Privacy Disclosure

Fathomd, Inc. is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share your gaming data. We ask you to consent to the processing of your game data in accordance with this Privacy Policy.

Information You ProDUCE

We ask your first and last name, e-mail and password when you create an account to log in to our service. We may retain data on your behalf, such as game data analytics.

Information We Collect Through Technology

To make our game site available for you, our servers (which are hosted by a third party service provider) collect information from you, including browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit. We may also use cookies and web beacons (as described below) and navigational data like Uniform Resource Locators (URL) to gather information regarding the date and time of your visit and the solutions and information for which you searched and which you viewed. Like most Internet services, we automatically gather this data and store it in log files each time you visit our platform, or access your account on our network. We may link this automatically-collected data to personally identifiable information. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing a website/platform.

Analytics

We use analytics services to help analyze how gamers use the platform and services. These services use cookies and scripts to collect and store information such as how users interact with our platform, errors users encounter when using our platform.

PLATFORM and Other Sharing Features

  • Platform: We display your user name and profile information to the instructor. Your user name, profile information, and game data can be seen by the instructor/administrator.

  • Statistics: The platform share certain statistics about your use of Digital Game Data with the instructor/administrator.

  • Other Users: You should be aware that when you play games, you generate game data and that information can be read, collected, used, or further disclosed by the instructor/administrator.

How We Use Your Information

We use your game data information to:

  • Create your account and identify you on our game platform;

  • Provide you with, operate, and improve the service and platform;

  • Respond to your requests, questions and provide support;

  • Send you e-mail messages informing you of games and services.

How We Share Information

We do not share your game data or personal information with third parties other than as follows:

  • With our third party service providers who provide support for the internal operations of the service and games and who do not use or disclose any information for any other purpose.

  • If we have a good faith belief that disclosure of your information is necessary to: (i) protect the security or integrity of the platform; (ii) take precautions against our liability; (iii) respond to judicial process; (iv) to the extent permitted under other provisions of law, to provide information to law enforcement agencies or for an investigation on a matter related to public safety; or (v) protect the safety of a user.

Use and Disclosure of Anonymous Information: We may also use and share aggregated or de-identified/anonymous information for any purpose and in any manner. This anonymous data we share may include non-personally identifiable data that we create using your game data by excluding information that makes the data personally identifiable.

Regarding Personal Information

Security of Your Personal Information: While we ask minimal personal information - only your name, surname and email address, we take reasonable steps to help protect any information in an effort to prevent unauthorized access, use, or disclosure. Further details about how we ensure data security are provided in the Data Security section below.

Data Security

Security Practices

Fathomd is committed to ensuring that the application data collected through Fathomd platform is secure and accessible only by authorized individuals. Best practices in security are enforced consistently and evolve to meet the needs of our customers.

Platform Architecture

Fathomd’s platform includes three components: main application, event processor, and data store.

Main Application

The platform’s main application is built on the Meteor framework. It is the only component that interacts with our game users directly. Upon receiving an event from user, the main application either processes the event or dispatches it to the Event processor. The live application instance is hosted and managed through Meteor Galaxy.

Event Processor

The event processor is built on the DropWizard framework with Java programming language. It processes user events dispatched by the Main Application. The event processor is deployed at AWS (Amazon Web Service) EC2 virtual machine.

Data Store

The data store for Fathomd’s platform is a MongoDB cluster hosted and managed through Mongo Atlas.

Security Assessment

Fathomd has not pursued independent certifications. Our current security assessment relies on the strong assessments from our hosting providers.

The Main Application is deployed through Meteor Galaxy that in turn is hosted and managed through AWS EC2. In addition, the Event Processor is also deployed at AWS EC2 virtual machine. Amazon’s data center has been accredited for:

  • ISO 27001

  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II) PCI Level 1

  • FISMA Moderate

  • Sarbanes-Oxley (SOX)

The MangoDB data store is hosted at Mongo Atlas that has been certified for SOC 2 Type 2.

User Data Security

Data transmission between user clients and the platform are protected through SSL encryption. Internally between the Main Application and the Event Processor, network isolation is utilized to protect data transmission over the wire.

User data are persisted only in the main data store that ensures access control through white listing network IPs.

Operational Policy

Access to customer data is routinely evaluated to ensure those rights are retained only when necessary by job function. Customer data privacy and confidentiality are enforced consistently.

Data Retention Policy

Fathomd platform persists two types of data: user account data and game session data. Due to the usage and contents of these two data types, Fathomd maintains separate data retention policy.

User Account Data

User account data contains PII (Personally Identifiable Information) such as email and password. User account data can only be access by its owner. Under no circumstances is user data ever disclosed to a third-party.

After participating in a game session, a user account will remain active up to 6 months before being marked as inactive. Inactive user account will be kept for 1 year before being deleted from data store.

Game Session Data

Game session data includes user inputs and calculated states for game sessions. Instructor of a game session has full access to the game data for that session, while an individual player has access to only a subset of the session data that is relevant to the player.

For the purpose of academic research, Fathomd will not purge a game session data unless the owner instructor removes the session.

Contact Information

We welcome your comments or questions regarding our Privacy and Security Policies.

Please e-mail us at:  info@fathomd.com