Your Privacy and Security
The Right to Privacy
Slixa’s overall philosophy from the beginning has been that the right to privacy is as universal and inalienable as your right to freedom, dignity, and equality.
We use this philosophy when making policy decisions that result in a broad range of privacy benefits to you. However much of this happens behind the scenes and you might not be aware of the lengths we go to in order to keep your data safe.
This page will outline some of the results, including policy and technical decisions. Since privacy and security - and our response to them - are constantly evolving issues, we will keep this page updated as things change.
“The right to personal privacy is precious. Without it, we are all potential victims for a prying secret police.”
– Lewis B. Smedes
How Slixa Handles Your Privacy
We prefer to not hold identifying information on our customers. To this end, Slixa does not require your real name, address, phone number, or any other personally identifiable information to join. You decide what you want to be called, where and how you want to be contacted, and what you want to reveal about yourself.
Because we sometimes have to deal with other companies (payment gateways, for example) we may find it necessary to gather more information. Our policy is always to collect the bare minimum required in order to do business, and whenever possible, we’ll work to offer you alternate options.
Payment
Credit card information is never stored on our servers, and is collected and processed directly by our payment gateway. We keep only the last 4 digits of your card, encrypted, so we can assist you with payment issues if needed. If you’re not comfortable giving us your credit card information, we offer alternative forms of payment. We routinely investigate payment methods that offer both convenience and privacy, and expect to be adding additional methods in the future.
Image Safety
Images you take with your cell phone or personal camera often contain identifying information, from the serial number of the camera, to your name, to the exact location of where the photo was taken. Slixa automatically strips this information from every image you upload before we save it to disk, ensuring you never accidentally reveal more about yourself than you intended to.
Photo Verification
Slixa’s Photo Verification verifies your appearance, not your identify. Site visitors want to ensure that the photos they’re viewing are accurate representations of you, they do not want (and should not have) access to your real world identity. We see no reason that a “Verified” badge requires a driver’s license, so we don’t ask for it.
Age Verification
The only time we require identification is if you claim (or appear to be) under 25 years of age. In these cases, to protect ourselves and the other advertisers using Slixa, we will require that you submit proof of your age; usually a photo of your driver’s license.
Because this data is so sensitive, we take extraordinary measures to protect it, including encryption and off-site storage where it’s not accessible by our servers. In the unlikely event that our servers were hacked, your identification would not be available to the attackers. We strictly control access to your identification by select Slixa employees, and all accesses are logged and monitored.
How Slixa Keeps Your Data Secure
Even though our policy is to know as little about our customers as possible, from the beginning Slixa has taken extra steps to ensure that the data you do choose to share with us is kept safe.
Our sites have been encrypted since day one with strong SSL/TLS encryption (the “s” in “https”), meaning the data flowing between your computer and our servers is unreadable by anyone except you and us.
For companies dedicated to keeping their customer data private, hosting in the USA is no longer an option. Our servers are hosted by a Swiss company in a secure data facility located in Switzerland, under Swiss jurisdiction.
We take the security of our servers seriously. Data is hosted from an internal network with multiple layers of firewalls, strong security software, monitoring and attack prevention, and the strongest access controls available. Our servers are managed and kept patched against the latest security issues by our own in-house team, and no one outside Slixa has access.
Information we collect from you that is not already public on your profile page (the email address and phone number you use to sign up with, for example) is encrypted before being stored, and all passwords are hashed with a proper password hashing mechanism. In the unlikely event that an attacker gained access to our systems, they would only be able to access the information that’s already hosted on our public site, and your passwords would be unreadable.
We enforce strong password requirements when you sign up, and disallow common and easy to guess passwords that attackers try first. When attempting to log in, your account is automatically locked after multiple failed login attempts. This helps keep everyone from internet attackers to ex-partners from gaining unauthorized access to your account.
Credit card information is never stored on our servers, and is passed directly to our payment gateway for approval. We keep only the last 4 digits of your card, encrypted, so we can assist you with payment issues if needed.
Our admin and customer service site is located on an internal network, protected by a strong VPN using public key authentication. Access to this network can only be obtained from secured, Slixa approved devices, and only by authorized users. All actions by customer service personnel are logged and regularly reviewed to ensure no unauthorized accesses are taking place.
Content delivery networks (CDNs) like CloudFlare speed up page loads by caching and quickly routing public images, JavaScript, and CSS files that are delivered to site visitors - they do not store or cache user specific data. Like most CDNs, Slixa’s CDN partners do not have access to confidential information and are not located on the same network, or even in the same country, as Slixa’s servers.
We believe we’ve always offered the strongest security measures in the industry, and we’re continually working to maintain and improve the protection of your data.
How You Can Protect Yourself
Above are some of the things Slixa does to help safeguard your privacy and security. You can do even more with very little effort.
We provide the following tips and links for improving personal information security as a community service, because we believe privacy is critically important. However we cannot provide support or assistance with implementing or using the suggestions in this section. There are plenty of online guides to help, and a privacy conscious search engine (like DuckDuckGo) is your friend when looking for more information.
Use a Passcode on Your Phone
Set a passcode on your iPhone/iOS or Android device to protect your photos, emails, texts, and phone calls. For extra security choose a longer passcode, and for convenience you might want to use the biometric unlock feature (fingerprint reader or face identification) if your phone has one. If you’re using Android turn on device encryption (iOS automatically enables this).
Cost: Free
Difficulty: Easy - 2 minutes
Effect on security: High
Create Another User On Your Computer
Create another user on your computer (Windows or OSX) for your business activities to keep your online personal life (and Facebook, Twitter, Email, etc) separate from your work life.
Not only does this keep nosy house mates from accidentally stumbling on your work data when you leave your laptop on, but it decreases the chances of you accidentally posting to your personal Twitter account when you meant to post to your work account (each account can be logged into a different Twitter account).
Cost: Free, built into all modern computers
Difficulty: Easy, but requires some discipline to remember to switch between accounts and keep tasks separate
Effect on security: Medium - helps protect you from accidental discovery, but won’t protect your data from someone who has access to your laptop and is looking for your hidden data (see full disk encryption, below)
Protect Your Phone Calls
Protect your phone calls with apps like Signal (iOS and Android). As an added bonus, all calls are free and no long distance charges!
Avoid discussing anything private on Skype and over regular phone calls.
Cost: Free
Difficulty: Easy, however you’ll need to convince the people you want to contact that they should also use one of the above apps (tell them about the free calling)
Effect on security: High
Use Messaging Apps That Protect You
Use texting apps that protect your privacy. Signal (iOS and Android) is considered to be among the most secure and easy to use. iMessage is believed to be secure and is built into every iOS device (although it will also send unprotected SMS messages).
Avoid private conversations while using messaging apps that do not offer verified end to end encryption, like WhatsApp, Telegram, Facebook Messenger, Line, Twitter, and standard text messaging on your cell phone.
Cost: Free
Difficulty: Easy, however you’ll need to convince the people you want to contact that they should also use one of the above apps
Effect on security: High
Block Online Tracking
Use privacy protecting browser plugins, like Privacy Badger and HTTPS Everywhere, to keep your data as safe as possible and prevent companies from tracking your information from site to site.
Avoid installing plugins from people you don’t trust, and when installing software on your computer beware of free software that installs “extra” software or changes your homepage.
Cost: Free
Difficulty: Easy - 2 minutes
Effect on security: Medium - increases in combination with an anonymous VPN or TOR (below)
Use a Password Manager
Use a password manager like LastPass or 1Password to generate and store strong passwords for all your online accounts, and use a strong master password (remembering one strong password is easier than remembering many weak ones).
Cost: Free (LastPass Personal) to $50 (1Password)
Difficulty: Easy to start, increases security the more you use it
Effect on security: High as long as you use a good master password
Use TOR or an Anonymous VPN When Online
Use Tor Browser or an anonymous VPN that respects your privacy when accessing the internet, especially when going online as your business persona. Tor Browser offers excellent anonymity (at the cost of browsing speed and some functionality). VPNs will offer faster speeds for a fee, with the requirement that you trust the VPN provider.
Avoid free proxy or VPN services - running these services cost money, and the owners will be required to make money elsewhere (often by selling your data or installing malware) in order to offset those costs.
Cost: Free (Tor Browser) to cheap (VPN services)
Difficulty: Easy (Tor Browser) to Medium (VPN services)
Effect on security: Depends on your behavior - you’re still posting online, and if you post personal information others can still see it, but sites you visit will have a harder time automatically determining your location and identity
These are just some of the easiest and most effective things you can do, but there are plenty more. The Electronic Frontier Foundation has an excellent and impartial Surveillance Self Defense guide available that’s a little technical in parts, but offers excellent information regarding online privacy and security.
Questions?
We would be happy to answer any questions you have about Slixa, please email us at help@slixa.com, or see our contact page for more information.
Note we can only help you with Slixa, and cannot provide help or support for the third party software and services mentioned above.