When creating an Insomnia account, you will be asked to enter an email address and password. Email addresses are used during sign-in in and for receiving occasional updates initiated by you or your team members. These updates include, but are not limited to, account activation, team invitations, and payment receipts.
Secure Data is data we are not capable of decrypting under any circumstance and is used for the operation of our data synchronisation service. This data is encrypted using cryptographic keys that only you possess. We never receive copies of unencrypted Secure Data.
Service Data is data generated by using the applications, your account, and processing your payments. We retain the minimum amount of Service Data to operate our services.
Service Data is kept confidential. It is visible to our staff and includes, but is not limited to, email address, full name, billing information, server logs, client IP address, and stats on application usage.
Insomnia’s website and (if you opt-in) applications collect information to improve our Services.
We use the information we collect to operate and improve our website, applications, and provide customer support. We do not share personal information with outside parties, except to provide specific services.
Customer Support System
Data needed to provide customer support is collected by Help Scout inc., which conforms to a U.S.-E.U. Privacy Shield Framework. See https://www.helpscout.net/company/legal/privacy/.
Any information you choose to send us through email or our customer support system may pass through and be stored on a variety of intermediate services.
Data needed to process payments is collected by Stripe, Inc., which conforms to a U.S.-E.U. Privacy Shield Framework. See https://stripe.com/privacy-shield-policy
Third-Party Data Processors
Your Secure Data and Service Data are held by third party data processors, who provide us with hosting and other infrastructure services.
Google Analytics: Website and application analytics
Google Cloud: Cloud infrastructure hosting
Mailgun: Transactional email service
Sendwithus: Email template management and sending
Stripe: Credit card payment processing
Baremetrics: Stripe analytics
Help Scout: Email support and documentation hosting
When you create an insomnia account you create a password. For your protection, you should create a strong and unique password to ensure that it is not easily guessed. You should also keep a copy in a safe place because future access to your Secure Data depends on your password.
We will never ask you for your password at any time and you should never send it to us.
You have the right to know what we know about you and to see how that data is handled. You may request a screenshot of what we can see about you in our back office systems. However, to protect customer privacy, such requests must be carefully authenticated beyond demonstrating control of the customer’s email address.
Account owners have the right to instruct us to remove data permanently from our systems. To ensure that no one’s data is deleted without their consent, you must first delete your account through an authenticated session. Once your account is deleted, it cannot be recovered.
Disaster recovery and data availability requirements mean that Insomnia has a legitimate interest in maintaining secure and immutable backups. Erasure requests will leave those backups untouched, and we will only remove data from backups if legally compelled to.
Cookies are files with small amounts of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use: session cookies (we use these cookies to operate our Service) and preference cookies (we use these cookies to remember your preferences and various settings).
By using our Service and providing your information, you authorize us to collect, use, and store your information outside of the European Union.
Those under the age of 16 may not use the services without the consent or authorization of their parent or legal custodian. Team owners are responsible for that authorization when they add someone under the age of 16 to an account.
We will comply with applicable law with respect to providing Service Data and encrypted Secure Data to law enforcement agencies. If permitted, we will notify you of such a request and whether or not we have complied. Your Secure Data remains encrypted with keys which we do not posses, and so we can only hand over Secure Data in encrypted form.
If the confidentiality of customer data is breached, we will publicly disclose the nature of the risk and provide a transparent account of the events without undue delay. At a bare minimum, we will inform the applicable supervisory authorities as required by law and regulation.
Apr 28, 2020
Nov 15, 2019
Update data processors
May 22, 2018