back

Onvelop Privacy Policy

Last Modified: April 29, 2013

Your privacy is important to us. Through this document, we would like to give transparency to you on how we handle private data and how we collect, use and disclose your information.

Users can access the Onvelop service (the “Service”) through our mobile applications for various mobile operating systems, through our website www.onvelop.com and related sub-sites and sub-domains at onvelop.com. A “Device” is any device used to access the Onvelop Service, including without limitation a desktop computer, laptop, mobile phone, tablet, or other consumer electronic device. A “User” is an individual user of the Service, or an enterprise administrator that deploys our service for multiple employees or other users. An “enterprise” is a company that controls access to enterprise back-end services and data which may be accessed through our Service, using appropriate access credentials.

This Privacy Policy governs your access of the Onvelop Service, regardless of how you access it. By using our Service you consent to the collection, transfer, processing, storage, disclosure and other uses of information, as it is described in this Privacy Policy. All of the different forms of data, content, and information described below are collectively referred to as “information.”

1. Information We Collect And Store

We may collect and store the following information when running the Onvelop Service:

Personal Information You Provide. When you use the Onvelop application(s), we collect some information such as your email address, username, password and enterprise service configuration settings. When you register an account with onvelop.com, we collect some personal information, such as your name, phone number, credit card or other billing information, email address and postal address. When you invite others to try Onvelop by using our referral page, using email or social networks, we send them a one-time email for that referral or post a one-time message on social networks. When you contact customer support or give us feedback about the product, we may keep records of these communications.

Your credentials and configuration for third-party Enterprise Services. Our service allows you to access third-party enterprise services such as Microsoft Office 365, Microsoft SharePoint, Microsoft Lync, Microsoft Active Directory and Microsoft Exchange, Dropbox and others (referred to below as “third-party enterprise services”) from your mobile device. When you enter your username and password or other credentials and settings for these third-party enterprise services into our mobile applications, we store this information securely inside the mobile application on your mobile device. We will use this information to connect you and authenticate you with these third-party enterprise services. We do not send your password(s) for these third-party enterprise services to our own back-end/cloud servers or to any other third-party. We do however send your enterprise username and/or email address to our back-end/cloud servers for the purpose of licensing and enterprise management functions performed by your enterprise administrators. We may also send configuration information about your third-party enterprise services from or to our backend/cloud servers, for the purposes of allowing easier configuration of additional devices, or enterprise management of these configurations by your enterprise administrators, or for cloud-based backup and restore functions.

Files and Documents. When you download files from third-party enterprise services to your mobile device using our service, we only transfer them from the third-party enterprise service to your mobile device, but we do not store or route them through our back-end/cloud servers. Likewise, when you upload files from your mobile device to a third-party enterprise service, we upload them directly without going through one of our servers. When we download files to a local folder of your mobile device and store them there for offline usage, we apply strong encryption to protect them from unauthorized access, or use the available mechanisms of the device operating system to protect the files. When you use functions such as editing or viewing these documents using third-party applications such as a PDF file viewer or Microsoft Office compatible applications, we may unencrypt the locally stored files so that these applications can use them. When you use certain functions to view documents, such as the function to view a document with change tracking, we may send the document temporarily to our back-end/cloud servers to be processed for viewing, and delete the temporary copies after that.

System Configuration and Device Data Logs. When you use the Service, we automatically record information from your Device, its software, and your activity using the Services. This may include the Device's ID (“IMEI/Serial Number” or “Mac address”), Internet Protocol (“IP”) address, browser type, locale preferences, your mobile carrier, system configuration information and other interactions with the Service. We use this information for license management, service administration and for security purposes.

Cookies. We also use “cookies” or equivalent measures to collect information and improve our Services. A cookie is a small data file that we transfer to your Device. We may use “persistent cookies” to save your registration ID and login password for future logins to the Service. We may use “session ID cookies” to enable certain features of the Service. We may use cookies for analytics purposes to better understand how you interact with the Service and to monitor aggregate usage and web traffic routing on the Service.

Aggregate Data. Aggregate data is information we collect about a group or category of services or users from which individual user identities have been removed. In other words, no personal information is included in aggregate data. Aggregate data helps us understand trends in our users' needs so that we can better consider new features or otherwise tailor our services. This Policy in no way restricts or limits our collection and use of aggregate data, and we may share aggregate data about our users with third parties for various purposes, including to help us better understand our customer needs and improve our services and for advertising and marketing purposes.

2. How We Use Personal Information

Personal Information. In the course of using the Service, we may collect personal information that can be used to contact or identify you (“Personal Information”). Personal Information is or may be used: (i) to provide and improve our Service, (ii) to administer your use of the Service, (iii) to better understand your needs and interests, (iv) to personalize and improve your experience, and (v) to provide or offer software updates and product announcements.

Analytics. We also collect some information (ourselves or using third party services) using logging and cookies, such as IP address, which can sometimes be correlated with Personal Information. We use this information for the above purposes and to monitor and analyze use of the Service, for the Service's technical administration, to increase our Service's functionality and user-friendliness, and to verify users have the authorization needed for the Service to process their requests.

3. Information Sharing and Disclosure

Information Provided about Enterprise Users towards an Enterprise Administrator. If your device(s) use the service with a license key that was purchased by and/or distributed by an enterprise administrator, then this enterprise administrator will have the ability to configure your application to disable the account, re-assign the license, wipe out local data you downloaded via our service to your mobile devices and to perform other configuration tasks related to the applications and the Service. The same applies if you use the service and/or application with customized service parameters or a customized version for that enterprise. In those cases, your enterprise administrator may be able to:

Please refer to your organization's policies if you have questions about your Enterprise Administrator's rights.

Your Use. We do not sell your personal information to third parties. We may also share or disclose your information with your consent, for example if you use a third party application to access your account (see below).

Service Providers, Business Partners and Others. We may use certain trusted third party companies and individuals to help us provide, analyze, and improve the Service (including but not limited to data storage, maintenance services, database management, web analytics, payment processing, and improvement of the Service's features). These third parties may have access to your information only for purposes of performing these tasks on our behalf and under obligations similar to those in this Privacy Policy. As of the date this policy went into effect, we use Rackspace's back-end infrastructure, Microsoft Azure infrastructure, PayPal's payment processing services, In-App Purchase payment and distribution functions offered by the app stores where you can download the application and pay for the services.

Business Transfers. If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction, but we will notify you (for example, via email and/or a prominent notice on our website) of any change in control or use of your Personal Information or Files, or if either become subject to a different Privacy Policy. We will also notify you of choices you may have regarding the information.

Non-private or Non-Personal Information. We may disclose your non-private, aggregated, or otherwise non-personal information, such as usage statistics of our Service.

4. Changing or Deleting Your Information

If you are a registered user, you may review, update, correct or delete the Personal Information provided in your registration or account profile by contacting us. If your personally identifiable information changes, or if you no longer desire our service, you may update it through the Settings management functions or delete it by contacting us. In some cases we may retain copies of your information if required by law. For questions about your Personal Information on our Service, please contact support@onvelop.com. We will respond to your inquiry within 30 days.

5. Data Retention

We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, you may contact us at support@onvelop.com. We may retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Consistent with these requirements, we will try to delete your information quickly upon request. Please note, however, that there might be latency in deleting information from our servers and backed-up versions might exist after deletion.

6. Security

The security of your information is important to us. When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL).

We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it. No method of electronic transmission or storage is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our website or our mobile applications, you can contact us at support@onvelop.com

7. Changes to our Privacy Policy

This Privacy Policy may change from time to time. If we make a change to this privacy policy, we will update its change date at http://www.onvelop.com/legal where we encourage you to check for updates. If we make changes that we believe materially reduces your rights, we will provide you with notice (for example, by email or within the application). By continuing to use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy.