I am the founder/CEO of Clipboard. Thanks for taking the time to read our privacy policy. I'll do my best to answer each question, but please let me know if you think that I missed anything.1. Web beacons are typically understood to be any sort of tracking mechanism. We track emails via Sendgrid to see how effective they are. We use Google analytics to see where and how people are using the site. We use mixpanel to better understand how people use individual features. All of this is pretty standard stuff.
A non-standard thing that we do is that we put in place a secret key on the client local storage of your Web browser which we use to protect our user's accounts. Here's how it works... we can transmit the secret one time over HTTPS. Then, when you create a clip on a 3rd party site, we can redirect the clip payload via XDM to our own domain, and then digitally sign the API call with the secret key. This (a) prohibits a bad guy from spamming your clip account, and (b) makes it so no one else can see the shared secret (even though this partially runs on other domains).
2. Re. the buy / sell language ... we do not now nor have we ever sold any information to any 3rd party about anything, nor do we have any intention of doing so. The first sentence is meant to make that clear. The second sentence says that we my buy or sell more general assets (for example, we purchased some patents last year and with it came a user database with emails from a retired service).
So, our stated intension is to never sell any personal information about any customers. I think that it is possible that some day we may sell aggregated data, but we're not there yet. And if we made any change, then we would clearly owe our users an update on the change in policy.
I, nor any other CEO, cannot guarantee what happens if we are ever sold. We can do our best to have a outcome that's good for everyone, but in this there can be no guarantees. FWIW, we destroyed the database that came with that earlier deal because it seemed like the right thing to do.
3. Our privacy policy and ToS have been the same for over a year. I think we may have fixed a typo once or twice during that time. If we ever do a major update -- one that materially changes the terms for anyone -- I think we'll send such an update via email. However, I suspect that most users do not welcome such emails, so we're trying to walk the line that is clear, transparent, and not annoying.
4. We don't have a bulk export tool, nor do we have an external API, but we'll get there soon. The API is fairly mature, but we still need to add an OATH2 layer. However, here's a stop gap: Suppose you want to export a clip, like this one: http://clipboard.com/clip/LQYHMLUq21-yNhdiYu1BUYzGdFQOUfUFEQ.... If you change the URL to http://clipboard.com/api/v1/clips/LQYHMLUq21-yNhdiYu1BUYzGdF..., then you'll get the JSON for the clip. And if you take the blob GUID from that clip object, you could hit http://clipboard.com/api/v2/blobs/BLOGGUID. But, trust me, we'll make this better for hackers before the year is out.
5. Money. Like most a lot of startups, our evolution is designed to go from launch -> growth -> monetization. We're only now entering the growth phase, so we're not going to focus on significant revenue at this time if it will hurt growth. The exception to this is that we may offer some pro features sooner rather than later (e.g., Clipboard for teams). Right now, we are having a lot of conversations with some of the biggest commerce and media companies in the world around ways to monetize Clipboard in a manner that is good for everyone. But it will take time.
