Last Updated: 30 June 2022
We treat different types of information differently, and have a legitimate use for each type of data. - Site Content is stored securely and may only be accessed by users on who have been given the appropriate permissions to that Site Content by someone with account administrators permissions on the account. We will not access this data for any purpose, except as provided herein. For GDPR purposes, we are processors of Site Content.
All of the above information may be used to undertake accounting and administrative tasks, or manage legal claims.
We use Help Scout, a customer support helpdesk service, to manage and track customer requests.
Other parties such as advertising partners and analytics companies may also be collecting information about your online activity across various websites over time. The information collected by those third parties may include identifiers that allow those third parties to tailor the ads that they serve to your computer or other device.
If you visit the Site or login to the Service and use OpenID or OAuth (such as Facebook or Google), you may also be sharing and integrating data with third-party social media sites, and we may track aggregate data about the number of visits to this site with an open ID, the number of items “liked” on this site, or items on this site that you choose to share with a third-party social media site.
If you use the Google Sign-In Integration, then we will use your email address and profile data for purposes of authenticating and signing-in to the Service. If you use the Google Cloud integration, then you are granting us the ability to access, modify, read, and delete your files on Google Cloud for purposes of syncing and transferring them between Google Cloud and the Service.
We have a data processing agreement with any third parties that process personally identifiable information that we control.
We use a variety of technical and organizational safeguards to prevent unauthorized access of your data, including:
You may use the Service to freely delete any of your Site Content, and doing so will remove such content from our active servers immediately. If you have configured backup retention after deletion for your Site Content, backups may remain on our backup servers for the period of time that you or your account administrator has specified as the backup retention period.
All of your Site Content and Site Metadata will be deleted from our active and backup servers within 7 days when you cancel your account.
Because of our efforts to ensure Service availability, we maintain backup copies of all Site Metadata. As a result, residual copies of your Site Metadata may remain on backup media, backup servers, and disk snapshots for up to 30 days after deletion or account cancellation.
Registration and Billing Data, Correspondence Data, Cookie Data, Device Data, and Usage Data will respectively be deleted or anonymized upon termination of the Service (if applicable), and when we have no ongoing legitimate business need to process your information. We take reasonable steps to limit the minimize the volume of data we collect from you and the length of time we retain your data. You have the right to obtain our confirmation of whether we maintain personal information relating to you. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. Your right to access your personal data may be restricted in exceptional circumstances or vary based on where you reside. If we determine that your access should be restricted in a particular instance, we will provide you with an explanation of our determination.
For people residing in the EU, the GDPR provides certain rights. You may decline to share certain information with us, in which case we may not be able to provide some of the features and functionality of the Site and Service. These rights include, in accordance with applicable law, the right to object to or request the restriction of processing of your information, and to request access to, rectification, erasure and portability of your own information. Where we process your information on the basis of your consent, you have the right to withdraw that consent (noting that such withdrawal does not affect the lawfulness of any processing performed prior to the date on which we receive notice of such withdrawal, and does not prevent the processing of your personal information in reliance upon any other available legal bases). Requests should be submitted by contacting us using the contact details below. If you are within the EU and have any unresolved privacy concern that we have not addressed satisfactorily after contacting us, you have the right to contact the appropriate EU Supervisory Authority and lodge a complaint.
The Service and Site are not intended for use by children, especially those under 13. We do not knowingly collect personally identifiable information from children under 18 years of age. If your minor child has provided us with personally identifiable information, you may reach us using the contact information below if you want this information deleted from our records.
If you live in the State of California, under the California Civil Code, you have the right to request that companies who conduct business in California provide you with a list of all third parties to which the company has disclosed Personal Information during the preceding year for direct marketing purposes.
If you are a California resident and want to request information about how to exercise your third party disclosure choices, you must send a request using the online contact form listed herein.
All requests must be labeled “Your California Privacy Rights” on the subject of the actual request. For all requests, please include your name, street address, city, state, and zip code. Please include your zip code for our own record-keeping. Requests that are improperly labeled or that are missing the required information will not be processed.
Our Privacy Shield commitment applies to the following types of data collected: “Site Content”, “Site Metadata”, and “Registration and Billing Data”. Under Privacy Shield, you have a right to remove, access, or correct this data. See Paragraph 6 of this Policy to learn how to remove your data. If ExaVault transfers personal information received under the Privacy Shield to a third party, the third party's access, use, and disclosure of the personal data must also be in compliance with ExaVault's Privacy Shield obligations, and ExaVault will remain liable under the Privacy Shield for any failure to do so by the third party unless ExaVault proves it is not responsible for the event giving rise to the damage.
ExaVault has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
Your use of the Service is governed by a Terms of Service, and potentially additional documents (e.g. a BAA or DPA) which will prevail in the event of a conflict with this document, except with respect to EU-US Privacy Shield, GDPR provisions, or other applicable legal requirements.
You agree that by submitting your telephone contact information on this web site and/or registering to receive the Service offered herein, such act constitutes a purchase, an inquiry, and/or an application for the purposes of the Amended Telemarketing Sales Rule (ATSR), 16 CFR ‘310 et seq. and any applicable state and local “do not call” regulations. We retain the right to contact you via telemarketing in accordance with the ATSR and the applicable state regulations.
For additional information about our commitment to GDPR, you can visit our site.
Our Data Protection Officer may be contacted at firstname.lastname@example.org.
This document was last updated according to the date at the top of this page.