

Clipboard goes beyond web clips - Shalen
http://blog.clipboard.com/2012/10/08/0-Beyond-Web-Clips

======
icebraining
I was interested both by your post as by your site. It's nice that you have
browser extensions besides the mobile app(s).

I have a few questions regarding your Privacy Policy:

\- You say you use web beacons; how and where are those deployed exactly?

\- You write _"Clipboard will not rent or sell your personally identifiable
information to others."_ , yet later you say _"As we develop our business, we
may buy or sell assets or business offerings. Customer, email, and visitor
information is generally one of the transferred business assets in these types
of transactions."_

What information exactly about the Customer can sold? And, can you guarantee
that the personally identifiable informations are protected in case you sell
the whole company?

\- Why do I need to periodically check your Policy, instead of you emailing
them to me, preferably in advance?

Other questions:

\- Can I somehow export my clips?

\- How do you make money so that I can trust you'll be here next month?

Thank you!

~~~
gwf
I am the founder/CEO of Clipboard. Thanks for taking the time to read our
privacy policy. I'll do my best to answer each question, but please let me
know if you think that I missed anything.

1\. Web beacons are typically understood to be any sort of tracking mechanism.
We track emails via Sendgrid to see how effective they are. We use Google
analytics to see where and how people are using the site. We use mixpanel to
better understand how people use individual features. All of this is pretty
standard stuff.

A non-standard thing that we do is that we put in place a secret key on the
client local storage of your Web browser which we use to protect our user's
accounts. Here's how it works... we can transmit the secret one time over
HTTPS. Then, when you create a clip on a 3rd party site, we can redirect the
clip payload via XDM to our own domain, and then digitally sign the API call
with the secret key. This (a) prohibits a bad guy from spamming your clip
account, and (b) makes it so no one else can see the shared secret (even
though this partially runs on other domains).

2\. Re. the buy / sell language ... we do not now nor have we ever sold any
information to any 3rd party about anything, nor do we have any intention of
doing so. The first sentence is meant to make that clear. The second sentence
says that we my buy or sell more general assets (for example, we purchased
some patents last year and with it came a user database with emails from a
retired service).

So, our stated intension is to never sell any personal information about any
customers. I think that it is possible that some day we may sell aggregated
data, but we're not there yet. And if we made any change, then we would
clearly owe our users an update on the change in policy.

I, nor any other CEO, cannot guarantee what happens if we are ever sold. We
can do our best to have a outcome that's good for everyone, but in this there
can be no guarantees. FWIW, we destroyed the database that came with that
earlier deal because it seemed like the right thing to do.

3\. Our privacy policy and ToS have been the same for over a year. I think we
may have fixed a typo once or twice during that time. If we ever do a major
update -- one that materially changes the terms for anyone -- I think we'll
send such an update via email. However, I suspect that most users do not
welcome such emails, so we're trying to walk the line that is clear,
transparent, and not annoying.

4\. We don't have a bulk export tool, nor do we have an external API, but
we'll get there soon. The API is fairly mature, but we still need to add an
OATH2 layer. However, here's a stop gap: Suppose you want to export a clip,
like this one:
[http://clipboard.com/clip/LQYHMLUq21-yNhdiYu1BUYzGdFQOUfUFEQ...](http://clipboard.com/clip/LQYHMLUq21-yNhdiYu1BUYzGdFQOUfUFEQ1e).
If you change the URL to
[http://clipboard.com/api/v1/clips/LQYHMLUq21-yNhdiYu1BUYzGdF...](http://clipboard.com/api/v1/clips/LQYHMLUq21-yNhdiYu1BUYzGdFQOUfUFEQ1e),
then you'll get the JSON for the clip. And if you take the blob GUID from that
clip object, you could hit <http://clipboard.com/api/v2/blobs/BLOGGUID>. But,
trust me, we'll make this better for hackers before the year is out.

5\. Money. Like most a lot of startups, our evolution is designed to go from
launch -> growth -> monetization. We're only now entering the growth phase, so
we're not going to focus on significant revenue at this time if it will hurt
growth. The exception to this is that we may offer some pro features sooner
rather than later (e.g., Clipboard for teams). Right now, we are having a lot
of conversations with some of the biggest commerce and media companies in the
world around ways to monetize Clipboard in a manner that is good for everyone.
But it will take time.

To be clear, we lose money every day -- but we're supposed to at this phase.
Your options are pretty clear. You could bet on us, taking the risk that we
don't last; or you can wait until we're profitable, which means that you'll be
a late adopter. It's up to you. But I think that if you take a look at our
team, our track record, and the choices that we've made over the past 18
months, you may find that we have the makings of a good group of people to bet
on.

~~~
icebraining
Thanks a lot for answering my questions, you've been very helpful!

------
stephengillie
Sorry, I'm having trouble reading your article. The font used doesn't have a
line in the middle of the letter 'e', so reading it is difficult.

w7, chrome (with javascript disabled, adblock, flashblock, etc)

~~~
fourstar
Why do you disable javascript out of curiosity?

~~~
stephengillie
Nothing against any site in particular, but these are things which I hold
against most websites:

1\. Page load times

2\. Ads, interstitials, popups, screen-coverers

3\. Those annoying bars at the top or bottom of a page that move with the
page. Or the ones that pop out when you've read 2/3 of an article.

4\. Auto-playing video and ads with sound.

5\. Javascript exploits are uncommon (tinfoil hat)

I want a _flat_ web, and disabling Javascript gives it to me. Thankfully,
Chrome lets you whitelist sites.

~~~
fourstar
I've specified in chrome for click to play on flash which has helped the
autoplay videos, as well as blocked a bunch of offenders (meebo) to my hosts
file. Couple this with adblock plus and I'm pretty OK with having JS auto-run.

------
kenperkins
Clipboard dev here, wanted to share one tidbit that isn't featured in the
blog.

If you highlight and copy in Chrome, you can paste straight into Clipboard,
without having to do anything other than have the page open. It's by far my
favorite new feature, and is worth pointing out.

