Privacy Notice

Last Updated: Sept 15th, 2024

Your privacy is extremely important to us here at Download Securely LLC ("Download Securely", "we", "us", "our"). This privacy notice explains how your data will be used when you access and use our services on mobile and desktop devices. If you use this service as part as an organization or entity, the privacy of this notice may be different upon the agreement between both parties.

Changes to This Notice

We reserve the right to make changes to this policy. If any changes are made, you will be notified by us updating the last updated date above or in some cases via email. If there are any major material changes to this notice, you will be notified by email before they come into effect. We encourage our users to read carefully the contents of this notice. By doing so, you will know how to best protect your privacy.

If you do not consent to any of the changes made in the policy, you are required to notify use so that we may deactivate your account. Your use of our services constitute an agreement to this policy and how we use your information.

Information Collected

We may collect certain user informatin while you use our services (including personal or sensitive information). This information can be used in the following ways:

Information you provide to us. We collect any information provided to us in forms filled out during the use of our service.

Information we collect automatically when you use our services. The following information is collected:

Use of Information

We may use the information you provide for statistics and authentication purposes. Your information is never sold or given out. In the event required by law, we will use any information provided to comply with legal matters.

Your information is also used for the following purposes:

Security

As mentioned previously, security is our number one concern when it comes to online file transfers. Please keep in mind that no service is completely secure which is why we are constantly applying the latest security standards. All payments are sent to Stripe via secure javascript requests which process your subscription purchases. Stripe's servers are PCI DSS compliant. We do not store any credit card information in our database. The only information we store are encrypted tokens that are provided to us as a response when your card is processed.

All information that is transmitted over our site is sent via SSL (Secure Socket Layer) connections, which are aliased by the appearance of HTTPS in the address bar before the domain name. All files that are uploaded through the upload portal or file upload portal, are sent over an encrypted connection and are also stored on Amazon Web Service's servers using the AES-256 encryption algorithm at rest.

Information such as download and upload file links are sent over email. Any information you put in the "Email Body" or "Title" field is also sent over email and it is up to you not to include any confidential or private information you do not want sent over email. Keep in mind that if a recipient's email is mistakenly sent to an individual it was not intended to be, they will have access to your confidential files uploaded. In the event this happens, immediately delete the link created and create a new one with the correct information. If someone other than your intended recipient gets ahold of the download or upload link, it is possible they may be able to gain access to the files within.

All links generated by Download Securely are signed by the website. This means that even if someone were able to guess the storage location of the file, they still could not access it if the link was not obtained directly from our webpage due to the encryption and algorithmic verification. For the security of our users and their files, links are only valid for 1 minute after appearing on the page. If a download or upload link expires after 1 minute, simply refresh the page to receive a new one. Several invalid authentication requests while trying to access these files will result in a 30 minute access denied period to mitigate attacks on access links. However, all this security will not matter if you are using an unsecured connection, someone unintended receives or accesses the link you sent, or there are any viruses on the device being used that record keystrokes or monitor your traffic and links you access.

We require that users sign in with an email and password. It is up to the user to create a secure password that cannot be guessed easily. If someone is able to guess your password, we cannot be liable to what happens to any information within the account. We will never send you any type of notice that will ask you to expose your password or any login information unless warrented by you. Always close your browser and logout of your session when you finish using the service. It is recommended not to have your browser remember any login information.

We cannot always personally guarantee that any confidential or personal information stored within our servers qualify or meet certain necessities you have. Please reach out if there is any uncertainity regarding this aspect.

HIPPA Compliance

All PHI ("Protected Health Information") data stored within Download Securely LLC is done so in compliance with HIPPA ("Health Insurance Portability and Accountability Act of 1996"). Download Securely LLC will sign Business Assocaite Agreements (BAAs) by request with any user, whether for personal or business/enterprise use, through our contact form page.

We ("Download Securely LLC") will ensure compliance through HIPPA in the following key areas:

  1. Encryption of the data transmitted through and stored on our servers.
  2. Highly regulated access to our servers.
  3. Audit trails of account activities such as the user and accessed content.
  4. Training of our employees on the policies of HIPPA.
  5. Access to our user's data and files are locked down, and highly restricted/regulated, to only certain employees with the need to have access for the business to function and assist users.

Download Securely LLC can be trusted by Healthcare organizations to keep and maintain their PHI of their entity secure and restricted, only to be accessed by certain individuals whos role requires them to access it. However, the entity using Download Securely is still responsibile for making sure their practices and policies meet the requirements of HIPPA.

Contacting Us

Please reach out on our contact page if you have any questions. Our customer service department is open from 9AM - 5PM MST Monday - Friday.