When you use the ezinbox service as an agent (e.g., an employee) of an organization, your organization is the data controller and ezinbox is a data processor for the personal data we process for you in our Service.
And when you use the ezinbox service as an individual, ezinbox is the data controller. Legal jargon aside, our goal is to ensure that you, as an ezinbox user, are in control of how your data is processed in our Service.
Where ezinbox acts as a data controller, we rely on one or more of the following legal grounds for processing your personal data:
When ezinbox acts as a data processor, we process your personal data based on the documented instructions of our customer.
We may use personal data for the following purposes:
We may also use non-identifying and aggregated data to help improve our Service and our website.
We will delete all the personal data that you’ve previously submitted to the Service, as soon as you cancel your Service.
All email resides on the customer’s email server and is never held on ezinbox servers. ezinbox simply monitors the customers ezinbox related email folders and asks the email server to move emails accordingly.
We log and keep information on active accounts about email movement and behavior in order to debug any current issues customers may report. But, we securely remove those email activity logs older than 30 days
We securely remove customer data (that can be regenerated) from inactive accounts after 90 days. This includes any cached information about emails that did reside in the customer’s email server folders that ezinbox monitors.
We “cancel” accounts that have no billing relationship and have been inactive for 6 months. The customers are warned about once a month that this cancelation is pending and given directions for how to activate their accounts to avoid it.
We are required to obtain certain permissions in order for ezinbox to function. If we could ask for less, we certainly would.
A cookie is a small piece of data that a website or app stores on your computer or mobile device. We use the following types of cookies:
User‑input cookies (i.e., session ID) which are first‑party cookies that keep track of your input when filling online forms, and similar things. These cookies have a lifespan of not more than a few hours, typically.
Authentication cookies, which identify you once you’ve logged in to our web application, and which last for the duration of your session.
Multimedia content player cookies, which are used to store technical data to help playback video or audio content. These cookies usually last for the duration of your session.
Third‑party social plug‑in content‑sharing cookies (if you’re a logged‑in member of a social network).
We may disclose your personal data (i) to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders, (ii) if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change, or (iii) to our subsidiaries or affiliates only if necessary for business and operational purposes.
We reserve the right to use and share aggregated, anonymous data, which does not include any personal data, about our Service’s users as a group for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers and customers.
If we must disclose your personal data in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your personal data will maintain the privacy or security of your personal data.
To prevent unauthorized access, to maintain the accuracy of your personal data, and to ensure that you’re in control of your personal data, we have put in place appropriate physical, technical, and administrative controls to safeguard and secure the personal data we process.
All payments and payment data submitted on our site is handled through Stripe. No such payment data is retained within our computer systems.
Protecting the privacy of the young is especially important. For that reason, we never collect or otherwise process personal data about anyone we actually know is under 13, and no part of our website is structured to attract anyone under 13.
If we process your personal data, your ezinbox profile settings enable you to:
If you reside in California, you may have legal rights with respect to your personal data, including those set forth under the California Consumer Privacy Act (CCPA). Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the specific pieces of personal information we collect, including how we use and disclose this information( we only use your information to filter your email), to delete their personal information (this happens automatically when you cancel your ezinbox account), to opt out of any “sales” that may be occurring (we do not sell your personal data in any manner, even in the broad definition of the CCPA) and to not be discriminated against for exercising these rights. California consumers may make a request pursuant to their rights under the CCPA by contacting us at [email protected].
You own the data associated with your account. We only access the envelope and header data associated with your emails. The actual body of your emails (i.e., the contents of the email message) are never downloaded or accessed by our systems.
When you cancel your ezinbox membership, we not only securely delete all data on our servers associated with your mail account but we also delete any labels or flags we might have created – so not only will we no longer have any of your data on our servers, but also your email inbox will look exactly like it did before you signed up with us.
If for any reason, ezinbox, decides to discontinue the ezinbox Service, all users will be contacted by email and their account data will be securely deleted from our servers in a timely manner.
And remember that we will only backup metadata – never the actual email envelopes. So once securely deleted, it’s practically impossible for us, or anyone else, to recover them.
If you are an individual in the European Union whose personal data we process, and we’re unable to resolve a privacy-related complaint you lodge with ezinbox, you may also have the right to lodge that complaint with a data protection regulator in your EU Member State, and, under certain conditions, to invoke binding arbitration.
ezinbox complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the European Economic Area to the United States. You can learn more about Privacy Shield at privacyshield.gov. We ask that you first submit any complaints about our Privacy Shield compliance directly to us via [email protected].
In compliance with the Privacy Shield Principles, ezinbox commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact ezinbox via email at [email protected].
ezinbox has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU. EU DPAs are the sole independent recourse mechanism for Privacy Shield.
ezinbox is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).