Privacy Policy

This Privacy Policy explains how eFolder, Inc. and its subsidiaries (“eFolder”) collects, processes, and protects any personally identifying information (“Personal Data”), Human Resources information (“HR Data”), and other information provided to eFolder or collected by eFolder when you use our websites, products, or services.

eFolder is committed to ensuring that your privacy is protected. By accessing our web sites or downloading, installing, licensing, or otherwise using our products or services, you agree to the collection and use of your information according to the terms of this Privacy Policy. eFolder in turn agrees to follow the terms of this Privacy Policy in the collection, processing, and safekeeping of your information.

Collection and Use of Information

Personal Data. eFolder collects relevant Personal Data when you register and use our services or otherwise transact with eFolder, including name, phone number, mailing address, and email address. We use this information to communicate with you about our products and services or related topics, to provide technical support, to improve our products, and to provide the services you have requested, including administrative tasks such as billing and receiving payment.

HR Data. eFolder collects relevant HR Data for its employees (past and present) including name, mailing address, email address, and social security number. This information is used only within the context of the employment relationship and associated activities. eFolder is committed to cooperate with the EU authority or authorities concerned in conformity with the Supplemental Principles on Human Resources Data and the Role of the Data Protection Authorities and will comply with the advice given by such authorities.

Customer Data. Customers of eFolder may electronically submit data or information to eFolder’s products or services (“Customer Data”). eFolder uses Customer Data to provide you with the services you have requested, to prevent or resolve technical or service problems, and to provide technical support.

Customer Encrypted Data. Certain eFolder products or services allow you to encrypt data prior to transmission and then to electronically transmit such encrypted data to eFolder for long-term storage (“Customer Encrypted Data”). eFolder will not decrypt the contents of such data, except as explicitly authorized by you (for example when you use the restore functions of the software). If supported by the software, eFolder does not store your encryption key for such Customer Encrypted Data, except in an encrypted form if you choose to use the pass phrase recovery function or other authorized key management function. If you do use pass phrase recovery, your encryption key is further encrypted by the answers to your security questions. eFolder will not attempt to decrypt your encryption key or to discover the answers to your security questions. eFolder does not store the answers to your security questions in any form.

eFolder may use ancillary non-encrypted data associated with the Customer Encrypted Data, such as backup logs containing filenames, in order to provide technical support and for internal use to provide the functions of the services you request.

Products and Services Data. eFolder products and services collect product configuration, computer configuration, network statistics, and other product usage information (“Products and Services Data”). We use this information to provide certain product functions (such as reporting) as well as to provide technical support and to improve our products.

Cookies and Other Technologies. A cookie is a small piece of data, often including unique, anonymous identifiers, sent to your web browser and stored on your computer. We use cookies to remember users’ settings and for authentication. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.

We also use cookies and other common Internet technologies (such as web beacons) to collect website traffic statistics and website usage patterns, and we also collect other non-personally identifying information provided by your web browser, such as browser type and operating system. We also record the pages you access on our website and your IP address. This information helps us to understand which content you find most useful and how our services can be improved, as well as provide content relevant to your location. This information is never linked in any way to your Personal Data.

Third party vendors, including Google, show ads sponsored by eFolder on sites on the internet. These third party vendors use cookies to serve you ads based on your prior visits to our websites (also known as remarketing). To opt-out of these third party vendors using cookies and other non-personally identifying information, use the following opt-out link:

eFolder remarketing opt-out

Other Data. Other non-personally identifying information that you volunteer (“Other Data”) (such as through surveys, polls, or feedback forms) will be used to improve our products and services. eFolder will not intentionally link this information to Personal Data, except to the degree necessary to contact you if you request it. If it is clear such information will be publicly posted (such as in blog comment submissions or testimonial submissions) you should not include Personal Data in your submission. We also display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at privacy.

International Processing. Collected information may be processed in countries (including the United States) other than where the information was collected, where information processing and privacy laws may be more or less protective than those of your own country. Regardless of where the information is processed, it will be done in accordance with the terms of this Privacy Policy and according to applicable local laws and regulations.

Links to Other Websites. Our website and products may contain links to websites under the control of third parties. These websites have their own privacy policies which you should review prior to using such sites. eFolder is not responsible for such third party websites and provides links to them solely for your convenience.

Single Sign-On. You can log in to some of our websites using sign-in services such as Google or an OpenID provider. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form. Services like Google Apps give you the option to post information about your activities on this Web site to your profile page to share with others within your network.

Controlling your Information

Communication Preferences. eFolder may periodically send you promotional emails or newsletters. You may opt-out of these promotional emails or newsletters by following the unsubscribe instructions or link contained in all such emails we send, or by emailing support.

eFolder may also send service-related emails to inform you of product updates and operational notices. To opt-out of non-emergency service-related emails, use the Mailing Lists page in the password-protected area of our web site. Opting out of promotional or service-related emails will not affect any legal communications, emergency communications, customer service, technical support, or other transactional emails we may send.

Personal Data. The storage and processing of Personal Data by eFolder may be subject to mandatory legislation, such as the legislation based on EU Directive 95/46/EC which aims to prevent the violation of personal integrity in the processing of personal data (collectively, the “Personal Data Act”). For this purpose, you will always be considered the controller of your Personal Data, even if the processing is carried out by eFolder or any of its sub-contractors as part of our services. eFolder and any of its sub-contractors engaged for the storage and other processing are in such cases considered as your data processors (personal data assistants) and it is your sole responsibility to ensure that the processing of your Personal Data is in compliance with the Personal Data Act and other applicable legislation. A User should therefore contact the relevant data processor (usually being its employer) for questions with respect to the processing of its Personal Data. Nevertheless, a user’s Personal Data is not handled by eFolder in any different way than described herein.

Access and Choice. You may access or update your Personal Data associated with your eFolder services account using the password protected, administrative area of our web site, or by emailing us at Even upon updating or cancelling your account, we may retain Personal Data and other information in our backup or archival records. Access for individuals to change or update HR Data associated with employment by eFolder is restricted only when doing so would prevent execution of the employment contract.

Customer Data and Customer Encrypted Data. You may use the functions provided by our products and services to view, access, modify, and delete Customer Data and Customer Encrypted Data. Upon using such functions to delete such data, the data may be retained for a short period of time in case such deletion was accidental, and until all backup or archival copies are updated.

Retention. eFolder will retain Personal Data we collect from you as well as Personal Data we process on behalf of you for as long as needed to provide services to our Customers. We may also retain this information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.


Third Parties. Under no circumstances will eFolder sell, rent, or trade any collected information to third parties for their promotional purposes. eFolder may share collected information, not including Customer Data and Customer Encrypted Data, with third parties that work on eFolder’s behalf (for example, to process credit card orders). Any such third parties that work on eFolder’s behalf are required to adhere to privacy policies no less protective than those of eFolder’s own privacy policies. These companies are authorized to use your personal data only as necessary to provide these services to us.

eFolder reserves the right to use subcontractors for the processing of Personal Data. eFolder shall then, where applicable and on your behalf, conclude an agreement for personal data with such sub-contractors ensuring the sub-contractors’ compliance with the provisions set out in this Privacy Policy and the Onward Transfer principle as stated in the Privacy Shield. Third parties shall only collect information relevant to the terms of service as laid out by eFolder. If any violation of these terms is found, eFolder will take action to remediate any unauthorized processing of data and work with our governing department, the FTC, to resolve any disputes. eFolder may potentially be liable in cases of onward transfer of individual’s data received pursuant to the Privacy shield to third parties. If Personal Data originating from a customer (or user) located within the EU/EEA comes to be processed in a country outside the EU/EEA, eFolder will ensure that one of the exemptions from the “prohibition on transfer to a third country” under the Personal Data Act can be applied, for example consent, standard contractual clauses or adhesion to the Privacy Shield Principles ( eFolder is committed to subject all data received from the EU to the Privacy Shield Principles. This policy includes our subcontractors working outside the US who may need certain data access to perform their job duties.

Compliance with Law. eFolder is subject to the investigatory and enforcement powers of the FTC, the Department of Transportation or any other U.S. authorized statutory body and may disclose collected information as necessary to comply with law or law enforcement officials, such as in response to a validly issued court order, subpoena, or warrant. For questions pertaining to international data rights and responsibilities under the USA PATRIOT Act please contact

Change of Ownership. In the event of eFolder being acquired or merged with another entity, eFolder reserves the right to transfer all collected information to such entity. eFolder will make commercially reasonable efforts to notify you in such an event (such as by posting a notice on our web site or sending you an email).


We are committed to safeguarding your Personal Data. In order to prevent unauthorized access or disclosure, we have put in place physical, electronic, and managerial procedures meeting or exceeding industry standards and regulatory law.

Encryption and Security Technologies. eFolder employs the latest encryption and security technologies to help safeguard and monitor against unauthorized or malicious attacks. The highest levels of encryption are assured for both data at-rest and in-motion (see product details for specifications).

Physical Security. eFolder data centers are strategically located around the globe in locations that minimize risk from natural disasters and political or social related events. Physical security controls at each location includes full time guards, multi factor access and each location has power and cooling distribution with N+1 redundancy at a minimum.

Authentication. Users are identified by unique credentials and tokens to validate authenticity. Credentials are protected at eFolder using perimeter controls, and industry best practice methods such as hashing and salting. Many eFolder products offer multi factor authentication for further security.

Audits. All of eFolder’s data centers are all audited on an annual basis. Examples of available audits include the SSAE16/SOC 1, ISO 27001 verification, SOC 2, etc. (depending on the center). The results of these audits are available to our partners upon request.

Regarding Children

eFolder does not intentionally collect Personal Data from children under 13 years old. Children under 13 should not use our web site or services or disclose any Personal Data to eFolder. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information.

Questions and Contact Information

In compliance with the Privacy Shield Principles, eFolder commits to resolve complaints about our collection or use of personal information. Please direct any questions about this policy, disputes, or complaints to or by postal mail to:

eFolder Inc.
ATTN: Privacy Policy
707 17thStreet, Suite 3900
Denver, CO 80202

If the complaint cannot be resolved through contacting our corporate office, eFolder will cooperate with JAMS pursuant to the JAMS International Mediation Rules regarding complaints or possible binding arbitration against eFolder regarding Personal Data. JAMS International Mediation Rules are accessible on the JAMS website at eFolder commits to cooperate with EU Data Protection Authorities and comply with their advice regarding HR Data collected in the context of the employment relationship.

eFolder will take steps to remedy any issues arising out of a failure to comply with the Privacy Shield principles. Under certain conditions, a person may invoke binding arbitration for complaints related to the Privacy Shield Principles. For more information visit

Privacy Shield

eFolder, Inc. complies with the U.S.-EU Privacy Shield Framework and the as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.  eFolder has certified that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Privacy Shield program, and to view eFolder’s certification, please visit

Revisions to this Policy

eFolder may periodically update this policy. If we make changes, we will notify you by posting the updated policy, by posting a notice to our website or sending an email to the email address associated with your account. We will also revise the “Effective Date” at the end of this policy. Your continued use of the Services constitutes your acceptance of the then-effective Privacy Policy.

The current policy is effective from September 17, 2018.

This website stores cookies on your computer to improve the website experience and improve our personalized services to you. To find out more about these cookies and our privacy processes please see our privacy policy. By clicking Accept you are granting permission for us to store this cookie. If you do not want us to install this cookie please close your browser window now.