PRIVACY AND COOKIE STATEMENT SIILO
Revised On: March 22, 2016
Siilo takes data privacy and security very serious. We take all usual technical measures to prevent unauthorized access to your data on our servers. For all clarity with regard to messages sent over Siilo; because all data sent by users is encrypt and only readable by the device of each receiver, no other party including Siilo, can decrypt any of this data. Finally, we will never sell or provide your personal data to third parties without your consent, other then required by law.
Who controls the processing of your personal data?
Siilo Holding B.V., of Keizersgracht 585, 1017 DR Amsterdam, the Netherlands, or a designated group company is the controller responsible for the processing of your personal data.
Need to contact us?
You can contact Siilo Holding B.V.:
- with the contact form on www.siilo.com
- by e-mail to firstname.lastname@example.org
- by mail to Siilo Holding B.V., Privacy Department, Postbus 15788, 1001 NG Amsterdam, The Netherlands
Providing your personal data is not compulsory
Providing personal data is never compulsory. You can always decide whether or not to provide personal data. However, in order to be able to make use of a number of our services the provision of personal data is necessary. If we ask for the input of personal data, we will indicate which data are necessary to make use of the service and therefore must be provided, and which data can be provided optionally.
Which personal data do we process?
When we provide our products and services we may process your personal data. This could include the following personal data:
- your name, date of birth and sex
- your workaddress(es), phone number(s) and emailaddress(es)
- your profession and other information you provide in your profile
- pictures (including your profile picture) and videos, uploaded by you
- data of people with whom you want to share information while using Siilo
- data about your interests and preferences as a user of our (mobile) website, app, products and services
- financial data relating to orders and payments to us and to you
- data regarding your visit to our (mobile) website and app, including URL, IP-address, browser type, language, date, time and duration of your visit
- data on the status and identity of your mobile device
- your address book data on your phone
Address Book Data
Only with your explicit permission, we will collect the phone numbers of your contact lists and/or address book (“Address Book Data”). So no other contact information, such as the names that correspond with the phone numbers or email addresses, will be collected or used. The collection of the phone numbers allows us to match users of Siilo and place them in appropriate user groups. As such, we may indicate who of your connections are also users of Siilo, and likewise we may indicate to your connections the same regarding you. This feature allows you to connect with other users of Siilo and allows other users of Siilo to communicate directly with each other. In order to do this, and to make sure we give users the most up-to-date information, we will periodically check for updates to your contact lists and/or address book data. Address Book Data (if the user has given permission) is only transmitted to the server in hashed form and additionally protected using TLS 1.2. Only Address Book Data that has been matched will be stored (in hashed form). Address Book Data of non-users will not be stored. No Address Book Data will be given to third parties or used for advertising purposes.
The following is for your additional information regarding message data. When you send or receive messages using our Siilo, we may temporarily process and store your messages, log and contact data, and other related information (“Message Data”) in order to provide the use of Siilo to you. After this, the Message Data will be deleted from our servers. Although we take all measures to delete all Message Data after recipients have received the message, we can not guarantee that the Message Data will be completely deleted. After its deletion, Message Data is permanently deleted and cannot be retrieved by Siilo.
Messages are end-2-end encrypted. Siilo has no way to decrypt messages of users because it does not have knowledge of their private keys. Private keys of users are never stored on our server. The encrypted messages and media (images, videos etc.) are not retained any longer than necessary for correct functioning of Siilo. To prevent eavesdropping by third parties (e.g. in open wireless LANs), header information of messages (sender, recipient etc.) is protected by TLS 1.2 (with cypher supporting perfect forward secrecy) for transmission to the server, and from the server to the recipient.
Although messages are securely sent and received through the Service, it is in all cases and always the user’s responsibility to determine if the receiver(s) is/are authorized to receive any possibly privacy sensitive information, like for example medical information that is reducible to a specific patient. Users are therefore responsible and liable for information they send to other users. Siilo cannot be held responsible or liable for any privacy sensitive information sent through the Service by users without the required authorization.
For what purposes do we process your personal data?
Your personal data may be processed for the following purposes:
- to provide you with access to our (mobile) website and app, whether or not based on your registration as a user
- for showing who of your connections from your address book or contact list also use Siilo
- for the entering into and implementation of an agreement concluded with you
- to provide you with, and adapt to your preferences regarding, the agreed services, products and/or information
- to send you a newsletter, user information or a service message
- to enable you to view and share with others your data in the app or on the website
- to enable interaction with other users, and to invite others to make use of Siilo
- to enable you to provide and exchange information on the website or in the app
- to improve the quality, safety and usability of our (mobile) website and app and to combat fraud
- to comply with the rules and regulations imposed on us and for dealing with disputes
To the extent that the processing listed above requires your permission, we will request such permission in advance. You can always revoke such permission.
Your personal data will not be used for purposes other than those listed above.
Data processing in the Netherlands and abroad
Your personal data will only be stored and processed in the Netherlands or in countries where this is allowed under Dutch law.
Third Party Websites
Functional cookies allow functions such as login on the website to work properly. Analytical cookies collect statistics of the users of the website, to enable us to constantly improve your user experience. Social media cookies enable the functionalities of social media such as Facebook, YouTube, Twitter, Google Maps, etc. Siilo does not make use of social media cookies. Advertising cookies keep track of how many and which ads you have seen on a website so that you may be presented with relevant advertising. Siilo does not make use of advertising cookies.
You can always decide whether or not to accept or decline the cookies we may use, e.g. functional and analytical cookies. On your first visit to our website you will have the opportunity to accept or decline cookies.
If you want to block cookies, adjust your browser settings. You can also delete cookies that are already installed. However, blocking cookies may result in the website not working properly. How to adjust your settings varies by browser. Please consult the help function of your browser.
Security and retention
We have taken appropriate technical and organizational measures to protect your personal data against loss or any form of unlawful processing. We will not retain or keep your data longer than allowed by law, required by law and/or necessary for the purposes for which the data are processed. The retention period therefore depends on the nature of the data and the purposes for which the data is processed. Retention periods may vary accordingly.
Inspection, correction and deletion
You have the right to know which personal data we keep regarding you, to inspect such data, and to request correction or deletion. You can send a message to this end with your name and contact information to Siilo Holding B.V., Privacy Department, Postbus 15788, 1001 NG Amsterdam, The Netherlands. In your request, please specify as much as possible which personal data you refer to. In general, we will respond within four weeks to a request for inspection or correction. In case of a deletion request we will delete the personal data as soon as possible, unless and to the extent that the law requires us to keep the personal data or if there are other compelling reasons to oppose removal. After the execution of a deletion request we will send you a message of confirmation. If the personal data is (partially) not deleted, we will send you a message in which we explain why your request could not (fully) be met. If we cannot identify which personal data are meant by a request for inspection, correction or deletion, we may ask you to specify your request in more detail. We suspend the execution of the request until you have provided us with such detailed specification. At the bottom of each e-mail you receive from us you will be given the opportunity to unsubscribe to such messages.
Amendment and version