28 May 2015 - Münster (by Dominik)

We encrypt everything to keep your data safe

Making sure that your contacts, calendars and tasks are secure is our top priority, so we wanted to give you a brief overview of what we do to keep your data safe.

We are a german company and based in Münster. Germany is renowned for having one of the strictest data protection laws in the world. We believe in these laws and stick to them.

Our infrastructure -and so your data- is exclusively on servers in data centers within Germany and always encrypted, both in transit and at rest.

Privacy and Transparency

Our Privacy Policy is quickly summarized. In a nutshell: You own your data and we will never give a third-party access to your data without your prior consent.

We have never received any request for user data and we'd expect to challenge such an order (in Germany such an order would have to be an official court order) if it were served on us in the future.

Encryption of data in transit

All communications between you, your devices and our systems are transferred using the HTTPS protocol and encrypted at all times.

We exclusively use modern TLS protocols and constantly update our configuration to ensure strong ciphers. Perfect Forward Secrecy (PFS) prevents attackers from mass-decrypting logged connections. Even if a single message is compromised it cannot lead to the compromise of others. With HTTP Strict Transport Security (HSTS) we also protect you from downgrade attacks.

These measures help us maintaining the best possible grade of A+ at the time of writing for the Qualys SSL Labs test for fruux.

Encryption at rest

Your data is not only encrypted when it is in transit, but also at rest. Whenever we store data for you, it's protected by our AES-256 encrypted storage.

Latest security practices

Besides just using modern encryption, we also implement the latest security practices into fruux, such as Content Security Policy (CSP). With CSP we're preventing so called cross-site scripting (XSS) and related attacks.

Keeping your data safe is a job that's never done

Hopefully this gave you a good overview of how we're keeping you safe. It goes without saying that this is a job that's never done. Security is not something we simply "add" to our product, it's a constant process we're working on all the time. Don't hesitate to get in touch if you have any questions. We're looking forward to hearing from you.

About Dominik

Dominik started fruux back in 2007. He's a lawyer that writes code and has Amazon subscriptions for stuff that normal people buy in the supermarket. Follow him on Twitter or contact him via e-mail.

fruux is a free service that looks after your contacts, calendars and tasks so you don't have to. It makes sure that they are always in sync, no matter which device or operating system you're using. If you've not tried it yet, then why not check us out and let us know what you think! And if you're already using fruux, then we'd love to hear your thoughts and comments. You can also suggest a feature for any upcoming releases or tweet us: @fruux.