Privacy Policy

At Logic and Rhythm, LLC (dba “Current”), we prioritize the protection of your privacy. Please review this Privacy Policy to understand how we handle your personal data. By utilizing or entering our Services in any capacity, you acknowledge your acceptance of the practices and policies detailed below. Furthermore, you hereby provide consent for us to collect, use, and share your information as outlined in this Privacy Policy.


Topics

  • What data do we collect

  • How do we collect your data

  • How will we use your data

  • How do we store your data

  • How do we share your data

  • How do we protect your data

  • Data ownership

  • Data retention

  • Data transfers

  • Your data protection rights

  • Cookies

  • Integrations

  • Marketing

  • Security

  • Privacy policies of other websites and services

  • Age restrictions

  • Changes to our privacy policy

  • How to contact us



What data we collect

Logic and Rhythm, LLC (the company behind Current) collects the following data. The collection of data is limited to information necessary to use and maintain the stability of our service.


Workspace Data

  • Workspace name

  • workspace logo

  • workspace url (ex: app.current.so/[your-custom-workspace-url]


This data is shared with:

  • Service Providers (AWS for storing and retrieving data)

  • Integrations You Authorize, Access or Authenticate


Account Data

  • Full name

  • Email address

  • Company name and logo


This data is shared with:

  • Service Providers (AWS for storing and retrieving data)

  • Integrations You Authorize, Access or Authenticate


Posts Data

  • Images

  • Videos

  • Titles

  • Descriptions

  • Streams

  • Links to work documents from tools we support (ex: Figma, Loom, GSuite, Rive, Spline, etc.)

  • Company Slack organization and channel(s) details

  • Comments


This data is shared with:

  • Service Providers (AWS for storing and retrieving data)

  • Integrations You Authorize, Access or Authenticate


Usage Data

  • IP Address

  • Device / Browser / Operating System

  • Actions taken in application from clicking on buttons


This data is shared with:

  • Service Providers (Sentry for error logging, Mixpanel usage tracking)


Payment Data

Note: We do not actually collect any of your payment information on Current, this is all handled by our payment processing provider. However, when a payment is made, we do store the following data on our servers

  • Subscription start date

  • Subscription cancelled date

  • Plan selection

  • Billing cycle preference (yearly / monthly)

  • Subscription Identification Number


This data is shared with:

  • Service Providers (AWS for storing and retrieving data)


Other data you voluntarily share with us

  • Any information you share with us via any of our support channels

  • This data may be shared with:

    • Business partners

    • Internal teams (ex: Support requests)



How we collect your data

There are a number of events where we could collect your data:

  • When you create an account on Current

  • When you set up a workspace

  • When you create posts

  • When you comment on posts

  • When you create Drops

  • When you add post templates

  • When you connect integrations (Slack, Github, G-Suite, etc.)

  • When you set up SAML SSO

  • When you pay for our service

  • When you contact us via any marketing or support channels



How we use your data

Logic and Rhythm, LLC collects your data so that we can:

  • Create an account for you and your team

  • Email you about activity that happens on Current

  • Email you about new features you may be happy to learn about on Current

  • Generate weekly summaries of the posts created in your workspace

Any new purposes for use will be reflected in an updated Privacy Policy and published on this web page.



How we store your data

Logic and Rhythm, LLC securely stores your data at in AWS Data Centers and encrypts it at rest using 256-bit AES encryption. You can learn more about AWS’s state of the art Data Centers here.

All database-stored customer data is backed up daily using AWS RDS offered tooling which also provides restoring capabilities. Backups and restore capabilities are tested on an annual cadence.



How We Share Your Data

Within your workspace

When you create content on Current other people in your workspace will be able to see your name, profile picture, and email address. If you or someone in your workspace creates public links for “posts”, “streams”, or “drops”, anyone with access to the link may be able to see your name, and profile picture. Members on your team will also receive notifications when you create posts on Current.


Change in Business Structure

In the event of a change in Current’s business structure, such as a merger, acquisition, public offering, asset sale, insolvency, or bankruptcy, we may be required to disclose your information to parties involved in the transaction, while adhering to confidentiality obligations.


Legal Obligations

Your information may be released if we determine it is essential to comply with legal requirements, regulations, or government requests.


Third parties

We only share data with trusted third-party systems in order to power Current. Any third-party goes under strict privacy and security review before being incorporated into our system.


Regarding GDPR compliance, the third-party services listed below act as data sub-processors for us. These sub-processors handle personal data on behalf of Current customers based on instructions and contractual terms.


Amazon Web Services (AWS)

Location: United States

AWS is a cloud infrastructure provider. Current uses AWS to power all aspects of Current from storing data, delivering content via CDN, send emails, convert media, generate thumbnails, and generate transcripts. AWS provides us with reliable and scaleable cloud infrastructure.


Mixpanel

Location: United States

Mixpanel is a product analytics tool. Current uses Mixpane to track usage of our product to better understand how people are using Current’s features. We do not send any personal identifiable information to Mixpanel in our tracking.


Open AI / ChatGPT

Location: United States

OpenAI is power artificial intelligence platform. Current uses ChatGPT from Open AI to generate titles and descriptions for posts and create weekly summaries of your team’s activity on Current. To generate post titles and descriptions, we send a text based prompt with a video transcript for any videos made using the Current Screen Recorder app. To create the summaries, we send a text based prompt including the post titles, descriptions, streams, and user names to ChatGPT. Note, that we do not send any files, links, or data living outside of Current (from other integrations) to ChatGPT. Only data created within Current is used.

Please note that according to OpenAI’s policy, they do not use any data sent via their APIs to train their models. Additionally, they only retain the transcripts that we send them for a maximum of 30 days.


Sentry

Location: United States

Sentry is error monitoring tool. Current uses Sentry to keep track of crashes in our application and improve the stability of our product. We do not send any personal identifiable information to Sentry in our tracking.


Stripe

Location: United States

Stripe is a payment processor. While we do not actually collect any of your payment information on Current, we do receive information from Stripe regarding your plan and subscription.


Twilio / Sendgrid

Location: United States

Sendgrid is an email delivery and marketing service. Current uses Sendgrid to communicate with users about a variety of topics including (but not limited to) send emails about important company or product updates, announcing new features, and announcing events.

You must opt-in to receiving emails creating an account on Current. When you do this, we share the following data with Sendgrid:

  • your full name (as inputed on Current)

  • your email address

You can unsubscribe from receiving emails at any time. If you’ve unsubscribed from our emails, and you would like to be completely deleted from our Sendgrid account, please email us at: privacy[at]current.so.



How We Protect Your Data

Current is committed to keeping your data protected from unauthorized access and ensuring there is no unintended losses. We use industry-standard security practices such as least-privilege access control, data encryption (at rest and during transit), cloud tracing, and peer-reviews for decisions on collection, usage, storage, and deletion of data. We’ve obtained certifications for SOC-2 type 2 and Cloud Application Security Assessment. Additionally, we have regular audits and penetration tests performed to ensure we continued compliance. To learn more visit our Security page: https://current.so/security



Data Ownership

Logic and Rhytm, LLC (dba Current) does not own any data around posts, videos, text, images, etc. created whilst using Current. All data on Current is owned by the workspace “Owner”. Ownership of a workspace can be transferred if initiated by the owner. For more information about intellectual property ownership, please see the Intellectual Property section of our Terms of Service: https://current.so/terms



Data Retention

Your data on Current will be retained as long as you are an active or deactivated member of a workspace. Only Workspace Administrators and Workspace Owners can permanently delete your account from their workspace along with all of your data.


What happens when you deactivate your user account

When you deactivate your personal account, you’ll become “deactivated” in all workspaces you’re in. As long as the workspace is still active, your data may still appear in the workspace (for example for posts you’ve created) however there will be an indication that your account is no longer active. Your data can be completely deleted from a workspace if one of the Workspace Administrators removes you from the workspace or the workspace is deleted. If you’d like your data to be deleted from a workspace but the Workspace Administrators or owner is being unresponsive, please reach out to us at privacy[at]current.so.


If a Workspace Owner wants to deactivate their own account within a specific workspace(s), they will have to transfer ownership or deactivate the workspace(s) before they can deactivate their own user account.


What happens when the Workspace Administrator deletes your user account from the workspace

When your Workspace Administrator deactivates your account, you’ll no longer be able to access that workspace. Your data may still appear in the workspace (for example for posts you’ve created) however there will be an indication that your account is no longer active.


What happens when an admin deletes your user account from the workspace

Workspace Administrators have the ability to completely delete a user account from their workspace. When they do this they get an option to either:

  1. Permanently delete all data (user information, posts, etc.)

  2. Delete user information, but keep the posts. Posts must be assigned to a new active user in the workspace.


What happens when a workspace is deleted

When a workspace is deleted, all data is permanently deleted.

Any other information we receive or collect from an Authorized User (for example by way of research or support) will only be retained as long as necessary to provide the Services.



Data Transfers

In order to operate Current, we transmit and store data in the United States. Data transfers are performed in accordance with applicable data protection law.


Standard Contractual Clauses

When necessary, we implement standard contractual clauses to fulfill the data transfer obligations related to the processing of personal data governed by the data protection laws of the European Economic Area (EEA), Switzerland, and the UK. This practice extends to other global transfers of Customer Data as mandated by relevant laws. The standard contractual clauses are integrated into our Data Processing Addendum which can be read here: https://current.so/dpa.


International Data Transfers

Our headquarters is in the United States and we may have service providers in other countries. Your personal information may be transferred to the United States or other locations outside of your state, province, or country where privacy laws may not be as protective as those in your state, province, or country. We do not offer data residency outside of The United States at this time.



Your data protection rights

Logic and Rhythm, LLC would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

  • The right to access - You have the right to request Logic and Rhythm, LLC for copies of your personal data. We may ask for additional information to verify identity and/or charge you a small fee for this service.

  • The right to rectification - You may request that Logic and Rhythm, LLC correct any information you believe is inaccurate. You also request Logic and Rhythm, LLC to complete information you believe is incomplete. Any updated or corrected information may be communicated to third parties as applicable.

  • The right to erasure - You have the right to request that Logic and Rhythm, LLC erase your personal data, under certain conditions.

  • The right to restrict processing - You have the right to request that Logic and Rhythm, LLC restrict the processing of your personal data, under certain conditions.

  • The right to object to processing - You have the right to object to Logic and Rhythm, LLC's processing of your personal data, under certain conditions.

  • The right to data portability - You have the right to request that Logic and Rhythm, LLC transfer the data that we have collected to another organization, or directly to you, under certain conditions.


If you make a request, we will respond to you within 72 hours. If you would like to exercise any of these choices, please contact us at our email: support@current.so


Should a data request be denied, Logic and Rhythm, LLC will notify you of the reason for denial within 72 hours.



Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you use Current, we may collect information from you automatically through cookies or similar technology.

How do we use cookies?

Current does not make use of any cookies on our marketing website. Our web application (any url under “app.current.so”) makes use of third-party services which use functional cookies to power their services.


Mixpanel

We use Mixpanel to understanding how our product is being used. However, we do not track any Personal Identifiable Information. Click here to learn more about Mixpanel’s GDPR compliance.


Sentry

We use Sentry to log crashes in our application. However, Sentry do not collect any Personal Identifiable Information. Click here to learn more about Sentry’s Data Processing practices.


How to manage cookies

As we don’t current use any non-essential cookies. As such, you won’t see any cookie banners allowing you to manage your preferences on Current. You can however, still set your browser not to block third party cookies. This may cause some features in Current to not work properly.



Integrations

Current integrates with several tools to allow you to embed documents from other applications. The minimum amount of data possible is requested in order for our integrations to function.


Google Drive / Docs

Current requires OAuth access to read your drive files. We use a link to the file, along with the OAuth access in order to retrieve and display the file in Current. Note: the files are not downloaded, or saved in our servers. When possible, a thumbnail for the file is generated and saved in our database.

Current’s use and transfer of information received from Google APIs to our application will adhere to Google API Services User Data Policy, including the Limited Use requirements.


Notion

Current required OAuth access to read your notion documents. We use a link to the file, along with the OAuth to fetch a JSON representation of your Notion document and display it to the user. Note: we do not save the JSON representation of the file on our servers. When possible, a thumbnail for the Notion page is generated and saved in our database.


Figma

Current requires OAuth access to read your Figma documents. This is used to generate a thumbnail of the file, and display the title.


GitHub

Current requires OAuth access to read your GitHub pull requests. This is used to parse the description and use any images, videos, gifs, and for the post on Current.


Mural

Current requires OAuth access to read your Mural files. This is used to generate a thumbnail of the board, get the title, and embed it in Current posts.


Miro

Current requires OAuth access to read your Miro files. This is used to generate a thumbnail of the board, get the title, and embed it in Current posts.


Slack

Current requires OAuth access to send messages to your Slack channels. This is used to broadcast posts into specific Slack channels, send weekly reminders, or send you notifications about activity happening on Current.



Marketing

Logic and Rhythm, LLC may send you marketing material for new features or offers relevant to our product “Current”. Please note, that to receive such email you must opt-in while creating an account. If you have agreed to receive marketing emails, you may always opt out at a later date. You have the right at any time to stop Logic and Rhythm, LLC from contacting you for marketing purposes. If you’re unable to unsubscribe from marketing emails or no longer wish to be contacted for marketing purposes, please email us at privacy[at]current.so.



Security

Logic and Rhythm, LLC takes reasonable steps to protect the Personal Data via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any Personal Data to Logic and Rhythm, LLC via the Internet. To learn more visit our Security page: https://current.so/security



Privacy policies of other websites and services

Logic and Rhythm, LLC’s website or Current’s website may contain links to other websites, mobile applications and other online services operated by third parties. In addition, our content may be included on web pages, in mobile applications or on online services that are not associated with us. Our privacy policy applies only to our website. If you click on a link to another website, mobile application or another online service we advise you to read their privacy policy.



Age Restrictions

People under the age of 13, (or below the digital consent threshold in your jurisdiction), are not permitted to create an account on Current. In the event that you suspect an individual under 13 or below the stipulated digital consent age has created an account on Current, please get in touch, and appropriate measures will be taken to delete the account.



Changes to our privacy policy

Logic and Rhythm, LLC keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on November 14th, 2023.



How to contact us

If you have any questions about Logic and Rhythm, LLC's privacy policy, the data we hold on you, or you would like to exercise any of the choices defined above, please do not hesitate to contact us.


Email us at: privacy[at]current.so
Logic and Rhythm, LLC, dba Current
548 Market St, PMB 96848,
San Francisco, CA 94104-5401


For specific questions regarding our Privacy Policy please reach out to our Privacy Officer, Scott Savarie at scott[at]current.so.