Introduction

Ingbox, Inc. ("Ingbox", "we", "us" and "our" throughout) recognizes the need for appropriate protections and management of information that you provide to us and we intend to create trust with you ("you" and "your" throughout), as either a visitor to one of our websites (each and collectively the "Site(s)") or as an eventual customer respecting our services offerings ("Services").

To that end, we have tried to describe in clear and brief terms:

  • the information we access and/or collect from your Site visits or use of our Services ("Data");
  • how we use, process, and store that Data; and
  • how and when we sometimes share that Data.

By accessing and using a Site or the Services, you agree to this Privacy Policy, and your access and use is deemed your consent to it. If you do not agree with this Policy, you should not use the Site(s) or Services.

Note: Your use of each Site and Service is governed by this Privacy Policy and the Ingbox Terms and Conditions of Use and Service ("TOS"). A separate agreement between you and Ingbox containing more specific terms and conditions for access and use of any Services may follow, by either signed writing or click acceptance by you ("Agreement"). Once such an Agreement is in place, it shall govern the performance and use of Services in all respects. Capitalized terms not otherwise defined herein shall have the meanings ascribed to them in the TOS.


Collection

During your Site visits or use of our Services, we access and collect the following Data generally:

  • Manually-entered information you voluntarily and expressly give us, via a Site-based or Services registration or log-in process, via our "Contact Us" or Partner Registration Form or via a similar process (e.g. opt-in automated collection, such as "sharing" user data via third-party authentication and other such service providers);
  • Voluntarily-provided information you expressly upload, send or otherwise enable transfer of to our Sites and Services, including if you elect, via recordation and transcription; and
  • Automatically-collected information, which is generally technically-based, like IP address(es), information gathered via "cookies", and other anonymous, aggregated or behavioral information ("Anonymous Data");

In connection with collection of the above Data:

  • Manually-entered and Voluntarily-provided information are both "Known Data" and may, and in many cases will, include personally identifiable information ("PII") regarding you or one or more third party entities or individuals.
  • Anonymous Data will not have PII or Known Data. Only Known Data will contain PII.
  • You may always opt-out of any express or automated Data collection process by not providing any Data and by not clicking the permission bar or button for automated collection. Voluntarily providing and enabling automation, as well as uploading, sending or otherwise enabling transfer of Data to our Sites and Services is an opt-in.
  • You may email support@Ingbox.com to change or delete any Known Data you previously provided via manual, voluntary or automated permission. You may also contact us at the physical address and telephone number at the bottom of this Privacy Policy.

We will collect Known Data when you visit our Site(s) and either provide it to us or opt-in or consent to automated collection via third-party source. We will collect Known Data when you access and use our Services via registration and subsequent log-in. Such information may, and likely will, include your full name, e-mail address, billing and/or contact physical address, security question (and answer), credit card or other payment information, and a password.

We may, and likely will, also collect Anonymous Data using an analytics tool or service during your Site visits or use of Services, to help us analyze how you use the Sites and Services. The result of the analysis will be used to improve our Sites and Services, and may be shared with third parties as set forth below.

Use of analytics generally involves using "cookies", which are small text files placed on your computer to collect standard internet log information and visitor behavior in an anonymous form. Anonymous Data generated by the cookies about your use of the Sites or Services may, and likely will, include IP addresses, the URL from which you linked into our site, and your browser type and version.

Your IP address is collected purely and solely to determine geographic location of visits for metrics analysis as described below, and will not be disclosed so that any person or entity may locate you.

For metrics analysis, Anonymous Data may be transmitted to one or more third party service providers (e.g. but not limited to: Google/RocketFuel, etc.). The Data may then be processed to compile statistical reports on Site or Service activity. We may use reports from such analysis to evaluate aggregate visitor usage to optimize content or delivery of Services, or extend or serve ads or offers where applicable.

We will link, or seek to link, an IP address with a particular computer or user only for providing optimized Services to users (e.g. and without limitation for routing to the nearest data center to provide better access and performance, enabling an audit log of shared links use, and for data security). We will not associate any Data gathered from Site visits or use of Services with any PII from any source, unless you explicitly submit that information for that purpose (i.e. for later location and service back to you of such Data). We will not associate your IP address with any other Anonymous or Known Data, except to provide the contracted Services to you.


Use, Processing and Storage of Data

In addition to the collection and use described above, we will use, process and store Data only to provide a relevant and quality Site visit experience to you, and performance of quality Services to you.


Storage/Co-location and Sharing

Your Data submitted to our Services is located initially in the geographic region stated below, and any transfer to the United States is via AWS. Amazon is recognized on the U.S. Department of Commerce website as eligible for, and current with regard to, self-certification as compliant with the U.S.-E.U. Safe Harbor Framework developed by the Department of Commerce in coordination with the European Commission (see https://safeharbor.export.gov/list.aspx). Amazon will use the Data in accordance with its Privacy Policy, located at: http://aws.amazon.com/privacy/. User conduct must be in accordance with AWS's/Amazon's Acceptable Use Policy and Terms of Use: http://aws.amazon.com/aup/ and http://aws.amazon.com/terms/.

For Ingbox to provide Services to you, your Data may be transferred between AWS and Ingbox's corporate proprietary systems co-located in the United States. We also use other trusted third party payment, transcription, co-location and/or hosting companies, and require that they demonstrate safe harbor third party or self-certification, certification by a data security standards body, or sufficient demonstration of their security structures and practices that are in satisfaction of such guidelines and standards.

One exception to such limited use and sharing is that we must comply with the valid legal process of a court or law enforcement agency, including without limitation the Federal Bureau of Investigation. We will give notice of all court or law enforcement requests when legally and time-permitted. We shall have no liability for information provided to a court or law enforcement agency.


International Transfers and Security Measures

For us to use and process most Data, we must transfer it between our various locations and our corporate headquarters and office locations, which are noted on our Sites and in our Services Agreements. We represent that we use industry standard security measures appropriate to our size and operations, including without limitation: use of firewalls and VPNs; separation of corporate and datacenter networks, encryption of files in transit and at rest; password encryption, etc. In addition, medical information provided via a health care provider will be collected and processed according to Business Associate Agreements for HIPAA (Health Information Portability and Accountability Act) compliance, with terms materially compliant to the model form drafted by the U.S. Department of Health and Human Services, at http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/contractprov.html.

Data we collect may be used, processed and/or stored in and transferred between any of the countries in which we operate to enable us to use the Data to provide and perform the Sites and Services in accordance with this Privacy Policy and our Agreements. Information submitted in the U.S. or another country may be transferred to one or more other countries, including the United States, which do not have the same data protection laws as the European Union. You expressly agree to such transfers of Data, including PII. You acknowledge the transmission of information over the internet can be insecure, and we cannot guarantee the security of Data sent over the internet. You are responsible for keeping your user ID and/or password confidential. You expressly agree to transfers of Data for all purposes in providing Services and using the Site(s). We do not share Data for direct marketing purposes.


Healthcare Data and HIPAA Compliance

Medical information stored and retrieved in our systems by healthcare providers will be collected and processed according to Business Associate Agreements for HIPAA (Health Information Portability and Accountability Act) compliance. If you will be using your account to store and process healthcare information, please review our HIPAA Business Associate Agreement and proceed only if you agree with the Business Associate Agreement. The terms of our Business Associate Agreement are materially compliant to the model form drafted by the U.S. Department of Health and Human Services, at http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/contractprov.html.

Healthcare providers ("Covered Entities") need to agree to the three agreements - Privacy Policy, Terms of Service and HIPAA Business Associate Agreement.


Law

This Privacy Policy and the relationship between you and Ingbox are governed by the laws of the State of California, United States of America, exclusive of choice of law. Any disputes concerning them, and any interpretation thereof, shall be subject to the personal jurisdiction of the state and/or federal courts of San Mateo County and/or the Northern District of California, as applicable.


Contact us:

If you have any questions about this Privacy Policy, or the privacy practices of Ingbox, email support@Ingbox.com or write to us at Ingbox, Inc.,111 Deerwood Road, Ste. 200 San Ramon, California 94583; phone: 1.925.364.5490 # 2 for support (Attn: Data Usage).


Publication/Effective Date

Publication/Effective Date: January 12, 2017
This Privacy Policy is published and effective as of the date noted above, and is effective as between you and us on first visit. This Privacy Policy will be updated from time to time and a Last Updated date will be noted. Continued use of the Site(s) and Services is your acceptance of and agreement to such changes.