Here we describe how we collect, use, and handle your personal data when you use our

websites, software, and services (“Services”).

What & Why

We collect and use the following information to provide, improve, protect, and promote our

Services.

Account information. We collect, and associate with your account, the information you provide to

us when you do things such as set up two-factor authentication (like your name, email address,

phone number, payment info, and physical address).

Your Stuff. Our Services are designed as a simple and personalized way for you to store your files,

documents, photos, comments, messages, and so on (“Your Stuff”), collaborate with others, and

work across multiple devices and services. To make that possible, we store, process, and

transmit Your Stuff as well as information related to it. This related information includes

your profile information that makes it easier to collaborate and share Your Stuff with others, as

well as things like the size of the file, the time it was uploaded, collaborators, and usage activity.

Contacts. You may choose to give us access to your contacts to make it easy for you to do things

like share and collaborate on Your Stuff, send messages, and invite others to use the Services. If

you do, we’ll store those contacts on our servers for you to use.

Usage information. We collect information related to how you use the Services, including actions

you take in your account (like sharing, editing, viewing, creating and moving files or folders). We

use this information to provide, improve, and promote our Services.

Device information. We also collect information from and about the devices you use to access the

Services. This includes things like IP addresses, the type of browser and device you use, the web

page you visited before coming to our sites, and identifiers associated with your devices. Your

devices (depending on their settings) may also transmit location information to the Services. For

example, we use device information to detect abuse and identify and troubleshoot bugs.

Marketing.  If you register for our Services, we will, from time to time, send you information about

upgrades when permissible. Users who receive these marketing materials can opt out at any

time. If you don’t want to receive a particular type of marketing material from us, click the


‘unsubscribe’ link in the corresponding emails, or update your preferences in

the Notifications section of your personal account.

Bases for processing your data. We collect and use the personal data described above in order to

provide you with the Services in a reliable and secure manner. We also collect and use personal

data for our legitimate business needs. To the extent we process your personal data for other

purposes, we ask for your consent in advance or require that our partners obtain such consent.

With Whom

We may share information as discussed below, but we won’t sell it to advertisers or other third

parties.

Others working for and with us. We use certain trusted third parties (for example, providers of

customer support and IT services) for the business purposes of helping us provide, improve,

protect, and promote our Services. These third parties will access your information to perform

tasks on our behalf, and we’ll remain responsible for their handling of your information per our

instructions. For a list of trusted third parties that we use to process your personal data and

more details on the categories of personal information that we’ve disclosed.

Law & Order and the Public Interest. We may disclose your information to third parties if we

determine that such disclosure is reasonably necessary to: (a) comply with any applicable law,

regulation, legal process, or appropriate government request; (b) protect any person from death

or serious bodily injury; (c) prevent fraud or abuse of our or our users; (d) protect our rights,

property, safety, or interest; or (e) perform a task carried out in the public interest.

Stewardship of your data is critical to us and a responsibility that we embrace. We believe that

your data should receive the same legal protections regardless of whether it’s stored on our

Services or on your home computer’s hard drive. We’ll abide by the following Government

regulations when receiving, scrutinizing, and responding to government requests (including

national security requests) for your data:

 Be transparent

 Fight blanket requests

 Protect all users, and

 Provide trusted services.


How

Security. We have a team dedicated to keeping your information secure and testing for

vulnerabilities. We continue to work on features to keep your information safe in addition to

things like two-factor authentication, encryption of files at rest, and alerts when new devices and

apps are linked to your account. We deploy automated technologies to detect abusive behavior

and content that may harm our Services, you, or other users.

Retention. When you sign up for an account with us, we’ll retain information you store on our

Services for as long as your account exists or as long as we need it to provide you the Services.

Where

Around the world. To provide you with the Services, we may store, process, and transmit data in

locations around the world—including those outside your country. Data may also be stored

locally on the devices you use to access the Services.

Changes

If we’re involved in a reorganization, merger, acquisition, or sale of our assets, your data may be

transferred as part of that deal. We’ll notify you (for example, via a message to the email address

associated with your account) of any such deal and outline your choices in that event.

We may revise this Privacy Policy from time to time, and will post the most current version on

our website. If a revision meaningfully reduces your rights, we will notify you.