Citationsy Privacy Policy

Last updated: April 3, 2019

We take our users privacy very seriously.
Citationsy runs on dedicated servers only we have access to.
Our servers are hosted in the EU.

The entire site uses SSL encryption, which means no-one can see the data being transfered from you to the site and vice-versa.

We don’t share any of your data with anyone.

Visitors and users are tracked with an internal installation of Matomo,
a libre / open source analytics solution.
It is hosted on our own servers, and no data from it leaves our infrastructure.
This is to let us see how many people visit the page, but all of that data is anonymized and never shared with anyone.
This data lets us see, for example, how many visitors we get to what pages on the website, roughly where those visitors are located, and what website they came from.
It does not let us track a single user, but rather get statistics on all our users.
It has been set to collect as little data as possible, and many of it’s features have been deactivated.

Once you sign up, Citationsy collects the following information from you:

  • Your email address
    Obviously we need to somehow identifiy you, and be able to send you password reset emails for example.
  • Your institution (University, School, Research Lab, etc.)
    We only collect this if you tell it to us, or if you sign up through a partnership with your institution.
  • The date and time when you signed up
  • The date and time when you log in
  • If you try to log in with a wrong password/email address, we save how many times you attempt this.
    We take your account security seriously, and if somebody is trying to break into your account we block them for a set amount of time after five tries.
  • The date and time you last modified your account settings
  • Wether you have activated Night Mode
    Otherwise, how would we know to keep it activated?

In addition to these, we also obviously keep records of what you reference in which project – we need to do this in order to show them to you.
We can access this information in the back-end, and if you ask for support with a specific reference we do so. Our policy prohibits any of our staff members from doing so without a reason, and all access is logged.

Statistics: We use Mamoto to collect some statistics on how people use Citationsy. Mamoto is installed on our own servers that only we have access to, and no-one else can see this data.
When we started out we didn’t have this, but it’s really helpful because it lets us see what features are used the most (or the least) so we know where to concentrate our efforts.
All of the information collected this way non-personally-identifiable, which means we can only ever know roughly the percentage of users who do certain things, but never what you specifically do.

When you delete something on Citationsy it is immediately, completely, absolutely deleted, with no way to get it back.

All passwords are hashed and encrypted, so no-one, not even me, can see your password.

Server Logs: Citationsy‘s server backend keeps logs, as do most servers.
For certain errors the IP address is still logged, for example when someone tries to break into our server or when certain things fail and we need to fix them.

Consent Withdrawl: To withdraw your consent on any of the data being collected by Citationsy on you, simply click here to open an email to our GDPR inbox. Just click send, and we will get in touch with you.

Data Portability: You can always download all your projects right from inside Citationsy in various formats. If you need any help with this, or would like any other data, simply click here to open an email to our GDPR inbox. Just click send, and we will get in touch with you.

Data Deletion: If you would like we can completely delete any data we have on you. Click here to open an email to our GDPR inbox. Just click send, and we will get in touch with you.

If you have any specific privacy concerns or questions, email us.