SecureAppbox AB take your privacy seriously
We at SecureAppbox AB take your privacy seriously. Therefore, SecureAppbox AB has created this policy which is about how SecureAppbox AB handles the personal information that SecureAppbox AB collects. Personal information is information about you as a private person such as your name, email address or telephone number.
We apply a minimal collection policy of only saving the data we absolutely need to deliver the service, and do not share the data with others.
Data collection and use
On our external website (SecureAppbox website) we analyze visitor statistics that are not related to SecureAppbox accounts/users, such as which pages are viewed the most, to improve usability and content. These statistics do not track anything related to SecureAppbox accounts/users. We use Matomo analytics for usage analyzes of our external website. No personal data is shared from the tool.
When you register as a user for a service provided by SecureAppbox, you are asked to provide us with personal information such as name, email address and telephone number. The information is only used to deliver the service to you, it is never shared with external parties. We may contact you in relation to the delivery of the service, such as changes in function or delivery.
If someone sends a message to someone who does not previously have a personal account, this message and any associated files will automatically be deleted from the SecureAppbox service after 60 days if the recipient does not choose to register their own account.
We log connection data temporarily for security analysis including IP address to be able to detect, for example, an attacker who causes many failed login attempts. These security logs are only available to the SecureAppbox AB security department and are never shared.
The message metadata (ie here related to user A sending a message to user B) is only available until the sender/receiver deletes the message. Deleting the message also deletes its metadata. This metadata is only used to deliver the right message to the right recipient and is never shared with other parties.
All data in connection with the service is stored on SecureAppbox’s secure and encrypted servers located at Amazon AWS in Sweden and within the EU. Messages are stored unless otherwise agreed as standard in Sweden. Organizational accounts have the ability to select alternative storage locations for where encrypted messages are stored (see FAQ for more details on encryption and region-based storage). The service and messages are protected by AES 256 encryption where the keys are controlled by SecureAppbox AB.
Messages are encrypted and only accessible to the sender and recipient. When a message is sent, the recipient may, depending on their account settings, receive a notification in their regular email about the message in SecureAppbox which may include the message title. You can change your account settings so that your notifications do not include the message title or name of the sender; which is thus not exposed in ordinary insecure e-mail.
Information and security
SecureAppbox AB will not rent, sell or share personal information about you with others, but only provide products or services you have requested, when we have your permission, except in the following cases: (i) SecureAppbox AB will share information about this is requested by a court or if it is necessary to respond to subpoenas, court orders or legal processes, or to establish or exercise our rights or defend against legal claims. (ii) SecureAppbox AB will share information to investigate, prevent or intervene against illegal activity, suspected fraud, situations involving possible threats to the physical safety of any person, violation of the SecureAppbox AB Terms of Service (TOS), or as otherwise required way of the law. SecureAppbox AB limits access to your personal information to SecureAppbox AB employees or subcontractors under confidentiality agreements and will only use personal information to do their job.
Data Protection Regulation (GDPR), personal data controller and personal data assistant
Personal data refers only to such personal information as name, e-mail address and telephone number that you enter when you register, and not the content of messages or attachments which are not available to SecureAppbox AB. We may hire another party to fulfill the tasks for the personal data controller. We will then hire a so-called personal data sub-assistant where we have taken the technical and organizational security measures recommended by the EDPB where required. With the personal data sub-assistant, we write an agreement in which they undertake to ensure in their operations at all times that the personnel concerned follow the agreement, the instructions given by us and that they are kept informed about the content of the data protection regulation (GDPR). The personal data assistant may not process your personal data in any other way, for other purposes or according to other instructions than those that apply under this agreement. In the event that you, an authority or another third party requests information from the personal data sub-assistant regarding the processing of your personal data, the personal data sub-assistant must refer to us. The personal data assistant may not disclose personal data or other information without express instruction from us, or if the disclosure is a consequence of a legal obligation. Neither we nor the data processor can access the content that you send or store in our service, but the information that may be disclosed is only your personal information such as name, email address, phone number and meta data.
The cookies are categorized as necessary which are saved in your browser and are necessary for your user experience on the site. We also use third-party cookies that help us analyze and understand the use of our website. These cookies are only stored in your browser with your consent. You have the option to block these cookies. Previously stored cookies can also be deleted via your browser. See your browser’s help information for details on how to do this.
Your right to see and correct personal data
Your information is available to you in your account where you can see the information we have saved about you. You can also request information about all registered personal information about you. Your information is available to you in your account where you can see the information we have saved about you and make corrections yourself. You can also contact us if you want to correct any data entered or collected about you.
Deletion of account
You may request deletion of your account at any time without notice by, while logged into your SecureAppbox Connect account for authentication purposes, sending a message to firstname.lastname@example.org with your request. Organizations can delete their employees’ accounts themselves.
If this policy is updated, SecureAppbox AB will notify you of this. You can also read the latest version on the SecureAppbox AB website.
If you have any questions regarding the collection of personal information, please contact us.
Customer Service, SecureAppbox AB, Sankt Eriksgatan 63B, 112 34 Stockholm, Sweden or at email@example.com. Org. number: 556737-0431.