Privacy Policy

Last updated: November 1, 2023

At HrellCase, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our secure storage services for passwords, notes, documents, and photos.

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the site or use our services.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

Table of Contents

1. Information We Collect

1.1 Personal Information

We may collect several types of information from and about users of our website, including:

  • Contact information (such as name, email address, mailing address, and phone number)
  • Account information (such as username and password)
  • Transaction information (such as payment details, purchase history, and shipping information)
  • Profile information (such as preferences, product interests, and demographic information)
  • Communications (such as customer service inquiries and survey responses)

1.2 Usage Information

We may automatically collect certain information about your equipment, browsing actions, and patterns when you interact with our website, including:

  • Log information (such as IP address, browser type, operating system, referring pages, and access times)
  • Device information (such as device identifiers, location information, and mobile network information)
  • Usage data (such as traffic data, communication data, and the resources that you access and use on the website)
  • Cookies and similar technologies (as described in our Cookie Policy)

1.3 Encrypted Data

HrellCase employs a zero-knowledge architecture for our secure storage services. This means:

  • Your stored data (passwords, notes, documents, photos) is encrypted on your device before transmission
  • We never have access to your encryption keys or unencrypted content
  • We cannot view, access, or analyze the content you store in our services
  • Even in the event of a data breach, your stored content remains encrypted and protected

2. How We Collect Information

2.1 Direct Collection

We collect information directly from you when you:

  • Register for an account
  • Place an order
  • Subscribe to a newsletter
  • Fill out a form
  • Participate in a survey or promotion
  • Contact customer service

2.2 Automatic Collection

We automatically collect certain information when you:

  • Visit our website
  • Use our services
  • Open emails from us

This information is collected using cookies, web beacons, and similar technologies. You can control certain aspects of automatic collection through your browser settings and our cookie preferences center.

2.3 From Third Parties

We may receive information about you from third parties including:

  • Payment processors (transaction information only, not payment details)
  • Analytics providers
  • Advertising partners

We do not purchase or receive marketing lists from data brokers.

3. How We Use Your Information

We may use the information we collect about you for various purposes, including to:

Provide and Manage Services

  • Create and manage your account
  • Provide the services you request
  • Process payments and transactions
  • Provide customer support

Improve Our Services

  • Understand how our services are used
  • Develop new features and services
  • Test and troubleshoot new products
  • Monitor service performance

Ensure Security

  • Protect against unauthorized access
  • Detect and prevent fraud
  • Debug and fix errors
  • Enforce our terms and policies

Communicate With You

  • Respond to your inquiries
  • Send service updates
  • Provide marketing communications (with consent)
  • Send security alerts

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

4. Disclosure of Your Information

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.

4.1 Service Providers

We may share your information with service providers who perform services on our behalf, such as:

  • Payment processors
  • Cloud hosting providers
  • Customer service providers
  • Analytics providers
  • Email service providers

These service providers are contractually bound to use your information only for the purposes of providing services to us and in accordance with this Privacy Policy.

4.2 Legal Requirements

We may disclose your information when we believe in good faith that disclosure is necessary to:

  • Comply with a legal obligation, such as a court order or subpoena
  • Protect our rights, property, or safety
  • Protect the rights, property, or safety of our users or others
  • Investigate fraud, security, or technical issues

Due to our Swiss jurisdiction, any requests from foreign authorities for user data must go through proper Swiss legal channels, providing additional protection against mass surveillance programs.

4.3 Business Transfers

If HrellCase is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information.

4.4 With Your Consent

We may share your information in any other circumstances where we have your explicit consent.

Important Notice About Your Encrypted Data

Due to our zero-knowledge architecture, we cannot and do not share the actual content of your encrypted data (passwords, notes, documents, photos) with anyone. Even if compelled by legal process, we are technically unable to access this data as it is encrypted with keys that only you control.

5. Security of Your Information

We use administrative, technical, and physical security measures to protect your personal information:

5.1 Technical Safeguards

  • End-to-end encryption for all stored content
  • Zero-knowledge architecture
  • TLS encryption for all data in transit
  • Secure, Swiss-based data centers
  • Regular security audits and penetration testing
  • Multi-factor authentication options
  • Automatic session timeouts

5.2 Organizational Measures

  • Regular security training for all staff
  • Strict access controls on a need-to-know basis
  • Background checks for employees
  • Detailed security policies and procedures
  • Data minimization practices

5.3 Data Breach Procedures

In the event of a data breach, we will:

  • Promptly notify affected users in accordance with applicable law
  • Provide clear information about what happened and what information was affected
  • Offer guidance on steps users can take to protect themselves
  • Implement measures to prevent similar incidents in the future

While we implement safeguards designed to protect your information, no security system is impenetrable. Due to the inherent nature of the Internet, we cannot guarantee that information, during transmission or while stored on our systems, is absolutely safe from intrusion by others. However, due to our encryption architecture, even in the event of a breach, your stored content remains encrypted and protected.

6. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

Right to Access

You have the right to request information about the personal data we hold about you and how it is used.

Right to Rectification

You have the right to have inaccurate personal data corrected or completed if it is incomplete.

Right to Erasure

You have the right to request the deletion of your personal data in certain circumstances.

Right to Restrict Processing

You have the right to request that we restrict the processing of your data in certain circumstances.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format.

Right to Object

You have the right to object to the processing of your personal data in certain circumstances.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within 30 days. We may need to verify your identity before processing your request.

Note that due to our zero-knowledge architecture, we cannot access the encrypted content you store with us (passwords, notes, documents, photos). This provides strong privacy protection but also means we cannot directly assist with accessing, exporting, or modifying this encrypted content if you lose your master password.

7. Third-Party Websites

Our website and services may contain links to third-party websites and applications. We are not responsible for the privacy practices or the content of these third-party sites. This Privacy Policy applies only to information collected by HrellCase. We encourage you to read the privacy policies of any third-party sites you visit.

8. Children's Privacy

Our services are not intended for individuals under the age of 16, and we do not knowingly collect personal information from children under 16. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us using the information provided below.

9. Swiss Privacy Framework

HrellCase is headquartered in Switzerland and our data processing activities are primarily governed by Swiss data protection laws, including the Swiss Federal Data Protection Act (FDPA).

9.1 Swiss Data Protection Principles

Under Swiss law, we adhere to the following principles:

  • Lawfulness - Processing personal data in accordance with the law
  • Good Faith - Processing personal data in a manner that is reasonable and transparent
  • Proportionality - Only collecting and processing data that is necessary for our stated purposes
  • Purpose Limitation - Only processing data for the purposes specified at the time of collection
  • Transparency - Ensuring individuals are aware of how their data is being used

9.2 International Data Transfers

Where we transfer personal data outside of Switzerland or the European Economic Area (EEA), we ensure appropriate safeguards are in place to provide adequate protection for your personal data.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

HrellCase

Flat 97u Jack Cove

Port Kieran, RG30 4AJ

United Kingdom

Email: privacy@hrellcase.com

Phone: +448187292097

For data protection inquiries specifically, you can contact our Data Protection Officer at dpo@hrellcase.com.