We collect many different types of information, depending on how you use our service:
ExaVault is committed to compliance with the California Consumer Privacy Act of 2018 (the "CCPA"). ExaVault operates primarily as a "service provider", as that term is defined in the CCPA, because ExaVault stores data on behalf of other "businesses", and ExaVault has agreed (by virtue of Section 4 of the Terms of Service, or a similar provision) not to disclose that information. "Business", for purposes of the CCPA, is a company that collects personal information and controls it. ExaVault is only a "Business" for the information that it collects from its own customers.
Right to To Opt Out of the Sale of Personal Information. Although the CCPA provides a right to opt out of the sale of personal information, you’re opted-out by default: ExaVault has not, does not, and will not sell personal information. It is for this reason that ExaVault does not have a "Do Not Sell My Personal Information" link you may see on other companies’ websites.
CCPA Right to Know and Right to Deletion Requests. If you are an ExaVault customer, then you have a right to request disclosure and/or deletion of the personal information that ExaVault has collected from you. You or your authorized agent may either submit the request via email to firstname.lastname@example.org or via a support ticket to initiate such a request. ExaVault will confirm receipt of the request within 10 business days with information about how it will process the request, including steps required to verify identity and/or authority to make the request; and will respond within 45 calendar days after receipt of the request, unless an additional 45 calendar days is reasonably necessary.
You can also request: the categories of personal information collected by ExaVault about you; categories of sources from which collection of personal information about you occurs; the business or commercial purpose for collecting personal information; the categories of third parties with whom ExaVault shares personal information; categories of personal information that the business disclosed about the consumer for a business purpose.
ExaVault will not discriminate against customers that have made requests pursuant to their CCPA rights.
Please note that if you are seeking disclosure of your personal information that you believe ExaVault holds on behalf of one of its customers, then it is almost certain that ExaVault will deny the request and refer you to that customer to seek your CCPA rights. This is because ExaVault is a "service provider" for its customers as that term is defined in CCPA, and not responsible for the CCPA obligations of its customers.