ElephantDrive & Privacy
As a company, we place a high value on privacy and transparency. So, let’s start by making a couple of things clear about how we protect our users’ data:
We collect and process a limited amount of Personal Identifiable Information (PII), and we only collect and process PII that is necessary to provide the services our users sign up for:
- Email and name for logging in and getting in touch
- Payment info for paying for your plan, and…
- That’s it!
We do not sell any of this information! We do not share any of this information!
We only host, store, or interact with this PII on secure systems provided by partners that also comply with our standards, including GDPR.
Examples of such providers are our payment processing solution, our customer support ticketing solution, our email delivery solution, and our infrastructure solutions. They share our privacy concerns, comply with GDPR, and we have subscribed to their updated policies put in place to guarantee GDPR compliance.
All other data stored by users in their accounts is encrypted during transit and at rest, and is absolutely private
Our GDPR Compliance Process
We started by becoming an active participant of the Privacy Shield Framework. The Privacy Shield Framework guarantees that data transferred from the EU to the USA benefits from the same level of protection.
We have conducted a thorough internal audit reviewing our practices and our compliance.
The personal data we collect
ElephantDrive only collects “general” PII that is strictly necessary to provide our services to our end-users:
- Name and Surname
- Email Address
- Phone Number
- Payment-related information: Card Type, Number, Billing Address…
We do not collect any other type of PII!
ElephantDrive collects this PII when you create an account/sign up for our services
As for the data our users back up, store or share using our services, it is encrypted on the user’s devices, travels and is stored encrypted. Click here for more information on how your data is secured at ElephantDrive.
How we process data
Our service and solution providing partners share our privacy concerns and comply with GDPR. We have subscribed to their updated policies put in place to guarantee GDPR compliance:
How long we keep data
We only store PII as long as strictly necessary, ie as long as you are an active user of our services.
Upon cancellation, the (encrypted) user’s data is queued for deletion and purged from our servers within a couple of weeks. We only keep the user’s email address as a cancelled user. Payment information is deactivated as is emailing. No additional processing of personal information is done after cancellation.
How and where we store data
Most of our data is stored and processed in the USA. This is why we enrolled in the Privacy Shield Framework for our EU users to guarantee equivalent levels of data protection.
As said before, all our partners who help us store and process data are equally compliant with GDPR requirements.
How to request copy/modification/deletion of personal data
As an ElephantDrive user, you have the right to:
Click on each section to find out how we implement and guarantee that our users enjoy these rights.
All other requests regarding access to PII may be directed to firstname.lastname@example.org.
ElephantDrive’s Data Protection Officer
Despite the fact that we only collect and process very limited PII, we have decided to appoint a Data Protection Officer (“DPO”) (mainly on the basis of our number of users and to guarantee maximum confidence for our users).
Our DPO is Augustin Brajeux, VP Legal and he can be reached at email@example.com.
Data Processing Agreements
Upon request, we can make Data Processing Agreements available for our Business and Enterprise users.
Please reach out to firstname.lastname@example.org to request a DPA.