Last Updated: 12 November 2015
ExaVault complies with the U.S. ‐ E.U. & Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from the European Union and Switzerland. Information regarding the E.U. Safe Harbor Framework can be found at: http://export.gov/safeharbor.
If you have questions or concerns regarding this Policy, contact email@example.com.
Information We Collect
We collect many different types of information, depending on how you use our service:
- We collect the actual contents of the files uploaded to your ExaVault account ("Customer Data").
- Additionally, we collect "metadata" about your Customer Data that is distinct from the actual content itself ("Customer Metadata"). Customer Metadata includes file and folder names, creation and modification dates, permissions, and size information.
- We also collect metadata about your account overall, not tied to any specific file (“Account Metadata”). Account Metadata includes general account settings, users and their associated data ( passwords, access restrictions, etc.), group settings and customer brand data (name, logo, etc.)
- We also collect usage information customarily logged by web and FTP server software, including the date and time of your visit, the originating IP address, the pages and images requested, and other similar types of information. We also get usage data from third parties such as Google Analytics, who may place tracking pixels our site. Collectively, we call this "Usage Data".
- We collect information from those who communicate with us via e-mail or our website, and information volunteered by consumers, such as the information you provide during account registration and signup ("Registration and Billing Data"), and contact form submissions and E-Mails ("Correspondence Data").
How Information is Used
- "Customer Data" is stored securely and may only be accessed by users who have been given the appropriate permissions to that Customer Data by someone with administrative permissions on the account. We will not access this data for any other purpose, except as provided below.
- "Customer Metadata" is used by our software systems to provide the Service and may be displayed, subject to our permissions controls, to users on the account.
- "Usage Data" and "Correspondence Data" is used to help us understand how the Service and our websites are being used and to help us improve our websites and the Service.
- "Registration and Billing Data" is used for billing purposes and to notify you about important service-related issues. ExaVault uses a third-party payment processor and Registration and Billing Data will be sent on to such payment processor.
- E-mail addresses collected as part of your use of the service (e.g. for sending a customer a notification of available files) will only be used for the purpose you requested that they be used for, and will not be used to communicate service announcements.
Our Access To Your Data
- However, as is reasonably necessary to facilitate provision of the Service, employees and contractors of ExaVault may have access to your Customer Metadata, Account Metadata (other than passwords), Usage Data, Registration and Billing Data, and Correspondence Data, and may use that to communicate with you or improve the service. For example, we may use the total amount of data you’ve stored to recommend you switch to a higher or lower plan tier.
- Wherever possible, browsing sessions to the Service are secured with SSL, to prevent eavesdropping, tampering, and message forgery. If SSL is enabled, you will see a lock icon in your browser.
- If you connect via FTP, you may choose to use FTP, FTP-SSL or SFTP. Only FTP-SSL and SFTP are secured, standard FTP is not.
- At your option, you may turn on ‘Secure Only Mode’, which will reject any non-secure connections to your account. We recommend that you do this.
- Cookies: Use of the Service requires support for cookies, small pieces of data that are stored on your computer's hard drive and transmitted back to the Service with each web page request. A cookie simply identifies your browser to the Service by assigning it a unique ID number, which enables us to associate your browser session with your account.
U.S.-EU Safe Harbor Framework
ATTN: EU Safe Harbor
344 Thomas L Berkley Way, Suite 410
Oakland, CA 94612
ExaVault, Inc. has further committed to refer unresolved privacy complaints under the US-EU Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by ExaVault, Inc., please visit the BBB EU SAFE HARBOR web site at http://www.bbb.org/council/eusafeharbor/bbb-eu-safe-harbor-dispute-resolution-program for more information and to file a complaint.
- You may use the Service to delete any of your "Customer Data," and doing so will remove such content from our active servers immediately. Your data may remain on our backup servers for a short period of time, but will be automatically removed.
- All of your "Customer Data" and "Customer Metadata" will be deleted from our active and backup servers within 30 days after you cancel your account.
- We do not support removal of Registration and Billing Data, Correspondence Data or Usage Data.
- Your use of the Service is governed by a Terms of Service, which will prevail in the event of a conflict with this document.
- This document was last updated according to the date at the top of this page.