AgileBits Privacy Policy

Much more than just a policy – 1Password is Private by Design

Last updated: February 2, 2017

Introduction

Here at AgileBits we believe that the less information we know about you, the better. After all, it is impossible to lose, misuse, or abuse information we don’t have.

And since our business model involves selling a product for a reasonable price, we don’t need to harvest information as we never sell your data or use ads. Thanks to your support we have been able to say “no” to acquisitions and venture capitalists, which means we only answer to you, our customers.

We have developed this Privacy Policy to provide you with the information you need to know about how we collect and handle information, and outline your responsibilities to help you keep yourself safe using our products. Just a quick note: when we talk about “Services” we mean any and all of our websites, products, and services.

Information We Hold and How We Use It

We hold two kinds of information from our users to deliver Services: Secure Data, and Service Data. We treat both Secure Data and Service Data with the same high level of security and assurance, and both kinds of data are always confidential.

Secure Data is data that we cannot access under any circumstance, and includes any information you store in your 1Password account vaults. This data is encrypted using secure cryptographic keys that exist only in the possession and under the control of our customers. We have no way of accessing or providing decrypted Secure Data and we never receive copies of unencrypted Secure Data. Secure Data is your property, in which we claim no rights, title, or interest beyond that necessary to deliver Services to you. You may add, modify, and delete Secure Data at your discretion. If you do not have a 1Password account you cannot provide us with Secure Data.

Service Data is information that is not encrypted and is necessary for us to provide Services. Service Data includes but is not limited to server logs, billing information, number of vaults and number of items in vaults, company or family name, and email addresses. We do retain rights to Service Data.

In some cases we may collect Diagnostic Reports and other troubleshooting information from customers to help determine problems with Services. This data may contain sensitive and personally identifying information, but will never contain Secure Data. Copies of Diagnostic Reports and other information transmitted to us become our property which we may use to continually enhance and improve our Services. We consider Diagnostic Reports and other troubleshooting information to be Service Data.

We may use your contact information to communicate with you about Service activity, provide support, and send you other information such as product updates and announcements. You may choose to stop receiving communications from us, except certain important notifications such as billing and account security alerts.

Keeping Your Information Safe

We have implemented strict access controls to limit who can access Service Data. Only certain employees, vendors, and contractors of AgileBits have the ability to access or review Service Data, and Service Data is only accessed for valid business needs such as but not limited to providing customer service, evaluating Service performance and use, and monitoring and improving our infrastructure. We utilize nondisclosure agreements, firewalls, cryptographic protections, two factor authentication, and other standard measures to prevent unauthorized access to your information.

Under no circumstances do we ever use your Secure Data for any purpose other than transferring your encrypted Secure Data between your devices and delivering it to you.

Your Responsibilities for Protecting Your Data

When you create a 1Password account you will receive an Account Key and create a Master Password. Your Account Key is generated on your computer and your Master Password is something you create yourself. You should create a strong Master Password to ensure that it is not easily guessed.

It is extremely important that you understand that anyone with both your Account Key and Master Password can access your Secure Data. It is equally important that you keep a copy in a safe place for your own reference, because future access to your Secure Data depends on having access to both your Account Key and your Master Password. We will never ask you for your Master Password or your full Account Key, and you should never send either to us.

Due to the nature of our design and the sensitivity of the information you entrust to us (even in encrypted form), it may not be possible for us to help you with certain customer service requests unless you are listed as an account owner and are communicating from your verified email address. In the event that you change your email address, is very important that you update your email on your 1Password account(s) or you may eventually lose access.

Cookies

We set and use cookies on our own domains and subdomains to provide an enhanced experience. We also use certain third party analytics packages that may set cookies on your computer. However both of these are optional. You can therefore disable cookies in your browser and continue to use our Services without impact.

Designed Primarily for Adults

We do not produce our Services for nor market our Services to children, including those thirteen years old or younger. However you may add your own children as users to our Services, but you are solely responsible for their use of our Services.

Disclosure

We have both policy and technological protections to prevent the unauthorized disclosure of information. However we do reserve the right to disclose any information we have if compelled to do so by a court of law with competent jurisdiction, and in such an event we will hand over requested Secure Data and Service Data. If permitted by the order issued by the court, we will notify you of such a request and whether or not we have complied. However your Secure Data should remain private as long as you keep to your Responsibilities for Protecting Your Data as outlined above. If we have a reasonable and good faith belief that a disclosure is necessary to prevent criminal activity or damage to life or property, we may disclose Service Data to the authorities.

In the case of Families and Teams, we may reach out to the team admins or family organizers in order to help resolve issues with team or family members. In such cases we may forward limited Service Data specific to particular requests, but only that Service Data which a team admin or family organizer would already be able to access due to their own account privileges.

We have never and will never sell customer information, or transfer it to other entities for any purpose other than Service delivery and maintenance.

Updates to our Privacy Policy

At our discretion we may make changes to this Policy and note the date of the last revision. You should check here frequently if you need to know of updates to our Privacy Policy. Previous versions will be made available from this page.

A Quick Note

We love you, our customers, so we don’t want to saddle you with endless agreements and contracts. This Privacy Policy is an internal and binding Policy at AgileBits, it is not an agreement or contract with you. From the ground up, our software design puts encryption before policy, and makes sure that even a policy change cannot enable us to access your Secure Data. If you would like to learn more about our security design and how we view your privacy, we invite you to explore our Security and Privacy knowledge base.

Contact Us

If you have any questions about this Policy, you can contact our support team or write us by mail at:

317 Adelaide Street West, Suite 910
Toronto, Ontario
M5V 1P9, Canada

🙌 Thanks for reading! ❤️

Archived versions