User Data Rules and Restrictions

Last modified: June 26, 2024

Prohibited Types of Data

You and the end users of your Applications are prohibited from collecting, uploading, storing, transmitting, displaying, modifying, or otherwise processing any of the following types of data in any Application you create using Glide:

  • Unencrypted passwords and other login credentials, such as authentication tokens.
  • Financial account information, such as credit or debit card numbers, bank account numbers, or other financial account numbers.
  • Protected health information covered by the Health Insurance Portability and Accountability Act (HIPAA) and applicable health privacy laws, such as an individual’s diagnoses, treatment information, medical test results, or prescription information that is created or shared by on or behalf of a healthcare provider or health insurance provider.
  • Any data or information collected from children under the age of 13.
  • Other sensitive data about an identifiable individual, including a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data or biometric data, or sex life or sexual orientation.

Restricted Types of Data

The following types of data are only permitted in private Applications that are available only to selected end users who are approved by you.  If you or the end users of your Applications intend to collect, upload, store, transmit, display, modify, and otherwise process any of the following types of data in any Application you create using Glide, you must sign up for a paid account and make the application private.

  • Sensitive financial information (other than account information), such as account balances, salary information, expense reports, and transaction details.
  • Student data covered by the Family Educational Rights and Privacy Act (FERPA), such as grades, report cards, transcripts, class schedules, disciplinary records.
  • Health information that is not covered by HIPAA or other privacy laws, such as symptom tracking or contract tracing information that do not collect from or share information with healthcare providers or insurance providers.