Product Feature Sheets
Last update on: February, 2019
Your privacy is important to us. This privacy statement explains what personal data we collect from you and how we use it. We encourage you to read the summaries below.
The Federal Trade Commission (FTC) has jurisdiction over DeliverySlip’s compliance with the Privacy Shield.
All DeliverySlip employees who handle Personal Data from Europe and Switzerland are required to comply with the Principles stated in this Policy.
The product-specific details sections provide additional information relevant to DeliverySlip products. This statement applies to the DeliverySlip products listed below, as well as other DeliverySlip products that display this statement. References to DeliverySlip products in this statement include DeliverySlip services, websites, apps and software.
This Policy applies to the processing of Individual Customer Personal Data that DeliverySlip receives in the United States concerning Individual Customers who reside in the European Union and Switzerland. DeliverySlip provides products and services to businesses and consumers.
This Policy does not cover data from which individual persons cannot be identified or situations in which pseudonyms are used. (The use of pseudonyms involves the replacement of names or other identifiers with substitutes so that identification of individual persons is not possible.)
DeliverySlip has designated a Privacy Officer to oversee its information security program, including its compliance with the EU and Swiss Privacy Shield program. The Privacy Officer will review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Policy also may be directed to firstname.lastname@example.org.
DeliverySlip will maintain, monitor, test, and upgrade information security policies, practices, and systems to assist in protecting the Personal Data that it collects. DeliverySlip personnel will receive training, as applicable, to effectively implement this Policy. Please refer to Security of Personal Data for a discussion of the steps that DeliverySlip has undertaken to protect Personal Data.
DeliverySlip will renew its EU-US Privacy Shield and Swiss-US Privacy Shield certifications annually, unless it subsequently determines that it no longer needs such certification or if it employs a different adequacy mechanism.
Prior to the re-certification, DeliverySlip will conduct an in-house verification to ensure that its attestations and assertions about its treatment of Individual Customer Personal Data are accurate and that the company has appropriately implemented these practices. Specifically, as part of the verification process, DeliverySlip will undertake the following:
DeliverySlip will prepare an internal verification statement on an annual basis.
DeliverySlip provides the ability for its Customers to send secure messages with attachments and e-signature requests to users both internal and external to the Customer organization (“Participants”). To operate effectively and provide DeliverySlip customers with the best experience with our products, DeliverySlip collects Personal Data from individual Participants.
The data we collect depends on the products and features a DeliverySlip Participant uses, and can include the following:
Name and contact data. We may collect first and last name, email address, postal address, phone number, and other similar contact data.
Credentials. We collect passwords, password hints, and similar security information used for authentication and account access.
Demographic data. We collect data about a Participant such as preferred language.
Device and Usage data. We collect data about a Participant’s device and how a Participant and their device interacts with DeliverySlip and our products. For example, we collect:
Contacts and relationships. We collect data about a Participant’s contacts and relationships if the DeliverySlip product to manage contacts, or to communicate or interact with other people or organizations.
Content. We collect content of files and communications when necessary to provide the Participant with the products used. For example, if when receiving a messaging using the DeliverySlip service, we need to collect the content of that message to deliver it to an inbox, display it to the Participant, enable ability to reply to it, and store it for until Participant chooses to delete it. Examples of this data include: the content of documents, photos, music, or videos uploaded to a DeliverySlip service, as well as the content of communications sent or received using DeliverySlip products, including the:
ALL content, when transported between DeliverySlip products, is done using HTTPS (TLS 1.1 or higher).
We also collect the content of messages sent to us, such as feedback, product reviews, or questions and information provided for customer support. When a Participant contacts us, such as for customer support, phone conversations or chat sessions with our representatives may be monitored and recorded.
Product-specific sections below describe data collection practices applicable to use of those products.
DeliverySlip does not disclose personal information to third parties for purposes that are materially different than what it was originally collected for. Should this change in the future, we will provide individuals with the option to opt-out.
We may share personal data among DeliverySlip-controlled affiliates and subsidiaries. We also may share personal data with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we’ve hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data to provide those functions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets.
Finally, we will access, transfer, disclose, and preserve personal data, including Participant content when we have a good faith belief that doing so is necessary to:
Additionally, we may contact you from time to time for the purpose of providing product or service updates or other such information, including by regular mail as well as through in-product notifications.
Except as otherwise provided herein, DeliverySlip discloses Personal Data only to Third Parties who reasonably need to know such data only for the scope of the initial transaction and not for other purposes. Such recipients must agree to abide by confidentiality obligations.
DeliverySlip may provide Personal Data to Third Parties that act as agents, consultants, and contractors to perform tasks on behalf of and under our instructions. For example, DeliverySlip may store such Personal Data in the facilities operated by Third Parties. Such Third Parties must agree to use such Personal Data only for the purposes for which they have been engaged by DeliverySlip and they must either:
DeliverySlip also may disclose Personal Data for other purposes or to other Third Parties when a Data Subject has consented to or requested such disclosure. Please be aware that DeliverySlip may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. DeliverySlip is liable for appropriate onward transfers of personal data to third parties.
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
DeliverySlip is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit any data (such as messages, attachments, etc.) over the Internet, we protect it using HTTPS encryption.
Personal data collected by DeliverySlip may be stored and processed in your region, in the United States or in any other country where DeliverySlip or its affiliates, subsidiaries or service providers maintain facilities. DeliverySlip maintains its services in the United States, Canada, and United Kingdom. Typically, the primary storage location is in the customer’s region or in the United States, often with a backup to a data center in another region. The storage location(s) are chosen to operate efficiently, to improve performance, and to create redundancies to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect under this privacy statement is processed per the provisions of this statement and the requirements of applicable law wherever the data is located.
DeliverySlip retains personal data for as long as necessary to provide the products and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly. The criteria used to determine the retention periods include:
We will update this privacy statement when necessary to reflect customer feedback and changes in our products. When we post changes to this statement, we will revise the “last updated” date at the top of the statement. If there are material changes to the statement or in how DeliverySlip will use your personal data, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how DeliverySlip is protecting your information.
If you have any concerns, technical or support questions, please submit an email to DeliverySlip Support.
In compliance with the Privacy Shield Principles, DeliverySlip commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact DeliverySlip at: DeliverySlip Support
Complaints can also be submitted to:
c/o Privacy Officer
915 Broadway St. #109
Vancouver, WA 98660
Phone: 877-404-9964 x7001
DeliverySlip has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Below you will find additional privacy information you may find important.
DeliverySlip adheres to applicable data protection laws in the European Economic Area, which if applicable includes the following rights:
Please note that as discussed in the Privacy Statement, as the purpose of DeliverySlip is to provide you with a secure messaging solution, ALL Content is encrypted when at rest at DeliverySlip sites. As a result, we cannot provide you with decrypted data in a commonly used and machine readable format unless (a) at the time your account was set up, you selected to have your data decrypted and backed up by a third party, in which case your data is only retrievable through such third party, or (b) you provide us with your account password in order to allow us to manually extract your data in a decrypted format. Alternately, you may download your own Content while using DeliverySlip, or if your use of DeliverySlip has ended, request an extension of your account on a read-only basis for 90 days from termination to allow you to access and download your Content.
As applicable under French law, you can also send specific instructions to us regarding the use of your personal data after your death.
When we process personal data about you, we do so with your consent and/or as necessary to provide the products you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests of DeliverySlip as described in the “How We Use Personal Data” and “Reasons We Share Personal Data” sections above. When we transfer personal data from the European Economic Area, we do so based on a variety of legal mechanisms, as described in “Where We Store and Process Personal Data” below.
DeliverySlip Client Applications are a collection of applications used to send, receive, review and manage messages and content in the DeliverySlip ecosystem. These applications include:
The DeliverySlip Client Applications will use personal information in the form of user credentials, message content and attachments to fulfill expected behavior. Additionally, the Client Application will submit user information to the DeliverySlip service that reflects interaction with messages, attachments and e-signatures and other such auditable items.
To enhance user experience, some DeliverySlip Client Applications provide integration capabilities with Google G Suite™ and Microsoft Office 365™.
Your Secure Community portal is under construction. You will be redirected to your new portal shortly.