Privacy Policy

Black Box Security LLC ("Company," "we," "us," or "our") is committed to protecting your personal information and your right to privacy. This privacy policy explains the personal data that we collect and processes, how it processes data and for what purposes it is collected and processed. This policy applies to the interactions that we have with you through your use of BlackBox: Password Manager product. The purpose of this privacy notice is to explain to you in the clearest way possible what information Company collects, how it is used, and what rights you have in relation to it. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Services immediately.

Please read this privacy notice carefully, as it will help you understand what we do with the information that Black Box Security collects.

WHAT INFORMATION DO WE COLLECT?

Secure Data. Secure Data is the data that we are not capable of decrypting under any circumstance. It includes all information stored in BlackBox: Password Manager accounts. These data are encrypted using secure cryptographic keys that exist only in the possession and under the control of our customers. We have no way of accessing or providing decrypted Secure Data, and we never receive copies of unencrypted Secure Data.

Your Secure Data is your property. We claim no rights to it beyond those necessary to deliver services to you. You may add, modify, and delete Secure Data at your discretion. If you do not have a BlackBox: Password Manager account, you cannot provide us with Secure Data.

Personal information you disclose to us. We collect the following personal information that you voluntarily provide to us when you register on the Services:

  • Email address.

Information collected through our App. If you use our App , we do not collect any information.

HOW DO WE USE YOUR INFORMATION?

We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.

We use the information we collect or receive:

  • To facilitate account creation and logon process. We use your email address to facilitate account creation and logon process for the performance of the contract.

WILL WE SHARE YOUR INFORMATION WITH ANYONE?

We do not share your personal information with anyone.

HOW LONG DO WE KEEP YOUR INFORMATION?

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice.

HOW DO WE KEEP YOUR INFORMATION SAFE?

We take data security very seriously and take all steps necessary to secure your data (whether technical, physical, or administrative). However, Company cannot guarantee the absolute security of your personal mobile and computing devices. By using the Services, you expressly acknowledge that we cannot guarantee the security of any data provided to or received by us through the Services and that any information received from you through BlackBox: Password Manager Services is provided at your own responsibility.

Data Encryption. Company guarantees the highest levels of security and privacy by adhering to the following principles:

  • Data is encrypted and decrypted at the device level (not on the server)
  • The application never stores plain text (human readable) data
  • The server never receives data in plain text
  • Nobody can view the unencrypted data
  • The keys to decrypt and encrypt data are derived from the user’s master password
  • Multi-Layer encryption provides access control at the user level
  • Sharing of data uses Public Key Cryptography for secure key distribution
  • Data is encrypted locally on the user’s device before it is transmitted and stored on the server. When data is synchronized to another device, the data remains encrypted until it is decrypted on the other device
  • BlackBox: Password Manager runs on iPhone*, iPad*, iPod*, Windows*, and Mac OS* operating systems.

Master Password. It is the user's responsibility to protect the security of their BlackBox: Password Manager’s Master Password. Access to our Security services are protected by a unique email and Master Password that is known by you only. We designed internal security processes that encrypt customer passwords to protect it from being divulged or accessed by anyone other than you. Neither our employees nor anyone else can obtain or access your password.

WHAT ARE YOUR PRIVACY RIGHTS?

In some regions (like the EEA and UK), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

If you are a resident in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here:

https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

If you are a resident in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html

If you are a California resident, you can implement your rights as provided in the California Consumer Privacy Act (CCPA) by contacting us. As per definitions in the CCPA, please note that the Company does not sell your personal information.

If you have questions or comments about your privacy rights, you may email us at [email protected]

Account Cancellation and Termination

Upon Cancellation all information is purged from our databases when you cancel your account. Information cannot be recovered once your account is cancelled.

Company has the right to suspend or terminate your access to all or any part of the Service at any time, with or without cause, with or without notice, effective immediately. Company reserves the right to refuse service to anyone for any reason at any time.

DO WE MAKE UPDATES TO THIS NOTICE?

We may update this privacy notice from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may email us at [email protected]

Last modified: 10/18/2021