Keeper Security participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Keeper Security is committed to subjecting all personal data received from European Union (EU) member countries, and Switzerland, respectively, in reliance on the Privacy Shield Framework, to the Framework's applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield List. https://www.privacyshield.gov/list
Keeper Security is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Keeper Security complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Keeper Security is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Keeper Security may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback- form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
2.1 Keeper Security stores its servers in a highly secure server environment with 24 X 7 monitoring, surveillance and support to prevent unauthorized access and data security. Advanced security measures including firewalls, security guards and surveillance are taken to ensure the continued service and protection of your data from natural disaster, intruders and disruptive events.
2.2 Smartphones and Tablets are insecure from a security perspective. With typically unsecure or weak logic access to data in the calendar, contact list, email database and notes - they represent a massive flaw in many internal security and control systems. When a user’s Smartphone or Tablet is lost or stolen, the data on that device is subject to theft and misappropriation. The result can be devastating in terms of risk exposure and financial loss.
2.3 Keeper software serves a massive, positive movement in Mobile Device Security. Keeper was pioneered to run on the widest platform base using a feature-rich mobile security application. Keeper runs on iPhone*, iPad*, iPod*, Android*, Android Tablets*, BlackBerry*, Windows Phone* and all primary PC platforms - Windows*, Mac OS* and Linux*. Keeper uses 256-bit AES encryption and PBKDF2 key derivation. Please refer to our Security Disclosure page (https://keepersecurity.com/security.html) for detailed information about our security and encryption practices. (*Note: These trade names are protected by the registered trademarks of their respective owners. Keeper and Password Keeper are U.S. registered trademarks of Keeper Security, Inc.).
2.4 Keeper protects “Micro Data.” Micro Data consists of small strings of information, usually 50 characters or less, used by every consumer of a Smartphone, Tablet or PC. Examples include: Social Security Numbers, Bank Account and Routing Information, Client Account Numbers, Vendor Account Numbers, Customer Purchasing Information, Credit Limit Terms, Log In Passwords, Encryption Codes, Alarm Codes, Access Codes, Employee ID Numbers, etc. Micro Data is the small strings of information that although small, represent the most important element of an end user’s identity. Micro Data is the target for any thief, spy or hacker. Too often, Micro Data is kept by professionals and end users in sticky notes, paper notebooks, envelopes, file folders and email note tabs on mobile devices and computers. More often than not, they are easily accessible by an unwanted user and are the primary target for today’s identity and financial thieves. By example, from a corporate risk perspective, an employee’s mobile device may have a cost value of $195 but the information on that device may be worth several million dollars.
2.5 Keeper is one of the most downloaded password security applications for storing, accessing and safeguarding Micro Data.
3. U.S. Government Approval & Encryption Level
Keeper utilizes strong encryption using the 256-bit AES cipher. Keeper is approved for export to unrestricted countries* by the U.S. Department of Commerce Bureau of Industry and Security under classification #5D992 (*See https://keepersecurity.com/termsofuse.html).
4. Information We Collect
Keeper Security collects limited personal information from customers who register with our services. When customers register with our services, we require a user name, password, phone number and email address. If a customer decides to subscribe to our service, we may collect credit card information. We use the customer registration information to authenticate users and provide access to https://keepersecurity.com. When you download and use our Services, we automatically collect information on the type of device you use, operating system version, and the device identifier (or "UDID"), system performance information and IP address. We also use the email addresses used in the registration information to communicate with our users. When you register for a subscription to Keeper software, you automatically "opt-in" to receive email communication from us which shall concur with the CAN-SPAM Act of 2003. End-users of Keeper Enterprise will not receive consumer marketing email communications from us but may receive important communications related to changes to services, maintenance notifications and security-related events. Keeper consumer end-users periodically may receive email communications from us regarding changes to our services, maintenance notifications, promotional materials and important security-related events. You will be permitted at any time to "opt-out" of the receipt of email communications related to marketing and promotional material. The "opt-out" page can be viewed here: https://keepersecurity.com/unsubscribe. In the event you opt-out from receiving marketing and promotional material, we may, as necessary, email you in connection with a purchase confirmation, customer support matter or security issue related to your account. Keeper Security will never have access to your Master Password or individual records stored within your Keeper Vault. For users of Keeper Unlimited or Keeper, we only have access to an encrypted binary file (which we cannot open) on our Cloud Security Vault™. This allows us to help you in the event your device is lost, damaged or stolen or if you have a problem accessing your personal vault.
If you choose to allow other people to access a Keeper Vault record or communicate through KeeperChat, we will ask you for that person's name, email address or phone number (in the case of KeeperChat). We will automatically send your friend a one-time email inviting him or her to visit the site and application. If you also choose to register a deal under partners program, we will ask for your prospect's name, email, phone number and company information. Keeper Security stores this information to send this one-time email and track who has permission to access a record.
If the assigned person or your prospect chooses to decline, s/he may contact us at firstname.lastname@example.org to request that we remove this information from our database.
We collect your location-based information for the purpose of protecting your Keeper account from unauthorized remote access.
Keeper Security collects and logs aggregate user statistics and website traffic. Such information includes website traffic statistics, date and time of visits, browser type used to access the service, frequency of visits and to which pages, etc. We use this information to improve the services delivered to our customers, to track and diagnose performance problems and administer the website.
In certain situations, Keeper Security may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Keeper Security may disclose aggregated user statistics (for example, 50% of Keeper Security customers use the service daily) in order to describe our services to prospective partners, advertisers, affiliates and other third parties for lawful purposes. Keeper Security will never disclose such data on an individual or identifiable basis to third parties except when we must comply with laws that require such disclosure to law enforcement authorities or other government third party officials such as subpoenas, or we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others and to investigate fraud.
If Keeper Security is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
We may provide your personal information to companies that provide services to help us with our business activities such as our live chat customer support or analytics provider. These companies are authorized to use your personal information only as necessary to provide these services to us.
We send push notifications for the purpose of record synchronization and record share update notifications.
Upon request Keeper Security will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. To request this information please contact us at email@example.com. You may deactivate your Keeper Security account and delete your personally identifiable information at any time by contacting us at firstname.lastname@example.org clearly indicating that you wish to deactivate and delete such information. If your personal information changes, you may correct or update by emailing our Customer Support at email@example.com. We will respond to your request to access within 30 days.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
In accordance with the European Union General Data Protection Regulation (GDPR) Keeper Security does not intentionally collect personally identifiable information from nor solicit children under the age of sixteen (16) years of age.
Keeper Security will be permitted to display an active customers' corporate logo on its website for the purpose of promoting both the customer and Keeper Security.
Keeper Security utilizes a system called KeeperFill™ which allows you to auto-fill login credentials across mobile apps and browsers. When Keeper is preloaded on OEM devices, KeeperFill is automatically enabled to utilize the device's accessibility and input method services to identify mobile apps and websites which require login credentials. As disclosed in the Security Disclosure at https://keepersecurity.com/security.html, Keeper is a zero-knowledge security platform. As such, Keeper Security cannot access, track or view the activity of KeeperFill or your Keeper records. KeeperFill can be disabled at any time by visiting the accessibility settings screen of your device.
5. Cookies/Tracking Technologies
Keeper Security and our marketing partners, affiliates, or analytics or service providers, use technologies such as cookies, beacons, tags, and scripts, to analyze trends, administer the website, tracking users' movements around the website, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual and aggregated basis.
As is true of most websites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.
We do not link this automatically collected data to other information we collect about you.
We use Local Storage, such as HTML5, to store content information and preferences. Third parties with whom we partner to provide certain features on our website or to display advertising based upon your web browsing activity also use HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.
We partner with a third party to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click https://preferences-mgr.truste.com [or if located in the European Union click https://www.youronlinechoices.eu]. For security and privacy purposes, Keeper Security does not run third-party ads in its application. Please note you will continue to receive generic ads on other third-party websites.
We use mobile analytics software to allow us to better understand the functionality of our Mobile Software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.
Your Keeper Security account information, user name, password and customer profile are password-protected so that you have secure access to entering and editing personal information. It is the user's responsibility to protect the security of their password. Access to Keeper Security services are protected by a unique user name and password that is known by you only. Keeper Security has designed internal security processes that encrypt customer passwords to protect it from being divulged or accessed by anyone other than you. Neither Keeper Security employees nor any of its contractors can obtain or access your password. Keeper Security employees or nor any of its contractors will ask you for your password via mail, email or telephone nor any other unsolicited manner.
8. Third Party Links
When customers and users access and use Keeper Security, there may be links to websites and services operated by third parties. Keeper Security makes no representations or warranties about the policies of third party websites that are linked to Keeper Security or any of its services. Keeper Security recommends that you read the privacy policies posted by those third party websites.
9. Social Media Widgets
We display personal testimonials of satisfied customers on our website in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at firstname.lastname@example.org.
11. Further Questions
Keeper Security, Inc.
850 W. Jackson Blvd.
Chicago IL 60607