This question came up during the Project Photofly Facecast that Stephane Negri and I participated in. Though I am not a lawyer, here is basically what I said:
Beyond our lack of guarantee, I can share with you our intention.
- We intend to have a reasonably secure service, better than email, but less secure than a bank account. We believe the systems are secure against casual attempts to hack your data.
- We don't intend to publicly share any customer data without the owner’s permission.
- We store your files on Amazon’s S3 service, and they maintain their own physical and data security policy that is considered robust.
- Our compute servers are in a card-key accessed server room where only a subset of authorized Autodesk employees have physical access. The physical access is logged.
In the future if we decide to convert the technology preview into an official service, we may choose to augment our security and privacy policies. At this time I can only offer our intention to hold your data secure, but cannot guarantee it.
Care is alive in the lab.