FileScience (“FileScience,” “we,” “us,” or “our”) provides cloud-to-cloud backup services supporting 50+ third-party cloud platforms, including but not limited to Microsoft 365, NetDocuments, and Google Workspace. We are committed to protecting your privacy and keeping your personal information secure. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our services or otherwise interact with us, in accordance with global data protection laws such as the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our aim is to be transparent about our practices and uphold high standards of data privacy and security.

Scope

This Privacy Policy applies to personal information we collect from or about you when:

• You visit our websites or use our web-based applications;
• You create an account, start a free trial, or use FileScience’s cloud backup services;
• You subscribe to our newsletters or marketing communications;
• You contact us for support, sales inquiries, or other requests;
• You attend our events or webinars;
• You engage with us on social media or other third-party channels;
• We receive your personal data from business partners, resellers, or service providers in the course of doing business.

“Personal data” (or “personal information”) is any information that identifies or can be linked to an identifiable individual. By using our services or providing your information, you agree to this Policy. If you do not agree with our practices, please refrain from using our services or submitting your information.

Information We Collect and How We Use It

We collect information either directly from you, automatically, or from third parties.

1. Account and Contact Information When you register for an account, start a free trial, or purchase our services, we collect information such as your name, email address, phone number, company/organization name, job title, and login credentials. We use this information to:

• Create and manage your account;
• Authenticate you as a user;
• Provide our services; and
• Communicate important updates regarding your account (e.g., onboarding, billing, administrative notices).

2. Payment and Billing Information If you make a purchase, our third-party payment processor, Stripe, collects payment card details and billing information. FileScience typically does not store full credit card numbers; we may, however, keep transaction identifiers and billing contact information to process payments, maintain subscription records, and comply with financial regulations.

3. Backup Service Data When you use FileScience for cloud-to-cloud backup, you connect our platform to your third-party cloud applications (e.g., Microsoft 365, Google Workspace, NetDocuments). We process and store your content—such as emails, documents, and files—solely to perform the backup and restore services you request (“Backup Data”). We act as a service provider (or “data processor”) for your Backup Data; we do not view, use, or share it for any purpose other than delivering and supporting the backup service in accordance with our agreement with you.

4. Customer Support and Communications If you contact us (by email, phone, or support portal), we collect the information you provide, such as your name, contact information, and any relevant details (e.g., troubleshooting logs or screenshots). We use this to respond to your requests, improve our services, and provide customer care. We may also log these communications for training, quality assurance, and future reference.

5. Marketing and Newsletter Information If you subscribe to our newsletter or opt in for marketing emails, we collect information like your name, email address, organization, and areas of interest. We use this to send newsletters, product updates, invitations, and other communications. You can unsubscribe anytime (see Your Choices). When you attend events or engage with our marketing, we may also collect professional information (e.g., title, company) for follow-up and tailored outreach.

6. Automatically Collected Data (Cookies and Usage) We and our third-party partners use cookies, log files, and other tracking technologies to collect technical information about your interactions with our websites or apps. This may include:

• Online Identifiers: IP address or device ID;
• Device/Browser Data: Operating system, browser type, language settings;
• Usage Data: Pages viewed, time stamps, clickstream data;
• Cookie/Analytics Data: Collected through cookies, pixels, or similar technologies.

We use this information to analyze trends, administer and secure our website and services, diagnose technical issues, personalize user experience, and gather demographic insights. Some of this data (e.g., IP address) may be considered personal information under certain laws.

7. Information from Third Parties We may receive personal data about you from third parties, such as:

• Referral or reseller partners providing contact details if you register via their referral;
• Single sign-on providers (e.g., Google or Microsoft) during login;
• Publicly available sources or professional data providers if we research prospective users;
• Employers or organizations purchasing FileScience for authorized users.

We handle this data in accordance with this Policy and applicable law.

How We Use Personal Data

We process personal data for the following legitimate business purposes:

• Providing & Improving Services: Operate our backup services, authenticate accounts, perform backup/restore operations, and analyze usage to enhance features.
• Account Management & Customer Support: Manage billing, respond to issues, send administrative messages, and improve user support experiences.
• Marketing & Communications: Send newsletters, product updates, promotional materials (with opt-out options).
• Analytics & Product Development: Analyze aggregated usage trends to enhance functionality, user interface, and strategic decisions.
• Security & Fraud Prevention: Detect and prevent unauthorized access, fraud, and malicious activities; protect service integrity.
• Legal Compliance: Meet applicable legal, regulatory, accounting, or security obligations (e.g., responding to court orders, defending legal claims).
• Consent-Based Purposes: If we use personal data for a purpose not listed above, we will seek your consent when required.

We may anonymize or aggregate data so it can no longer be linked to individuals. We use such data for reporting, analytics, and lawful business purposes without further restriction.

Cookies and Tracking Technologies

We use cookies and similar technologies for various reasons:

• Essential Cookies: Necessary for functionality like authentication and session management.
• Analytics/Performance Cookies: Help us understand usage patterns and improve user experience (often aggregated).
• Functionality Cookies: Remember user preferences (e.g., language settings).
• Advertising/Marketing Cookies: May measure campaign effectiveness; we do not share personal information with advertisers without consent.

You can manage cookie preferences via your browser settings or opt-out tools. However, disabling cookies may limit some features of our services.

Do Not Track: Our website does not currently respond to DNT signals. You can control many types of tracking through browser settings or other tools.

Data Security

We use technical and organizational measures to safeguard your information. These at a minimum include:

• Encryption (TLS/SSL) for data in transit and at rest;
• Firewalls and network security controls;
• Access controls on a “need-to-know” basis;
• Regular security audits and system monitoring;
• Staff training on data protection;
• Incident response and notification procedures.

No method of data transmission or storage is guaranteed to be 100% secure. If you suspect unauthorized access to your account, please notify us immediately.

Data Retention and Storage

We retain personal data only as long as necessary to fulfill the purposes in this Policy or as required by law.

• Account information is kept while your account is active and for a reasonable period thereafter (e.g., in case of reactivation or to fulfill post-termination obligations).
• Support communications may be kept for records and quality improvement.
• Marketing data is retained until you opt out or until it’s clear you are no longer interested.
• Log and analytics data is typically retained for a shorter duration, unless needed for security or legal purposes.

If you ask us to delete your data, we will do so unless legal obligations or legitimate interests require retention. Deleted data may remain in backups or archives temporarily, but we will isolate it from further processing and remove it as feasible.

International Transfers: Your data may be transferred to and stored on servers in countries outside your own, including the United States or the European Union. We use appropriate safeguards (e.g., Standard Contractual Clauses) for cross-border transfers. Our service providers must also comply with relevant privacy and security obligations.

How We Share Your Personal Data

We do not sell or rent personal data to third parties for direct marketing. We may share data with:

• Service Providers: Hosting providers, payment processors, CRM platforms, analytics and support tools—only as needed for them to perform services on our behalf.
• Business Partners & Resellers: Partners who refer or resell our services may receive relevant account details to support service delivery or joint promotions.
• Corporate Affiliates: Within our group of companies, under policies ensuring an equivalent level of data protection.
• Legal/Protection: When required by law, subpoena, or governmental request, or to protect rights, safety, or property (e.g., fraud prevention or compliance).
• Business Transfers: In the event of a merger, acquisition, asset sale, or bankruptcy, personal data may be transferred to relevant parties with due safeguards.
• With Your Consent: When you explicitly consent or direct us to share data (e.g., integrations with third-party apps).

Aggregated or anonymized data that cannot identify you may be shared without limitation.

Your Rights Regarding Personal Data

Depending on your location and applicable law, you may have certain rights over your personal data, such as:

• Access: Request a copy of the personal data we hold about you.
• Correction: Ask us to update or correct inaccurate data.
• Deletion: Request erasure of personal data where legally permissible.
• Restriction: Limit certain processing activities under specific circumstances.
• Objection: Object to processing based on our legitimate interests, or stop receiving direct marketing.
• Data Portability: Obtain your personal data in a structured, machine-readable format.
• Withdraw Consent: Revoke consent where processing is based on consent.
• Lodge a Complaint: File a complaint with a relevant data protection authority if you believe your rights are violated.

To exercise these rights, please contact us (see Contact Us). We may need to verify your identity before acting on requests.

Your Choices

• Updating Information: Log in to your account settings to modify basic profile details.
• Opting Out of Marketing: Click “unsubscribe” in any marketing email or contact us to stop receiving promotional messages.
• Managing Cookies: Adjust your browser or device settings to block or delete cookies.
• Analytics Opt-Out: Use tools like the Google Analytics Opt-Out Browser Add-on or similar.
• Choosing Not to Provide Information: You can always decline to provide certain data, though it may affect service functionality.

Use by Children

We do not knowingly collect personal data from individuals under 18. Our services are intended for business and adult users. If you believe we have inadvertently collected data from a minor, please contact us, and we will promptly delete such information.

Interaction with Third-Party Services

• Integrations: By connecting third-party cloud platforms (e.g., Microsoft 365, Google Workspace) to FileScience, you agree that those providers’ terms govern your data on their platforms. FileScience only processes such data for backup purposes.
• External Links: Our website or communications may link to external sites we do not control. Their privacy policies govern any data you provide.
• Single Sign-On / Social Media: If you log in through a third-party provider or interact via social media, those providers may share data with us, and their privacy policies apply to your interactions on those platforms.

California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including:

• Right to Know what categories of personal information we collect, the sources, and the purposes.
• Right to Delete personal information we hold about you, subject to legal exceptions.
• Right to Correct inaccuracies in your information.
• Right to Opt-Out of any “sale” or “sharing” of personal information for cross-context advertising (we do not sell personal data).
• Right to Non-Discrimination for exercising any CCPA/CPRA rights.

To exercise these rights, contact us (see Contact Us) and include “California Privacy Rights Request” in your communication. We will verify and respond within legal timeframes.

Changes to This Privacy Policy

We may update this Policy occasionally to reflect changes in our practices, technologies, or legal obligations. The “Last Updated” date at the top indicates the most recent revision. Material changes will be announced via our website or by direct notice (e.g., email). Your continued use of our services after any update signifies acceptance of the revised Policy. If changes materially affect how we use your data, we will seek consent if required by law.

Contact Us

If you have any questions or comments about this Privacy Policy, or wish to exercise any rights, please reach out to:

Email: privacy@filescience.io

We will respond as soon as reasonably possible. If you are in the EU, UK, or another jurisdiction with a dedicated data protection authority, you have the right to contact that authority if you believe we have infringed your data protection rights. However, we welcome the opportunity to address your concerns directly and will do our best to resolve any issues promptly.

Thank you for choosing FileScience. We appreciate your trust and remain dedicated to safeguarding your information.