I’ve been looking at the terms of service and privacy policies of several QS-related services, and would like to share the findings here (plus get some feedback as IANAL). Following are the questions I focused on (anything I should add?); I’ll add a separate post for each service I looked at, prefixed with [ToS].
1. Can you control who has access to your data?
Can your data be shared with (or even sold to) third parties (other than law enforcement) without your permission?
2. Can you export your data?
Can you get your data out of the service with a simple download, or through an API?
3. Can you close your account?
How difficult is it to close an account? What happens to the data after an account has been closed?
4. Can the terms change without prior notice?
Do you have a chance to close your account, if the terms are changed and you no longer agree?
5. Can I trust them to keep my data secure?
Does the service take basic measures to keep your data secure, such as supporting (or, better, enforcing) the use of secure connections (HTTPS)?
That was the original plan (I posted a bunch of questions to their mailing list a week or so ago). But I’ve put that on hold because their process seems somewhat haphazard and there are no proper guidelines for reviewing the terms of a service (yet).