Privacy Policy

The fine print.

This page contains a lot of legalese pertaining to policies and terms. It’s all very formal but everything here is guided by the following principles:

Our Guiding Principles

  • Your data is safe.
  • You own your data.
  • Stability and uptime of the Graphcool cloud platform are paramount.
  • Prisma is built by developers for developers. We will strive to make every interaction with Prisma an easy and painless experience.

Last Updated: 3/31/2020

Terms of Service

1. Your Agreement with Prisma

1.1 Your use of the Prisma service is governed by this agreement (the “Terms”). “Prisma” means Prisma, Inc and its subsidiaries or affiliates involved in providing the Prisma Service. The “Prisma Services” means the services Prisma makes available through this website, including this website, the Graphcool cloud computing platform, the Prisma API, the Prisma Add-ons, and any other software or services offered by Prisma in connection to any of those.

1.2 In order to use the Prisma Services, you must first agree to the Terms. You can agree to the Terms by actually using the Prisma Services. You understand and agree that Prisma will treat your use of the Prisma Services as acceptance of the Terms from that point onwards.

1.3 You may not use the Prisma Services if you are a person barred from receiving the Prisma Services under the laws of the United States or other countries, including the country in which you are resident or from which you use the Prisma Services. You affirm that you are over the age of 13, as the Prisma Services may not be used by children under 13.

1.4 You agree your purchases of Prisma Services are not contingent on the delivery of any future functionality or features or dependent on any oral or written public comments made by Prisma or any of its affiliates regarding future functionality or features.

2. Your Account and Use of the Prisma Services

2.1 You must provide accurate and complete registration information any time you register to use the Prisma Services. You are responsible for the security of your passwords and for any use of your account. If you become aware of any unauthorized use of your password or of your account, you agree to notify Prisma immediately.

2.2 Your use of the Prisma Services must comply with all applicable laws, regulations and ordinances, including any laws regarding the export of data or software.

2.3 You agree not to (a) access (or attempt to access) the administrative interface of the Prisma Services by any means other than through the interface that is provided by Prisma in connection with the Prisma Services, unless you have been specifically allowed to do so in a separate agreement with Prisma, or (b) engage in any activity that interferes with or disrupts the Prisma Services (or the servers and networks which are connected to the Service).

2.4 You may use the Prisma Services only to develop and run applications on the Prisma infrastructure. You may not access the Prisma Services for the purpose of bringing an intellectual property infringement claim against Prisma or for the purpose of creating a product or service competitive with the Prisma Services.

3. Service Policies and Privacy

3.1 You agree to comply with the Prisma Acceptable Use Policy available at acceptable use policy (the “Acceptable Use Policy”) which is incorporated herein by this reference and which may be updated from time to time.

3.2 The Prisma Services shall be subject to the privacy policy. You agree to the use of your data in accordance with Prisma’s privacy policies.

3.3 You agree that you will protect the privacy and legal rights of the End Users of your application. You must obtain any consents required by applicable data protection laws and provide legally adequate privacy notice, access, and protection for End Users. If End Users provide you with user names, passwords, or other login information or personal information, you must make the End Users aware that the information will be available to your application and to Prisma.

4. Fees for Use of the Prisma Services

4.1 Subject to the Terms, the Prisma Services are provided to you without charge up to certain limits. Usage over this limit requires your purchase of additional resources or services. The pricing for additional resources and services can be found at (or such URL as Prisma may provide).

4.2 For all purchased resources and services, we will charge your credit card on a monthly basis or at the interval indicated in Prisma fees and payment policies, if different. Late payments may bear interest at the rate of 1.5% per month (or the highest rate permitted by law, if less). Charges are exclusive of taxes. You are responsible for paying all taxes and government charges, and all reasonable expenses and attorneys fees Prisma incurs collecting late amounts. To the fullest extent permitted by law, you waive all claims relating to charges unless claimed within 60 days after the charge (this does not affect your credit card issuer rights). Charges are solely based on Prisma’s measurements of your use of the Prisma Services, unless otherwise agreed to in writing. To the fullest extent permitted by law, refunds (if any) are at the discretion of Prisma and only in the form of credit for the Prisma Services. Nothing in these Terms obligates Prisma to extend credit to any party. You acknowledge and agree that any credit card and related billing and payment information that you provide to Prisma may be shared by Prisma with companies who work on Prisma’s behalf, such as payment processors and/or credit agencies, solely for the purposes of checking credit, effecting payment to Prisma and servicing your account. Prisma may also provide information in response to valid legal process, such as subpoenas, search warrants and court orders, or to establish or exercise its legal rights or defend against legal claims. Prisma shall not be liable for any use or disclosure of such information by such third parties. Prisma reserves the right to discontinue the provision of the Prisma Services to you for any late payments.

4.3 Prisma may change its fees and payment policies for the Prisma Services by notifying you at least fifteen (15) days before the beginning of the billing cycle in which such change will take effect. Changes to the fees or payment policies will be posted on the website (or such other URL Prisma may provide from time to time). Any outstanding balance becomes immediately due and payable upon termination of the Terms for any reason.

4.4 You may not develop multiple Applications to simulate or act as a single Application or otherwise access the Prisma Services in a manner intended to avoid incurring fees.

5. Content on the Prisma Services and Take Down Obligations

5.1 You understand that all information (such as data files, written text, computer software, music, audio files or other sounds, photographs, videos or other images) to which you may have access as part of, or through your use of, the Prisma Services are the sole responsibility of the person from which such content originated. All such information is referred to below as the “Content.” The term Content shall specifically exclude the web application that you create using the Prisma Services and any source code written by you to be used with the Prisma Services (collectively, “Applications”).

5.2 Prisma reserves the right (but shall have no obligation) to remove any or all Content from the Prisma Services. You agree to immediately take down any Content that violates the Acceptable Use Policy, including pursuant to a take down request from Prisma. In the event that you elect not to comply with a request from Prisma to take down certain Content, Prisma reserves the right to directly take down such Content or to disable Applications.

5.3 In the event that you become aware of any violation of the Acceptable Use Policy by an End User of Applications, you shall immediately terminate such end user’s account on your Application. Prisma reserves the right to disable Applications in response to a violation or suspected violation of the Acceptable Use Policy.

5.4 You agree that you are solely responsible for (and that Prisma has no responsibility to you or to any third party for) the Application or any Content that you create, transmit or display while using the Prisma Services and for the consequences of your actions (including any loss or damage which Prisma may suffer) by doing so.

5.5 You agree that Prisma has no responsibility or liability for the deletion or failure to store any Content and other communications maintained or transmitted through use of the Service. You further acknowledge that you are solely responsible for securing and backing up your Applications and any Content.

6. Proprietary Rights

6.1 You acknowledge and agree that Prisma (or Prisma’s licensors) own all legal right, title and interest in and to the Prisma Services, including any intellectual property rights which subsist in the Prisma Services (whether those rights happen to be registered or not, and wherever in the world those rights may exist).

6.2 Except as provided in Section 8, Prisma acknowledges and agrees that it obtains no right, title or interest from you (or your licensors) under these Terms in or to any Content or Applications that you create, submit, post, transmit or display on, or through, the Prisma Services, including any intellectual property rights which subsist in that Content and the Application (whether those rights happen to be registered or not, and wherever in the world those rights may exist). Unless you have agreed otherwise in writing with Prisma, you agree that you are responsible for protecting and enforcing those rights and that Prisma has no obligation to do so on your behalf.

7. License from Prisma and Restrictions

7.1 Prisma grants you a revocable, personal, worldwide, royalty-free, non-assignable and non-exclusive license to use the software provided to you by Prisma as part of the Prisma Services as provided to you by Prisma. This license is for the sole purpose of enabling you to use and enjoy the benefit of the Prisma Services as provided by Prisma, in the manner permitted by the Terms.

7.2 You may not (and you may not permit anyone else to): (a) copy, modify, create a derivative work of, reverse engineer, decompile or otherwise attempt to extract the source code of the Prisma Services or any part thereof, unless this is expressly permitted or required by law, or unless you have been specifically told that you may do so by Prisma, in writing (e.g., through an open source software license); (b) attempt to disable or circumvent any security mechanisms used by the Prisma Services or any applications running on the Prisma Services; or (c) use the Prisma Services in any way that may subject the Prisma Services to any obligations under any open source software license, including, without limitation any license which imposes any obligation or restriction with respect to Prisma’s patent or other intellectual property rights in the Prisma Services.

7.3 Open source software licenses for components of the Prisma Services released under an open source license constitute separate written agreements. To the limited extent that the open source software licenses expressly supersede these Terms, the open source licenses govern your agreement with Prisma for the use of the components of the Prisma Services released under an open source license.

8. License from You

8.1 Prisma claims no ownership or control over any Content or Application. You retain copyright and any other rights you already hold in the Content and/or Application, and you are responsible for protecting those rights, as appropriate. By submitting, posting or displaying the Content on or through the Prisma Services you give Prisma a worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute such Content for the sole purpose of enabling Prisma to provide you with the Prisma Services. Furthermore, by creating an Application through use of the Prisma Services, you give Prisma a worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute such Application for the sole purpose of enabling Prisma to provide you with the Prisma Services.

8.2 By adding a collaborator to your Application, you hereby grant to that user a non-exclusive, royalty-free, non-transferable license, with no right to sub-license, to use, display, perform, reproduce, modify, publish, distribute, list information regarding, edit, translate and analyze such Application(s) and Content as permitted by the relevant Prisma Services functionality or features for the sole purpose of collaborating on development of the Application(s).

8.3 You may choose to or we may invite you to submit comments or ideas about the Prisma Services, including without limitation about how to improve the Prisma Services or our products (“Ideas”). By submitting any Idea, you agree that your disclosure is gratuitous, unsolicited and without restriction and will not place Prisma under any fiduciary or other obligation, and that we are free to use the Idea without any additional compensation to you, and/or to disclose the Idea on a non-confidential basis or otherwise to anyone.

8.4 You agree that Prisma, in its sole discretion, may use your trade names, trademarks, service marks, logos, domain names and other distinctive brand features in presentations, marketing materials, customer lists, financial reports and Web site listings (including links to your website) for the purpose of advertising or publicizing your use of the Prisma Services.

9. Modification and Termination of the Prisma Services

9.1 Prisma is constantly innovating in order to provide the best possible experience for its users. You acknowledge and agree that the form and nature of the Prisma Services which Prisma provides may change from time to time without prior notice to you, subject to the terms in Section 4.3. Changes to the form and nature of the Prisma Services will be effective with respect to all versions of the Prisma Services; examples of changes to the form and nature of the Prisma Services include without limitation changes to fee and payment policies, security patches, added functionality, and other enhancements.

9.2 You may terminate these Terms at any time by canceling your account on the Prisma Services. You will not receive any refunds if you cancel your account.

9.3 You agree that Prisma, in its sole discretion and for any or no reason, may terminate your account or any part thereof. You agree that any termination of your access to the Prisma Services may be without prior notice, and you agree that Prisma will not be liable to you or any third party for such termination.

9.4 You are solely responsible for exporting your Content and Application(s) from the Prisma Services prior to termination of your account for any reason, provided that if we terminate your account, we will provide you a reasonable opportunity to retrieve your Content and Application(s).

9.5 Upon any termination of the Prisma Services or your account these Terms will also terminate, but Sections 6.1, 9, 10, 11, 12, and 16 shall continue to be effective after these Terms are terminated.








12. Indemnification

12.1 You agree to hold harmless, defend and indemnify Prisma, and its subsidiaries, affiliates, officers, agents, employees, advertisers, licensors, suppliers or partners (collectively “Prisma and Partners”) from and against any third party claim arising from or in any way related to (a) your breach of the Terms, (b) your use of the Prisma Services, (c) your violation of applicable laws, rules or regulations in connection with the Prisma Services, or (d) your Content or your Application, including any liability or expense arising from all claims, losses, damages (actual and consequential), suits, judgments, litigation costs and attorneys’ fees, of every kind and nature. In such a case, Prisma will provide you with written notice of such claim, suit or action.

13.1 You agree to set up a process to respond to notices of alleged infringement that comply with the United States’ Digital Millennium Copyright Act (“DMCA notices”). It is Prisma’s policy to respond to DMCA notices or other applicable copyright laws and to terminate the accounts of repeat infringers. We reserve the right to take down content in your Application or, if necessary, the Application itself upon receipt of a valid DMCA notice.

14. Other Content

14.1 The Prisma Services may include hyperlinks to other web sites or content or resources or email content. Prisma may have no control over any web sites or resources which are provided by companies or persons other than Prisma.

14.2 You acknowledge and agree that Prisma is not responsible for the availability of any such external sites or resources, and does not endorse any advertising, products or other materials on or available from such web sites or resources.

14.3 You acknowledge and agree that Prisma is not liable for any loss or damage which may be incurred by you or your End Users as a result of the content or availability of those external sites or resources, or as a result of any reliance placed by you on the completeness, accuracy or existence of any advertising, products or other materials on, or available from, such web sites or resources.

15. Changes to the Terms

15.1 Prisma may make changes to the Terms from time to time. If we change the Terms in any substantive way, we will give you at least seven (7) days notice before the changes take effect, during which period of time you may reject the changes by terminating your account.

15.2 You understand and agree that if you use the Prisma Services after the date on which the Terms have changed, Prisma will treat your use as acceptance of the updated Terms.

16.1 Except to the extent you and Prisma have entered into a separate written agreement that is expressly intended to supersede these Terms either in whole or in part, the Terms constitute the whole legal agreement between you and Prisma and govern your use of the Prisma Services (but excluding any services which Prisma may provide to you under a separate written agreement), and completely replace any prior agreements between you and Prisma in relation to the Prisma Services.

16.2 There are no third party beneficiaries to these Terms. The parties are independent contractors, and nothing in these Terms creates an agency, partnership or joint venture.

16.3 If Prisma provides you with a translation of the English language version of these Terms, the English language version of these Terms will control if there is any conflict.

16.4 You agree that Prisma may provide you with notices, including those regarding changes to the Terms, by email, regular mail, or postings on the Prisma Services. By providing Prisma your email address, you consent to our using the email address to send you any notices required by law in lieu of communication by postal mail.

16.5 You agree that if Prisma does not exercise or enforce any legal right or remedy which is contained in the Terms (or which Prisma has the benefit of under any applicable law), this will not be taken to be a formal waiver of Prisma’s rights and that those rights or remedies will still be available to Prisma.

16.6 Prisma shall not be liable for failing or delaying performance of its obligations resulting from any condition beyond its reasonable control, including but not limited to, governmental action, acts of terrorism, earthquake, fire, flood or other acts of God, labor conditions, power failures, and Internet disturbances.

16.7 The Terms, and your relationship with Prisma under the Terms, shall be governed by the laws of the State of California without regard to its conflict of laws provisions. You and Prisma agree to submit to the exclusive jurisdiction of the courts located within the county of Santa Clara, California to resolve any legal matter arising from the Terms.

16.8 You may not assign any of your rights or obligations under these Terms, whether by operation of law or otherwise, without the prior written consent of Prisma (not to be unreasonably withheld).

Last Updated: 3/31/2017


We enable our customers to focus on their apps without worrying about infrastructure, scaling, security, and ops. The Prisma platform protects customers from threats by employing strict security controls at every layer from physical to application level. The Prisma team can rapidly deploy security updates to keep customer applications protected.

Security Assessments and Compliance

Data Centers

Prisma’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:

  • ISO 27001
  • SOC 1/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)
  • PCI

We use payment processor Stripe for encrypting and processing credit card payments. Stripe is PCI Level 1 compliant.

Physical Security

Prisma utilizes ISO 27001 and FISMA certified data centers managed by Amazon. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in nondescript facilities, and critical facilities have extensive setback and military grade perimeter control berms as well as other natural boundary protection. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication no fewer than three times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.

Amazon only provides data center access and information to employees who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical and electronic access to data centers by Amazon employees is logged and audited routinely.

For additional information see: AWS Security.

Environmental Safeguards

Fire Detection and Suppression

Automatic fire detection and suppression equipment has been installed to reduce risk. The fire detection system utilizes smoke detection sensors in all data center environments, mechanical and electrical infrastructure spaces, chiller rooms and generator equipment rooms. These areas are protected by either wet-pipe, double-interlocked pre-action, or gaseous sprinkler systems.


The data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day, and seven days a week. Uninterruptible Power Supply (UPS) units provide back-up power in the event of an electrical failure for critical and essential loads in the facility. Data centers use generators to provide backup power for the entire facility.

Climate and Temperature Control

Climate control is required to maintain a constant operating temperature for servers and other hardware, which prevents overheating and reduces the possibility of service outages. Data centers are conditioned to maintain atmospheric conditions at optimal levels. Monitoring systems and data center personnel ensure temperature and humidity are at the appropriate levels.


Data center staff monitor electrical, mechanical and life support systems and equipment so issues are immediately identified. Preventative maintenance is performed to maintain the continued operability of equipment.

Network Security


Firewalls are utilized to restrict access to systems from external networks and between systems internally. By default all access is denied and only explicitly allowed ports and protocols are allowed based on business need. Each system is assigned to a firewall security group based on the system’s function. Security groups restrict access to only the ports and protocols required for a system’s specific function to mitigate risk.

Host-based firewalls restrict customer applications from establishing localhost connections over the loopback network interface to further isolate customer applications. Host-based firewalls also provide the ability to further limit inbound and outbound connections as needed.

DDoS Mitigation

Our infrastructure provides DDoS mitigation techniques including TCP Syn cookies and connection rate limiting in addition to maintaining multiple backbone connections and internal bandwidth capacity that exceeds the Internet carrier supplied bandwidth. We work closely with our providers to quickly respond to events and enable advanced DDoS mitigation controls when needed.

Spoofing and Sniffing Protections

Managed firewalls prevent IP, MAC, and ARP spoofing on the network and between virtual hosts to ensure spoofing is not possible. Packet sniffing is prevented by infrastructure including the hypervisor which will not deliver traffic to an interface which it is not addressed to. Prisma utilizes application isolation, operating system restrictions, and encrypted connections to further ensure risk is mitigated at all levels.

Port Scanning

Port scanning is prohibited and every reported instance is investigated by our infrastructure provider. When port scans are detected, they are stopped and access is blocked.

Data Security

Customer data is stored in separate access-controlled databases per application. Customers with multiple applications are assigned separate databases per application to mitigate the risk of unauthorized access between applications.

System Security

System Configuration

System configuration and consistency is maintained through standard, up-to-date images, configuration management software, and by replacing systems with updated deployments. Systems are deployed using up-to-date images that are updated with configuration changes and security updates before deployment. Once deployed, existing systems are decommissioned and replaced with up-to-date systems.

System Authentication

Operating system access is limited to Prisma staff and requires username and key authentication. Operating systems do not allow password authentication to prevent password brute force attacks, theft, and sharing.

Vulnerability Management

Our vulnerability management process is designed to remediate risks without customer interaction or impact. Prisma is notified of vulnerabilities through internal and external assessments, system patch monitoring, and third party mailing lists and services. Each vulnerability is reviewed to determine if it is applicable to Prisma’s environment, ranked based on risk, and assigned to the appropriate team for resolution.


Application Databases

All of your application data is snapshotted every thirty minutes. Prisma can restore data from the last snapshot if data loss occurs.

Application Configurations

All of your application configuration is snapshotted every three hours. Prisma can restore configuration from the last snapshot if data loss occurs.

Disaster Recovery

Application Databases and Configurations

Our platform automatically restores customer applications and databases in the case of an outage.

Prisma Platform

The Prisma platform is designed for stability, scaling, and inherently mitigates common issues that lead to outages while maintaining recovery capabilities. Our platform maintains redundancy to prevent single points of failure, is able to replace failed components, and utilizes multiple data centers designed for resiliency. In the case of an outage, the platform is deployed across multiple data centers using current system images and data is restored from backups. Prisma reviews platform issues to understand the root cause, impact to customers, and improve the platform and processes.

Access to Customer Data

Prisma staff does not access or interact with customer data or applications as part of normal operations. There may be cases where Prisma is requested to interact with customer data or applications at the request of the customer for support purposes or where required by law. Prisma may also inspect customer data to debug and troubleshoot platform issues.

Last Updated: 1/31/2017

Privacy Policy

1. Web Site Covered

This Privacy Statement covers the information practices of

2. Information Collected

Prisma offers a variety of services that are collectively referred to as the “Services.” Prisma collects information from individuals who visit the Company’s Web site (“Visitors”) and individuals who register to use the Services (“Customers”).

When expressing an interest in obtaining additional information about the Services or registering to use the Services, Prisma requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, Prisma requires you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). Prisma may also ask you to provide additional information, such as company annual revenues, number of employees, or industry, or you may choose to provide information about the end users of your application (“Optional Information”). Required Contact Information, Billing Information, and Optional Information, are referred to collectively as “Data About Prisma Customers.”

As you navigate the Company’s Web site, Prisma may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Web site (such as the Web pages viewed and the links clicked).

3. Use of Information Collected

The Company uses Data About Prisma Customers to perform and support the services. For example, if you fill out a “Contact Me” Web form, the Company will use the information provided to contact you about your interest in the Services.

The Company may also use Data About Prisma Customers for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding the Company and its partners, such as information about promotions or events.

Prisma uses credit card information solely to check the financial qualifications of prospective Customers and to collect payment for the Services. Prisma uses Web Site Navigational Information to operate and improve the Company’s Web site. The Company may also use Web Site Navigational Information alone or in combination with Data About Prisma Customers to provide personalized information about the Company.

4. Web Site Navigational Information

Prisma uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web site (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information that may be collected on the Company’s Web site and how this information may be used.

4.1 Cookies – Prisma uses cookies to make interactions with the Company’s Web site easy and meaningful. When you visit the Company’s Web site, Prisma’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you. They merely recognize your Web browser. Unless you choose to identify yourself to Prisma, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Me” or a “30 Day Free Trial” Web form), you remain anonymous to the Company. Prisma uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer.

If you have chosen to identify yourself to Prisma, the Company uses session cookies containing encrypted information to allow the Company to uniquely identify you. Each time you log into the Services, a session cookie containing an encrypted, unique identifier that is tied to your account is placed your browser. These session cookies allow the Company to uniquely identify you when you are logged into the Services and to process your online transactions and requests. Session cookies are required to use the Services.

Prisma uses persistent cookies that only the Company can read and use to identify browsers that have previously visited the Company’s Web site. When you purchase the Services or provide the Company with personal information, a unique identifier is assigned you. This unique identifier is associated with a persistent cookie that the Company places on your Web browser. The Company is especially careful about the security and confidentiality of the information stored in persistent cookies. For example, the Company does not store account numbers or passwords in persistent cookies. If you disable your Web browser’s ability to accept cookies, you will be able to navigate the Company’s Web site, but you will not be able to successfully use the Services.

Prisma may use information from session and persistent cookies in combination with Data About Prisma Customers to provide you with information about the Company and the Services.

4.2 Web Beacons – Prisma uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web site and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Prisma may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web site. Prisma uses Web beacons to operate and improve the Company’s Web site and email communications.

Prisma may use information from Web beacons in combination with Data About Prisma Customers to provide you with information about the Company and the Services.

4.3 Flash Cookies – Prisma may use local shared objects, also known as Flash cookies, to store your preferences or display content based upon what you view on our site to personalize your visit. Third parties, with whom the Company partners to provide certain features on our site or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information.

Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies.

4.4 IP Addresses – When you visit Prisma’s Web site, the Company collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, Prisma uses IP addresses to monitor the regions from which Customers and Visitors navigate the Company’s Web site.

4.5 Third Party Cookies – From time-to-time, Prisma engages third parties to track and analyze usage and volume statistical information from individuals who visit the Company’s Web site. Prisma may also use other third-party cookies to track the performance of Company advertisements. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after the Company receives it.

Prisma may also contract with third-party advertising networks that collect IP addresses and other Web Site Navigational Information on the Company’s Web site and emails and on third-party Web sites. Ad networks follow your online activities over time by collecting Web Site Navigational Information through automated means, including through the use of cookies. They use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other Web sites. This process also helps us manage and track the effectiveness of our marketing efforts.

5. Public Forums, Refer a Friend, and Customer Testimonials

Prisma may provide bulletin boards, blogs, or chat rooms on the Company’s Web site. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Prisma is not responsible for the personal information you choose to submit in these forums.

Prisma may post a list of Customers and testimonials on the Company’s Web site that contain information such as Customer names and titles. Prisma obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.

6. Sharing of Information Collected

Prisma may share Data About Prisma Customers with the Company’s service providers, vendors and other partners so that they can support the services you use and contact Customers and Visitors who have provided contact information on our behalf. Prisma may also share Data About Prisma Customers with the Company’s service providers, vendors and other partners to ensure the quality of information provided. Unless described in this privacy statement, Prisma does not share, sell, rent, or trade any information provided with third parties for their promotional purposes.

From time to time, Prisma may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Prisma, the Company may share Data About Prisma Customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). Prisma does not control our business partners’ use of the Data About Prisma Customers we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.

Prisma uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company’s behalf.

Prisma reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.

7. International Transfer of Information Collected

To facilitate Prisma’s global operations, the Company may transfer and access Data About Prisma Customers from around the world, including the United States. This Privacy Statement shall apply even if Prisma transfers Data About Prisma Customers to other countries.

Prisma complies with the US-EU and US-Swiss Safe Harbor frameworks for the collection, use and retention of information from the European Union member countries and Switzerland, as set out by the Department of Commerce. To view our certification, visit the Safe Harbor website. Contact us if you have questions regarding our Safe Harbor compliance.

As part of our participation in the Safe Harbor program, we agree to resolve certain disputes you have with us in connection with our policies and practices through TRUSTe. You can contact TRUSTe through their website here.

8. Communications Preferences

Prisma offers Customers and Visitors who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may send a request specifying your communications preferences to Customers cannot opt out of receiving transactional emails related to their account with Prisma or the Services.

9. Correcting and Updating Your Information

Customers may update or change their registration information by logging in to their accounts at Requests to access, change, or delete your information will be handled within 30 days.

10. Security

Prisma uses appropriate administrative, technical, and physical security measures to protect Data About Prisma Customers.

11. Changes to this Privacy Statement

Prisma reserves the right to change this Privacy Statement. Prisma will provide notification of the material changes to this Privacy Statement through the Company’s Web site at least thirty (30) business days prior to the change taking effect.

Last Updated: 1/31/2017

Support Policy

Prisma offers tools to help users running applications on the Prisma Platform. These include Bug Reporting Tools, Billing Inquiries, and Community Channels, and are listed in our Help page for your convenience.

Official Channels

Bug Reports

Prisma provides a Bug Reporting Tool to assist with bug reports. Prisma’s bug support offering is available only for official SDKs and APIs provided by Prisma. Prisma actively monitors and helps users resolve bugs and incidents.

Prisma supports the following use cases for bug reports:

  • Identifying problems preventing an application from working on Prisma
  • Providing workarounds or resolutions for known problems

Prisma does not offer support for the following through the bug report system:

  • General debugging of user applications
  • Rewriting application code for compatibility with Prisma
  • Modifying and/or patching third party or Open Source software packages for compatibility with Prisma
  • Installation and configuration of SDKs
  • General questions about SDKs and APIs
  • Answering general how-to questions, and providing pointers to documentation
  • Incorrect documentation
  • Feature requests
  • Troubleshooting

Bug reports will only be processed if:

  • The report is made through the Bug Reporting Tool.
  • The report originates from a registered Prisma account email address.
  • The reporter has collaborator access to any specific Prisma applications pertaining to the request.
  • The reported issue can be reproduced by a Prisma team member with the provided information.

Billing Inquiries

Prisma provides a Billing Inquiry Tool to assist with the following use cases:

  • Questions regarding your account statements

Prisma does not offer support for the following through the billing inquiry system:

  • Development questions
  • Bug reports
  • Sales questions


Prisma Bug Reporting offers 24×5 coverage, Monday through Friday, excluding US Holidays.

Community Help

Prisma team members participate in community channels at Prisma’s discretion but we do not guarantee any response or resolution to issues beyond those submitted through the official bug and billing channels. We participate in and encourage peer-to-peer support and discussion in the following communities:

  • Stack Overflow via the #Prisma tag
  • Twitter via @Prisma


Prisma’s documentation is generated from markdown sources available on GitHub. Please refer to the issue tracker when reporting a documentation issue.

Platform Status

The Graphcool cloud Platform is monitored 24×7 by comprehensive automated systems. In the event of any issue affecting the health and operation of Prisma’s infrastructure, core systems, or tools, our dedicated operations team is notified and will work to immediately diagnose and correct any issues. Our Help page reflects our current platform status and we also maintain Prisma Status and @PrismaStatus Twitter pages.

Last Updated: 1/31/2017

Acceptable Use Policy

Your use of the Service is subject to this Acceptable Use Policy. Prisma reserves the right to terminate your account and cease all service if you are found to be in violation of this policy. We may change these policies at any time. It is your responsibility to keep up-to-date with and adhere to them. All capitalized terms used herein have the meanings stated in the Terms, unless stated otherwise.

Prohibited Content

The Content displayed and/or processed through your Application or other web site utilizing the Service shall not contain any of the following types of content:

  • Content that infringes a third party’s rights (e.g., copyright) according to applicable law;
  • Excessively profane content;
  • Hate-related or violent content;
  • Content advocating racial or ethnic intolerance;
  • Content intended to advocate or advance computer hacking or cracking;
  • Other illegal activity, including without limitation illegal export of controlled substances or illegal software;
  • Drug paraphernalia;
  • Phishing;
  • Malicious content;
  • Other material, products or services that violate or encourage conduct that would violate any criminal laws, any other applicable laws, or any third-party rights.

Prohibited Actions

Customer agrees not to, and not to allow third parties (including End Users) to use the Service:

  • to violate, or encourage the violation of, the legal rights of others (for example, this may include allowing End Users to infringe or misappropriate the intellectual property rights of others in violation of the Digital Millennium Copyright Act);
  • to engage in, promote or encourage illegal activity
  • for any unlawful, invasive, infringing, defamatory or fraudulent purpose (for example, this may include phishing, creating a pyramid scheme or mirroring a website);
  • to intentionally distribute viruses, worms, Trojan horses, corrupted files, hoaxes, or other items of a destructive or deceptive nature;
  • to interfere with the use of the Services, or the equipment used to provide the Service, by customers, authorized resellers, or other authorized users;
  • to disable, interfere with or circumvent any aspect of the Service;
  • to generate, distribute, publish or facilitate unsolicited mass email, promotions, advertisings or other solicitations (“spam”)