Last updated: November 2020
WEBSITE PRIVACY PRACTICES
Personally Identifiable Information (PII)
lockr collects Personally Identifiable Information (“PII”) from its Websites when you choose to provide it to us. PII is any information that can be used to identify or locate a particular person or entity. This includes, but is not limited to: name, telephone number, or email address. For example, you may choose to send PII about yourself in an email, or by completing a form on this website. lockr uses this information only to contact you to respond to your inquiry. You may also choose to prove us with your email address or phone number to receive messages from us, but we will always provide you with the opportunity to opt-out of future marketing messages. Once collected, lockr will store your PII for a reasonable time for record keeping purposes.
Non-Personally Identifiable Information
lockr also collects Non-Personally Identifiable Information (“Non-PII”) from visitors to this Websites. Non-PII is information that is not used, or intended to be used by us to identify a particular person or entity, and may include your IP host address, pages viewed, browser type, Internet browsing and usage habits, Internet Service Provider, domain name, the time/date of your visit to this website, the referring URL and your computer’s operating system. Non-PII also includes PII that has been hashed so that it may not be used to identify someone. In some places, such as the State of California and the European Union, certain Non-PII such as cookie IDs and IP addresses are considered personal information.
Cookies and other Tracking Technologies
PRIVACY PRACTICES FOR THE LOCKRMAIL SERVICE
We collect several different types of information for various purposes to provide and improve our Service to you. When you register for the Service and create an account with us, we will collect PII such as your name, email address, and mobile phone number. We will also ask you to create your lockrMail email address and an account password. We also collect certain Non-PII about your computer or mobile device, including the IP address, the device type, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. In many places, such as the EU and the state of California, this information is considered personal data. We mostly use this information to setup and provide your account, to make sure you’re not a bot, and for security and fraud prevention purposes.
As you use the Service over time, we will ask you to update us if your information such as your email address has changed, or if we believe that additional information is necessary or helpful for us to provide the Service. We will also periodically ask you to update your email filtering preferences (the “EFP”). The purpose of the EFP is to enable you to control which email addresses should be delivered to your private email inboxes and which should be blocked from delivery. We try to make your EFP as helpful to you as possible, but we invite your feedback in how to make them even more valuable. We will record your EFP and use that information to help make our Service more valuable to you and to all of our customers.
Data Subject Access & Deletion Rights
lockr respects data subject rights. We allow you to correct, amend, delete, or limit the use of your information. If you’ve provided information via the Services, kindly log onto your account. If you’ve provided information via our Websites and want to exercise your rights, please email us at email@example.com.
We retain the Non-PII collected from the Websites for up to 13 months. We hope that you remain a customer of our Service for a long time and will retain information collected via the Service for as long as you continue to use the Service. If you stop using the Service, we will retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
Cross-Border Transfer of Data
Disclosure of Information to Third Parties, Onward Transfer
Pursuant to running our business, we will share information collected via the Websites and Service with trusted third-party partners who may help us to manage the Websites and Services (e.g., cloud hosting services, email service providers, site analytics and security tools, etc.). These third party contractors are prohibited from using the information for purposes other than performing services for loc.kr.
The company may also share aggregate data collected on the Websites or via its technology with unaffiliated third parties. For example, if your select our “Support Publishers” feature of the Services, we may share hashed versions of your loc.kr email and your private email addresses with partner publishers to help those publishers recognize your browser and serve you with relevant ads when you visit those publishers’ sites and apps. This information cannot be used to contact or identify any person individually.
loc.kr may be required to disclose your information to third parties when obligated to do so by law and in order to investigate, prevent, or take action regarding suspected, or actual prohibited activities, including transfer reasonably intended to meet national security or law enforcement requirements, or when we believe in good faith that disclosure is necessary to protect our rights, including but not limited to fraud and situations involving potential threats to the physical safety of any person.
Finally, loc.kr may transfer information, including any PII or Non-PII, to a successor entity in connection with a corporate merger, consolidation, sale of assets, bankruptcy, or other corporate change. If loc.kr is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Websites of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
California Data Subjects
The California Consumer Privacy Act (CCPA) provides additional privacy protections for California consumers, including: a) the right to see what data we have about you, your computer or device (i.e., the right to know), b) the right to delete the data we have about you, your computer or device (i.e., the right to delete) and c) the right to opt-out of the sale of data about you, your computer or device to certain third parties (i.e., the right to opt-out from sales of your information). We do not discriminate against you if you exercise any of the above rights. Moreover, we may not be able to honor a right if doing so would violate applicable law.
If you use the Services, you can get this information by logging into your account. If you want to see what information we collected via the Website, please email firstname.lastname@example.org. You may also try calling our California privacy helpline at 1 (917) 719-4355. As a California data subject, if you make a subject access request as set out in this policy, you are entitled to see and delete the personal information that we have about you.
The General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have certain data protection rights, covered by the GDPR. In certain circumstances, you have the following data protection rights, a) the right to access, update or to delete the information we have on you; b) the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete; c) the right to object. You have the right to object to our processing of your Personal Data; d) the right of restriction. You have the right to request that we restrict the processing of your personal information; e) the right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format; f) the right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information. Please note that we may ask you to verify your identity before responding to such requests. Please note, we may not able to provide Service without some necessary data.
You may contact our EU data protection officer at email@example.com. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
Our Websites may offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Third Party Websites
The lockr Websites may contain links to and advertisements for websites operated by third parties whose privacy practices may differ from lockr’s policies. While the company endeavors to associate only with reputable entities, lockr cannot guarantee the privacy practices of other websites will reflect ours; we encourage you to check the privacy policies of all websites that you visit.
Neither our Websites nor our Services are not intended for use by children under the age of 16 (“Children”). We do not knowingly collect personally identifiable information from Children under 16. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.