Compliance

ElephantDrive & Privacy

As a company, we place a high value on privacy and transparency. So, let’s start by making a couple of things clear about how we protect our users’ data:

We collect and process a limited amount of Personal Identifiable Information (PII), and we only collect and process PII that is necessary to provide the services our users sign up for:

 

Email and name for logging in and getting in touch

Payment info for paying for your plan, and… That’s it!

We do not sell any of this information! We do not share any of this information!

Our GDPR Compliance Process

We started by becoming an active participant of the Privacy Shield Framework. The Privacy Shield Framework guarantees that data transferred from the EU to the USA benefits from the same level of protection.

We have conducted a thorough internal audit reviewing our practices and our compliance.

We have updated our Privacy Policy and our Terms of Use.

The personal data we collect

ElephantDrive only collects “general” PII that is strictly necessary to provide our services to our end-users:

We only host, store, or interact with this PII on secure systems provided by partners that also comply with our standards, including GDPR.
Examples of such providers are our payment processing solution, our customer support ticketing solution, our email delivery solution, and our infrastructure solutions. They share our privacy concerns, comply with GDPR, and we have subscribed to their updated policies put in place to guarantee GDPR compliance.

All other data stored by users in their accounts is encrypted during transit and at rest, and is absolutely private

Group 81
1. Name and Surname
2. Email Address
3. Phone Number
4. Payment-related information: Card Type, Number, Billing Address…


We do not collect any other type of PII!

ElephantDrive collects this PII when you create an account/sign up for our services

As for the data our users back up, store or share using our services, it is encrypted on the user’s devices, travels and is stored encrypted. Click here for more information on how your data is secured at ElephantDrive.

How we
process data

Our service and solution providing partners share our privacy concerns and comply with GDPR. We have subscribed to their updated policies put in place to guarantee GDPR compliance:

Frame
svg

How long we keep data

We only store PII as long as strictly necessary, ie as long as you are an active user of our services.

Upon cancellation, the (encrypted) user’s data is queued for deletion and purged from our servers within a couple of weeks. We only keep the user’s email address as a cancelled user. Payment information is deactivated as is emailing. No additional processing of personal information is done after cancellation.

svg

How and where we store data

Most of our data is stored and processed in the USA. This is why we enrolled in the Privacy Shield Framework for our EU users to guarantee equivalent levels of data protection.

As said before, all our partners who help us store and process data are equally compliant with GDPR requirements.

Group 922

How to request copy / modification / deletion of personal data

As an ElephantDrive user, you have
the right to:

At all times, users can access their account and review their recorded PII (Name, email, payment information)

At all times, users can access their account and modify their recorded PII (Name, email, payment information)

At all times, users can cancel their accounts. Their data will be queued for deletion within the next couple of days.

Upon request at dar@elephantdrive.com, we can provide copies of the PII stored. We reserve the right to charge an administrative fee in cases of repetitive requests, manifestly unfounded or excessive requests or further copies.

At all times, users can object to PII processing. However, since we only process PII to provide our services, it will be necessary for them to cancel their accounts. Their data will be queued for deletion within the next couple of days.

Click on each section to find out how we implement and guarantee that our users enjoy these rights. All other requests regarding access to PII may be directed to dar@elephantdrive.com.

ElephantDrive’s Data Protection Officer

Despite the fact that we only collect and process very limited PII, we have decided to appoint a Data Protection Officer (“DPO”) (mainly on the basis of our number of users and to guarantee maximum confidence for our users).

The office of our DPO can be reached at dpo@elephantdrive.com.

ElephantDrive’s latest Privacy Policy

Our latest Privacy Policy is linked to from all pages of our marketing and functional websites.

Data Processing Agreements

Upon request, we can make Data Processing Agreements available for our Business and Enterprise users. Please reach out to dpa@elephantdrive.com to request a DPA.
Group 69

Get in touch

For more information, please refer to our GDPR-specific FAQs or reach us at gdpr@elephantdrive.com.