Privacy Policy

Last updated September 26, 2014

THE SERVICE IS CURRENTLY AVAILABE ONLY AS A BETA VERSION.

  1. BACKGROUND
    1. Expedox is designed to facilitate collaboration, even among adversarial parties, and particularly in the context of contract negotiations.  Accordingly, privacy is paramount.
    2. This Privacy Policy describes our commitments regarding both:
      • content, and associated metadata, received from users (such as document versions and notes) and
      • personal information (such as name, contact information, etc.).  It describes how we collect, store, and use such content and information.
    3. Capitalized terms used in this policy are defined in the Expedox Terms of Use.
    4. Please note that this policy applies only to our web site.  Currently we do not link to other web sites, but if we do so in the future, for example to offer an integrated solution with a file synchronization, CRM, or social networking solution, this policy would not apply to the activities of such other company or organization.
    5. THIS PRIVACY POLICY MAY BE UPDATED FROM TIME TO TIME.  WE WILL NOTIFY YOU AT LOG-IN OR OTHERWISE IF WE BELIEVE CHANGES ARE MATERIAL.  Continued use of the Service after any such changes shall constitute your consent to such changes.
    6. If you have questions or concerns regarding this policy, you should promptly contact the Company at [email protected].
  2. USER CONTENT AND RELATED INFORMATION.
    1. Introduction.
      1. We believe the type of privacy we have designed for user content is essential for efficient collaboration in an adversarial negotiation, and it is significantly different from what users are accustomed to in other solutions that include file sharing or collaboration features.
      2. Specifically, Expedox is designed to work in cross-party collaboration on projects or deals (we call these “Deals”) where opposing parties are negotiating the terms of a contract or other potentially contentious document (“Documents”).  Users can upload and manage versions of the Document (“Versions”), and notes, without sharing them to anyone else.  Users can then choose to share specific Versions to specific other users, without sharing the other Versions.  As a result, each user can have some Versions that are completely private to that user, some Versions that have been shared with specific other individuals, and some Versions that have been shared with everyone that is associated with the Deal.
      3. You have complete control to choose if, when, and how much you wish to share using the Service, if at all.  By default there is no sharing.  Sharing only occurs when you affirmatively choose to share.
    2. What Is User Content
      1. “User Content” consists of Versions of Documents, or notes, that are uploaded by you to the Service, or created by you within the Service.  User Content also includes content uploaded or created by other users and shared to you through the Service.
      2. In connection with uploading, creating, using or sharing User Content, certain metadata is associated with such item.  Examples of such metadata can include information such as the Deal name, the names (or code names) of the parties negotiating the Deal, the original file name at time of upload, who uploaded the Version, a date for sorting the Version chronologically, etc. (collectively, this information is referred to as “Version Information”).   Some of this information is obtained automatically, and other information is provided by the user.
      3. Additional information is collected in connection with sharing a Version, such as (i) whom the Version has been shared to (“Access Information”), including an email address for each recipient so they can receive a notice of the share, (ii) what Party each recipient is associated with (“Party Information”), (iii) an optional cover note, etc.
    3. How Is User Content Treated?
      1. All User Content is treated as confidential information of the user who uploaded or created it, and the users to whom it has been shared through the Service.  The Company has no ownership interest in such User Content.  The Company’s sole relationship to the User Content is the limited right to use it on behalf of, and as directed by such users.
      2. Specifically, if User A uploads a Version to the Service, that Version is INVISIBLE to all other users of the Service unless and until User A affirmatively elects to share the document version to specific other users.  By default the Version is not shared with anyone and its existence is visible only to User A.  This enables User A to keep completely private draft Versions in the same organizational system as “internally private” draft Versions that are shared with colleagues for internal review, in the same organizational system as Versions that are shared also with counterparts in a negotiation.
      3. Any user to whom a Version is shared through the Service can then share the item further (just as they could forward an email message or download and share an email attachment).  Like email, the Service does not yet include an option to prevent a recipient from sharing the received item.
    4. Party Information and Administrators.
      1. Party Information consists of a list of the individuals associated with each Party in a Deal.  Party information for a Deal is visible only to users in the Deal.
      2. Each Party to a Deal can have one or more Administrators to manage Party related matters such as who is associated with their Party.
    5. Version Information.
      1. Version Information is visible only to uto whom the Version has been shared, either by the person who uploaded such Version, or by a user who received it through an affirmative share using the Service.
    6. Access Information.
      1. A user can see Access Information about who else has access to a Version (only if the Version is visible to the user).  Access Information is limited based on what that user or its Party knows.   
    7. Use by Expedox.
      1. Expedox personnel will only view User Content
        • at the request of, and on behalf of, a user with access to the specific information, and solely for the purpose of providing customer support or trouble shooting, and
        • to the limited extent necessary to trouble shoot and address a system emergency.  Expedox may also perform computer analytics of data, including of User Content or associated metadata, in order to improve the functioning and security of the Service.  In all events, access by Expedox personnel would always be limited to the personnel necessary to perform the tasks, and would be entirely subject to obligations of confidentiality and non-use.
    8. Encryption.
      1. Expedox uses only encrypted transmission for all User Content, Version Information, Access Information and Party Information, using the HTTPS protocol.  Rather than attaching files to unsecure emails, we provide a secure link that requires the recipient to log-in to the Service to view or download the shared items.
  3. PERSONAL INFORMATION
    1. What personal information does Company collect?
      1.  User-provided Information: Access to the Service requires registration with an email address and password.  Users may additionally provide other personally identifiable information such as first and last name, time zone, and contact information, and the Service may further collect information such as IP address.  When you choose to provide such information, during registration or otherwise, you are giving the Company the permission to use and store it consistent with this policy. Therefore, please understand that when you sign in to the Service, you are not anonymous to us.
      2. Information from other Users:  Certain features in the Service allow other users to provide us information that may include your personally identifiable information.  For example, to share a Version or note through the Service, a user provides an email address for the recipient so that the recipient can be uniquely identified, notified and authenticated for access to the shared item(s).  The user also provides information about each recipient’s Party association (which is unconfirmed until approved by that Party’s administrator for that Deal).
      3. "Cookies" and other tracking technologies:   We use cookies and other technologies to passively collect demographic information, personalize your experience on our site and monitor activities. Cookies are small files downloaded to your computer to track movements within web sites. We may link cookie information to personal information. Cookies link to information regarding what items you have selected or pages you have viewed. This information is used to keep track of your User Content, Deals, Parties, colleagues, counterparts, etc..  We may also use cookies to deliver content specific to your interest and to monitor website usage. Most browsers are automatically set to accept cookies whenever you visit a website. You can disable cookies or set your browser to alert you when cookies are being sent. However some areas of our sites will not function properly if you do so. Please note that this Privacy Policy covers the use of cookies by Company only and does not cover the use of cookies by any other party.  We may also allow our business partners to place cookies on your device to provide Company with usage analytics services.  For example, we use Google Analytics, and so Google may also set cookies on your device (see www.google.com/policies/privacy/partners/ for information about collection and processing of data by Google).
      4. "Automatically Collected" Information: When you use the Service, we may automatically record certain information from your browser by using different types of technology, including standard log files, "clear gifs" or "web beacons." This "automatically collected" information may include your Internet Protocol (IP) address, browser type, internet service provider (ISP), referring or exit pages, click stream data, operating system and the dates and times that you visit the Service. Additionally, we may record certain information regarding your use of features that the Company may make available on the Service.
      5. Location Information:We may collect and store information about your location if you enable your computer or mobile device to send us location information. You may be able to change the settings on your computer or mobile device to prevent it from providing us with such information.
      6. Information from Integrated Services.  If you decide to register through or otherwise grant access to a third party social networking or integrated service that we may make available ("Integrated Service")(none are currently offered), the Company may also have access to personally identifiable information that you have provided to the Integrated Service from the account you have with the Integrated Service. You may revoke the Company’s access to your account on the Integrated Service at any time by updating the appropriate settings in the account preferences of the respective Integrated Service. You should check your privacy settings on each Integrated Service to understand and change the information sent to us through each Integrated Service.  Please review each Integrated Service’s terms of use and privacy policies carefully before using their services and connecting to our web site.
      7. Information from Other Sources: We may also obtain information, including personally identifiable information, from third parties and sources other than the Service.  If we combine or associate information from other sources with personally identifiable information that we collect through the Service, we will treat the combined information as personally identifiable information in accordance with this Privacy Policy.
    2. How personal information is used.
      1. Our primary goals in collecting personally identifiable information are to provide you with the Service, to communicate with you on behalf of other users, and to manage your registered user account, if you have one.
      2. In addition, we may use your contact information to provide you with other information about our products and services. If you decide at any time that you no longer wish to receive such information or communications from us, please follow the unsubscribe instructions provided in any of the communications.
    3. Log Data.  When you use the Service, our servers automatically record information that your browser sends whenever you visit a website as Log Data. This Log Data may include information such as your IP address, browser type or the domain from which you are visiting, the websites you visit, the search terms you use, and any advertisements on which you click (though ads are not currently contemplated).  We use Log Data to monitor the use of our Service, and for our technical administration.  We do not associate your IP address with any other personally identifiable information to identify you personally, except in case of violation of the Terms of Use.
  4. THIRD PARTIES
    1. Third party services.  Certain products and/or services available on our site may be provided to you in partnership with third party(s) and may require you to disclose personally identifiable information in order to register for and access such products and/or services. Such products and/or services shall identify the third party partners at the point of registration. If you elect to register for such products and/or services certain of your personally identifiable information will be transferred to such third party(s) and will be subject to the privacy policy and practices of such third party(s). We are not responsible for the privacy practices and policies of such third party(s) and, therefore, you should review the privacy practices and policies of such third party(s) prior to providing your personally identifiable information in connection with such products and/or services.
    2. Service Providers.  We may, from time to time, engage certain trusted third parties to perform functions and provide services to us, including, without limitation, hosting and maintenance, database storage and management, and at times some communications. We will share your personally identifiable information with these third parties, but only to the extent necessary to perform these functions and provide such services, and only pursuant to binding contractual obligations requiring such third parties to maintain the privacy and security of your data.
    3. Law enforcement.  We cooperate with government and law enforcement officials and others to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims, legal process (including subpoenas), to protect the property and rights of Company or a third party, the safety of the public, or any person, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.
    4.  Business Transfers.  We may sell, transfer or otherwise share some or all of the Company’s assets, including your personally identifiable information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy. You will have the opportunity to opt out of any such transfer if the new entity's planned processing of your information differs materially from that set forth in this Privacy Policy.