Privacy Policy

We at SecureAppbox AB take your privacy seriously. Therefore, SecureAppbox AB has created this Privacy Policy that covers how SecureAppbox AB treats personal data that the service collects. Personal data is information about you, as a private person or as a person working within an organization, that is identifiable such as your email address, name or phone number.

We adhere to a minimal collection policy to only collect what we absolutely need to deliver the service, and do not share data with others.

This Privacy Policy applies to both the SecureMailbox and SecureAppbox services. The SecureMailbox service is an application client on the SecureAppbox service. SecureMailbox and SecureAppbox are services from the SecureAppbox AB company. Secure Mailbox Sweden is a supplementary firm name of SecureAppbox AB.

Data collection and use

On our external website (the SecureAppbox AB home page) we analyze visitor statistics that are not related to SecureAppbox accounts/users, such as what pages are most visited in order to improve usability and contents. These statistics do not track anything related to SecureAppbox accounts/users.

When you register as a user you are requested to provide us with personal data such as name, email address and phone number. This data is used purely to deliver the service to you, it is never shared with an external party. We may contact you in relation to support issues or with help to get started using the service.

We temporarily log connection data for security analytics including the IP address to be able to for example detect an attacker causing many failed login attempts. These security connection logs are only available to the security team at SecureAppbox AB and are never shared.

Message metadata (i.e. meta data here is that user A sent a message to user B) is only available until the sender/receiver has deleted the message. Deleting the message also deletes the meta data. This meta data is only used to serve the correct message to the correct user and is never shared with anyone.

All data relating to the Service is securely stored on Amazon AWS servers in Ireland, Europe. Messages are encrypted by SecureAppbox using strong symmetric AES encryption before storage (please see the FAQ for more details about encryption). Business account users can select to change the storage location for where the encrypted messages are stored (please see the FAQ for information about geographic storage).

Message security

Messages are encrypted and not available to anyone except the sender and recipient. When a message is sent the recipient may, depending on his account settings, receive an email notification in his standard email about the message in SecureAppbox which may include the message subject. You can change your account settings so your notifications do not include the message subject or name of the sender; to avoid exposing it in normal unsecure email systems.

Disclosure and security

SecureAppbox AB will not lease, sell, or share personal data about you with other people or non-affiliated companies, but only deliver products or services you have required, except under the following circumstances, (i) SecureAppbox AB will share personal data if this is requested by a court of law or if it is necessary in order to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. (ii) SecureAppbox AB will share data in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of SecureAppbox AB Terms of Service (TOS), or as otherwise required by law. SecureAppbox AB limits access to your personal data to SecureAppbox AB employees or contractors under secrecy agreement and will use personal data only to provide the services to you or in order to do their jobs.

The personal data act, data controller and personal data assistant

In order to protect your personal data against unauthorized access, modification or destruction we store your personal data securely. Personal data here only relates to data such as your email address, name or phone number you submit when you sign up, and not the contents of messages or message attachments which are not available to SecureAppbox AB. We may for these purposes use another entity in order to fulfill our duties towards you as the controller of personal data. The entity we use is our personal data assistant. We have assured that the personal data assistant has in place the technical and organizational means to ensure security of your personal data. We will enter into a written agreement with the personal data assistant to ensure that all personnel follow the agreement and our instructions and that they at all times are informed of the personal data act. The personal data assistant may not process your personal data for any other purpose than to fulfill its duties according to this agreement. If you, an authority or a third party requests data from the personal data assistant regarding your personal data, such request shall be immediately forwarded to us. The personal data assistant may not surrender personal data or other information without our clear consent, unless required by mandatory law. Neither we nor the personal data assistant can access the content in messages you send, the data that may be surrendered is personal data such as name, email address and phone number and meta data.

Cookies

SecureMailbox uses cookies in order to create secure connections (sessions) to the service by the use of one-time session identifiers. These cookies are only valid while you are connected and are not used for other purposes than to secure your connection. If you do not wish to accept cookies, your web browser can be set to automatically deny the storage of cookies or to inform you each time a website requests permission to store a cookie. Previously stored cookies can also be deleted via the web browser. Visit the web browser’s help pages for more information. If you want more information from SecureAppbox AB regarding what types of cookies are used in its services, please contact us at info@securemailbox.com.

Your rights to access and modify personal data

Your information is available to you in your account where you can see the data we have stored about you. You may also request information on any registered personally identifiable information about you.

Your information is available to you in your account where you can see the data we have stored about you and make corrections yourself. You may also contact us if you want to correct any entered or collected information about you.

Delete your account

You can at any time, without notice request a deletion of your account.

Changes to the Privacy Policy

SecureAppbox AB may at any given time update this policy. You can review the latest version at the SecureAppbox AB web site (https://www.securemailbox.com).

Contact information

If you have any questions around the collection of personally identifiable information, you are welcome to contact us.

Customer Service, SecureAppbox AB, Birger Jarlsgatan 2, 5th floor, 114 34 Stockholm, Sweden or info@securemailbox.com.