Privacy Policy
June 23, 2023
Material Security helps protect your cloud email accounts and gives you the tools to keep your email data safe. Our Privacy Policy is designed to help you understand how we collect, use and share your Personal Data and to assist you in exercising the privacy rights available to you.
Information we collect
We collect information from you when you register on our site or fill out a form. Any data we request that is not required will be specified as voluntary or optional. When registering on our site, as appropriate, you may be asked to enter your name, e-mail address, mailing address or credit card information. You may, however, visit our site anonymously.
The information we may collect includes, without limitation:
- Service Interaction Data: IP address, details about your browser, pages that you visited before and during your visit, clicks and other information about how you use the service
- Email Account Setting Data: Account security settings, email filters, forwarding, delegating and other configuration data that contain Personal Data.
- Inbox Activity Data: New email arrival notifications, deletion notifications and email thread history that contain Personal Data.
- Email Metadata & Data for Protection: Email addresses and names of participants, email headers that contain Personal Data, metadata of emails (time sent, labels, read/unread status etc.) that are linked to Personal Data, email content, attachments and calendar events that contain Personal Data.
How we use your information
Any of the information we collect from you may be used in one of the following ways:
- We provide cloud email security service to you. We process Personal Data as necessary to perform these activities. In addition to storing and retrieving data, we carry out necessary processing to generate reports of your email account activity and help you make informed email security decisions.
- Take action on your behalf to maintain desired security properties of your email account and your data.
- To personalize your experience (your information helps us to better respond to your individual needs)
- To improve our service (we continually strive to improve our service based on the information and feedback we receive from you and external reports)
- To improve customer service (your information helps us to more effectively respond to your customer service and support needs)
Cookies
We use cookies to provide our service to you. Cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information. If you turn off cookies, you may still access the material.security site and learn about the product, but registering and enabling our service requires cookies in order to connect with your Gmail account.
Our role as exclusive data processor
Our enterprise customers may choose to use our Services to process their organization's email data, which may contain your Personal Data. The data that we process through our service is processed by us on behalf of our customers, and our privacy practices will be governed by the contracts that we have in place with our customers, not this Privacy Policy.
If you have any questions or concerns about how such data is handled or would like to exercise your rights, you should contact the person or entity (i.e., the data controller) who has contracted with us to process this data. Our customers control the Personal Data in these cases and determine the security settings within the service, its access controls and credentials. We will, however, provide assistance to our customers to address any concerns you may have, in accordance with the terms of our contract with them.
Disclosing your information to third parties
We do not sell, trade, or otherwise transfer your Personal Data except in accordance with this policy. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses as long as it adheres to applicable data use policies (e.x. Google API Services User Data Policy).
We use sub-processors to provide us with some services that are necessary to provide the features of our website. Those subprocessors and the services they provide are listed here.
If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
Limited use of your cloud email data
We adhere to all restrictions and limitations defined by your email service provider. For example, Material Security's use and transfer to any other app of information received from Google Restricted scopes APIs will adhere to Google’s Google API Services User Data Policy including the Limited Use requirements.
Datacenter location
We locate our data centers in the United States and by utilizing our service, you expressly instruct us to process Personal Data within the United States and consent to its processing in accordance with this privacy policy.
Your choices
You have certain choices about your Personal Data. Where you have consented to the processing of your Personal Data, you may withdraw that consent at any time and prevent further processing by contacting us.
If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you may continue to receive transaction-related emails regarding service you have requested. We may also send you certain non-promotional communications regarding us and our service, and you will not be able to opt out of those communications (e.g., communications regarding the service or updates to our Terms or this Privacy Policy).
Your data privacy rights
In accordance with applicable law, you may have the right to:
- Access Personal Data about you consistent with legal requirements. In addition, you may have the right in some cases to receive or have your electronic Personal Data transferred to another party.
- Request correction of your Personal Data where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your Personal Data or we may refer you to the controller of your Personal Data who is able to make the correction.
- Request deletion of your Personal Data, subject to certain exceptions prescribed by law.
- Request restriction of or object to processing of your Personal Data, including the right to opt in or opt out of the sale of your Personal Data to third parties, if applicable, where such requests are permitted by law.
If you would like to exercise any of these rights please contact us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request.
Data Deletion
We store the Personal Data we receive as described in this Privacy Policy for as long as you use our service or as necessary to fulfill the purpose(s) for which it was collected, provide our service, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.
Once you cancelled or terminated your use of our service, the Personal Data will be deleted within 30 days of the termination date, with the exception of data that is required to establish proof of a right or a contract, which will be stored for the duration provided by enforceable law.
Once deleted, your data cannot be restored.
You may also request transfer of ownership of your data upon termination by contacting us.
Information Security
We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy. We may manually handle your data if it is necessary to provide you with support for our service, respond to security issues affecting your data, aggregated and anonymized data for internal use only or comply with applicable laws. In all other situations, we will request explicit approval from you before handling your data.
CalOPPA Compliance
Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your Personal Data to outside parties without your consent.
Children's Information
Our service is not directed to children under 17 (or other age as required by local law), and we do not knowingly collect Personal Data from children. If you learn that your child has provided us with Personal Data without your consent, you may contact us as set forth below. If we learn that we have collected any Personal Data in violation of applicable law, we will promptly take steps to delete such data and terminate the child’s account.
Supervisory Authority
If you are located in the European Economic Area or the UK, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your Personal Data violates applicable law.
Changes to our Privacy Policy
If we decide to change our privacy policy, we will post those changes on this page, send an email notifying you of any changes, and/or update the Privacy Policy modification date below. Policy changes will apply only to information collected after the date of the change.
Online Privacy Policy only
This online privacy policy applies only to information collected through our website and not to information collected offline.
Your consent
By using our site, you consent to our privacy policy. If you do not consent to the collection and processing of the information required to be processed, we are unable to provide you with our service, and you should not use our site.
Contact us
If you have any questions about our privacy practices or this Privacy Policy, or if you wish to submit a request to exercise your rights as detailed in this Privacy Policy, please contact us at:
Material Security, Inc.
1003 Main St
Redwood City, CA 94063
info@material.security