This Policy governs our processing of your "personal data" (as defined in the European Union’s General Data Protection Regulation EU2016/679 (“GDPR”)) and the way in which we deal with other data that is not personal information. The term “processing” is used as defined in the GDPR. It includes collection, storage, and all of the ways we use, and allow you to use, personal information, when we provide our services. You are the data controller under the GDPR of the personal information you provide to us as part of your Account Data (see below). Drizzle Technologies Private Limited (CIN U72900KA2020PTC133651) ("ente", "we", "us" or "our") of Flat 301, Purvi Pride Apartments, Varthur, Bangalore, Karnataka, India, 560087 is the data controller under the GDPR of all other personal information.
This Policy is divided into five sections to make it easier for you to see which provisions apply to different types of data. Words and phrases which are defined in our Terms of Service (“ToS”) have the same meanings when they are used in this Policy.
The sections of this Policy are:
3.1 This Introduction section.
3.2 The “Your Files” section. This covers the actual encrypted files that you upload, access and share using our services.
3.3 The “Account Data” section. This covers the metadata that is collected and generated by our systems when you use our services, and the information that you provide to us when you register and communicate with us.
3.4 The “Website Usage Data” section. This covers the data that is collected and generated by our systems when anyone browses our website.
3.5 The “General Terms” section, which applies to all our services and all types of data.
5.1 When you upload a file, it is already encrypted at your device, so we do not know whether it is personal to you or someone else, relates to a business or some other organisation, or what it contains. We also generate and store encrypted previews of images, videos and certain other types of file.
5.2 All Your Files remain encrypted at all times while they are on our system. They are never received, stored or otherwise dealt with by us in unencrypted form because any decryption takes place only on your device or that of another user to whom you have provided the file/album/folder/collection keys or links that are created when you give them access.
5.3 We collect Your Files because that is necessary for us to provide our end-to-end encrypted cloud storage and collaboration services that you contract for when you agree to our ToS.
5.4 Although Your Files are not personal information within our system because you have encrypted them, you should know that we store Your Files and make them available from servers in secure facilities in Europe or in countries that the European Commission has determined to have an adequate level of protection under Article 45 of the GDPR, depending where you are based.
5.5 We keep Your Files while you are subscribed to our services but this is subject to our suspension and termination rights set out in our ToS. You should download Your Files prior to termination of services.
5.6 If you forget your password you will lose access to all Your Files.
5.7 When you delete one of Your Files it will be made inaccessible, marked for deletion and removed when the next appropriate file purging process is run, subject to any retention specifically allowed under this Policy or our ToS. After account termination, all Your Files will be marked for deletion and removed when the next appropriate file purging process is run, subject to any retention specifically allowed under this Policy or our ToS.
5.9 We may, but shall not be obliged to, keep Your Files after your account has been suspended or terminated. In particular, we may, but shall not be obliged to, keep Your Files where we consider it necessary for evidential purposes relating to a breach of our ToS or with respect to current or anticipated action by any competent enforcement authority or other third party. With respect to release of Your Files to competent enforcement authorities and third parties, see our Takedown Guidance Policy.
5.10 See also the General Terms section of this Policy which applies to all types of data, including Your Files.
6.1 When you sign up for particular services on our website you will need to give us the details required in our registration form and will need to keep that information up to date.
6.2 When you use our services, the following information is retained in their unencrypted form:
6.3 From time to time we may need to communicate with each other directly. We will use the email address you have verified in your account. You can communicate with us using the appropriate address on our contacts page. Examples of direct communications include invoices, copyright or other enforcement emails, notifications under our Takedown Guidance Policy, system update information, data breach notifications, notification of major changes to our ToS or this Policy.
6.4 Access to your account and files is by way of nominated email address and password. It is your responsibility to keep these safe and secure as ente stores the email address but does not store the password. If you forget your password you will lose access to all your data.
6.5 We will collect, store, use and otherwise process Account Data so that we can provide the services you have contracted to obtain from us under our ToS. We also have a legitimate interest in processing Account Data so that we can maintain and improve our systems and services and communicate with you as referenced in this Policy.
6.6 We retain Account Data as long as your account is active. After account suspension or termination we may, but shall not be obliged to, retain all Account Data if enforcement action is likely or commenced under our ToS or Takedown Guidance Policy or for 1 month, whichever is longer. Where there is no enforcement action likely or commenced and the 1 month period has expired, Account Data that identifies you will be anonymized, but where you are a contact of, have had a data shared with you by another ente user, those details will continue to be retained to allow services to continue for those other users. See also the General Terms of this Policy with regard to retention.
6.7 You can request to download your Account Data by reaching out to you [email protected] from your registered email address. You can also request correction of Account Data if it is considered incorrect, in accordance with the GDPR. The information will be provided or updated promptly, and at least within one month, without charge unless the request is manifestly unfounded or excessive. Corrections will be promptly considered and actioned if appropriate.
6.8 If we have disclosed the Account Data to any third party (such as a compliance authority), we will inform them of any correction where possible and will also inform the individuals about the third parties to whom the data has been disclosed where lawful and appropriate.
6.9 See also the General Terms section of this Policy which applies to all types of data, including Account Data.
7.1 We use a privacy focussed third-party analytics service to monitor the metrics of our website. You can read their privacy policy here: https://simpleanalytics.com/privacy
7.2 See also the General Terms section of this Policy which applies to all types of data, including Website Usage Data.
15.1. Payment Processors
We use third-party services to process your payments. We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council that help ensure the secure handling of payment information.
The Privacy Policies of the payment processors we work with can be accessed below:
15.2. Feedback Collection
We use FeatureMonkey to collect feedback from users and to decide what features we should be working on. The data that is pushed to them is obfuscated and does not include a customer's personal information (like name or email). You can find their privacy policy here: https://www.featuremonkey.com/privacy.
15.3. Website Analytics
We use a privacy focused third-party analytics service to monitor the metrics of our website. You can read their privacy policy here: https://simpleanalytics.com/privacy
15.4. Backend Analytics
We use Amplitude for analyzing API access patterns. The data that is pushed to them is obfuscated and does not include a customer's personal information. You can read their privacy policy here: https://amplitude.com/privacy.
15.5. Transactional Emails
We use Zoho for sending out emails like login tokens, billing reminders, notification when an album is shared with you, etc. You can read their privacy policy here: https://zoho.com/privacy.
15.6. Monitoring
We use Grafana Cloud for storing our server side logs, that are stripped off any personally identifiable information. You can read their privacy policy here: https://grafana.com/legal/terms/#privacy.
We may send invoices, security or service updates and various other notices by email to the email address listed in your account or using any of our messaging systems. They will be deemed to be received in accordance with our ToS.
If appropriate, some of those notices will contain unsubscribe information so you can opt out of further receipt. We will abide by any email unsubscription request (other than those we need to send for invoicing, security or service updates and other service provider purposes).
Questions and comments regarding this Policy are welcomed and should be addressed to the Privacy Officer at [email protected] For a comprehensive list of contact details for Drizzle Technologies Private Limited, and each of our related or affiliated entities and payment processors, together with details of how to contact our privacy officer and data protection officer, see our contacts page.
If you are in Europe or otherwise have the right to lodge a complaint with a supervisory authority, you can find contact details for our European Representative and European supervisory authority on our contacts page.
Last updated 20 December 2021, effective 21 January 2022.
If you have a concern about any of these terms, please write to us at [email protected].