Privacy policy

Effective date: March 21, 2018

OnePrivacy S.A. (“OnePrivacy”, “us”, “we”, or “our”) is committed to the privacy and security of your information and communications.

Unless the context otherwise requires, any reference to “you”, “your” or “yourself” in this Privacy Policy includes each respective organization utilizing the Team Management Functionality of the Apps, the Site and/or the Service, each respective Team Admin and each respective Team Member (as such terms are defined in our Terms of Use).

We operate the www.keexle.com & www.oneprivacy.lu website and the following applications: Keexle, Keexle Messenger and Keexle Transfer (the “Service” or “Products”).

This Privacy Policy describes the information we process to support the Service.

Our Privacy Commitment

Our default privacy policy is never to gather or store information about you. Our Products utilize state-of-the-art security and end-to-end encryption to provide private communication services to users worldwide. Your calls, messages, files, comments and all the data used by any feature of our Products are always encrypted, so they can never be shared or viewed by anyone but yourself and the intended recipients.

Unless the context otherwise requires, any reference to “you”, “your” or “yourself” in this page includes i) each respective organization which subscribed to one of our Products via our online payment system, ii) each respective Team Manager and iii) each respective Team Member (as such terms are defined in our Terms of Use).

Information We Collect

We collect personal information about you in the following ways:

Information You Provide

In order to use our Products, you need to create an account with some Account Information. This information are always created by you. This information is required to letting you communicate securely with other users of our Products. Personal information that you may provide through the Service or otherwise communicate with us includes:

Your Account Information

Your Account Information consists in:- a name (e.g. a username);

  • a valid email address;
  • an account public key;
  • and a device public key.

This personal information is only kept for the duration of your account lifetime. You can change or delete your profile information at any time. The legal basis for the processing of your personal data mentioned above is your fulfilment of the contract.

You may optionally add other information to your account, such as profile picture or online status. This information is end-to-end encrypted and not exploitable by us.

Your Messages

We cannot decrypt and thus access the content of your messages (including your chats, photos, videos, files, and calls). We store the encrypted version of your messages on our servers for:

  • delivery to recipients who are temporarily offline;
  • secured backup of your messages in robust data centers, so that you can always retrieve your data if one of your devices is damaged;
  • synchronization of your messages across all your devices.

You can delete any message individually at any time, both on your devices and on our servers.

Payment Information

For invoicing and determining the VAT we collect for paid Products:

  • the domicile of the customer (country)
  • the invoicing address
  • the VAT identification number (only for business customers of some countries)

For the execution of credit card payments your credit card data will be shared with our payment service provider Paymill (Germany). When collaborating with Paymill, OnePrivacy receives access to the following banking and financial information about the Website users:

  • first name and family name of the user;
  • type of bank card;
  • the last four digits of the bank card number and
  • bank card validity date.

For more information about PayMill, please visit: https://www.paymill.com/en/privacy-policy/.

Contact from web page

On the web pages related to our Products, we offer the opportunity to get in contact with us via email or contact form. In doing so personal data is voluntarily transferred to us, stored automatically and only used for the purpose of dealing with the request and getting in contact with the affected person. We will not disclose this personal data to third parties.

Information automatically collected (Log Data)

In order to maintain our Products servers in an healthy mode (error diagnosis, prevention of abuse), we may store Log Data. These logs contain sender and recipient identifiers and time of connection but no IP addresses. These logs are kept for a maximum of 3 months, for the sole purpose of facilitating troubleshooting and preventing abuse.

We also collect the information that your browser sends whenever you visit our websites. This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the Products pages that you visit, the time and date of your visit. However, we don’t use any Analytics Tools and Log Data are kept for a maximum of 72 hours, for the sole purpose of facilitating troubleshooting and preventing abuse.

Cookies

We do not use cookies.

How We Use Your Personal Information

  • To provide and maintain our Service. Your Account Information is used to provide the Service to you and other users. E.g. Your email address is used to validate your account, your public key is used to make you searchable in our user directory. Your email address is never disclosed to other users of the Service until you accept them as part of your contacts.
  • To communicate with you. We will use your Account Information to notify you about changes to our Service, to provide you with newsletters through our Product or via your email address. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us. Our Products also enable communications between you and others. In particular, sending and delivering invitations, between you and the person who invites you or whom you invited.
  • To provide you customer support. You may provide us with information related to your use of our Products. For example, you may send us an email with information relating to our app performance or other issues. If you contact us by email or by phone to help you with some troubleshooting, any personal data you may share with us is kept only for the purposes of researching the issue and contacting you about your case.

  • To monitor the usage of the Service We use information about you to secure your profile, verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of our Terms of Use.

Retention of Data

OnePrivacy S.A. will retain your Personal Data only for as long as is necessary
for the purposes set out in this Privacy Policy. We will retain and use your
Personal Data to the extent necessary to comply with our legal obligations
(for example, if we are required to retain your data to comply with applicable
laws), resolve disputes, and enforce our legal agreements and policies.

Transfer of Data

Your information, including Personal Data, may be transferred to — and
maintained on — computers located outside of your state, province, country or
other governmental jurisdiction where the data protection laws may differ than
those from your jurisdiction.

If you are located outside Luxembourg and choose to provide information to us,
please note that we transfer the data, including Personal Data, to Luxembourg
and process it there.

Your consent to this Privacy Policy followed by your submission of such
information represents your agreement to that transfer.

OnePrivacy S.A. will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country.

Disclosure Of Data

Disclosure for Law Enforcement

Under certain circumstances, OnePrivacy S.A. may be required to disclose your
Personal Data if required to do so by law or in response to valid requests by
public authorities (e.g. a court or a government agency).

Legal Requirements

OnePrivacy S.A. may disclose your Personal Data in the good faith belief that such
action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of OnePrivacy S.A.
  • To prevent or investigate possible wrongdoing in connection with the
    Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If
you click on a third party link, you will be directed to that third party’s
site. We strongly advise you to review the Privacy Policy of every site you
visit.

We have no control over and assume no responsibility for the content, privacy
policies or practices of any third party sites or services.

Children’s Privacy

Our Service does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone
under the age of 18. If you are a parent or guardian and you are aware that
your Children has provided us with Personal Data, please contact us. If we
become aware that we have collected Personal Data from children without
verification of parental consent, we take steps to remove that information
from our servers.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any
changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior
to the change becoming effective and update the “effective date” at the top of
this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes.
Changes to this Privacy Policy are effective when they are posted on this
page.

Terms

Please also read our Terms which also governs the terms of this Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

Data Processing Addendum

Definitions

All definitions bellow shall have the meaning of the Regulation (EU) 2016/679 (General Data Protection Regulation; hereinafter – “GDPR”).

Personal Data

Personal Data means data about a living individual (“Data Subject”) who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

Data Controller

Data Controller means a person who (either alone or jointly or in common with
other persons) determines the purposes for which and the manner in which any
personal data are, or are to be, processed.

For the purpose of this Privacy Policy, we are a Data Controller of your data.

Data Processor (or Service Providers)

Data Processor (or Service Provider) means any person (other than an employee
of the Data Controller) who processes the data on behalf of the Data
Controller.

Data Subject

Data Subject is any living individual who is the subject of Personal Data.

User

The User is the individual using our Service. The User corresponds to the Data
Subject, who is the subject of Personal Data.