Terms of use

Last updated January 15, 2020

Agreement To Terms

1. These Terms of Use constitute a legally binding agreement made between You (“You”, “Your”, “Yours”), on behalf of an entity (“Customer”, “Customers”) and Vawlt Technologies, S. A., doing business as Vawlt (“Vawlt”, “We”, “Us”, or “Our”), concerning Your use of Vawlt Dynamic Storage Platform (“Service”) and any other related content and software (“Software”). You agree that by using Our Service, You have read, understood, and agree to be bound by all of these Terms of Use. IF YOU DO NOT AGREE WITH ALL OF THESE TERMS OF USE, THEN YOU ARE EXPRESSLY PROHIBITED FROM USING THE SERVICE AND YOU MUST DISCONTINUE USE IMMEDIATELY.

2. All data placed inside the Volumes created in the Platform will be simultaneously stored on multiple cloud providers, in such a way that none of them stores complete files, thus ensuring their privacy.

3. The Service is intended for users who are at least 18 years old. Persons under the age of 18 are not permitted to use or register for the Service.

Service Description

4. Vawlt is a Dynamic Storage Platform (“Platform”) that allows Customers to create and manage several, independent, data Volumes.

5. All data placed inside the Volumes created in the Platform will be simultaneously stored on multiple cloud providers, in such a way that none of them stores complete files, thus ensuring their privacy.

6. Our technology allows You to write and read data to and from the clouds, even if one of them is unavailable at any given time due to downtime, or because it has been compromised (hacking, corrupted files, etc.).

7. All data placed inside Your Volumes is always transferred directly between Your devices and the cloud providers, never going through Our servers, making the service also tolerant to the fault of Our own servers.

8. Your data privacy is guaranteed by our proprietary zero-knowledge end-to-end encryption protocol, that uses Adiantum (local cache), AES-256 (cloud), and RSA-2048 (cloud).

9. Data is encrypted and signed on Your devices to ensure both privacy and integrity, so that only Users that were granted access to a Volume can access the data stored inside it.

Vawlt Platform

10. Vawlt Platform is a management interface where Users with Administrator role can manage Volumes, and Users.

11. An Administrator can create several Users, and then grant them access to Volumes.

12. All Users can be listed, edited and deleted.

13. When an Administrator creates a new User, it will receive an e-mail with instructions to define its password and activate its account.

14. Until an account is activated, such User will not be able to use any Volumes it was granted access to.

15. On Vawlt Platform, an Administrator can create and manage several Volumes, each with specific configurations, namely: volume type, providers geographical dispersion, volume name, and volume description.

16. When an Administrator creates a new Volume, You authorize Vawlt to store your encrypted data using the services of the third-parties you selected as cloud providers.

17. Each Volume type has specific usage purposes and conditions:

1. Hot
2. Immutable
3. Archive

18. For each Volume, an Administrator can set a storage capacity, that determines the maximum amount of data You can store in that specific volume.

19. For each Volume, an Administrator can set a download quota that will determine the monthly maximum amount of data you can read from the clouds. Vawlt Software will download from the clouds any file a User opens that is not cached in the device the User is logged in.

20. The Administrator will be notified when a Volume is approaching the limits referred to in 8 and 9, at 75%, 85%, 95%, and 99% of each limit.

21. At any time, an Administrator can edit such limits:

1. Upgrade: increase a Volume storage capacity and/or download quota, and define if the changes are to be effective immediately, or in the beginning of the next billing period;
2. Downgrade: decrease a Volume storage capacity and/or download quota and the changes will be effective in the beginning of billing period.

22. If, at any time, for any Volume, the storage capacity is reached, no User will be able to add more files to such Volume, until a new billing period starts, or an Administrator performs an upgrade to such limit.

23. If, at any time, for any Volume, the download quota is reached, no User will be able to download any uncached files, until a new billing period starts, or an Administrator performs an Upgrade to such limit.

24. When an Administrator deletes a Volume, Vawlt deletes all the data stored in such Volume and this action is irreversible.

25. All the Users that are granted access to a Volume will have access to all its content.

26. When an Administrator revokes a User access to a Volume, it will no longer have access to any of the data stored in that Volume.

27. When an Administrator deletes a User from the Vawlt Platform, it will no longer have access to any Volumes it was previously granted access to, and will no longer be able to log in to Vawlt.

Vawlt Software

28. A User can only access Volumes it was granted access to, by using Our Software that is exclusively obtainable from Our official website, at https://vawlt.io/downloads.

29. We grant to You a nonexclusive, revocable, personal, and nontransferable license to use Our official Software solely in connection with Our services and in accordance with these Terms of Use.

30. You accept any and all risk arising out of use or performance of Our Software.

31. You may not reproduce or redistribute Our software except in accordance with these Terms of Use.

32. A User can only perform operations (read, write, list) in Our cloud providers via Our Software, and according to active Monthly Plans and their limits.

33. All Users must securely keep the secret provided by Our Software, upon the its first login to Vawlt.

34. If a User needs to reset its account password, the secret will be required in the process of defining a new password.

35. If a User password and secret are both lost or forgotten at the same time, there is no technical way to reset the account and the User completely, and permanently, loses access to all the data it previously had access to.

36. You are the owner and the sole responsible for all data and metadata stored by any of Your Users through Our Service.

37. Vawlt does not have functional access to any data stored by Our Customers through Our Service and therefore shall not be held responsible for such data.

38. You retain complete ownership to Your files, folders, directories, including their metadata (file name, thumbnails, etc.) and any information You and your Users submit to Vawlt (collectively, “Your Content”).

39. We do not claim any ownership to any of Your Content. These Terms do not grant Us any rights to Your Content or intellectual property.

40. Vawlt states that Your Content, encryption key and password (together “Your Encrypted Content”) uploaded by You and Your Users, or otherwise submitted to the Service, are stored in an encrypted and non-invertible form.

41. Your Encrypted Content cannot be decrypted or inverted by Vawlt or any third party. Your Encrypted Content can only be decrypted or inverted by You and persons You explicitly share Your Encrypted Content with.

42. You agree that Vawlt may collect and store some limited information which is needed to provide You the Service, like Your contact and billing information, the name and email address of all your Users, the IP addresses of the devices where You deploy Vawlt, messages sent to Our support team, etc. in a non-encrypted form.

43. You also agree that some third party provided parts of the Service might need different passwords then Your Vawlt account password, which may not be stored in a less secure form (referred together as “Non-Encrypted Content”). Vawlt transmits Non-Encrypted Content by using encrypted channels with reasonable care and skills. We need to have access to Non-Encrypted Content to provide and administer the Service, for example We need Your email address in a non-encrypted form to send You notifications

44. You agree that Vawlt may transmit any data to trusted third parties only on a need-to-know basis (e.g. Your credit card number to the service responsible of enforcing payments, named Stripe) to provide the Service. Vawlt states and emphasizes that it transmits Your Encrypted Content only in encrypted form, which cannot be decrypted as stated before.

45. By using the Service, You agree to be bound by Our Privacy Policy, which is incorporated into these Terms of Use.

46. You are the data controller and We are the data processor in respect of any personal data that You transfer via the Service.

47. Since all Your data is encrypted and it is technically impossible to Vawlt to know if it contains any personal data, it is Your sole responsibility to ensure that You have the requisite legal basis for processing, and for instructing Us to process the personal data transferred via the Service.

Intellectual Property Rights

48. Unless otherwise indicated, the Service and Software are Our proprietary property and all source code, databases, functionality, website designs, audio, video, text, photographs, and graphics used on the Service and on the Software (collectively, the “Content”) and the trademarks, service marks, and logos contained therein (“Marks”) are owned or controlled by Us or licensed to Us, and are protected by copyright and trademark laws and various other intellectual property rights. The Content and the Marks are provided on the Service “AS-IS” for Your information and personal use only. Except as expressly provided in these Terms of Use, no part of the Service or Software and no Content or Marks may be copied, reproduced, aggregated, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted, distributed, sold, licensed, or otherwise exploited for any commercial purpose whatsoever, without Our express prior written permission.

49. Provided that You are eligible to use the Service, You are granted a limited license to access and use the Service to which You have properly gained access. We reserve all rights not expressly granted to You in and to the Service, the Content and the Marks.

Term And Termination

50. These Terms of Use shall remain in full force and effect while You use Our Service.

51. You can, at any time, terminate the Service by deleting Your Company account.

52. Once You delete your Company account, We will permanently, and irreversibly, delete all information related to such account, as well as all data stored by the Company Users.

53. Without limiting any other provision of these Terms of Use, We reserve the right to, in our sole discretion and without notice or liability, deny access to and use of the Service (including blocking certain IP addresses), to any person for any reason or for no reason, including without limitation for breach of any representation, warranty, or covenant contained in these Terms of Use or of any applicable law or regulation. We may terminate Your use of the Service or delete Your account.

54. If We terminate or suspend Your account for any reason, You are prohibited from registering and creating a new account under Your company.

55. In addition to terminating or suspending Your account, We reserve the right to take appropriate legal action, including without limitation pursuing civil, criminal, and injunctive redress.

56. If, for any reason including, but not limited to, the sale or liquidation of Vawlt Technologies, S. A., are We forced to terminate Our Service at Vawlt’s initiative, We guarantee that:

1. All Customers will be notified regarding the date from which the Service break will be effective.
2. All data stored by Our Customers will continue to be available through Vawlt for a period not smaller than 45 days upon notifying the Customers of Service termination.
3. We will provide the source code for the most recent version of Our Software, so that the Customers that wish so can continue using Vawlt, thereafter relying on their own servers for the operations previously performed by Vawlt server.

Support

57. In order to resolve a complaint regarding the Service or to receive further information regarding use of the Service, please contact Us at: support(AT)vawlt.io

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
1P_JAR	1 month	This cookie is placed by Google Ads Optimization and the functionality is to provide ad delivery or retargeting.
ac_chat	1 year	This cookie is placed by Vawlt and the functionality is to activate user tracking by the third-party service ActiveCampaign and its chat functionality, upon given consent.
ac_enable_tracking	at least one session	This cookie is placed by ActiveCampaign and its functionality is to store cookie consent preferences.
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
DV	1 day	This cookie is placed by Google Ads Optimization and the functionality is to provide ad delivery or retargeting.
lang	session	This cookie is placed by LinkedIn is used to remember a user's language setting.
li_gc	2 years	This cookie is placed by LinkedIn and its functionality is to store the consent of guests regarding the use of cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
NID	6 months	This cookie is placed by Google Ads Optimization and the functionality is to provide ad delivery or retargeting, store user preferences.
prism_*	1 month	This cookie is placed by ActiveCampaign and its functionality is to store and track interaction.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_*	2 years	This cookie is placed by Google Analytics and its functionality is to store and count page views. Collects data on the number of times a user has visited the website as well as dates for the first and most recent visit.
_gat_*	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress	30 minutes	This cookie is placed by Hotjar and its functionality is to detect the first pageview session of a user. Boolean true/false data type.
_hjFirstSeen	30 minutes	Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.
_hjIncludedInPageviewSample	2 minutes	This cookie is placed by Hotjar and its functionality is to determine if a user is included in the data sampling defined by our site's pageview limit. Boolean true/false data type.
_hjIncludedInSessionSample	2 minutes	This cookie is placed by Hotjar and its functionality is to determine if a user is included in the data sampling defined by our site's daily session limit. Boolean true/false data type.
_hjSession_*	session	This cookie is placed by Hotjar and its functionality is to provide functions across pages. Stored data: user ID.
_hjSessionUser_*	1 year	This cookie is placed by Hotjar and its functionality is to store a unique user ID.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
_fbc	3 months	This cookie is placed by Facebook and its functionality is to store users' last visit. Stored data: browsing device information.
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
_gac_*	3 months	This cookie is placed by Google Ads and its functionality is to store and track audience reach. Collects data on the number of times a user has visited the website as well as dates for the first and most recent visit.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year	This cookie is placed by Doubleclick and its functionality is to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and presenting targeted ads to the user.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.