Callisto was built for survivors, by survivors. We understand that sharing any information related to a sexual assault is difficult and can create risks for survivors. We weave privacy and information security into every design decision of our platform.
- What information about you we collect and store
- For what purposes we use your information and general data about our users
- What limited information Callisto employees have access to
- What non-identifying information we share with third parties
- How we protect your information
What Information We Collect and Store
The type of information we collect and store depends on your activity on the Callisto platform. The description below details the information we collect at various stages of use of our platform. For additional information on who has access to your information and how we protect it, you can refer to the Who has access to your information and How we keep your information safe sections below.
You Visit the Callisto Website
When you visit the mycallisto.org website, we collect and store the following information:
- Your anonymized IP address (Your “IP Address” is automatically assigned to the computer that you are using by your Internet Service Provider. We use only a truncated portion of your IP address)
- Information from your device and browser (device type, operating system, screen resolution, language, web browser type and user agent, and language setting of your browser)
- Country you are located in, region, city, approximate latitude and longitude (calculated based on your truncated IP address), and time in your country’s time zone when you visit us
- The website from which you visited us
- The parts of Callisto you visit (URL of the specific website pages), features you use and files you download, including whether you have created an account with Callisto and whether you have created an entry
- The exact time when you visited each of our website pages and duration of your visit for each page
Collectively, the data above is called Visitor Data. We use Google Analytics to help us collect and track this information as well as internal data collection systems. Google Analytics uses a “cookie” to track your activity and send us the information listed above. We collect and store this information even if the "Do Not Track" function of your browser is turned on. This information is stored in a Google Analytics hosted database, as well as in databases managed by Callisto and hosted by third party hosting service providers (see Who has access to your information).
You Contact Us Directly
You may contact our support team to report a problem or concern, or you may contact us via a “contact us” feature on our website. When you do, we collect and store your email address and the content of your message, as well as the content of any response we provide. Because email communications are not always secure, and because we tie your messages to your email address, please do not include sensitive information in your messages to us.
There is no need to email to us, and we strongly discourage you from emailing us any sensitive information about you or anyone else, including details about any sexual assault that you experienced, your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, or information about your health.
You Use the Donation Feature
If you choose to use the donation feature to financially support our mission, you will be asked to provide your first and last name, email address, country, and postal address, as well as your payment information. Callisto will use this information to process your donation, issue a tax receipt to you where applicable, and send you email communications about our mission, activities, resources to survivors and their allies, impact reports, as well as messages regarding our fundraising efforts.
You Apply for a Job at Callisto
If you chose to apply for a job at Callisto, you will share your application information (which may include your name, contact information, citizenship or immigration status, resume, LinkedIn profile, cover letter, names of your references, and other information you submit). We will only use this information to process your job application.
You Sign Up for Callisto Updates
If you use the Sign Up for Callisto Updates feature, we will ask you to provide your name, email, what campus you are affiliated with, your affiliation with that campus, and anything else you want to let us know about your interest in Callisto. We will use this data to add your information to our mailing list and to contact you about new features and product updates. We may also add the email address you submitted to subscribe you to our newsletter to keep you informed on our activities and partnership updates. You can unsubscribe from our newsletter at any time.
Why We Collect and Store Your Information
In this section we explain for what purpose we use information we collect and store about you.
To Provide Our Services to You
We use all user information collected to operate our website and platform and to provide our services to you. We also enable you to provide feedback to us.
To Measure Our Effectiveness and Impact
We analyze usage trends to understand how our users are using our website and platform, and which features or content appear to be more useful and have the most impact. This helps us in our decisions to develop new products, features and services, and to create a better website, platform, and services to further our mission to empower survivors and stop serial offenders from committing further acts of sexual misconduct.
To Make Your Use of Callisto More Safe
We request you provide certain information to help us make Callisto safer for our users, and to prevent fraud and abuse. See the How we keep your information safe section below for more details. We list a few examples below.
- We restrict access to account creation on Callisto only to users with “.edu” email addresses associated with our college partners. We want to make sure that only trusted people are able to create an account and only survivors of sexual assault are able to create an entry and identify an offender. This reduces the risk of use of the Callisto platform for fraudulent or deceptive means.
- We analyze the use of our platform infrastructure for security monitoring purposes, for example, to detect and prevent cyber-attacks or attempts to access your information.
To Make Sure Our Site Functions Properly and in Compliance with Legal Requirements
We collect data (for example, the data about your computer device, browser, and general geographic location) to ensure that our website functions properly, is optimized for your computer or device and to store your preferences and settings, and also to facilitate the services’ technical functioning, including troubleshooting and resolving issues.
We also store usage data for audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements.
How Long We Keep Your Information
Callisto is a repeat offender detection system. Creating a Matching entry is not available at this time. However, once it is, it works by enabling survivors to designate their offenders to detect a match between several survivors. These matches happen over time, and it is therefore important that our users’ entries are maintained and stored over time to enable the Matching feature. This is why even after your account is terminated, some of or all your data may still be stored on our platform. We retain your data for as long as we have a legitimate purpose to do so (and in accordance with applicable law), including to continue to detect serial offenders, assist with legal obligations, resolve disputes, and enforce our agreements.
Who Has Access to Your Information
Callisto employees only have access to limited information about you as detailed below. Not all employees have access to this information. Only a very limited number of authorized employees have access to user data.
- Callisto employees can see your non-identifying visitor ID and account ID, linked to all of your activities on Callisto. None of this information identifies you.
- Any information you provide when you email Callisto’s support team will be visible to staff members of that team.
Callisto partners with organizations such as colleges who wish to offer Callisto as a service to their students. We may share aggregate platform usage information with our partners, but never in any way that would identify or enable the identification of any particular user.
Our Service Providers
Like all other technology and web platforms, we cannot do it all alone. We work with vendors and service providers to help us run our website and platform.
Our donation page allows you to share on Facebook, LinkedIn, and Twitter information about our fundraising campaigns. These social media features may allow the third-party social media provider to collect data like your IP address and which page of our website you are visiting, and to set a cookie to enable the feature. Your interactions with these features are governed by the respective Facebook, LinkedIn or Twitter privacy policies.
In addition to the vendors listed above, we work with other vendors and service providers to help us run our website and platform.
- We use cloud-based data hosting providers to host the user data we collect and store.
- We use vendors to help with our website infrastructure and network protection from third-party attacks.
- We use customer support software to help us receive and answer your messages asking for help with our products or services.
- We also utilize internal communications tools, including, but not limited to, Slack, Asana, and G Suite.
How We Keep Your Information Safe
Callisto was built by survivors, for survivors. We understand that reporting sexual assault creates risks for victims, so we care obsessively about the privacy and security of our users.
To stop the spread of sexual violence while still protecting the privacy of both the victim and the accused, we built an advanced cryptographic approach for our product. Though account creation is not an available feature right now, this means that once it is, any information that personally identifies you and any information you provide in your entry (including the identity of the offender) is encrypted. Encryption is the process of converting data to an unrecognizable or "encrypted" form. It is used to protect sensitive information so that only authorized parties can view it. Encrypted information will appear scrambled to anyone who tries to view it. It must be decrypted in order to be recognized.
100% Security Cannot Be Guaranteed
Unfortunately, no internet-enabled data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any of the information you submitted to Callisto has been compromised), please immediately notify us by contacting us at [email protected].
Updates to This Policy and How to Contact Us