Vehera LTD ("Storage Made Easy" service) Privacy Policy

Last Updated on May 16, 2018. This Privacy Policy is effective immediately for Users after that date. It adds information about your rights over your personal data we may collect or obtain as per the General Data Protection Regulation (GDPR) (EU) 2016/679.

We, Vehera LTD ("we," "us,"), trading as Storage Made Easy®, respect your privacy and are committed to protecting it through our compliance with this Privacy Policy. This policy covers this website and all other sites (together, the Websites) and other services and applications (collectively, our "Services") controlled by Vereha LTD, trading as Storage Made Easy ("we", "us").

Our Websites include:

  • storagemadeeasy.com
  • eu.storagemadeeasy.com
  • blog.storagemadeeasy.com
  • docs.storagemadeeasy.com
  • storagemadeeasy.info
  • openstackdrive.com

Our Services include the Websites and:

  • Storage Made Easy "SaaS Application" (Software as a Service)
  • The "US Server" is accessed through storagemadeeasy.com
  • The "EU Server" is accessed through eu.storagemadeeasy.com
  • Desktop and mobile applications using the US or EU Server
  • Storage Made Easy API services
  • FTP, SFTP, FTPS, WebDAV and S3 protocol adapters
  • Dedicated hosted Enterprise File Fabric appliance "Hosted IaaS"

This policy explains:

  1. Definitions
  2. What Personal Information We Collect and Why
  3. When We Share Your Data With Third Parties
  4. Outbound Communication
  5. Security - Your Responsibilities
  6. Your Rights to Access, Correct and Delete Your Information
  7. How We Protect Your Information
  8. Termination
  9. Children’s Privacy
  10. Changes to this Policy
  11. Governing Law
  12. Copyrights
  13. General Notes
  14. Contact

This policy describes the types of personal data that we may collect from you when you access or use our Services, or in rare cases, obtain from other parties, and our practices for collecting, using, maintaining, protecting and disclosing that data.

 

1. Definitions

User

"User" or "you" or "your" refers to you, as an individual user of the Services, and any other persons authorized to use the Services. A user is someone who accesses or uses the Services for any purpose, including sharing, displaying, hosting, publishing, transacting, uploading information or viewing pictures.

Org Account, Org Admin and Member Account

A "Org Account" is a dedicated space for a single organization, or tenant, in our SaaS Application with it’s own metadata and user management. An Org Account is managed by an "Org Admin", an administrative user who may create logins within this dedicated space for User members of their organization "Member Accounts".

You are are an Org Admin if you have registered for a trial or signed-up for a Business plan. You are an Org Member if you have been given a login by an Org Admin.

Personal Account

A "Personal Account" is a dedicated space for a single individual with it’s own metadata. You have a Personal Account if you have registered for a free account, or signed-up for a Personal plan.

User Content

"User Content" includes, but is not limited to, documents, images, photos, audio, videos and data files created or retrieved, whether by Users or applications or other methods, through your Org Account, Member Account or Personal Account.

Personal Data

"Personal Data" refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time. Examples of Personal Data you might give us when using the Services include your email address, your name and application preferences.

 

2. What Personal Information We Collect and Why

Vehera LTD may collect and use information of and regarding its Users. We will only ask for data which is essential to our operations, or for which we have your consent.

The information, through which an individual may be identified, may include data, which you voluntarily enter, use or provides when using the Services of the Vehera LTD Website, submits when creating an Org Account, Member Account, or Personal Account, or in some cases we obtain externally.

The information we collect on or through our Services may include:

  1. Account information: Personal Data, such as email (required) and optionally your full name and other information you may provide with your account, such as your phone number, as a part of your Org Account, Member Account or Personal Account. We ask for this information in order to verify your identity and provide you with an individualised experience of our Services. The information may be removed or corrected by an Org Admin or the Member Account User at any time and is removed on termination of the Services.
  2. Contact Information: Your contact information, such as email address, telephone and address. We gather this information in order to provide you with access to certain features of our Services and to inform you about relevant information concerning your use of our Services. If you unsubscribe, our marketing automation platform (MailChimp), will keep your email address to prevent automatic re-subscription. Otherwise, we will store this information until you ask us to remove it.
  3. Preferences: Your preferences and settings such as time zone and language; We use this information for certain features of the Services and in order to enhance your user experience. This information will be removed on deletion of the Member Account or termination of the Services.
  4. User Content: Information you upload or download through our Services including data stored on third-party services you have granted our Services access to. We also extract metadata from that content including file names and modification times. You may also add your metadata including tags, comments, annotations and access permissions. We cache the metadata of your User Content in order to provide responsive support for browsing, searching and other features of the Services. The metadata cache is removed when you either remove the User Content, you disassociate the storage provider from the service, or you terminate the service.
    We do not store copies of User Content that you upload, download or synchronize with on your storage. In a few cases, such as with an FTP upload, we store content temporarily while the operation is in process.
    You may also provide a client-side encryption key such that the User Content data is encrypted before being sent to the Services. An Org Account encryption key will allow User Content to be encrypted by our Services before it’s sent to storage.
  5. User Behaviour: An audit log, available for team accounts, can be enabled by an Org Admin to track each user log-in, log-off and operations such as searching metadata, uploading, sharing and downloading User Content, for their Member Account. The log includes a short description, user name, IP address, time, and whether the operation succeeded. Information is also collected for anonymous users (when User Content has been shared through a link that doesn’t require authentication)
    We record this information in order to provide compliance services - a historical record, for example, of sharing and downloading Content. This information may be viewed, downloaded and deleted by the Org Admin and is removed on termination of the Services.
  6. Browsing Information: How long you used our Services, how often, and which features you have used. We collect this information in order to analyse the behaviour of our users and improve our Services. This information collected in aggregate and is not associated with any Personal Data.
  7. Cookies and Other Tracking Technologies: Our use of cookies and similar browser tracking technologies causes small pieces of data to be placed on your devices when you use our Services.
    We, and approved third-party content providers, use cookies and other tracking technologies to remember you from one browser session to another. We use this information to remember your preferences, whether you have logged in, and in aggregate, to analyze and improve our Services. You may opt-out of third-party, analytics and other cookies not required for operation of the Services. For more information see our Cookie Policy.
  8. Communications with Support: We may collect and store your email address, name and telephone number and other data you send, including technical data, or authorise us to access from your Org Account, Member Account or Personal Account, in supporting your use of the Services. We keep support communication in order to provide context for future communications with you, provide feedback to our support team, augment our knowledge base and improve our products. Communication is not removed on termination of your service. Upon request we will anonymize your personal data to the extent supported by our support management system.
  9. Information from Third Party Storage Providers: We may ask for, use and store your user ID and password associated with any storage account (such as your Amazon S3 or Google Drive account) that you connect with or use with the Services. This could include, without limitation, the token supplied to allow us to access the service as requested by your use of the Services.
    We ask for this information in order to provide the core service to you and to provide you with easier and faster access to our Services. The information is removed when you remove the storage provider or terminate Services.
  10. Location Data: We may store information about your location if you have instructed your mobile device or computer to send such information via the privacy settings on that mobile device or computer. Social Media, Forums, Webinar Platforms and App Stores: We may obtain personal data you have provided from our company and employee social networking accounts, such as Skype, LinkedIn, Facebook and Twitter, forum sites such as the Website Toolbox, webinar platforms such as GoToWebinar, and application marketplaces such as Google Play and the App Store. We do not control how your personal information was collected, stored or used by such third-party sites, or to whom it is disclosed. You should review the privacy policies and settings on any site that you use to so that you understand the information they may be collecting and sharing, and how to opt-out. Vehera LTD is not responsible for how these third-party sites may use information collected from or about you.

 

3. When We Share Your Data With Third Parties

External Applications and Services - The Services can be configured by an Org Admin to integrate with third-party applications or services such as, but not limited to, Google Viewer, Google Drive, Zoho Office, TinyURL, and Microsoft Officer viewer. This Privacy Policy does not apply to your use of such third-party applications and services, and we are not responsible for how those third parties collect, use and disclose information and User Content. We encourage you to review the privacy policies of those third parties to learn more about their information and privacy practices.

Marketing - We use MailChimp as our marketing automation platform and Zoho CRM for customer relationship management.

Support - We use Zoho Desk for our support system.

Payment Processing - Online payments may be made via our payment service provider PayPal. We do not share any personal information with or obtain any personal information from PayPal except whether payment was completed. We receive from PayPal your name in PayPal and the amount paid.

Countries outside the EEA - Information that you submit via the Services may be transferred to and processed in countries outside the European Economic Area ("EEA"). By way of example, this may happen if one or more of our servers are from time to time located in a country outside the EEA or one of our service providers is located in a country outside the EEA. We shall take reasonable steps to ensure that any transfer of your personal information to a country or territory outside the EEA, whose laws may provide for a lesser standard of protection for your personal information than that provided under European law, shall have adequate protection (such as model contractual arrangements as approved by the EU).

Legally - We may share your information where we are legally obliged to do so. Please note we may not be able to provide you with notice prior to disclosure in such cases.

 

4. Outbound Communication

As an information management service our Services may display or send personal information, under your control, through our applications or via email or text. For example, you may have configured the service to send an email notification when a user downloads a file.

 

5. Security - Your Responsibilities

It is your responsibility to secure your login credentials to the Services, and keep your email address up to date. We highly recommend enabling two factor authentication, and learning about security controls available with the Services. For more information see our documentation at https://docs.storagemadeeasy.com/security.

 

6. Your Rights to Access, Correct and Delete Your Information

You have the right to review, correct, delete, or limit the use of your Personal Data. You may do so through tools we provide within the Services or through a written or verbal request. You may contact us through Contact Us.

Review and Correct - You may access and correct your contact information and marketing preferences via the Dashboard under My Personal Information after logging into the web-based application. Select "View All" to view, and download in electronic form, information about policies accepted, devices used, connected storage systems and recent logins.

Delete - If you wish to delete your personal information you may terminate your account. For more information regarding the termination or deletion of your information, please refer to the Termination section of this policy. You may request that we delete personal data that is not required for legitimate purposes.

Limit - You may withdraw your consent for marketing communication through the Dashboard.

Vehera LTD will process requests under this policy for for users that have a direct relationship with Vehera LTD including Users with Org Accounts and Personal Accounts. Requests from Users with Member Accounts will be forwarded to the parties managing their respective Org Accounts.

 

7. How We Protect Your Information

We have implemented appropriate measures in the form of various technical, physical and other means, including, but not limited to measures regarding the security of our electronic systems and databases, locks, racks, cases and other devices and access controlling systems, fire-notifying and fire extinguishing systems. These means aim at improving the integrity and security of the personal information that we collect and maintain. However, please be advised that even the best security measures cannot guarantee the full elimination of all risks.

Your personal data safety is of utmost importance to us. We review and strive to improve our security measures on a regular basis.

If we learn of a personal data breach that affects our Services we will attempt to notify you electronically so that timely and appropriate protective steps can be taken. Apart from informing you via email, we may post a notice through the website if a security breach occurs.

 

8. Termination

This Privacy Policy is effective until terminated by either party. If you no longer agree to be bound by this Privacy Policy, you must cease the use of the Vehera Services. If you are dissatisfied with Vehera LTD, its content, or any of these terms, conditions, and policies, your sole legal remedy is to discontinue using the Services. Vehera LTD reserves the right to terminate or suspend your access to and use of the Services, or parts of them, without notice, if we believe, in our sole discretion that such use is in violation of any applicable law, or harmful to our interests or the interests of another person or entity, or where Vehera LTD has reasons to believe that their use is in violation of this Privacy Policy or the Terms of Use.

 

9. Children’s Privacy

The Services are directed to businesses though also available to consumers. They are not available to children under the age of 16.

 

10. Changes to this Policy

Vehera LTD reserves the rights to change this Privacy Policy at any time. Please check this page periodically for changes. Your use of the services after any such amendment or change in the Privacy Policy shall be deemed as your express acceptance to such amended/changed Privacy Policy and an assent to be bound by such changed/amended Privacy Policy.

 

11. Governing Law

This Privacy Policy and the use of the Website are governed by the laws of United Kingdom. The parties undertake to first try to resolve the dispute with by negotiation. If the parties fail to reach an amicable resolution through negotiation, Vehera LTD agrees to submit the dispute to the competent Court of United Kingdom.

If you are accessing the Vehera LTD UK website (eu.storagemadeeasy.com) from another jurisdiction, please be advised that you are transferring your personal information to Vehera LTD in the United Kingdom and, by using the website, you consent to that transfer and to abide by the applicable laws concerning your use of the website and your agreement(s) with us.

If you are accessing the Vehera LTD US website (storagemadeeasy.com) from another jurisdiction, please be advised that you are transferring your personal information to Vehera LTD in servers based in the United States and, by using the website, you consent to that transfer and to abide by the applicable laws concerning your use of the website and your agreement(s) with us.

 

12. Copyrights

The copyrights of our Websites are the property of Vehera LTD.

Texts, graphics, photographs, animations, videos and clips, visible on the Website are the object of copyright and are part of the intellectual property of Vehera LTD or our partners. Those may not be reproduced, used, presented or represented without an explicit written permission by Vehera LTD. Any distribution of these files, obtained by the Users under the Terms and Conditions of the Website, or of parts of such files, constitutes a violation of the relevant intellectual property protection laws and is prosecuted by the law.

Nothing contained on this Website may be interpreted as granting a license or right of use as a trademark without the prior explicit written consent of Vehera LTD.

 

13. General Notes

Vehera LTD is controlled, operated and administered entirely within United Kingdom.

Our Services may contain links to other websites of interest. You should note that we do not have any control over other websites. We cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

This statement and the policies outlined in this Privacy Policy are not intended to and do not create any contractual or other legal rights in or on behalf of any third party.

Vehera LTD may provide a translation of the English version of the Privacy Policy into other languages. You understand and agree that any translation of the Privacy Policy into other languages is only for your convenience and that the English version shall govern your rights and responsibilities. In case there are any inconsistencies between the English version of the Privacy Policy and its translated versions, the English version of the Terms shall prevail.

 

14. Contact

If you believe Vehera LTD does not adhere to this Privacy Policy, in order to address a question, to resolve a complaint regarding the Websites or the Vehera LTD Services, or to receive further information regarding the Services, please contact Vehera LTD via email at DP@storagemadeeasy.com or via mail at Mulgrave Chambers, 26-28 Mulgrave Road Unit 1, Sutton, London SM2 6LE, UK.

If Vehera LTD does not address your request, or fails to provide you with a valid reason why it is unable to do so, you have the right to contact the Information Commissioner’s Office to make a complaint. See https://ico.org.uk/concerns/ for more information.