This policy describes how we collect, use and handle your information when you use our website, software and services ("Services").
What & Why
We collect and use the following information in order to provide our Services:
Account. We collect, and associate with your account, information like your name, email address, phone number, payment info, and account activity.
Services. Our Services allow you to store your encrypted credentials and other sensitive data, collaborate with others, and work across multiple devices. To make that possible, we store, process, and transmit your encrypted data, messages, and other data as well as information related to it. This related information can be things like your profile nickname and profile image that makes it easier to collaborate and connect with others. Our Services provide you with different options for collaboration.
Usage. We collect information related to usage of our Services, including actions you take in your account. This helps us provide you with features like access logs and audit logs.
We also collect information from and about the devices you use to access the Services. This includes things like IP addresses, the type of browser and device you use, and identifiers associated with your devices. Your devices (depending on their settings) may also transmit location information to the Services.
Cookies and other technologies. We use technologies like cookies to provide, improve, protect and promote our Services. For example, cookies help us with things like remembering your username for your next visit, understanding how you are interacting with our Services, and improving them based on that information. You can set your browser to not accept cookies, but this may limit your ability to use the Services. If our systems receive a do not track signal from your browser, we'll respond to that signal as outlined here.
We may share information as discussed below, but we won't sell it to advertisers or other third parties.
Other users. Our Services display information like your nickname, profile picture, to other users in places like your connection profile and sharing notifications.
Lawful Requests and other disclosures. We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to (a) comply with the law; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of Passpack or our users; or (d) protect Passpack's property rights.
Stewardship of your data is critical to us and a responsibility that we take seriously. Our users' data should receive the same legal protections regardless of whether it's stored on our servers or on their device. When responding to government requests (including national security requests) for our users' data we will:
- Be transparent,
- Fight blanket requests,
- Protect all users and
- Provide trusted services.
We publish a Transparency Report as part of our commitment to informing users about when and how governments ask us for information. This report details the types and numbers of requests we receive from law enforcement.
Security. We have a team dedicated to keeping your information secure and testing for vulnerabilities. We also continue to work on features to keep your information safe in addition to things like two-factor authentication, and client side encryption to prevent disclosure of your encrypted data. However no method of transmission over the Internet, or method of electronic storage, is 100% secure, the security of your Information also depends on how you use the Services and protect your login credentials and the Packing Key that enables you to access your account and decrypt your Encrypted Data.
Retention. We'll retain information you store on our Services for as long as we need it to provide you the Services. If you delete your account, we'll also delete this information. But please note: (1) there might be some latency in deleting this information from our servers and back-up storage; and (2) we may retain this information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements. You can access your personal information by logging into your Passpack account.
To provide you with the Services, we may store, process and transmit information in the United States and other locations around the world - including those outside your country. Information may also be stored locally on the devices you use to access the Services.
EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield. When transferring data from the European Union, the European Economic Area, and Switzerland, Passpack relies upon a variety of legal mechanisms, including contracts with our users. Passpack complies with the EU-U.S. and Swiss–U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the European Economic Area, and Switzerland to the United States. You can find Passpack's Privacy Shield certification here. You can also learn more about Privacy Shield at https://www.privacyshield.gov.
Passpack is subject to oversight by the U.S. Federal Trade Commission. JAMS is the US-based independent
organization responsible for reviewing and resolving complaints about our Privacy Shield compliance —
free of charge to you. We ask that you first submit any such complaints directly to us via
email@example.com. If you aren't
satisfied with our response, please contact JAMS at
If we are involved in a reorganization, merger, acquisition or sale of our assets, your information may be transferred as part of that deal. We will notify you (for example, via a message to the email address associated with your account) of any such deal and outline your choices.
Have questions or concerns about Passpack, our Services and privacy? Contact us at firstname.lastname@example.org.