This Privacy Policy has been updated on June 1, 2020. This Privacy Policy describes the information we collect, use, and store via mycallisto.org. If you have created an account with the Callisto Campus service, the Callisto Campus Privacy Policy is applicable to that account.

Callisto was built for survivors, by survivors. We understand that sharing any information related to a sexual assault is difficult and can create risks for survivors. We weave privacy and information security into every design decision of our platform.

In this Privacy Policy, we explain in detail:

  • What information about you we collect and store
  • For what purposes we use your information and general data about our users
  • What limited information Callisto employees have access to
  • What non-identifying information we share with third parties
  • How we protect your information

What Information We Collect and Store

The type of information we collect and store depends on your activity on the Callisto platform. The description below details the information we collect at various stages of use of our platform. For additional information on who has access to your information and how we protect it, you can refer to the Who has access to your information and How we keep your information safe sections below.

You Visit the Callisto Website

When you visit the mycallisto.org website, we collect and store the following information:

  • Your anonymized IP address (Your “IP Address” is automatically assigned to the computer that you are using by your Internet Service Provider. We use only a truncated portion of your IP address)
  • Information from your device and browser (device type, operating system, screen resolution, language, web browser type and user agent, and language setting of your browser)
  • Country you are located in, region, city, approximate latitude and longitude (calculated based on your truncated IP address), and time in your country’s time zone when you visit us
  • The website from which you visited us
  • The parts of Callisto you visit (URL of the specific website pages), features you use and files you download, including whether you have created an account with Callisto and whether you have created an entry
  • The exact time when you visited each of our website pages and duration of your visit for each page

Collectively, the data above is called Visitor Data. We use Google Analytics to help us collect and track this information as well as internal data collection systems. Google Analytics uses a “cookie” to track your activity and send us the information listed above. We collect and store this information even if the "Do Not Track" function of your browser is turned on. This information is stored in a Google Analytics hosted database, as well as in databases managed by Callisto and hosted by third party hosting service providers (see Who has access to your information).

You Contact Us Directly

You may contact our support team to report a problem or concern, or you may contact us via a “contact us” feature on our website. When you do, we collect and store your email address and the content of your message, as well as the content of any response we provide. Because email communications are not always secure, and because we tie your messages to your email address, please do not include sensitive information in your messages to us.

There is no need to email to us, and we strongly discourage you from emailing us any sensitive information about you or anyone else, including details about any sexual assault that you experienced, your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, or information about your health.

You Use the Donation Feature

If you choose to use the donation feature to financially support our mission, you will be asked to provide your first and last name, email address, country, and postal address, as well as your payment information. Callisto will use this information to process your donation, issue a tax receipt to you where applicable, and send you email communications about our mission, activities, resources to survivors and their allies, impact reports, as well as messages regarding our fundraising efforts.

You Apply for a Job at Callisto

If you chose to apply for a job at Callisto, you will share your application information (which may include your name, contact information, citizenship or immigration status, resume, LinkedIn profile, cover letter, names of your references, and other information you submit). We will only use this information to process your job application.

You Sign Up for Callisto Updates

If you use the Sign Up for Callisto Updates feature, we will ask you to provide your name, email, what campus you are affiliated with, your affiliation with that campus, and anything else you want to let us know about your interest in Callisto. We will use this data to add your information to our mailing list and to contact you about new features and product updates. We may also add the email address you submitted to subscribe you to our newsletter to keep you informed on our activities and partnership updates. You can unsubscribe from our newsletter at any time.

Why We Collect and Store Your Information

In this section we explain for what purpose we use information we collect and store about you.

To Provide Our Services to You

We use all user information collected to operate our website and platform and to provide our services to you. We also enable you to provide feedback to us.

To Measure Our Effectiveness and Impact

We analyze usage trends to understand how our users are using our website and platform, and which features or content appear to be more useful and have the most impact. This helps us in our decisions to develop new products, features and services, and to create a better website, platform, and services to further our mission to empower survivors and stop serial offenders from committing further acts of sexual misconduct.

To Make Your Use of Callisto More Safe

We request you provide certain information to help us make Callisto safer for our users, and to prevent fraud and abuse. See the How we keep your information safe section below for more details. We list a few examples below.

  • We restrict access to account creation on Callisto only to users with “.edu” email addresses associated with our college partners. We want to make sure that only trusted people are able to create an account and only survivors of sexual assault are able to create an entry and identify an offender. This reduces the risk of use of the Callisto platform for fraudulent or deceptive means.
  • We analyze the use of our platform infrastructure for security monitoring purposes, for example, to detect and prevent cyber-attacks or attempts to access your information.

To Make Sure Our Site Functions Properly and in Compliance with Legal Requirements

We collect data (for example, the data about your computer device, browser, and general geographic location) to ensure that our website functions properly, is optimized for your computer or device and to store your preferences and settings, and also to facilitate the services’ technical functioning, including troubleshooting and resolving issues.

We also store usage data for audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements.

How Long We Keep Your Information

Callisto is a repeat offender detection system. Creating a Matching entry is not available at this time. However, once it is, it works by enabling survivors to designate their offenders to detect a match between several survivors. These matches happen over time, and it is therefore important that our users’ entries are maintained and stored over time to enable the Matching feature. This is why even after your account is terminated, some of or all your data may still be stored on our platform. We retain your data for as long as we have a legitimate purpose to do so (and in accordance with applicable law), including to continue to detect serial offenders, assist with legal obligations, resolve disputes, and enforce our agreements.

Who Has Access to Your Information

Callisto Employees

Callisto employees only have access to limited information about you as detailed below. Not all employees have access to this information. Only a very limited number of authorized employees have access to user data.

  • Callisto employees can see your non-identifying visitor ID and account ID, linked to all of your activities on Callisto. None of this information identifies you.
  • Any information you provide when you email Callisto’s support team will be visible to staff members of that team.

Our Partners

Callisto partners with organizations such as colleges who wish to offer Callisto as a service to their students. We may share aggregate platform usage information with our partners, but never in any way that would identify or enable the identification of any particular user.

Our Service Providers

Like all other technology and web platforms, we cannot do it all alone. We work with vendors and service providers to help us run our website and platform.

We use Wufoo to create and collect data from our Sign Up for Callisto Updates form. Wufoo is a service by SurveyMonkey. SurveyMonkey collects the responses you enter in the waitlist form on our behalf. To learn more about their privacy policy, visit Wufoo’s Privacy Policy, including the section on “Privacy for Form Respondents” and SurveyMonkey’s Privacy Policy.

Mailchimp is Callisto’s email service provider. Mailchimp sends emails to our donors and subscribers on our behalf. When you interact with an email message that you receive from us, Mailchimp may collect information about your device and whether you opened, read, deleted the email, or took any action promoted by the email. Mailchimp uses cookies and other tracking technologies to collect some of this information. If you have enabled the "Social Profiles" feature in your Mailchimp account, additional information may be shared between Mailchimp and your social media platform (such as Facebook or Twitter). For more information, you can visit Mailchimp’s Privacy Policy.

Our donation page allows you to share on Facebook, LinkedIn, and Twitter information about our fundraising campaigns. These social media features may allow the third-party social media provider to collect data like your IP address and which page of our website you are visiting, and to set a cookie to enable the feature. Your interactions with these features are governed by the respective Facebook, LinkedIn or Twitter privacy policies.

Job application information that you submit to us is shared with Greenhouse, the recruiting service platform used by Callisto. All your application information will be stored on Greenhouse’s hosted platform on our behalf. To learn more about their privacy practices, read Greenhouse's Privacy Policy.

We use Google Analytics to help analyze how visitors use our website. Google Analytics collects the IP address assigned to you when you visit the site. They also place a persistent cookie on your web browser to identify you as a unique user the next time you visit the site, and recognize you when you visit other sites that use Google Analytics. Google continues to collect and store this information even if the "Do Not Track" function of your browser is turned on. Google's ability to use and share information collected by Google Analytics about your visits to our site and other sites is governed by the Google Analytics Terms of Use. To see an overview of privacy at Google and how to opt out of certain Google practices, visit Google’s Privacy Policy. You can prevent your data from being collected by Google Analytics by downloading the Google Analytics opt-out browser add-on here. Opting-out is generally done by the third party dropping a cookie on your browser indicating your intent to opt-out. If you get a new device, install a new browser, erase, or otherwise alter the third party’s browser cookie file, you may clear the opt-out cookie and no longer be subject to its opt-out.

In addition to the vendors listed above, we work with other vendors and service providers to help us run our website and platform.

  • We use cloud-based data hosting providers to host the user data we collect and store.
  • We use vendors to help with our website infrastructure and network protection from third-party attacks.
  • We use customer support software to help us receive and answer your messages asking for help with our products or services.
  • We also utilize internal communications tools, including, but not limited to, Slack, Asana, and G Suite.

How We Keep Your Information Safe

Callisto was built by survivors, for survivors. We understand that reporting sexual assault creates risks for victims, so we care obsessively about the privacy and security of our users.

To stop the spread of sexual violence while still protecting the privacy of both the victim and the accused, we built an advanced cryptographic approach for our product. Though account creation is not an available feature right now, this means that once it is, any information that personally identifies you and any information you provide in your entry (including the identity of the offender) is encrypted. Encryption is the process of converting data to an unrecognizable or "encrypted" form. It is used to protect sensitive information so that only authorized parties can view it. Encrypted information will appear scrambled to anyone who tries to view it. It must be decrypted in order to be recognized.

100% Security Cannot Be Guaranteed

Unfortunately, no internet-enabled data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any of the information you submitted to Callisto has been compromised), please immediately notify us by contacting us at [email protected].

Updates to This Policy and How to Contact Us

Modifications to This Privacy Policy

From time to time, we may update this Privacy Policy. We will notify you through a notification posted on the website, or as required by applicable law. We will also include a summary of the key changes. Unless stated otherwise, modifications will become effective on the day they are posted.

If you continue to use our website, platform, and services after the effective date of any change, then your access and/or use will be deemed an acceptance of our revised Privacy Policy. The revised Privacy Policy supersedes all previous Privacy Policies.

Contact Us

If you have any questions or concerns regarding our Privacy Policy or the way in which we process or protect your information, please contact us at [email protected].