elDoc Privacy Policy

The terms and conditions outlined in the End User License Agreement (EULA) are incorporated into this Privacy Policy as if fully stated herein.

elDoc (referred to as "we," "our," or "us") is committed to protecting and respecting your privacy. We understand the importance of your personal data and are dedicated to safeguarding it in accordance with applicable data protection laws. Our responsibility extends to ensuring that personal information is handled securely and transparently at every stage of your interaction with us.

We recognize that our customers and other individuals who interact with us (collectively referred to as "you") trust us with their sensitive data. To maintain this trust and to provide our services effectively, we collect, use, store, and process personal information. This data is essential for delivering our hosted Software-as-a-Service (SaaS) or for deploying the Solution on your premises (referred to collectively as "Services").

WHAT PERSONAL DATA IS COLLECTED?

We collect certain personal information from our customers and users to provide, improve, and personalize our Services. Personal data refers to any information that can be used to identify you directly or indirectly. This information is essential for the operation of our Services and helps ensure a smooth and secure user experience. The data we collect may include, but is not limited to, the following:

Types of Personal Data We Collect

Name: We collect your full name to personalize your account and communications.
Contact Information: This includes your email address, phone number, and physical address. These are necessary for customer support, notifications, billing, and to communicate important service updates or legal information.
Username and Login Credentials: When you create an account, we collect a username and password to facilitate secure access to our platform.
Employer and Job Title: We may collect details about your employer, including the company name and your job title, particularly if you're using our services in a professional or business capacity.
Payment Information: For billing and transactional purposes, we collect payment details such as credit card information or bank account details. This data is processed securely and in compliance with financial regulations.
Other Account Information: Depending on the nature of the services you access, we may collect additional details necessary for account setup, service delivery, and customer support. This could include preferences, service-related settings, and other personal identifiers.

When and How We Collect Personal Data

We collect personal data when you interact with our services in a variety of ways, including but not limited to:

Account Creation: When you sign up for an account to access our Software-as-a-Service (SaaS), we collect your personal information to create and manage your account.
Communication: We collect information when you interact with us via email, customer support, or social media platforms. This may include your contact details and any information you provide during the course of these communications.
Purchasing Our Software: When you place an order for our software or other products, we collect payment information and billing details to process your transaction and send you confirmation and receipts.
Newsletter Subscriptions: If you subscribe to our newsletters or marketing communications, we collect your email address and may ask for additional information, such as your preferences or interests, to tailor our messages to you.
Customer Support: When you contact our support team for assistance, we collect details related to your inquiry, such as your name, contact information, and any relevant details you provide about your issue.
In-person Visits and Office Interactions: If you visit our office or engage with us through in-person events or meetings, we may collect your contact information and other necessary details for follow-up communication or service inquiries.
Social Media and Online Comments: We may collect personal information when you leave comments on our social media platforms or engage with our posts. This information helps us improve user experience and respond to feedback.
Electronic Transactions: If you add others as participants in electronic transactions (such as signing or approving documents), we may collect their contact details (such as email addresses) to facilitate the process.

Business-related Information from Public Sources and Third Parties

In some cases, we may collect business-related information from publicly available sources or from third-party partners to improve the delivery of our services and better meet your needs. This information may include:

Public Records: We may collect information about your business or professional affiliations from public databases, directories, or company websites.
Third-Party Providers: We may receive information from marketers, researchers, affiliates, and other third parties that are legally allowed to share your information with us. This helps us enhance our services, market our products more effectively, and better understand your preferences.

In addition to the personal data we we may collect additional information to validate transactions. This may include:

Names of Individuals Involved in Transactions: For example, if you are part of a business or electronic transaction using our Services, we may collect the names and contact information of other individuals involved. This helps ensure the accuracy and validity of the transaction.
Electronic Signatures: If our Service is used for electronic transactions, such as document signing, we may collect electronic signatures and related data as part of transaction records.

Automatically Collected Data and Website Analytics

To improve the user experience on our website and ensure the functionality of our services, we use third-party analytics tools that automatically collect certain information about your interaction with our website. This data is typically collected when you visit our site and may include:

IP Address: Your Internet Protocol (IP) address is collected to identify your device and manage security measures.
Domain and Search Terms: We may collect information about the domain you accessed our site from, and any search terms you used to find our website.
Geographical Location: Analytics tools may provide us with general information about your location (such as city or region) based on your IP address.
Device Type and Browser Information: We collect information about the type of device you use to access our site (such as a computer, tablet, or smartphone) and the browser you are using. This helps us optimize our website for different devices and browsers.
Log Information: This includes information like the pages you viewed, the time and date of your visit, and other usage statistics.

Cookies and Tracking Technologies

We use cookies - small text files stored on your device by your web browser - to enhance your experience on our website. Cookies allow us to recognize your browser and device when you return to our site. They help us to:

Personalize Your Experience: Cookies store information about your preferences and interactions, enabling us to customize content and services to suit your needs.
Improve Website Functionality: Cookies allow us to track usage patterns and detect any issues with our website, so we can make improvements and provide a smoother user experience.
Security and Authentication: Cookies help ensure that users are securely authenticated and can access the appropriate sections of our website.

You can control or delete cookies through your browser settings, but doing so may affect your experience with some parts of our website.

HOW DO WE USE THE DATA?

We use Customer personal data, and related information, to meet contractual obligations and comply with applicable laws. The Customer’s data may be used for, but is not limited to, the following purposes:

Verifying Customer identity to provide services.
Communicating with the Customer to deliver product information, services, pricing, and support.
Informing the Customer about new software features, capabilities, services, and offers.
Processing payment transactions as authorized by the Customer.
Detecting and preventing fraud, intellectual property infringement, and other legal violations.
Analyzing data to enhance the software and services.
Conducting direct marketing in accordance with applicable laws.
Auditing services for compliance with legal requirements.
Providing customer support.

When our customers utilize our Services, we typically process and store limited personal information on their behalf as a data processor. For instance, in the case of elDoc eSignature, when a customer uploads contracts or other documents for review or signature, we function as a data processor, handling the documents in line with the customer's instructions. In these situations, the customer acts as the data controller and is primarily responsible for overseeing the processing of personal information.

Payment Processing

When the Customer makes a purchase using a credit card or other payment methods through our services, the payment information is transmitted directly to our third-party payment processors. We do not store the Customer’s payment information, and the third-party processors do not share this information with us.

Customer Data Uploaded to elDoc Software

We do not own, control, or utilize any data that the Customer uploads or processes through our software. The Customer acts as the data controller and retains full authority over their data, including access, retrieval, modification, processing, and deletion. It is the Customer's responsibility to implement appropriate access controls within the software, leveraging the features described in the software documentation, to prevent unauthorized access to their data.

Customers are prohibited from using the software for illegal activities, including money laundering or privacy violations that may harm elDoc. We do not access Customer data unless authorized to do so for providing support services. Under the GDPR, the Customer acts as the "data controller" for any personal data uploaded and processed via the software. We are not responsible for the content or processing methods used by the Customer for such data.

TO WHOM WE MAY DISCLOSE DATA?

We may share personal data provided by the Customer with third parties in the following situations:

Legal Obligations: To public authorities, auditors, or institutions as required by law or for legal inspections.
Service Providers: To companies providing services such as hosting, storage, cloud maintenance, payment processing, and data analysis. Data is shared only as needed to deliver the services the Customer purchased, under contracts that ensure data privacy.
Legal Requirements: To comply with court orders, regulatory or tax authorities, or government reporting requirements.
Other elDoc Users: When you grant others access to your account or allow them to use or edit content, we provide that content to them. For example, if you send a document to someone for review or signature, they will have access to the contents of that document.
Customer Consent: With the Customer's explicit consent, as required by applicable law.

Additionally, personal data may be shared with affiliates, joint marketing partners, or advertising and marketing partners, as well as during corporate transactions. Information may also be disclosed to public authorities for safety or legal protection.

HOW DO WE PROCESS DATA?

We do not own or control any data uploaded or processed by the Customer through our Services. As the data controller, the Customer maintains full responsibility and control over their data, including its access, retrieval, modification, processing, and deletion. It is the Customer’s obligation to set up appropriate access controls using the features provided in the software to prevent unauthorized access.

The data collected through our Services is processed using resources and servers located across various countries worldwide. We utilize data centers from Microsoft Azure, Amazon Web Services (AWS), and Google Cloud, all with global geographic coverage. Storage locations are determined based on the Customer’s location, with redundancies in place to protect the data in the event of an outage or other incidents.

We may process personal data to provide, improve, and support our services in compliance with applicable data protection laws. We process the data for the following purposes:

Service Delivery: To ensure the functionality, performance, user authentication, and technical support of our software.
Product Improvement: To analyze usage data and identify trends to enhance features, improve user experience, and maintain system security.
Compliance: To meet legal obligations and comply with data protection laws, such as GDPR, CCPA, and other regulations.

We collect and process only the data necessary for these purposes and ensure it is safeguarded with appropriate security measures. Data is stored as long as necessary to meet contractual obligations or legal requirements. Customers can request deletion or anonymization of their data at any time, subject to legal and regulatory constraints.

In some cases, we may engage third-party service providers (such as hosting, payment processing, or analytics services) to process data on our behalf. These providers are contractually obligated to adhere to data privacy and security standards to ensure the protection of Customer data.

HOW DO WE KEEP DATA SECURE?

We make every effort to safeguard Customer data by implementing administrative, technical, and physical measures designed to protect it from loss, misuse, unauthorized access, or disclosure, in accordance with applicable laws. These safeguards include encryption, secure network channels, firewalls, malware and threat protection, and access control mechanisms. However, no information system can guarantee absolute security, and we cannot fully protect against hacker attacks. By using our Services, the Customer acknowledges that data is shared at their own risk. We do not guarantee that Customer data will be completely protected from loss, misuse, or alteration by third parties.

The Customer is responsible for securing access to their devices and keeping their login credentials safe. We strongly encourage Customers to implement additional security measures available in our Services, such as multi-factor authentication (MFA) and access control settings, to enhance the protection of Customer data.

DO WE TRANSFER DATA INTERNATIONALLY?

The Customer data may be transferred, processed and stored outside the country where Customer data was collected. Any data transfer performed by us will respect the legal requirements laid down by applicable law from where and to we transfer data. When we transfer Customer data outside Customer location, we will ensure that Customer data is transferred and processed securely in a manner which provides a degree of protection similar to the Customer original location. elDoc adheres to the principles stated in EU-U.S. and the Swiss – U.S. Privacy Shield Frameworks (Privacy Shield) as set forth by the U.S. Department of Commerce.

FOR HOW LONG DO WE STORE DATA?

We retain data only for as long as necessary to fulfill contractual obligations, conduct audits, comply with applicable laws, and resolve disputes. We ensure that no excessive or irrelevant data, such as outdated information, is kept. Once the data is no longer needed for its original purpose, we take appropriate steps to securely destroy it.

The duration of data retention depends on the purpose for which it was collected and processed, and to comply with legal or regulatory obligations, as outlined in our data retention policy. This means we keep personal information as required by law or for the duration necessary to meet contractual or statutory requirements. In cases where technical limitations prevent immediate deletion or anonymization, we implement organizational, technical, and security measures to safeguard the information and restrict its active use.

WHAT ARE CUSTOMER RIGHTS?

If the Customer resides in specific countries, states, or regions, they may have certain rights under data protection laws regarding their personal data. These rights may include the ability to access, update, correct, receive, object to, transfer, delete, or restrict the processing of their data. Customers can exercise these rights at any time by contacting us at privacy@eldoc.online.

The Customer’s data is processed based on their consent, and they may withdraw this consent at any time. If consent is withdrawn, the processing up to that point remains lawful. Additionally, Customers can request details about how we collect, use, and store their personal data, the recipients of that data, and our reasons for processing it. If any information is inaccurate or outdated, Customers have the right to request corrections.

Customers can also request that we erase or stop using their personal information, object to its processing, or transfer it to another controller. They may opt-out of direct marketing at any time.

We may require certain information to verify the identity of the Customer or their authorized representative when processing these requests. Certain personal data may be exempt from deletion requests under applicable law, as it may be necessary for the continued provision of our services. If such data is deleted, access to some services may be restricted or discontinued.

NOTICE TO CALIFORNIA RESIDENTS

California residents have additional rights and information under the California Consumer Privacy Act (CCPA). If you are a California resident (a “Consumer” under CCPA), this section applies to you.

A. Information We Collect and Share

We collect and use various categories of personal information, including identifiers (e.g., name, email), payment details, and internet activity. This information is used for purposes such as providing and improving our Services, communicating with you, and ensuring security. We may disclose this data to service providers, affiliates, and others with your consent. We do not sell your personal information, except for marketing purposes involving advertising partners, which can be considered "sales" under the CCPA.

B. Right to Opt-Out

Consumers can opt-out of the “sale” or “sharing” of their personal information for targeted advertising. To opt-out, email us at privacy@eldoc.online.

C. Information Rights

Consumers have the right to:

Request the personal information we’ve collected or disclosed about them in the last 12 months.
Access, delete, or correct their personal information.
Not be discriminated against for exercising these rights.

Submit requests by emailing us at privacy@eldoc.online. We will verify your identity before fulfilling requests.

D. Authorized Agents

Consumers may designate an agent to make requests on your behalf. We will verify both the agent’s authorization and your identity.

E. Shine the Light

California residents can request a list of third parties who received their personal information for direct marketing in the past year.

Should you want to exercise any of your rights stated above, please email us at privacy@eldoc.online.

CHILDREN'S PRIVACY:

Our services and software are not intended for individuals under the age of 18, or any age defined as a "minor" under applicable law. We do not knowingly collect or request personal information from minors, nor do we knowingly allow minors to use our services. If you are under 18, please do not use our services or submit any personal information. If a minor has provided us with information without verified parental consent, and a parent becomes aware of this, please contact us immediately at privacy@eldoc.online, and we will take steps to delete the information.

MISCELLANEOUS:

This Privacy Policy may be periodically reviewed and updated by elDoc to reflect additional provisions required by local laws or to introduce changes and amendments to existing terms. Any updates will be made directly on this webpage, and we recommend that Customers review the Privacy Policy regularly. If you do not agree with the changes, please contact us immediately or deactivate your account. For any questions or concerns about this Privacy Policy, feel free to reach out to us at privacy@eldoc.online.