fbpx
Home / Quickfire Interactive Privacy Policy

Quickfire Interactive Privacy Policy

Quickfire Interactive is owned and operated by Catalyst Global Limited. This Privacy Policy describes Catalyst Global's policies and procedures on the collection, use and disclosure of your information when you use the Quickfire Interactive application offered by Catalyst Global and its licensees and tells you about your privacy rights. This information should be read in conjunction with the Catalyst Global Privacy Policy.

Security Overview

Quickfire Interactive:

  • has passed the App Store and Play Store and Huawei Store review
  • is hardcoded to only connect to the Quickfire Interactive servers (only a compromised device or a compromised network could connect it to malicious servers, in which case all data on the device would already be compromised.)
  • uses https encrypted connections to servers and storage.

Servers

  • hosted on Digital Ocean - https://www.digitalocean.com/legal/data-security/
  • hosted in the Digital Ocean NYC1 datacenter, New York,
  • 3 members of the development team have admin
  • SSH keys are used for authentication

Quickfire Interactive databases

  • Digital Ocean managed databases - https://www.digitalocean.com/products/managed-databases/
  • Firewall rules do not allow external access for test and production databases, they can only be accessed from the Quickfire Interactive servers

Quickfire Interactive content and assets

  • Assets stored on Digital Ocean Spaces - https://www.digitalocean.com/docs/spaces/#features
  • Catalyst Global allows its licensees to create activity templates for its clients
  • Participants are not required to have a registration or subscription and do not need to provide any personal information to play an activity.

Uploaded user media

  • Photos and videos can be uploaded through the
  • All media generated by participants is stored in the Digital Ocean SFO1 region which is SOC2 Type II and PC-DSS - https://www.digitalocean.com/docs/spaces/#features
  • SSL encrypted in transit
  • Access keys are required to list directory

Direct download only possible if you know the filename, but filenames are randomly and uniquely assigned based on an MD5 hash, eg: 3c775a27665e57bef3b4adae1aa09c9987b91f4aea3ea69805ed04527a8f9d82.mp4

Uploaded user data

  • Text and other answers are transmitted over https
  • All text answers entered by participants are stored in the Digital Ocean NYC1 region which is SOC2 Type II and ISO/IEC 27001:2013
  • For more information and to obtain a copy of the certificates please see: https://www.digitalocean.com/trust/certification-reports/

Storage, Archive, Delete Process

  • Information and media gathered during any event is held for a period of 28 days unless immediate deletion is requested by the client
  • After 28 days the data is archived and stored in a limited function account.
  • Data including any cached or backup copies, are deleted 28 days after the start of the archive

Device data

The following data is collected for each device by Huawei/Google/Apple using Quickfire Interactive and can be viewed by the development team via Huawei/Google/Apple dashboards:

  • InstallationID
  • SessionID
  • DeviceName
  • DeviceYearClass
  • Platform
  • AppVersion
  • AppOwnership