Cortico is committed to transparency and accountability with all of our processes and technology.
We work with partners to gather and engage members of their communities for meaningful conversations to develop understanding and generate positive action. We want participants and partners to have maximum say in where their stories are shared and protection from bad actors who might use any data on our platform in ways that might undermine our mission to strengthen democracy by surfacing underheard voices and creating a stronger public dialogue.
There are a few places where we capture our commitments to participants and to partner organizations who are convening conversations:
- Our Terms of Use and Privacy Policy, which can be found on our website. (All previous versions of these policies can also be found on GitHub)
- Our Professional Services Agreement with partners, which is a full legal document outlining the responsibilities of the partner, of Cortico, and our shared commitments
- Our consent language, which is an explicit agreement and understanding at the beginning of each conversation
Individuals
1. Your personal information
-
- Your name and email address are collected when you register for a conversation, and your email address is the key to your access to your conversation(s) on our platform. That information is shared only with the organization that invited you to the conversation (which in most cases already had your info as they reached out to you). We are committed to keeping your contact information as well as any other information you give us completely private. It is stored separately from your conversation data and not accessible via our publicly available conversation platform.
2. Your conversation participation (your story and voice)
-
- As you enter the conversation, you will be asked if you agree to the following understanding of the intention for the conversation’s recording and consent to the recording on these terms:
As a participant in this conversation, you are providing consent to [partner name] to use the recording in accordance with its mission. You also understand that the conversation will be part of a collection of Cortico's Local Voices Network, whose mission is to foster conversations in communities and in the media that improve our understanding of one another. Cortico will collect, retain, and analyze these conversations in keeping with that mission.
-
- You are encouraged only to offer a first name or pseudonym by which you can be called during the conversation.
- The conversation may be shared in accordance with the aims of the organization that invited you and connected to our growing network of other conversations. For that reason, we encourage folks to share only what they are willing to have heard or reported on the internet or elsewhere.
Redaction
-
- If you say something during the conversation you wish you hadn’t, we will do our best to redact a portion of the conversation (usually this includes things like names of other people or employers without their permission). It is preferable that this request is made sooner rather than later, however, because once it has appeared on the platform it is ‘public’ either to our network of partners and participants or in some cases public to anyone on the internet.
-
- If at some point in the future you wish to remove your story from the platform, you can make that request to the convening partner and we can do our best to remove it entirely. Because our conversations, by their nature, include multiple peoples’ stories told together and in a flow that weaves them together, we cannot remove one person’s story alone. The whole conversation would need to be removed. A request to remove your whole participation will also impact the other participants by removing their participation as well.
Partner Organizations
1. What you own
-
- In partnering with Cortico, you agree to the rights and responsibilities of copyright over the conversation data provided by participants you have convened. This includes the right to remove the data, decide on its level of privacy on the platform as well as who else may access the data.
- This ownership includes the responsibility to respond to participant requests for redaction or removal of their data and working with Cortico to honor those requests in a timely manner.
- You may remove all or part of the conversations collected through your initiative at any time, and raw audio files and/or transcripts can be returned to you upon request.
2. What you share
-
- In order for Cortico’s technology to be used for analysis, sharing and sense-making, you grant broad permission to Cortico to use the data you have collected and shared on the platform in accordance with our mission. This includes making it available to third parties we work with to advance that mission, such as academic researchers.
- Cortico will always honor the settings you have created on the platform for the privacy and sharing of the conversations contributed there.
3. Privacy Levels
-
- As a Cortico partner, you will have administrative access to your conversation collection and can set the level of access to it. The options are:
-
-
- Protected
- Only participants and individuals explicitly granted access by you can see and hear the conversation(s).
- Protected
-
- Community
- Your conversation participants and invited guests can see and hear your conversations, and they can also be accessed by anyone else who has participated in a conversation that is connected via the Local Voices Network.
- Community
-
- Public
- Your conversation(s) will be available for viewing and listening by anyone on the internet, and you can create a microsite to link to your own website or share with others.
- Public
-
Storage and Security
Where is the data that we submit to Cortico stored? How is that data protected?
Data is stored and processed on cloud servers managed by Cortico and hosted by Amazon Web Services. All data is regularly versioned and backed-up.
How and where is that data processed?
Data is encrypted during transfer via industry standard methods (HTTPS/SSL). User credentials (passwords) are encrypted at rest. Access to the cloud infrastructure is provided to a limited number of staff members and protected via industry standard methods, including 2 factor authentication.