Privacy

What makes us different

We understand and believe that privacy is a fundamental human right. It's essential to our autonomy and necessary for free and prosperous societies.

This all might sound strange for a social platform. The current major social and search networks have sophisticated global campaigns to "remind" us that being instrumented is the only and right way.

But it's not the way for us, and it's not the way that we would want for anyone else either. So, we decided to create a different way for people, a better way.

At Metamorphic, we've taken care to design a privacy-focused, autonomy enabling, system for connecting and sharing with the people in your life:

    Zero psychometric profiling Zero psychological experiments Zero tracking and spying Zero behaviorial modification Zero data sharing, selling, etc. Zero surveillance capitalism

As you can see, Metamorphic is not your typical social platform. You don't have to worry about being the raw material in an economic pipeline routed toward creating a future where you have no thoughts and actions of your own.

On Metamorphic, we don't make money by colonizing your experiences and using them to build an infrastructure to control you outside of your awareness (instrument you). We make money through the subscription to our service.

Additionally, the revenue from member subscriptions is used to support our community programs, climate initiatives, and official nonprofit partners.

A policy for you

This isn't your typical legalese. We really want the services we provide and products we deliver to be easily understood. This way you can quickly make a decision as to what is best for you.

We have even included three recommendations below to easily improve your privacy online, with our official privacy policy at the end.

Undraw privacy protection image

Privacy policy September 30, 2021

Updates to the following:

  • (9/8) Clarify the features in the "What is your data?" section.
  • (9/8) Update "Your data is encrypted." section with more details on our in-app encryption.
  • (9/8) Update "You are not tracked." section to provide blog link explaining our cookie use, and to remove mention of a homemade analytics solution (we are not doing any tracking).
  • (9/17) Clarify the Stripe metadata section and how it may be used to gleam metadata about your Metamorphic account.
  • Note that customer and subscription Stripe IDs are symmetrically encrypted and deterministically hashed at rest on our end

We do not log or share personal information. That is our privacy policy in a nutshell. The rest of this policy tries to explain what information we may have, why we have it, how we protect it, and why you should care.

Privacy is essential to a free life. Renowned author and CEW Professor Emerita at Harvard Business School, Shoshana Zuboff, dedicated 12 years to unmasking and naming the "emergence of a fundamentally anti-democratic economic logic" that she calls surveillance capitalism. Thanks to her we now have a framework around which to guide our efforts at preserving a more human future.

The recent book from Cambridge Analytica whistleblower Christopher Wylie, reveals how the systems of surveillance capitalism are being weaponized against an unsuspecting public. It is a disturbing and insidious reality, where individuals and entire societies are living laboratory experiments, and the results of those experiments are the denigration of our ability to act, think, and believe for ourselves.

Metamorphic is an alternative destination for social connection online, free of surveillance capitalism and psychometric profiling:

  • You own 100% of your data
  • Your data is encrypted
  • You are not a guinea pig
  • Your data is not shared
  • You are not tracked

Metamorphic is designed so that you can connect and share with the people in your life, on your terms. At Metamorphic, being human doesn't come at the expense of your humanity.

When you create an account at Metamorphic, you can rest assured that what you see is what you get. We take this responsibility seriously.

What is your data? Updated

Your data on Metamorphic is information specific to your account.

This information includes sign up or registration information: name, pseudonym, email, and password (irreversibly hashed).

This information may also include data from: Letters, Memories, People, and Portals.

When we add new features to Metamorphic, then your list of data may expand to include any new features you use.

It is important to know that you may delete any or all of your data at any time from within your account.

You own 100% of your data. data harvesting

This means that you are in full control of your account information on Metamorphic and can even delete your account, and all of its information, at any time from within your account settings.

There are only a few times when you are not in control of your account information: (a) if you are in violation of our terms of use, (b) if our company were to go out of business and all accounts were thus deleted, or (c) in compliance with a court-ordered legal request.

In the case of (a), depending on the severity of the violation, we will contact you before taking an action against your account (such as deleting it and all of its information). In the case of (b), we will do our best to provide reasonable notice of our impending shutdown so that you can prepare for it. And in the case of (c), we don't have access to any meaningful data due to the in-app asymmetric encryption. It would look something like this: "pJL3R8c2uGKLqJ1NUOTjL7u0er..." And even then, we will do our best to defend that meaningless information to the fullest extent of the law.

In all cases: we will never share, sell, or otherwise transfer your data, and/or personal information, to third parties (except for the metadata required by Stripe to handle your account payments and a court-ordered legal request that we cannot successfully defend against).

Your data is encrypted. backdoors Updated

We use encryption algorithms that are recommended by leading security and cryptography experts like Matthew Green, Niels Ferguson, and Bruce Schneier.

Your data is asymmetrically encrypted in-app by your password-derived key. This means that only you can ever decrypt your data (for sharing or for yourself). We then wrap that encryption in a second layer of symmetric encryption before sending it to the database for storage, and those encryption keys are stored separately and rotated periodically. In the event of a data breach, your data would still be protected by very strong encryption.

Your account password, and any password used for securing your content, is protected with an industry leading hashing algorithm that makes it virtually impossible to ever know your password. You may see this concept being referred to as an "irreversible password hash".

You can read more about the encryption we use and how we protect your account by visiting our security policy.

You are not a guinea pig. lab experiments

We do not participate in the surveilling and profiling of our customers (or anyone). We do not create psychometric profiles on you (or anyone). We do not conduct "invisible" (just outside of your awareness) experiments on you (or anyone).

When you are on Metamorphic, you are free of the living laboratory experiment that is being conducted on you, and everyone else, on other platforms without your awareness.

Your data is not shared. behavior modification

We do not share, sell, or otherwise transfer your data to anyone outside of our company ever. Your data is used only in the service of your account (support & troubleshooting), to address a terms of use violation, or to comply with a court-ordered legal request.

Your are not tracked. surveillance capitalism Updated

We do not use cookies or fingerprinting to track or identify you. You can read our blog about our use of clean cookies.

Metadata Updated

To the best of our knowledge, the extent of the possible information that could leak about your account (metadata) is all related to paying for your account. And in this regard, the information provided is your email address, name, card information, and device IP address.

This information is handled and stored by Stripe, an industry leader in payments and security. The only information kept in our database is related to the Stripe payment plans we offer, Stripe products, a Stripe ID for the customer and subscription to synchronize with Stripe (symmetrically encrypted at rest and deterministically hashed for lookups on our end), and subscription information (like dates and status). This metadata does not provide access to your Metamorphic account nor its content, though it may be used to leak metadata about your account.

Why Stripe?

We have chosen Stripe as our current payment provider due to their world-class security, great business practices, and strong data policies.

Stripe maintains industry leading security of your payment information, we do not process or store your payment information. And this goes without saying: we do not share, rent, sell, or otherwise transfer your payment information to anyone ever. It is only and always handled by Stripe.

Ways to minimize metadata

It's important to understand what information might be able to be gleamed about your Metamorphic account through this Stripe metadata:

  1. It may be possible, with legal court orders, to sift through our database records, in conjunction with Stripe's, and determine who you are and who you are connected to on Metamorphic. This may be able to be done by linking the Stripe IDs with the customer on Stripe's end with the Stripe IDs on our end, and then linking the account IDs in corresponding relationships (or similarly using the subscription dates). When combined with the payment information that Stripe may have about you, and/or your credit card company, this method could be used to identify who you are, who you are connected to, and who you are communicating with on Metamorphic.

    This can be minimized by using an anonymous email address for your Metamorphic account, although you will still have to enter a payment card which could be used to identify you.

  2. When you pay to use Metamorphic, you must input a payment card to be processed via Stripe. Upon doing so, Stripe will receive the email associated with your Metamorphic account (decrypted by your current session). They will also receive the name you input when you enter your payment, card details, and device IP address.

    This information is used by Stripe for risk assessment and fraud prevention.

    To further mitigate identification from your device IP address that is sent to Stripe, you can use the Tor browser or a trusted VPN (or both).

    We cannot offer any guidance on protecting your privacy from the transaction of your payment card, and for this reason alone, if you are a high-risk person without the relevant expertise, then we recommend you not use our service at this time.

While it is very difficult to minimize metadata, the metadata that can be gleamed from your Stripe payment (with the proper court orders) does not change the fact that only you can access the contents of your account.

Again, it is important to remember that none of this metadata can give someone access to your account or provide them with the actual information in your account (like the images of your Memories, messages of your Letters, and so forth).

Similar to a service like Signal, a legal government court order could enable a government entity to determine (1) who you are, (2) who you are connected to, and (3) who you may be in communication with — but it cannot reveal the contents of your communication, nor can your life be harvested for the benefit of surveillance capitalists.

Other

Check out ClickClickClick to see what creepy things can happen to you on other websites.

Are you a business or startup that needs analytics? Fathom Analytics is a trusted privacy-focused solution for businesses of all sizes.

This policy is heavily influenced by Gabriel Weinberg's for DuckDuckGo — thank you.

Updates

If this policy is substantively updated, we will update the text of this page and provide notice to you by writing '(Updated)' in rose next to the link to this page (in the footer) for a period of at least 30 days.

We will also mention the update to our terms, and potentially discuss in more detail, on the latest epside of our podcast to air after the update.

Feedback

I (Mark Thayer) am the co-founder of Core Theory, creator of Metamorphic, and personally wrote this privacy policy. If you have any questions or concerns, please send feedback.