What to expect

In using any product, parties should have a clear understanding of what to expect from each other. We encourage you to review these Legal Terms before registering with us.

Security Overview

Last updated: June 29th, 2013

We provide this overview so that you can better understand the security measures we've put in place to protect the information that we may store for you when using eEvidence.

Secure Storage

Depending on your eEvidence license conditions, we may store encrypted copies of your emails, of digital files attached to these and of other digital files related to the emails you submit to eEvidence. To encrypt the files that you store on eEvidence we use the GnuPG cryptographic software compliant with the OpenPGP standards (RFC 4880). No encryption protection, other than the one you may have applied for yourself, is ever applied to any email, nor to its attachments, delivered to the intended recipient. Encryption for storage is therefore applied after the Service has processed the files, for example once we have successfully delivered your email to the intended recipient, and we manage the encryption keys. In addition and also depending on you license conditions, we may grant you access to download your stored files at any time and as many times you need. When doing so, we will first decrypt encrypted files, using our encryption keys, before the download begins.

eEvidence uses Amazon Simple Storage System (Amazon S3) to store the encrypted copy of your emails and digital files, through an SSL secured data transfer channel. Amazon S3 is a highly-scalable, reliable, and low-latency data storage infrastructure, designed for 99.99% availability.

Amazon S3 is the preferred data storage infrastructure for some of the most popular cloud companies worldwide, including Dropbox, SmugMug, Tumblr, Pinterest and Alfresco.

You can find more information about Amazon S3 or learn about Amazon S3's security measures on the Amazon website.

Secure SMTP Transfers

You are responsible for securing the SMTP transport layer when submitting emails to eEvidence. In order to offer you maximum security, you can secure SMTP with transport layer security (TLS). Please refer to your email system manual or email provider when you want to set up SMTPS for submitting your emails to us.

Privacy

We guard your privacy to the best of our ability and work hard to protect your information from unauthorized access.

eEvidence employees are prohibited from viewing the content of files you store in your eEvidence account, and are only permitted to view file metadata (e.g. file names). Like most online services, we have a small number of employees who must be able to access user data for the reasons stated in our Privacy Policy (e.g. when legally required to do so). However that is the rare exception, not the rule. We have strict policy and technical access controls that prohibit employee access except in these rare circumstances. In addition, we employ a number of physical and electronic security measures to protect user information from unauthorized access.

Securing your Emails and Files before we do

Nothing stops you from encrypting your emails and attached files prior to submitting them to eEvidence. Please note that if you encrypt emails and files before submitting them, it will also make it impossible for us to recover your data if you lose your encryption key.

Reporting Security concerns?

We take a number of measures to ensure that the data you store on eEvidence is safe and secure. While we're very confident in our technology, we recognize that no system can guarantee data security with 100% certainty. For that reason, we will continue to innovate to make sure that our security measures are state-of-the-art, and we will investigate any and all reported security issues concerning eEvidence's services or software. You can report security issues to security@eevid.com.