions

Customer agrees not to, and not to allow third parties (including End Users) to use the Service:

  • to violate, or encourage the violation of, the legal rights of others (for example, this may include allowing End Users to infringe or misappropriate the intellectual property rights of others in violation of the Digital Millennium Copyright Act);
  • to engage in, promote or encourage illegal activity
  • for any unlawful, invasive, infringing, defamatory or fraudulent purpose (for example, this may include phishing, creating a pyramid scheme or mirroring a website);
  • to intentionally distribute viruses, worms, Trojan horses, corrupted files, hoaxes, or other items of a destructive or deceptive nature;
  • to interfere with the use of the Services, or the equipment used to provide the Service, by customers, authorized resellers, or other authorized users;
  • to disable, interfere with or circumvent any aspect of the Service;
  • to generate, distribute, publish or facilitate unsolicited mass email, promotions, advertisings or other solicitations (“spam”)