Privacy policy for Keeper® Password Manager & Digital Vault
Keeper® Password Manager & Digital Vault by Keeper Security Inc.
GeneralKeeper Security, Inc. ("Keeper Security") values your privacy. Keeper Security has created this Privacy Policy to demonstrate our commitment to protecting your privacy and to disclose our information and privacy practices for https://keepersecurity.com and its services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.We reserve the right to change this Policy and will notify you of such changes via email or our website. If we make any material changes we will notify you by email or by means of a notice on this Site prior to the change becoming effective. If you have questions or concerns regarding this Privacy Policy, you may contact us at support@keepersecurity.com.As used in this Privacy Policy, “personal data” or "personal information" has the meaning provided in the EU General Data Protection Regulation of 2018 (the “GDPR”), and includes any information which, either alone or when combined with other information we hold, identifies an individual, such as name, mailing address, email address, IP address and telephone number. For legal residents of the State of California, who are covered by the California Consumer Privacy Act (“CCPA”), this definition includes any additional elements defined as such by the CCPA.Click here to view our certification status.Keeper Security participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Keeper Security is committed to subjecting all personal data received from European Union (EU) member countries, and Switzerland, respectively, in reliance on the Privacy Shield Framework, to the Framework's applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield List. [https://www.privacyshield.gov/list]Keeper Security is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Keeper Security complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Keeper Security is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. Keeper Security does not have access to or knowledge of an account holder’s master password, encryption keys or access to his or her Keeper vault. Accordingly, any account disclosure required by law, under a subpoena, would be limited to general account information such as the account holder’s name and account term.If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback- form.truste.com/watchdog/request.Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may invoke binding arbitration when other dispute resolution procedures have been exhausted.SecurityKeeper Security stores its servers in a highly secure server environment with 24 X 7 monitoring, surveillance and support to prevent unauthorized access and data security. Advanced security measures including firewalls, security guards and surveillance are taken to ensure the continued service and protection of your data from natural disaster, intruders and disruptive events.Smartphones and Tablets are insecure from a security perspective. With typically unsecure or weak logic access to data in the calendar, contact list, email database and notes - they represent a massive flaw in many internal security and control systems. When a user’s Smartphone or Tablet is lost or stolen, the data on that device is subject to theft and misappropriation. The result can be devastating in terms of risk exposure and financial loss.Keeper software serves a massive, positive movement in Mobile Device Security. Keeper was pioneered to run on the widest platform base using a feature-rich mobile security application. Keeper runs on iPhone*, iPad*, iPod*, Android*, Android Tablets*, Windows Phone* and all primary PC platforms - Windows*, Mac OS* and Linux*. Keeper uses 256-bit AES encryption and PBKDF2 key derivation. Please refer to our Security Disclosure page for detailed information about our security and encryption practices. (*Note: These trade names are protected by the registered trademarks of their respective owners. Keeper and Password Keeper are U.S. registered trademarks of Keeper Security, Inc.).Keeper protects “Micro Data.” Micro Data consists of small strings of information, usually 50 characters or less, used by every consumer of a Smartphone, Tablet or PC. Examples include: Social Security Numbers, Bank Account and Routing Information, Client Account Numbers, Vendor Account Numbers, Customer Purchasing Information, Credit Limit Terms, Log In Passwords, Encryption Codes, Alarm Codes, Access Codes, Employee ID Numbers, etc. Micro Data is the small strings of information that although small, represent the most important element of an end user’s identity. Micro Data is the target for any thief, spy or cybercriminal. Too often, Micro Data is kept by professionals and end users in sticky notes, paper notebooks, envelopes, file folders and email note tabs on mobile devices and computers. More often than not, they are easily accessible by an unwanted user and are the primary target for today’s identity and financial thieves. By example, from a corporate risk perspective, an employee’s mobile device may have a cost value of $195 but the information on that device may be worth several million dollars.Keeper is one of the most downloaded password security applications for storing, accessing and safeguarding Micro Data.U.S. Government Approval & Encryption LevelKeeper utilizes strong encryption using the 256-bit AES cipher. Keeper is approved for export to unrestricted countries* by the U.S. Department of Commerce Bureau of Industry and Security under classification #5D992 (*See https://keepersecurity.com/termsofuse.html).Information We CollectKeeper Security collects limited personal information from customers who register with our services. When customers register with our services, we require a user name, password, phone number and email address. If a customer decides to subscribe to our service, we may collect credit card information. We use the customer registration information to authenticate users and provide access to https://keepersecurity.com. When you download and use our Services, we automatically collect information on the type of device you use, operating system version, and the device identifier (or "UDID"), system performance information and IP address. We also use the email addresses used in the registration information to communicate with our users. When you register for a subscription to Keeper software, you automatically "opt-in" to receive email communication from us which shall concur with the CAN-SPAM Act of 2003. End-users of Keeper Enterprise will not receive consumer marketing email communications from us but may receive important communications related to changes to services, maintenance notifications and security-related events. Keeper consumer end-users periodically may receive email communications from us regarding changes to our services, maintenance notifications, promotional materials and important security-related events. You will be permitted at any time to "opt-out" of the receipt of email communications related to marketing and promotional material. The "opt-out" page can be viewed here: https://keepersecurity.com/unsubscribe. In the event you opt-out from receiving marketing and promotional material, we may, as necessary, email you in connection with a purchase confirmation, customer support matter or security issue related to your account. Keeper Security will never have access to your Master Password or individual records stored within your Keeper Vault. For users of Keeper Unlimited or Keeper, we only have access to an encrypted binary file (which we cannot open) on our Cloud Security Vault™. This allows us to help you in the event your device is lost, damaged or stolen or if you have a problem accessing your personal vault.If you choose to allow other people to access a Keeper Vault record or communicate through KeeperChat, we will ask you for that person's name, email address or phone number (in the case of KeeperChat). We will automatically send your friend a one-time email inviting him or her to visit the site and application. If you also choose to register a deal under partners program, we will ask for your prospect's name, email, phone number and company information. Keeper Security stores this information to send this one-time email and track who has permission to access a record.If the assigned person or your prospect chooses to decline, s/he may contact us at support@keepersecurity.com to request that we remove this information from our database.We collect your location-based information for the purpose of protecting your Keeper account from unauthorized remote access.Keeper Security collects and logs aggregate user statistics and website traffic. Such information includes website traffic statistics, date and time of visits, browser type used to access the service, frequency of visits and to which pages, etc. We use this information to improve the services delivered to our customers, to track and diagnose performance problems and administer the website.Keeper Security does not have access to or knowledge of an account holder’s master password, encryption keys or access to his or her Keeper vault. Accordingly, any account disclosure required by law, under a subpoena, would be limited to general account information such as the account holder’s name and account term. Keeper Security may disclose aggregated user statistics (for example, 50% of Keeper Security customers use the service daily) in order to describe our services to prospective partners, advertisers, affiliates and other third parties for lawful purposes. Keeper Security will never disclose such data on an individual or identifiable basis to third parties except when we must comply with laws that require such disclosure to law enforcement authorities or other government third party officials such as subpoenas, or we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others and to investigate fraud.If Keeper Security is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.We may provide limited contact, payment and usage information to companies that provide services to help us with our business activities such as our live chat customer support or analytics provider. These companies are authorized to use such information only as necessary to provide these services to us.We send push notifications for the purpose of record synchronization and record share update notifications.How to Access Your Personal Data in Accordance with GDPR or CCPAUpon request Keeper Security will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. To request this information please contact us at support@keepersecurity.com. You may deactivate your Keeper Security account and delete your personally identifiable information at any time by contacting us at support@keepersecurity.com clearly indicating that you wish to deactivate and delete such information. If your personal information changes, or you seek to exercise any rights under GDPR or CCPA, please submit the request to Customer Support at support@keepersecurity.com. In your request, please make clear what personal data is concerned and the change required. We will comply with your request promptly, but in any event within 30 days of your request (45 days for requests under the CCPA). We may need to retain certain information for record keeping purposes or to complete transactions that you began prior to requesting such change or deletion.We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.In accordance with the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) Keeper Security does not intentionally collect personally identifiable information from nor solicit children under the age of sixteen (16) years of age.Other than as disclosed in this Privacy Policy, at no time will Keeper Security disclose identifiable personal information to any third parties without your express, written consent. Keeper Security does not sell customer information to third parties for any purpose.Keeper Security will be permitted to display an active customers' corporate logo on its website for the purpose of promoting both the customer and Keeper Security.Keeper Security utilizes a system called KeeperFill® which allows you to autofill login credentials across mobile apps and browsers. When Keeper is preloaded on OEM devices, KeeperFill is automatically enabled to utilize the device's accessibility and input method services to identify mobile apps and websites which require login credentials. As disclosed in the Security Disclosure at https://keepersecurity.com/security.html, Keeper is a zero-knowledge security platform. As such, Keeper Security cannot access, track or view the activity of KeeperFill or your Keeper records. KeeperFill can be disabled at any time by visiting the accessibility settings screen of your device.Cookies/Tracking TechnologiesKeeper Security and our marketing partners, affiliates, or analytics or service providers, use technologies such as cookies, beacons, tags, and scripts, to analyze trends, administer the website, tracking users' movements around the website, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual and aggregated basis.Keeper Security uses cookies to store and track information about your usage of our services. Cookies are encrypted and unidentifiable bits of information sent to your browser from a web server that is stored on your computer's hard drive. Cookies are set each time you register, or log in or log out of Keeper Security. Cookies may be used to store your username or email address so that you don't have to re-enter it each time you visit https://keepersecurity.com. We may also use cookies to gather aggregated information about user habits on our website and services. For example, we may use cookies to estimate the number of concurrent users, estimate the total number of users, measure traffic statistics and to better understand how our users are using our services. We may share this data, in its aggregate form, with advertisers, affiliates and partners who may advertise on our website and services.You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service.The use of cookies by our partners, affiliates, tracking utility company, service providers is not covered by our privacy statement. We do not have access or control over these cookies. Our partners, affiliates, tracking utility company, service providers use session ID cookies to make it easier for you to navigate our site.As is true of most websites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.We do not link this automatically collected data to other information we collect about you.We use Local Storage, such as HTML5, to store content information and preferences. Third parties with whom we partner to provide certain features on our website or to display advertising based upon your web browsing activity also use HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.We partner with a third party to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click here [or if located in the European Union click here]. For security and privacy purposes, Keeper Security does not run third-party ads in its application. Please note you will continue to receive generic ads on other third-party websites.We use mobile analytics software to allow us to better understand the functionality of our Mobile Software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.PasswordsYour Keeper Security account information, user name, password and customer profile are password-protected so that you have secure access to entering and editing personal information. It is the user's responsibility to protect the security of their password. Access to Keeper Security services are protected by a unique user name and password that is known by you only. Keeper Security has designed internal security processes that encrypt customer passwords to protect it from being divulged or accessed by anyone other than you. Neither Keeper Security employees nor any of its contractors can obtain or access your password. Neither Keeper Security employees nor any of its contractors will ask you for your password via mail, email or telephone nor any other unsolicited manner.BlogsOur blog is managed by a third party application that may require you to register to post a comment. We do not have access or control of the information posted to the blog. You will need to contact or login into the third party application if you want the personal information that was posted to the comments section removed. To learn how the third party application uses your information, please review their privacy policy.Third Party LinksWhen customers and users access and use Keeper Security, there may be links to websites and services operated by third parties. Keeper Security makes no representations or warranties about the policies of third party websites that are linked to Keeper Security or any of its services. Keeper Security recommends that you read the privacy policies posted by those third party websites.Social Media WidgetsOur web site includes social media features, such as the Facebook Like button and widgets, such as the ShareThis button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our web site. Your interactions with these features are governed by the privacy policy of the company providing it.TestimonialsWe display personal testimonials of satisfied customers on our website in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at support@keepersecurity.com.Further QuestionsIf you have further questions about our Privacy Policy, email us at support@keepersecurity.com.Keeper Security, Inc.820 W. Jackson Blvd.Suite 400Chicago IL 60607