The Civic Champs platform is hosted through AWS managed services and a private cloud with very limited, secure access from the internet. SSH keys or secure tokens / logins are required and limited based on origin.

Names, emails, and phone numbers are used by AWS services for authentication (Cognito),

email, and text messaging. Some incidental data, such as a current location name, may also be sent to vendor push notification services for delivery to the user’s device. (Apple Push Notification or Google Firebase messaging).

All network traffic is securely transmitted through HTTPS/TLS to our APIs and partnered

services. Standard certificate encryption is used for TLS. Those certificates are generated,

configured, and deployed through AWS services.

Snapshots of our database are backed-up nightly. Additional storage methods such as AWS S3 house largely temporary data today and are not backed up.

It should also be noted that Civic Champs does not have any marketing ads on its platform so no information is shared with outside advertisers.

For additional questions, please contact Geng Wang (geng@civicchamps.com).