We care about your security, privacy, and safety. To that end, here's a quick peek behind the scenes at how we operate and how we protect your sensitive data.
ZeroSpaces.com is encrypted end-to-end with a SHA-256 RSA Encryption SSL certificate, signed by Comodo RSA Certification Authority. Our certificate authority, and our certificate, is current, valid, and accepted everywhere.
In addition, all 3rd-party communication (our cloud service for delivering your digital content purchases, for example) is done exclusively through SSL-encrypted channels.
While we offer the "remember me" option when logging in, it's checked on by default for your convenience. We realize you might forget to uncheck that when logging in from a temporary or public device, and/or you might forget to logout of another device of yours.
If you ever want every device that's logged into our site on your behalf to immediately logout, you can check your My Account page and force logout of every device (including the one you're currently using).
You can then login again just on your current device, or walk away with the ease of mind that any device you were previously logged-in from has been logged out.
The only information we ask for is a valid email address for correspondence, giving you a unique login, and (optionally) sending you updates. You can opt-out of receiving unnecessary email correspondence by logging in and changing your preferences.
We ask for your "first name" to be friendly, but at no point do we require - or even care about - your real first name. You can be JoeBobMcChickenHead for all we care. Just don't be offended when our support team responds to an inquiry from you by saying "thanks for reaching out, JoeBobMcChickenHead".
All of our billing and credit card processing is done via our 3rd-party billing partner CCBill. We have no ability to see, or access, any of your financial data (address, credit card number, legal name, etc). Frankly, we have no desire to access any of that information anyway.
Nowhere in our database, our or back-end code, is your password stored in any human-readable form. It is encrypted using the bcrypt hashing function before ever being written to our database. Furthermore, your unique user id is never exposed outside of our database (including to you) and a small, select team of support representatives and administrators.
If you want to change your password at any time, you'll be asked to provide your current password, and your account email will receive a verification code. You'll need to enter both the verification code and your old password to finalize the password change. Without those two critical pieces of info, your password will remain intact at all times.
If you want to change your email address, we'll email the new email account a verification code and email your old email a link to cancel the change. In either case, your account password needs to be provided to enact (or cancel) the change.
Essentially : if someone tries to hack your account, they'd have to have access to both your password and the inbox of your verified email address.
In addition to all of the above, we deeply value and respect your privacy.
The short version is this :
(this document was last updated on Mar 18, 2018)