Privacy Policy

SecureAppbox AB take your privacy seriously

We at SecureAppbox AB take your privacy seriously. Therefore, SecureAppbox AB has created this policy which is about how SecureAppbox AB handles the personal information that SecureAppbox AB collects. Personal information is information about you as a private person such as your name, email address or telephone number.
We apply a minimal collection policy of only saving the data we absolutely need to deliver the service, and do not share the data with others.
This privacy policy applies to SecureAppbox services.

Data collection and use

On our external website (SecureAppbox website) we analyze visitor statistics that are not related to SecureAppbox accounts/users, such as which pages are viewed the most, to improve usability and content. These statistics do not track anything related to SecureAppbox accounts/users. We use Matomo analytics for usage analyzes of our external website. No personal data is shared from the tool.

When you register as a user for a service provided by SecureAppbox, you are asked to provide us with personal information such as name, email address and telephone number. The information is only used to deliver the service to you, it is never shared with external parties. We may contact you in relation to the delivery of the service, such as changes in function or delivery.
If someone sends a message to someone who does not previously have a personal account, this message and any associated files will automatically be deleted from the SecureAppbox service after 60 days if the recipient does not choose to register their own account.
We log connection data temporarily for security analysis including IP address to be able to detect, for example, an attacker who causes many failed login attempts. These security logs are only available to the SecureAppbox AB security department and are never shared.
The message metadata (ie here related to user A sending a message to user B) is only available until the sender/receiver deletes the message. Deleting the message also deletes its metadata. This metadata is only used to deliver the right message to the right recipient and is never shared with other parties.
All data in connection with the service is stored on SecureAppbox’s secure and encrypted servers located at Amazon AWS in Sweden and within the EU. Messages are stored unless otherwise agreed as standard in Sweden. Organizational accounts have the ability to select alternative storage locations for where encrypted messages are stored (see FAQ for more details on encryption and region-based storage). The service and messages are protected by AES 256 encryption where the keys are controlled by SecureAppbox AB.

Message Security

Messages are encrypted and only accessible to the sender and recipient. When a message is sent, the recipient may, depending on their account settings, receive a notification in their regular email about the message in SecureAppbox which may include the message title. You can change your account settings so that your notifications do not include the message title or name of the sender; which is thus not exposed in ordinary insecure e-mail.

Information and security

SecureAppbox AB will not rent, sell or share personal information about you with others, but only provide products or services you have requested, when we have your permission, except in the following cases: (i) SecureAppbox AB will share information about this is requested by a court or if it is necessary to respond to subpoenas, court orders or legal processes, or to establish or exercise our rights or defend against legal claims. (ii) SecureAppbox AB will share information to investigate, prevent or intervene against illegal activity, suspected fraud, situations involving possible threats to the physical safety of any person, violation of the SecureAppbox AB Terms of Service (TOS), or as otherwise required way of the law. SecureAppbox AB limits access to your personal information to SecureAppbox AB employees or subcontractors under confidentiality agreements and will only use personal information to do their job.

Data Protection Regulation (GDPR), personal data controller and personal data assistant

Personal data refers only to such personal information as name, e-mail address and telephone number that you enter when you register, and not the content of messages or attachments which are not available to SecureAppbox AB. We may hire another party to fulfill the tasks for the personal data controller. We will then hire a so-called personal data sub-assistant where we have taken the technical and organizational security measures recommended by the EDPB where required. With the personal data sub-assistant, we write an agreement in which they undertake to ensure in their operations at all times that the personnel concerned follow the agreement, the instructions given by us and that they are kept informed about the content of the data protection regulation (GDPR). The personal data assistant may not process your personal data in any other way, for other purposes or according to other instructions than those that apply under this agreement. In the event that you, an authority or another third party requests information from the personal data sub-assistant regarding the processing of your personal data, the personal data sub-assistant must refer to us. The personal data assistant may not disclose personal data or other information without express instruction from us, or if the disclosure is a consequence of a legal obligation. Neither we nor the data processor can access the content that you send or store in our service, but the information that may be disclosed is only your personal information such as name, email address, phone number and meta data.

Cookies

We use cookies on our external website, secureappbox.com, to make your visits to the website as good as possible. A cookie is a small text file that is saved on your computer, mobile phone or tablet when you access a website. The cookie contains information about what you do when you visit the site. When you enter secureappbox.com, you can manage the cookies that are on our website. By clicking “Accept All”, you agree to all cookies used on the site. Do you want to choose which cookies you want to be used during your visit?
The cookies are categorized as necessary which are saved in your browser and are necessary for your user experience on the site. We also use third-party cookies that help us analyze and understand the use of our website. These cookies are only stored in your browser with your consent. You have the option to block these cookies. Previously stored cookies can also be deleted via your browser. See your browser’s help information for details on how to do this.

Your right to see and correct personal data

Your information is available to you in your account where you can see the information we have saved about you. You can also request information about all registered personal information about you. Your information is available to you in your account where you can see the information we have saved about you and make corrections yourself. You can also contact us if you want to correct any data entered or collected about you.

Deletion of account

You may request deletion of your account at any time without notice by, while logged into your SecureAppbox Connect account for authentication purposes, sending a message to support@secureappbox.com with your request. Organizations can delete their employees’ accounts themselves.

Changes to the privacy policy

If this policy is updated, SecureAppbox AB will notify you of this. You can also read the latest version on the SecureAppbox AB website.

Contact information

If you have any questions regarding the collection of personal information, please contact us.
Customer Service, SecureAppbox AB, Sankt Eriksgatan 63B, 112 34 Stockholm, Sweden or at info@secureappbox.com. Org. number: 556737-0431.

Cookie	Duration	Description
(Hubspot)__hssc	30 min	This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp. It expires in 30 minutes.
(Hubspot)__hssrc	End of Session	Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session. It contains the value "1" when present. It expires at the end of the session.
(Hubspot)__hstc	6 months	The main cookie for tracking visitors. It contains the domain, hubspotutk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session). It expires in 6 months.
Hubspot (hubspotutk)	6 months	This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts. It contains an opaque GUID to represent the current visitor. It expires in 6 months.
Matomo	13 months	This site uses Matomo to analyze traffic and help us to improve your user experience. We process your IP address and cookies are stored on your browser for 13 months. This data is only processed by us and our web hosting platform.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
_calendly_session	21 days	Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar.
(Hubspot)messagesUtk	6 months	If you're a visitor, this allows you to chat with a representative on the site.
wp-wpml_current_language	session	This cookie is set by the WordPress plugin WPML. It is used to store the current language selected by the user.

Cookie	Duration	Description
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.
(Hubspot) _key	14 days	When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again. The cookie name is unique for each password-protected page. It contains an encrypted version of the password so future visits to the page will not require the password again. It expires in 14 days.
(Hubspot) hs_ab_test	End of Session	This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before. It contains the id of the A/B test page and the id of the variation that was chosen for the visitor. It expires at the end of the session.
(Hubspot) hs_langswitcher_choice	2 Years	This cookie is used to save a visitor’s selected language choice when viewing pages in multiple languages. It is set when a visitor selects a language from the language switcher and is used as a language preference to redirect them to sites in their chosen language in the future if they are available. It contains a colon delimited string with the ISO639 language code choice on the left and the top level private domain it applies to on the right. An example will be "EN-US:hubspot.com". It expires in two years.
(Hubspot) hs-membership-csrf	End of Session	This cookie is used to ensure that content membership logins cannot be forged. It contains a random string of letters and numbers used to verify that a membership login is authentic. It expires at the end of the session.
(Hubspot) hs-messages-hide-welcome-message	1 day	This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed. It contains a boolean value of True or False. It expires in one day.
(Hubspot) hs-messages-is-open	30 min	This cookie is used to determine and save whether the chat widget is open for future visits. It is set in your visitor's browser when they start a new chat, and resets to re-close the widget after 30 minutes of inactivity. If your visitor manually closes the chat widget, it will prevent the widget from re-opening on subsequent page loads in that browser session for 30 minutes. It contains a boolean value of True if present. It expires in 30 minutes.
(Hubspot)__cf_bm	30 min	This cookie is set by HubSpot's CDN provider and is a necessary cookie for bot protection. It expires in 30 minutes. Learn more about Cloudflare cookies.
(Hubspot)__cfruid	End of Session	This cookie is set by HubSpot’s CDN provider because of their rate limiting policies. It expires at the end of the session. Learn more about Cloudflare cookies.
(Hubspot)__hs_cookie_cat_pref	6 months	This cookie is used to record the categories a visitor consented to. It contains data on the consented categories. It expires in 6 months.
(Hubspot)__hs_do_not_track	6 monts	This cookie can be set to prevent the tracking code from sending any information to HubSpot. It contains the string "yes". It expires in 6 months.
(Hubspot)__hs_gpc_banner_dismiss	180 days	This cookie is used when the Global Privacy Control banner is dismissed. It contains the string "yes" or "no". It expires in 180 days.
(Hubspot)__hs_initial_opt_in	7 days	This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode. It contains the string "yes" or "no". It expires in seven days.
(Hubspot)__hs_opt_out	6 months	This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again. This cookie is set when you give visitors the choice to opt out of cookies. It contains the string "yes" or "no". It expires in 6 months.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
Hubspot)__hsmem	7 days	This cookie is set when visitors log in to a HubSpot-hosted site. It contains encrypted data that identifies the membership user when they are currently logged in. It expires in seven days.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Privacy Policy

SecureAppbox AB take your privacy seriously

Data collection and use

Message Security

Information and security

Data Protection Regulation (GDPR), personal data controller and personal data assistant

Cookies

Your right to see and correct personal data

Deletion of account

Changes to the privacy policy

Contact information

Albacross Nordic AB

Company reg. no 556942-7338

Kungsgatan 26

111 35 Stockholm

Sweden

albacross.com - contact@albacross.com