Last Updated: 23nd August 2019


Key Messages

  • Orca provides zero-knowledge cloud storage. Orca and our carefully selected service providers can NOT decrypt the sensitive information you enter/upload in your Account. 
  • Orca is committed to data privacy by design. We are EU General Data Protection Regulation (GDPR) compliant and only work with service providers that are GDPR and/or Privacy Shield compliant.
  • This Privacy Notice applies to all data collected when you use Orca’s software. If you have any questions or feedback about it, please send an email to privacy@orca.xyz. We will be very happy to assist you.
  • Thank you for trusting and using Orca!

Contents

This Privacy Notice outlines 

  1. WHICH information Orca and our carefully selected service providers collect and can access about you,
  2. WHAT this information is used for,
  3. WHY we need to collect/access this information (neither Orca nor our service providers ever collect information about you without a reason).

Which information Orca and our service providers can access about you

Orca is committed to protecting your privacy! Orca and our service providers can NOT access the sensitive information you store in your Orca Account. ONLY you and your Users can access this information. 

The only information Orca and our service providers can access about you is 

  1. the information Orca needs to run/operate Orca’s software, and
  2. what our service providers need to provide Orca/you services. 

This information includes personal data such as: your name, address and billing information etc. It does NOT include the sensitive information you specifically chose Orca to store and protect in your Account.

To ensure your privacy is as protected as much as possible, Orca does our utmost to limit the information we and our service providers can access about you. The exact information Orca requires to run/operate our software and that our service providers need to provide Orca/you services is documented below. Any information entered into Orca that is not listed below is encrypted and stored in such a way that neither Orca nor our service providers can decipher it (e.g. the specifics of your Assets, Contacts, Files etc.). We refer to this approach as zero-knowledge. For more information about our zero-knowledge approach and how we encrypt your data, please see our Security White Paper

The information Orca and our service providers need access to can not be encrypted in the same way as the sensitive information you use Orca to store and protect. We need access to this data to honor the contract we have with you. The legal basis for us processing the personal data listed below is documented in each section. 

Orca needs access to the following information about you to run/operate our software

AUTHENTICATION DATA

To use Orca’s service you need to authenticate. For this Orca must collect and store:

  • your email address (username), and
  • your hashed password.

Please note that Orca can NOT infer your password nor use the hashed password to decrypted data kept in your Account.

The legal basis for processing this data is our legitimate interests in applying appropriate security measures for the provision of our services. 


DATABASE

To ensure you have access to the correct information within Orca, that this information has not been compromised, that you have reliable audit trails and that Orca can correctly invoice you, Orca needs to collect and store:

  • your email address (and the associated User ID in Orca),
  • the IDs of the Vaults and Accounts you can access (Not the names of the accounts and Vaults, just the IDs),
  • the privileges you have in each Vault ID and Account ID,
  • a log of the type of change (creation, edition or deletion) you made in a Vault and when you made it (please note that Orca can not see the details of the changes you make - that information is all encrypted),
  • the date on which an item was created and last amended, and
  • the date of creation, deletion or update of a file or image, as well as its size.

Orca can NOT see any other information within your database. We can not see anything specific about your Assets, Contacts and Files. We CANNOT access any personal data such as:

  • the names of Assets, Contacts or Files,
  • the content of Files,
  • the pictures for Assets or Contacts,
  • the contact details (address, telephone numbers or email addresses) for Contacts,
  • the contents of your notes for Assets, Contacts or Files,
  • the relationships between Assets, Contacts and Files, or
  • the details of your Account and Vaults, such as their name.

The legal basis for processing this data is the provision of our services to you based on our contract with you.


SECURITY

To help increase the security of your Account, Orca must collect and store: 

  • IP address from which the user logged in, and
  • User-Agent of your browser 

The legal basis for processing this data is our legitimate interests in applying appropriate security measures for the provision of our services. 

Orca’s service providers need access to the following information about you to provide Orca/you with services

Orca believes the best way we can provide value is to focus on developing our core offering whilst engaging carefully selected vendors to provide/support all ancillary services. Carefully selected means subjected to thorough security and privacy assessments.

Whilst we reserve the right to determine which vendors we engage for which purposes, we commit to 100% transparency, i.e. we will always communicate which service providers we engage for what.

Orca strives to ensure our service providers can access as little information about you as possible. We only share information about you with a service provider if it is:

  1. Integral for them to provide the desired service, and/or
  2. Legally required.

For instance, we must share the name and billing address of the Account Owner, with our payment provider (Stripe) for them to be able to process credit card payments. Whereas our file storage provider does NOT need to know your name, billing address or the contents of your files to be able to store them (files are encrypted on your device and sent to the file storage provider encrypted).

For details on which service providers we use, what we use them for, and what information each can access about you, see below. The list contains all service providers Orca uses that are privy to client and user’s information. It is NOT an exhaustive list of all service providers Orca uses. Any service provider(s) we use that do NOT process personal data about you are not listed. 

GOOGLE CLOUD

Orca uses the self-hosted version of GoogleCloud for cloud storage and backup. Whilst GoogleCloud stores and backs-up all the information you upload to your Account (all of the details regarding your Assets, Contacts and Files as well as the Files themselves), GoogleCloud CANNOT access any of this information. All of the information you enter into Orca is encrypted on your device before is sent to GoogleCloud. GoogleCloud can NOT read any information or Files you store in Orca, nor infer your password or access your Account.

The only information GoogleCloud can access is the unencrypted information in the database. This is the same information Orca has access to (see Orca needs access to the following information about you to run/operate our softwareDatabase Data).

Orca uses the GoogleCloud data center in Zurich. GoogleCloud maintains one the most comprehensive and reliable list of resources in terms of data, infrastructure and network security.  GoogleCloud is a certified PCI/DSS Service Provider (Level 1) and holds numerous other certificates. More information about the certification and other security and privacy related details can be found here.

The legal basis for processing this data is the provision of our services to you based on our contract with you.

STRIPE

Stripe is Orca’s payment provider. We use Stripe to process credit card payments (example: for Orca’s subscription fee).

As a regulated financial entity, Stripe is required by law to collect certain client specific data when conducting their business. They must however also adhere to very strict guidelines as to how to store/protect this sensitive information. Stripe is a certified PCI/DSS Service Provider (Level 1). More information about how Stripe treats security and privacy can be found here.

If you pay for your Orca subscription via credit card, the following information about the Account Owner is shared with Stripe:

  • your name
  • your email address, and
  • your credit card information (including billing address etc.).

Please note that Orca’s use of Stripe as a payment provider means we at Orca never need to know your credit card information (only Stripe needs to know your credit card details). Should a representative of Orca ever ask for your credit card information, please do not provide it and inform us immediately via privacy@orca.xyz.

The legal basis for processing is the provision of our services to you based on our contract with you.

CHARGEBEE

Chargebee is Orca’s subscription management tool. We use Chargebee to manage the key information regarding each Account. For example, what you subscribed to, as of when you subscribed, for how long, etc. Any/all changes made to your billing details are stored in Chargebee. For instance changing your payment method, new add-ons (such as Vaults and Users) etc. 

In addition to using Chargebee to manage your subscription details, if you elect to pay for Orca via credit card we will also use Chargebee to collect your credit card information - Chargebee and Stripe are integrated. This integration ensures Orca at no point in time becomes privy to your credit card information.

To perform the above tasks, Chargebee requires access to the following information about the Account Owner:

  • your name,
  • your email address,
  • your address,
  • your subscription details (incl. product, currency, price, start date, length etc.), 
  • the number of active Users and Vaults in your Account and
  • your credit card information (only if you pay via credit card).

Chargebee does not have access to any information about Users invited to an Account. 

Chargebee is a certified PCI/DSS Service Provider (Level 1). More information about the certification and other security and privacy related details can be found here.

The legal basis for processing is the provision of our services to you based on our contract with you.

XERO

Xero is Orca’s accounting software. We use Xero to reconcile our financial accounts and generate periodic profit and loss statements as well as our balance sheet.

In the process of performing these functions, Xero becomes privy to the following information about the Account Owner:

  • your name,
  • your email address, 
  • your address, and
  • how much you paid for Orca.

Xero does not have access to any information about Users invited to an Account. 

Xero‘s SOC2 (Service Organizational Control) report can be requested here. This is a highly valued certification for US based service providers.

The legal basis for processing is the provision of our services to you based on our contract with you as well as fulfilling mandatory legal requirements with respect to bookkeeping and accounting.

INTERCOM

Orca uses Intercom to 

  1. provide live chat within our app (so we are never more than a click away if you have questions),
  2. send ongoing emails about best practices to Users (to help you make the most of your Account),
  3. send ad hoc emails about new features and app updates (so you always know what to look forward to when you next login), and 
  4. send Account Owners emails regarding pricing and reminders as to when their subscriptions will renew.

(If you wish to opt-out of any of the above emails, please contact hello@orca.xyz any time.)

In providing these services, Intercom becomes privy to the following information about the Account Owners:

  • your name, 
  • your email address, and
  • your subscription details (timeframe, number of Users / Vaults etc.).

In providing these services, Intercom becomes privy to the following information about Users:

  • your email address,
  • the Accounts you have access to,
  • any personal details you share in conversation with Orca (Please note that there should not be need to mention any personal details in the chat), and
  • high-level information about your usage of the Orca app (such as IP address, session length, etc.). 

Intercom receives the above information from Chargebee. The two systems are integrated, however only the above information is synched between the two systems. Intercom is not privy to your billing details etc.

Intercom publishes SOC2 (Service Organizational Control) report. This is a highly valued certification for US based service providers. Intercom also complies with EU-US Privacy shield framework and is a member of the Cloud Security Alliance. More information about information security and compliance at Intercom can be found here.

The legal basis for processing is the provision of our services to you based on our contract with you and our legitimate interest to continually improve our services.

PIPEDRIVE

Pipedrive is Orca’s prospect management tool. We use it to maintain an overview of all current and prospective clients as well as our touch points/interactions with them.

In performing this task, Pipedrive becomes privy to the following information:

  • your name,
  • your contact details (email and telephone number),
  • your email interactions with Orca, and
  • dates, times and high level details of any interactions between Orca and you (be it a meeting, phone call, meal etc.).

Pipedrive‘s SOC2 (Service Organizational Control) report can be found here. This is highly valued certification for US based service providers.

The legal basis for processing is the provision of our services to you based on our contract with you.

EVERNOTE

Evernote is Orca’s central repository for strategic planning materials. It contains an overview of all key insights/thoughts gained during prospect and client meetings, all internal product concepts and general notes regarding Orca’s strategic vision. 

Evernote was chosen as custodian of this highly sensitive data based on its ability to aggregate key information on any topic quickly and comprehensively. 

We might store the following information about you in Evernote:

  • your name,
  • your contact details,
  • your device preferences (e.g. mobile, tablet, laptop, exact brand and model etc.),
  • your key pain points and use cases (e.g. to quickly retrieve all tax relevant documents, identify if I am missing an important document etc.), and
  • rough indications for the types and volumes of data you consider storing in Orca (e.g. I have 1’000 contacts and 400 documents etc.).

Evernote holds EU-US Privacy Shield and Swiss-US Privacy Shield certifications (see their privacy policy here).

The legal basis for processing is the provision of our services to you based on our contract with you and our legitimate interest to continually improve our services. 

SLACK

Slack is Orca’s internal communication tool. Besides being used for day to day topics discussions within the team, Slack is also integrated with Chargebee so that the relevant parties within Orca are immediately informed any time there is a change to your subscription. 

Slack is privy to the following information about the Account Owner:

  • your Account name,
  • your email address, and
  • your invoice value.

Slack is GDPR complaint and all the information is encrypted. Any information regarding their certifications can be obtained here.

The legal basis for processing is the provision of our services to you based on our contract with you and our legitimate interests to reply as promptly as possible to any queries or subscription adjustment.

GSUITE

GSuite is Orca’s key internal collaboration tool. It is our principal repository for all emails, documents etc.

Orca strives to keeps the client specific data in GSuite to an absolute minimum, however given its key function GSuite is able to see

  • your contact details (telephone, email address, physical address),
  • your email correspondence with Orca (product updates, general enquiries etc.),
  • your subscription details (timeframe, subscription, number of users / vaults etc.), and
  • any legal documentation specific to your relationship with Orca (including NDAs, service agreements or offers we made or signed with you). 

Other than this we do not store any other client specific information about you in GSuite. 

Google holds all information security and IT service management certifications recognized in US and EU markets. More information about their certifications can be obtained here.

The legal basis for processing is the provision of our services to you based on our contract with you and our legitimate interests to internally organize and coordinate the provision of our services.

MAILGUN

Mailgun is a tool to distribute email communications to our clients. For example the initial email validation and confirmation email.

We share the following information about you with Mailgun:

  • your email address. 

The legal basis for processing is the provision of our services to you based on our contract with you.

WOOTRIC

Orca uses Wootric to send out customer satisfaction and net promoter score surveys to users via email.

(If you wish to opt-out of the above emails, please contact hello@orca.xyz any time.)

In providing these services, Wootric becomes privy to the following information about the Account Owner:

  • your name, and
  • your email address.

In providing these services, Wootric becomes privy to the following information about Users:

  • your name, and
  • your email address.

Wootric receives the above information from Intercom. The two systems are integrated, however only the above information is synched between the two systems. 

Wootric complies with EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. More information about information security and compliance at Wootric can be found here

The legal basis for processing is the provision of our services to you based on our contract with you and our legitimate interest to continually improve our services.

REFERRALCANDY

Orca uses ReferralCandy to run its referral programme for users. 

(If you wish to opt-out of the above programme, please contact hello@orca.xyz any time.)

In providing these services, ReferralCandy becomes privy to the following information about the Account Owner:

  • your name, 
  • your email address, and
  • your subscription details (timeframe, number of Users / Vaults etc.).

In providing these services, Wootric becomes privy to the following information about Users:

  • your name, and
  • your email address.

ReferralCandy receives the above information from Chargebee. The two systems are integrated, however only the above information is synched between the two systems. 

Information about information security and privacy at ReferralCandy can be found here

The legal basis for processing is the provision of our services to you based on our contract with you and our legitimate interest to continually improve our services.

Your Rights

You have substantial rights with regards to the information Orca and our service providers have about you.

Right to access and/or change your personal data

If you would like to review, correct, or update personal data that you have previously disclosed to us, you may do so by signing in to your Orca Account (to amend your email address or subscription details) or by contacting us on privacy@orca.xyz.

Right to erasure (“right to be forgotten”)

Clients who want to exercise their right to delete their data from Orca need to submit their request to privacy@orca.xyz. Orca reserves the right to verify the identity of requesting entity before complying with the request to ensure validity of the request. After validating your identity, your request shall be completed within 30 working days. We will erase personal data unless we are subject to legal requirements requesting us to retain data or we have legitimate interests to retain your personal data. 

Right to access

Clients who want to exercise their right to access all their data from Orca need to submit their request to privacy@orca.xyz. Orca reserves the right to verify the identity of requesting entity before complying with the request to ensure validity of the request. After validating your identity, your request shall be completed within 30 days. In Orca database the information is encrypted, therefore the information provided to you will be encrypted and can only be accessed using your authentication credentials. 

Right to complain to a supervisory authority

You are entitled to complain to the supervisory authority if you deem our processing of your data is not in compliance with the legal requirements. 

General principles regarding your data

Limiting Use and Disclosure

Orca will not use or disclose your personal information other than for the purposes for which it was collected unless we receive your consent or are required to by law. 

When providing information in response to a legal inquiry or order, we will verify its validity and disclose only the information legally required. Orca will make reasonable efforts, within the bounds of the law, to notify you should your personal information be subject to disclosure.

Our Policy Toward Children

Orca is not directed to children under 18 years old. We do not knowingly collect personally identifiable information from children. If a parent or guardian becomes aware that their children’s information is available in an Orca Vault without their consent, contact us at privacy@orca.xyz

Retention

Orca will retain personal data for the period necessary to fulfil the purposes outlined in this Privacy Notice unless a longer retention period is required or permitted by law. 

Aggregated Data

Orca may assemble aggregated data for any number of reasons including but not limited to improving our products and services or developing new ones. To this end, we reserve the right to share aggregated data with third parties so long as no personally identifiable information is included in the aggregated data. For example, we may tell a third party how many users have subscribed to a particular service, but not identify that you personally are a subscriber.

Aggregate data is general information about groups of clients in which individual clients are not identified. Orca reserves the right to assemble aggregated data based on any collected data, i.e. we may combine your information with that of other clients.

Assignment, Change of Control, and Transfer

All of our rights and obligations under our Privacy Notice are freely assignable by us to any of our affiliates, in connection with a merger, acquisition, restructuring, or sale of assets, or by operation of law or otherwise, and we may transfer your information to any of our affiliates, successor entities, or new owner.

Jurisdiction and Cross-Border Transfer

Our services are global. Data we use and process to run our Orca business (as defined in the beginning of the document) can be shared with global service providers that are enlisted in this document. This information (encrypted or unencrypted) may be stored and processed in any country where we have operations or where we engage service providers, and we may transfer data to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. However, we will take measures to ensure that any such transfers comply with applicable data protection laws and that your data remains protected to the standards described in this Privacy Notice. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your data.

Your data (sensitive information about your assets, contacts and files) stored inside the zero-knowledge cloud storage (Orca platform) are hosted only in Switzerland. That includes the production data and its backups. Even though the sensitive data you choose to protect in Orca is always stored in servers in Switzerland, the data's transfer depends on your location, connection and set up. However, all such transfers are well protected and encrypted. 

Updates to This Privacy Notice and Notifications

We may change this Privacy Notice. The “Last updated” legend at the top of this Privacy Notice indicates when this Privacy Notice was last revised. Any changes are effective when we post the revised Privacy Notice.

We may provide you with disclosures and alerts regarding the Privacy Notice or personal data collected by posting them on our website and, if you are a user, by contacting you through your email address listed in your Orca account. You agree that electronic disclosures and notices have the same meaning and effect as if we had provided you with hard copy disclosures. Disclosures and notices in relation to this Privacy Notice or personal data shall be considered to be received by you within 24 hours of the time they are posted to our website or, in the case of users, sent to you through one of the means listed in this paragraph.

Did this answer your question?