The GDPR was designed to give you, as consumers and citizens, more control over your personal data. Keeping your data private and secure has always been a top-priority here at Filemail - and now we have taken it up another notch. Here is a brief summary of the actions what we have taken in order to be GDPR compliant:
- We identified absolutely all personal data that we collect and improved our data retention policies. All data (metadata) related to an anonymous (free) transfer is deleted 7 days after the transfer expires. When a user account expires - we automatically wipe out all user data after 180 days of inactivity. We use Intercom.io for support and BraintreePayments.com for payments. Your data is automatically wiped these places as well 180 days after your account has expired.
- Your files are stored in your region - or where you choose. Transfers uploaded in the EU are stored in the EU. Transfers uploaded in the US are stored in the US - you get the picture. With a Business account you can specify exactly which regions of the world that files may be stored in. We are currently represented in the US, Germany, Spain, The Netherlands, Brazil, India and Australia. (Your other data/metadata such as name, email addresses, IP addresses is stored in our core servers which are located in The Netherlands (EU)).
- You can request a data dump of all the information we keep about you. Contact us at email@example.com in order to file such a request.
- You can easily update your own personal information in order to keep it accurate. Go to your profile or company settings to update this.
- You can delete your data (sent files + your entire account) at any given time. You can also ask us to stop processing your data - meaning that we will permanently delete your customer data and all your files.
- We have a PrivacyPolicy that's easy to understand and follow. It is available here.
- We now ask for your consent to process your personal data when you sign up. You can withdraw this consent by contacting firstname.lastname@example.org (or via the Chat).
- We documented all cookies that is used - both internally and also 3rd party cookies. Read more about our cookies here.
- We have formulated a GDPR Data Processing Agreement that you as a customer should sign and return to us at email@example.com. Download the agreement here (PDF).