Last Modified: April 29, 2013
Your privacy is important to us. Through this document, we would like to give transparency to you on how we handle private data and how we collect, use and disclose your information.
Users can access the Onvelop service (the “Service”) through our mobile applications for various mobile operating systems, through our website www.onvelop.com and related sub-sites and sub-domains at onvelop.com. A “Device” is any device used to access the Onvelop Service, including without limitation a desktop computer, laptop, mobile phone, tablet, or other consumer electronic device. A “User” is an individual user of the Service, or an enterprise administrator that deploys our service for multiple employees or other users. An “enterprise” is a company that controls access to enterprise back-end services and data which may be accessed through our Service, using appropriate access credentials.
1. Information We Collect And Store
We may collect and store the following information when running the Onvelop Service:
Personal Information You Provide. When you use the Onvelop application(s), we collect some information such as your email address, username, password and enterprise service configuration settings. When you register an account with onvelop.com, we collect some personal information, such as your name, phone number, credit card or other billing information, email address and postal address. When you invite others to try Onvelop by using our referral page, using email or social networks, we send them a one-time email for that referral or post a one-time message on social networks. When you contact customer support or give us feedback about the product, we may keep records of these communications.
Your credentials and configuration for third-party Enterprise Services. Our service allows you to access third-party enterprise services such as Microsoft Office 365, Microsoft SharePoint, Microsoft Lync, Microsoft Active Directory and Microsoft Exchange, Dropbox and others (referred to below as “third-party enterprise services”) from your mobile device. When you enter your username and password or other credentials and settings for these third-party enterprise services into our mobile applications, we store this information securely inside the mobile application on your mobile device. We will use this information to connect you and authenticate you with these third-party enterprise services. We do not send your password(s) for these third-party enterprise services to our own back-end/cloud servers or to any other third-party. We do however send your enterprise username and/or email address to our back-end/cloud servers for the purpose of licensing and enterprise management functions performed by your enterprise administrators. We may also send configuration information about your third-party enterprise services from or to our backend/cloud servers, for the purposes of allowing easier configuration of additional devices, or enterprise management of these configurations by your enterprise administrators, or for cloud-based backup and restore functions.
Files and Documents. When you download files from third-party enterprise services to your mobile device using our service, we only transfer them from the third-party enterprise service to your mobile device, but we do not store or route them through our back-end/cloud servers. Likewise, when you upload files from your mobile device to a third-party enterprise service, we upload them directly without going through one of our servers. When we download files to a local folder of your mobile device and store them there for offline usage, we apply strong encryption to protect them from unauthorized access, or use the available mechanisms of the device operating system to protect the files. When you use functions such as editing or viewing these documents using third-party applications such as a PDF file viewer or Microsoft Office compatible applications, we may unencrypt the locally stored files so that these applications can use them. When you use certain functions to view documents, such as the function to view a document with change tracking, we may send the document temporarily to our back-end/cloud servers to be processed for viewing, and delete the temporary copies after that.
System Configuration and Device Data Logs. When you use the Service, we automatically record information from your Device, its software, and your activity using the Services. This may include the Device's ID (“IMEI/Serial Number” or “Mac address”), Internet Protocol (“IP”) address, browser type, locale preferences, your mobile carrier, system configuration information and other interactions with the Service. We use this information for license management, service administration and for security purposes.
Aggregate Data. Aggregate data is information we collect about a group or category of services or users from which individual user identities have been removed. In other words, no personal information is included in aggregate data. Aggregate data helps us understand trends in our users' needs so that we can better consider new features or otherwise tailor our services. This Policy in no way restricts or limits our collection and use of aggregate data, and we may share aggregate data about our users with third parties for various purposes, including to help us better understand our customer needs and improve our services and for advertising and marketing purposes.
2. How We Use Personal Information
Personal Information. In the course of using the Service, we may collect personal information that can be used to contact or identify you (“Personal Information”). Personal Information is or may be used: (i) to provide and improve our Service, (ii) to administer your use of the Service, (iii) to better understand your needs and interests, (iv) to personalize and improve your experience, and (v) to provide or offer software updates and product announcements.
Analytics. We also collect some information (ourselves or using third party services) using logging and cookies, such as IP address, which can sometimes be correlated with Personal Information. We use this information for the above purposes and to monitor and analyze use of the Service, for the Service's technical administration, to increase our Service's functionality and user-friendliness, and to verify users have the authorization needed for the Service to process their requests.
3. Information Sharing and Disclosure
Information Provided about Enterprise Users towards an Enterprise Administrator. If your device(s) use the service with a license key that was purchased by and/or distributed by an enterprise administrator, then this enterprise administrator will have the ability to configure your application to disable the account, re-assign the license, wipe out local data you downloaded via our service to your mobile devices and to perform other configuration tasks related to the applications and the Service. The same applies if you use the service and/or application with customized service parameters or a customized version for that enterprise. In those cases, your enterprise administrator may be able to:
- access information in and about your Onvelop account
- disclose, restrict, or access information that you have provided or that is made available to you when using your Onvelop account
- control how your Onvelop account may be accessed or deleted
Please refer to your organization's policies if you have questions about your Enterprise Administrator's rights.
Your Use. We do not sell your personal information to third parties. We may also share or disclose your information with your consent, for example if you use a third party application to access your account (see below).
Non-private or Non-Personal Information. We may disclose your non-private, aggregated, or otherwise non-personal information, such as usage statistics of our Service.
4. Changing or Deleting Your Information
If you are a registered user, you may review, update, correct or delete the Personal Information provided in your registration or account profile by contacting us. If your personally identifiable information changes, or if you no longer desire our service, you may update it through the Settings management functions or delete it by contacting us. In some cases we may retain copies of your information if required by law. For questions about your Personal Information on our Service, please contact email@example.com. We will respond to your inquiry within 30 days.
5. Data Retention
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, you may contact us at firstname.lastname@example.org. We may retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Consistent with these requirements, we will try to delete your information quickly upon request. Please note, however, that there might be latency in deleting information from our servers and backed-up versions might exist after deletion.
The security of your information is important to us. When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL).
We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it. No method of electronic transmission or storage is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our website or our mobile applications, you can contact us at email@example.com