Personal data about you that we process may or may not be sensitive personal data, such as information your race, ethnic original, political opinions, your religious beliefs or other beliefs of a similar nature, about your physical or mental health or condition, the commission or alleged commission by you of any offence as well as any government issued identification such as social security numbers, licenses, etc.
We will not process any sensitive personal data about you unless we get your express consent to do so and the processing is necessary for a purpose permitted by law. Please contact us if you would like information about these purposes.
Where we obtain consent from you, whether or not the personal data is sensitive personal data, we will tell you whether it is obligatory or voluntary for you to supply the personal data, and where it is obligatory, the consequences for you if you fail to supply the personal data.
If you have given us consent to collect, use, disclose, store and otherwise process personal data about you, you may withdraw that consent at any time. This includes any circumstances where we have relied on you being deemed to have given us such consent.
You should give us reasonable advance notice of your withdrawal of consent. We will inform you of the likely consequences of withdrawing your consent. For example, if we need your consent so that we can provide a service to you and you decide to withdraw your consent we may not be able to continue to provide that service to you.
Your request for the withdrawal of consent can take the form of an email or letter to us, or through the UNSUB feature in an online service. Where relevant, we may need you to provide proof of your identity.
You may ask us (in writing) to inform you what personal data we hold and information about how we may have used and/or disclosed it in the previous one year.
You may ask us (in writing) for details about what is being processed by us or by a service provider on our behalf for a particular purpose and, if you say that you would like to receive it, to give you a copy of that personal data in an intelligible form and in a form that is easily portable.
You need to ask us separately for such access to personal data that we hold for each different purpose. We may charge you a reasonable fee for each access request you make to us if there is a cost involved.
We will respond to your request for access to personal data about you as soon as reasonably possible and, in any event, within 30 days after we receive the request from you. If we are not able to fulfil your request fully within 30 days, we will let you know the reasons, comply with the access request to the extent that we are able to do so within that period and comply with it fully as soon as we are able to do so.
When you make such a request, we may need to verify your identity
We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading and kept up-to-date by having regard to the purpose, including any indirectly related purpose, for which we collect the personal data and further process it.
You may ask us to correct personal data about you where the personal data is inaccurate, incomplete, misleading or not up-to-date. Where we are satisfied that the correction should be made, we will make it within a reasonable time framework from the date we receive your request and give you a copy of the corrected personal data.
From time to time, we may do a verification exercise for you to update us on us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us if there are any changes in the personal data we hold about you (such as a change in your personal address).
We have a Storage Limitation Policy / Document Retention Policy that spells out when we must cease to retain personal data and that requires documents and personal data to be destroyed (paper documents) or deleted (electronic documents and data stored in databases) securely. Certain retention periods are based on statutory or regulatory requirements.
If you are located in Singapore or in the Americas, we ordinarily keep your personal data in servers located in Singapore and the United States, respectively, but there are exceptions where it may be kept in servers in the European Union. In all other cases, we keep your personal data in servers located in the European Union.
We are allowed to transfer personal data about you across borders in various circumstances permitted by law (for example, for the purpose of a contract between you and us or in an emergency concerning you). If you would like more information about these circumstances, please let us know.
Where required to do so by law, we will disclose personal data about you to the relevant authorities or to law enforcement agencies.
Our website may contain links to other websites that are not operated by us. If you click on a third party link, you will be directed to that third party’s website. It is important that you review the Privacy Policy of every site you visit. We have no control over, and are unable to assume any responsibility for, the content, privacy policies or practices of any third party sites or services.
We may update the Data Privacy Notice from time to time. We will notify you of any changes by posting the policy on this page. Please revisit this page periodically for any changes.
Changes to this Policy are effective when they are posted on this page.
If you have any questions about our collection, use, and/or disclosure of personal data about you; feedback regarding this Data Privacy Notice, or any complaint you have relating to how we collect, use, disclose and store personal data about you, you may contact us as follows:
Any query or complaint should include, at least, the following details:
You have the right to lodge a complaint with a supervisory authority, in particular:
General Data Protection Regulation (GDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Dropsuite has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:
UK General Data Protection Regulation (GDPR) - UK Representative
Pursuant to Article 27 of the General Pursuant to Article 27 of the UK GDPR, Dropsuite has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
Dropsuite’s Email Backup and Archiving solution’s use and transfer to any other app of information received from Google Accounts will adhere to Google API Services User Data Policy, including the Limited Use requirements.
If you are a Gmail user and you have subscribed to our solution to backup your emails. We will use Google’s APIs to access your mailbox, emails, contacts and calendar details (collectively “Gmail Data”). Pull them to our backup solution and store them encrypted in our cloud storage.
If you are to use the restore function, we will retrieve your Gmail Data and push it to your mailbox through Google’s APIs. Your data will not be shared with any third party unless there is a legal requirement to do so.
For more information about OAuth consent please visit https://console.developers.google.com/getting-started
Only G Suite Administrators can subscribe to our G Suite solution, and the administrators must allow Domain-Wide Delegation of Authority on the user consent to subscribe the solution. Once the G Suite Administrator has accepted the consent and granted the Domain-Wide Delegation of Authority, we will use Google’s APIs to access user list in the G Suite subscription. We will use Google’s API to access G Suite’s mailbox and emails (collectively “GSuite Data”) of each user that the G Suite Administrator has selected for the backup. We will pull GSuite Data to our backup solution and store them encrypted in our cloud storage.
If you are to use the restore function, we will retrieve GSuite Data backed up and push it to your mailbox through Google’s APIs. If you specify a new label in the restore function, we will be creating a new label under your mailbox through Google’s APIs before pushing to your emails.
If you are to use the migration function, we will retrieve Gsuite Data backed up and push it to the mailbox you have specified through the protocol you have requested.
Your data will not be shared with any third party unless there is a legal requirement to do so.
© 2024 Dropsuite Limited. All Rights Reserved.