Privacy is important. We respect yours.
Let’s also state what’s probably obvious, but just in case: We don’t control what Medium users do. Their privacy policies and practices are up to them. If you share private information with other users, we can’t control what they’ll do with it. So be careful.
What Some Shorthand Expressions Mean
To make this policy more readable, we use some shorthand expressions in place of long, lawyerly chains of words. To wit:
- “Medium”, “we”, “us”, and “our” mean The Obvious Corporation, which operates the Medium Services.
- “You” means you, whether you are a person or entity, whether you are using Medium for yourself or on behalf of your employer.
- “Medium Services” means the medium.com website, along with the other domains, products, services, applications, and content provided by The Obvious Corporation under the Medium brand name.
- “Third party services” or “other services” means any websites, services, and applications operated by parties other than The Obvious Corporation.
- “Agents” means service providers, consultants and other agents not employed by The Obvious Corporation.
When we look at potential partners, we consider their privacy practices, and try to facilitate access only to third party services that share our commitment to protecting your privacy; however, we can’t, and don’t, take responsibility for anyone else’s privacy policies and practices. To protect yourself, you should also carefully review
the privacy policies of any other services you access.
Information We Collect and How We Use It
When you create an account on Medium Services, you authenticate yourself through a third-party service, like Twitter. When you do that, you link that account with your Medium account. Once the accounts are linked, we may collect and store personally identifying information that you have provided to that third party service, and consented to having shared with services like us. Also, we store the email address
that you provided to create your Medium Account.
Email Communications with Us
Occasionally, we might need to email you. We might need to send you some administrative info, tell you something important about your account or changes to our services, or update you on new policies. In really tough situations, like when we got dumped that one time, we might just need to vent about how unfair life is. Except for that last scenario, which won’t actually happen, these administrative communications are considered part of Medium Services and your Medium account, which you may not be able to opt-out from receiving. Note that we will never email you to ask for your password or other Account information; if you receive such an email,
send it to us, so we can take action against the evildoer.
Information about Your Accounts on Third Party Services
To authenticate your identity, your Medium account will be linked to at least one third party service, such as Twitter. To do that, you’re going to provide us with your username (or whatever user ID they provide) for that third party service. At that point, you will be required to go through that service’s authorization process, which will generate a token that allows us to access and link your account. We will
use that linked access to facilitate interaction with Medium Services, for example, to post your Medium content, or links to your Medium content, to that service upon your request. We do not receive or store passwords for third party service accounts.
Information Obtained from Third Party Services
When you link your Medium account with a third party service account, we will get information about you from that third party
service. That information could include, for example, biographical information or your geographic location, if you have provided that information to the third party service and made it available for Medium to access. To the extent we obtain such information, we may store and use the information about you that we receive from third party services to improve and personalize Medium Services. As a general practice, we strongly urge you to make careful judgments about any personal information you disclose to Internet services, including Medium and any third party services you link to us.
Medium is for public, not private, content. By default, whatever you share through Medium Services is public, and when you provide us with content it is published so that anyone can view it. Although we do provide tools, like drafting tools, that let you write and edit content prior to publication, you should assume that any content you provide to Medium may become publicly accessible.
Content published and shared publicly is accessible to everyone, including search engines, and you may lose any privacy rights you might have regarding that content. In addition, information shared publicly may be copied and shared throughout the Internet, including through features native to Medium Services, such as commenting
While you are free to remove published pieces of content from your account, or even delete it entirely, because of the nature of Internet sharing, the strong possibility of commenting on or embedding of your content by others, and technological limitations inherent to Medium Services, copies of that content may exist elsewhere and be retained indefinitely, including in our systems.
Information About User Content
In some cases, we may collect information about content you provide to Medium Services. For example, when it's included with your images, we may collect metadata information that describes your camera, camera settings, and geolocation. This allows us to improve Medium Services and provide additional features and functionality.
Information Related to Use of Medium Services
What do we collect? We collect information about how people use Medium Services, including both account-holders and non-account-holders. This includes general usage information, and may include things such as the number and frequency of visitors, which pages or features of Medium Services people have visited, which links on
Medium Services they have clicked on, and the length of those visits. Some of this information may be associated with the IP Address used to access Medium Services, and some may be associated with your Medium account, such as the topics you search for and the help pages that you visit.
Who collects and gets access to that information? We do. We may also use third party applications and services to collect and analyze this information.
Why do we collect it? This information allows us (and third parties we authorize) to figure out how people use Medium Services so that we can analyze and improve them. We may also use some of this information in aggregate form, that is, as a statistical measure related to all of our users that won’t identify you personally. We use information about your use of Medium Services to improve and enhance your experience on Medium Services.
Information Related to Your Web Browser
We automatically receive and record information from your web browser when you interact with Medium Services. That information might include your browser type and version, what sort of device you are using, your operating system and version, your language preference, the website or service that referred you to Medium Services, the date and time of each web request you make, your screen display information, and information from any cookies we have placed on your web browser.
IP Address Information
In some interactions, such as when you log into Medium Services or load a web page from Medium Services, we may collect and store your Internet Protocol Address, usually known as an IP address. For the most part, we use IP address information to fight spam, malware, and identity theft; we also may use it to personalize Medium Services for you. We also use IP Address information to generate aggregate, non-identifying, information about how people use Medium Services.
In some cases we collect and store information about where you are located, such as by converting your IP Address into a rough geolocation. We may use location information to improve and personalize Medium Services for you.
Information Related to Your Mobile Device
We may collect and store information related to your mobile device. We may use this information to provide or improve Medium Services.
Information Collected Using Cookies
What are cookies? Cookies are pieces of text that are sent to and saved by your web browser when you access a website. Your web browser stores cookies associated with each website you visit. You can see your cookies through your browser settings.
identify that you have logged in and that your web browser has accessed aspects of Medium Services, and we may associate that information with your Account if you have one. This information, in turn, is sometimes used to personalize your experiences on
Medium Services when you are logged in.
How do you disable cookies? Most web browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your web browser software) allowing you to decide on acceptance of each new cookie in a variety of ways. If you disable cookies, you won't be able to log into your Account, and so will not be able to use the vast
majority of Medium Services.
Information About Your Contacts
When you create your Medium account, and authenticate via a third party service like Twitter, Medium Services may collect, store, and periodically update the contact lists associated with that linked account, so that, for example, we can make it easy for you to connect with your existing contacts from that service who are also on Medium.
Information We Derive About You
To improve and personalize Medium Services, it’s super-useful to understand some things about you and your interests. To do that, we do automated analysis of your actions on Medium Services in ways that allow us to derive or infer characteristics that describe you. For example, we may note what kinds of content you like to read or comment on.
To measure the deliverability of our emails to users, we may embed information, such as a web beacon or tag, in them.
What We Do and Don’t Do With Your Information
We never share information we receive from you unless:
(a) we have your permission to share that information;
(b) we have given you prior notice that the information will be shared,
and with whom;
(c) that information is aggregate information or other information that does not identify you.
Information You Share with the Public Through Medium Services
Information posted through Medium Services is, by default, published and shared with the public. That includes anything you choose to publish, post on, or submit to Medium. Because this kind of information can be seen by anyone and can be indexed by search engines, you should exercise care in what you choose to submit; make sure everything you submit is something you want to share with everyone.
Information You Share with Third Party Services
Our content platform enables you to access third party services through Medium Services. For example, users can embed externally-pointing links in their content; users can click on those links to reach other sites and services. We also enable users to share information that you provide to us, like posts and comments, with other services. For example, users may share your posts on Twitter and Facebook.
At the risk of repeating ourselves
Information We Share with Our Agents
In some circumstances, we might share information that we store, like IP addresses, with third party Agents for the purposes of operating and improving Medium Services. Those Agents might include contracted service providers or consultants. For example, we may share information with contracted service providers in order to fight spam. Or we might give third-party consultants limited access to information as they work to improve our processes and technology. When we share information with Agents under those circumstances, we generally bind them with confidentiality agreements. Unless we tell you differently, our Agents will not have any right to use personal information or any other information we share with them beyond the scope and duration of what is necessary to assist us. You hereby consent to our sharing of personal information with our Agents.
Information Shared with Third Parties
We may share or disclose non-private information, aggregate information, or other non-personal information with people and entities with which we’re doing business.
Information Disclosed Pursuant to Business Transfers
We may buy or sell business assets. In these transactions, user information is typically one of the transferred business assets. Likewise, if we, or substantially all of our assets, get acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of
us or our assets may continue to use your personal information as set forth in this policy.
Information Disclosed for Our Protection and the Protection of Others
We will fight hard to protect you from having your privacy violated through abuse of the legal system, whether attempted by individuals, entities, or governments. For example, it is our policy to insist upon jurisdiction and proper legal process for governmental information requests, and to contest claims we believe to be unwarranted
otherwise address fraud, security or technical issues, including exchanging information with other companies and organizations for fraud protection and the prevention of spam and malware, (iv) respond to user support requests, or (v) protect the rights, property, health or safety of us, our users, any third parties or the public in general.
Information We Share with Your Consent or at Your Request
If you ask us to release information that we have about your account, we will do so if reasonable and not unduly burdensome.
are agreeing to that transfer.
The Security of Your Information
We strive to protect your private information, including your account information, to keep it private. We cannot, however, guarantee the security of any information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time. It’s important for you to prevent unauthorized access to your account and personal information by choosing and protecting a strong third party service password and by limiting access to your computer and browser by signing off after you have finished using Medium Services.
Your California Privacy Rights
Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal customer information that we share with our affiliates or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to the following address: The Obvious Corporation, 800 Market Street, Suite 800, San Francisco, CA 94102.
How to Delete Your Account and What Happens When You Delete Your Account
If you want to delete your Account, you can do so from your My Account page. Deleting your Account will not entirely remove the content you have published from our systems, because of caching, backups, or other references to your account. In addition, given the sharing, commenting, and dialogue that takes place on Medium Services, some of the public activity on your account prior to deletion may remain stored on our servers and accessible to the public indefinitely.
Where to Direct Questions or Concerns
If you have any questions or concerns regarding Medium Services privacy policies and practices, please send us a note.