Website:
Our website is located on commercial servers in California, and as such, subject to Unites States and California law. (Our email is hosted on a server in Switzerland, for our email policies, see that section.) This site is meant for our local business and as such, should have no need to comply with EU or other foreign laws and regulations as we do not do business in their jurisdiction. What limited information we do collect, we do not disclose to third parties unless directed by the proper law enforcement agencies of the proper jurisdiction.
Information we collect:
When you visit our website we may collect various types of information, such as:
· Your browser – including the version.
· Your Operating System – including the version.
· The IP Address you are using to connect to our website.
Cookies: We do use cookies while visiting our website, but these are used only while on our website. They are not designed to track how you arrived, nor where you go when you leave our site. We do not have any third party cookies active on our website.
We collect the above information for security purposes and to analyze the performance of our website. Users who attempt to cause any harm to our website, will be identified using the above collected information, and automatically blocked from accessing our website.
Security:
· We use SSL encryption to help keep information between our server, and your browser private, without corruption.
· Since we do not perform financial transactions or require any personally identifiable information we only use a DV Level SSL certificate.
· The lock icon at the start of the URL shows that the encryption is working. Click on the icon for information about the connection security.
· All queries to an unsecured address are redirected to an SSL address.
Alternate URL’s:
We may have alternative URLs, and variations, which point to this domain. Any such redirections will point to, and show keftinvestments.com in the address bar.
Email:
We use an encrypted email service with their servers based in Switzerland.
· Switzerland has stricter privacy laws than most other countries, including the United States.
· When you send us an email, the message is generally secured using STARTTLS while in transit, though it may not be encrypted if it is paused before it reaches, the server of your email service, or certain transit points before reaching our email server. When it arrives at our server it is encrypted for storage, and remains encrypted when relayed to our devices. Our devices decrypt these emails. The hosting service we use cannot read the emails stored on it.
· When we send an email to you, it leaves our device encrypted, and the Swiss based server then decrypts it before sending it using STARTTLS.
· If you want fully secure email, we can use either PGP, or Protonmail for security purposes. Both provide end-to-end encryption which means that only the sending/receiving devices can see the actual content. If you use a free email service such as Gmail, Yahoo, AOL, or others, they have the ability to read your messages once they arrive on their servers, and before you open it yourself. We also have the ability to send encrypted messages to these services that will prevent them from reading the message, but you will need a separate, pre-arranged password to view them.
· We may archive email messages, either on the Swiss based server, and/or locally on our own systems for future reference.
· For additional information on the email system we use, visit: https://proton.me/mail/security
Other Electronic Communications:
· Statements and invoices are sent by Intuit using their own servers, and likely only use STARTTLS for security purposes. The payment portal operated by Intuit meets all requirements set forth by various U.S. banking regulators and payment processors for security purposes. To view Intuit’s security policies and suggestions visit:
o https://quickbooks.intuit.com/global/security/
· Text Messages: We use Android based devices which use either RCS, or SMS. These services are secure between other Android devices, but there may be security risks when communicating with other systems such as iOS (Apple). We also use two other text messengers that provide end-to-end encryption:
o Signal – which is an open-source project and considered very secure. Their history can be viewed at: https://en.wikipedia.org/wiki/Signal_(software)
o WhatsApp – which is owned by Meta (Facebook). Their history can be viewed at: https://en.wikipedia.org/wiki/WhatsApp
· Docusign: Has their own security procedures for the online signing of documents. Visit their security page at: https://www.docusign.com/trust/security for further information.
Contact Form:
If you use our Contact Us Form, in addition to the above information, whatever information you enter on the form including your name, email address, and any additional information that you enter, is collected by us. Please do not send any sensitive information via this form.
Video Cameras:
Our properties may have video cameras that record areas visible to the general public. Retention time varies depending on the location, but generally we can only go back three weeks. No audio is recorded. All cameras record only when movement is detected, and may also have exclusion zones that do not monitor movement: this means that there may be gaps in recording, and that areas such as public streets may not trigger a recording.
We provide clips upon request when there appears to be legitimate request for the recording. Due to the limited archive capacity, requests must be in a timely manner. It may take one, to several days to obtain the files as they are downloaded remotely, and then need to be converted to a common format. When we provide clips, a link will be provided to one of the cloud services we use for file storage. The provided link to the files/folders will allow either viewing, or downloading by anyone who has the link. The files/folders will be available for a limited period of time after we provide access. These files may be deleted after the link to the files/folders expire.