top of page

Two Dots Browser Extension Data and Privacy Policy

Updated: December 22nd, 2022

Identity and Access

We collect end-user email addresses in a login popup in order to ensure only authorized users have access to our services. We send these email addresses to Auth0, a third-party identity provider. Neither we, nor Auth0, collect passwords from our end-users. We authenticate users with a one time code sent to the provided email.


Auth0 collects other information about the user that is stored for a maximum of 30 days, such as:

  1. Browser type and version

  2. Platform type and version

  3. Time of each login

  4. Time of each token exchange

  5. Time of account creation


Auth0 maintains the following security certifications:

  1. SOC Type 2

  2. ISO27001

  3. ISO27018

  4. Gold CSA STAR

Data Storage and Usage

We also collect a non-PII identifier corresponding to applicant information from protected web pages that our end users visit solely to perform their job duties at a property management company partnered with Two Dots. These identifiers are encrypted in transit with SSL and are never persistently stored on the end user’s machine. 


Both the user authentication scheme for our own service and the authentication scheme for the aforementioned protected web pages use the end user’s work email at their property management company for user identification. Each time we are sent one of these non-PII identifiers, we log the corresponding HTTPS request in Google Cloud Platform. These requests are associated with the end user’s email address. 


Access to Google Cloud Platform by Two Dots employees requires the use of a physical security key.

Contacting Us

For more information related to our Privacy Policy or our procedures, contact our Privacy Department by email at or by mail at:


Two Dots Inc., 420 E 58th Street, New York, NY, 10022


bottom of page