Privacy Policy

6/11/21

Our Approach

This Privacy Policy applies to the following websites: Edison.tech, mail.edison.tech, assistant.edison.tech, trends.edison.tech, OnMail.com, (“Sites”) and our applications, Edison Assistant, Edison Mail; and the OnMail email service owned and operated by Edison Software; (collectively our "Services").

This Policy explains our practices regarding the collection, protection, use, sharing, and disclosure of information we collect when you visit our websites or use our applications.

For Google user data collected through Gmail APIs, see specific restrictions on our use of that data are set forth in the section titled Google User Data. You may access our Services from websites, phones, tablets, desktops, laptops and other devices, as well as third-party applications. By your use of our Services, you consent to this Policy and our Terms of Service. This Policy also describes your choices regarding the sharing, use, access and correction of your personal information.

Services. Our Services include the Sites and the following:

The Services:

Edison Mail is an application that lets you unify and better manage your email accounts by making your mail available to you in one place on your device. The Edison Mail app on your phone interacts directly with your mail provider over a secure connection to allow you to view, edit, manage, receive, and send email on your device.

Edison Assistant is a virtual assistant application that is focused on completing tasks related to contacts, calendar, and mail.

OnMail is an email service that allows you to send and receive messages online.

Information We Collect

We collect information when you use Services and Sites.

Information We Collect from the Services:

Edison accesses and processes email messages in any email accounts you have connected and data collected from other internet accounts you connect. By linking our Services to your email or other internet accounts, you authorize us to collect, process, and retain information, including personal information, from those accounts. We use this information to provide our Services to you and, as permitted, use Commercial Data, which is non-personal data such as seller, product and price extracted from information we collect, to help us and our Edison Trends’ subscribers aggregate and understand commerce trends.

Commercial Messages. Commercial Messages are emails you receive or you auto-forward from businesses about subscriptions, sign-ups/cancellations, any account requests and confirmations, purchases, travel, reservations, event tickets, boarding passes, promotions, bills and package shipments, and similar transactions. We access, store and use Commercial Messages to provide our Services. As permitted, we extract information, Commercial Data, from Commercial Messages to provide our Services to you and to develop Edison Trends.

Connected Internet Accounts. You can connect your Internet accounts to Edison Mail in order for you to access select information from those accounts in Edison Mail. We access, store and use the information we collect from Connected Internet Accounts to provide our Services.

  • We and our Edison Trends' subscribers use Commercial Data to develop research about commerce market trends. Learn more about this at: trends.edison.tech

  • We never share with subscribers the Commercial Messages or any data that contains personal information, such as your email address, IP address, name, photo, phone numbers, postal addresses (for example, if it is included in your shipping information).

  • The purpose of Trends is to create de-identified research and our subscribers are restricted to using Commercial Data for that purpose.

  • We prohibit all Edison Trends subscribers from attempting to re-identify users or use the information we share for any purpose other than creating aggregate reports and understanding commerce trends.

You can opt out of having your Commercial Data used in Trends at any time and continue to use the Edison Services with no degradation to your experience. You can read about your choices about the information we collect in the section: Your Choices to Manage Information below.

Push Notifications. If you opt in to receive push notifications, we will send you push notifications about new email arrival, flight and shipment status notifications. If you no longer wish to receive these types of communications, you may turn them off at the device level.

Information We Collect from Your Registration, Use of Services, and Visits to our Sites

By registering for an Edison or an OnMail Account, you may provide us with your information including, but not limited to, type of device, operating system version, your name, picture, email address, contacts, and, in some instances, credentials (in an encrypted format), and your device identifier (IDFA). We may also collect preferences and demographic information from you and about you from third parties, and information about your website and app usage, sessions, actions, and how you interact with our applications. This data collection is intended to help us improve our features and your Edison experience.

Information we Collect from Your Communications with Us. As is true of most websites and apps, we gather certain information automatically when you use our apps and visit our website. This information may include information on the type of device you use, operating system version and the device identifier (IDFA), internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.

Information we Collect from Cookies and other Tracking Technologies. Edison and its partners use cookies or similar technologies to analyze trends, administer our Services, track users’ interaction with our Services, and gather demographic information on our users. You can disable these cookies at any time, however, this may limit your use of certain features or functions. We do not use any cross-device data to track users. We do not respond to Do Not Track requests on our website. Advertising Other apps and services may use cookies or similar technologies to provide you advertising based upon your browsing activities and interests on other apps and services. We do not collect information for third party advertising purposes and we do not run ads on our Services.

How We Use Information

We use, process, and store your information as necessary to perform the contract with you and for our legitimate business interests, including to:

Provide and Improve Services.

We use the information we collect to operate, maintain, provide, and personalize our Services and apps, and to research and develop new ones. Edison Trends Research. As permitted, we use the Commercial Data we collect to create, share and use Edison Trends research data as described above.

Edison Trends Research. As permitted, we use the Commercial Data we collect to create, share and use Edison Trends research data as described above.

Communicate with You. We will use your email address to communicate with you, including updates and new features of the Services, and to provide customer support. By providing your email address, you consent to our using that email address to send you service-related notices and receipts. Please see the Your Choices to Manage Information section for information about how to opt-out of such communications.

Analysis. Our Service may use certain information about you and/or your data internally for analytical purposes such as analyzing how our Services are used, diagnosing service or technical problems, and maintaining security.

We use analytics software to better understand the functionality of our software on your device. This software may record information such as how often you use the application, aggregated usage data, performance data, and where the application was downloaded from.

App Usage & Website Visitor Information.

We use automatically collected information for a variety of purposes, including to:

  • remember information so that you will not have to re-enter it during your use of our Services;

  • provide custom content, and information;

  • determine the effectiveness of our Services;

  • fix technology problems reported by our users or engineers that are associated with certain IP addresses;

  • automatically update the application on your system and related devices.

How We Share Information

We will always request your consent before sharing any of your information in a way not discussed in this Policy.

We take very seriously our responsibility to maintain the privacy of your personal information. As permitted, we make certain information and research available to our subscribers, service providers, partners, and other third parties. These third parties may include the following:

Service Providers & Vendors.We use service providers who assist us in meeting business operations needs, including hosting and delivering our Services. We also use service providers for specific services and functions, including email communication, customer support services, application development, data storage, and maintenance, and analytics. These service providers may only access, process, or store Personal Data pursuant to our instructions and to perform their duties to us.

Marketing & Analytics Partners.We partner with third party marketing, security, and analytics services like Bitdefender*, ZecOps, Microsoft, Mailchimp, Facebook Analytics, Kochava, AppsFlyer, and Google Analytics to help us secure, market, and understand use of the Services. *[Bitdefender SDK]… © Bitdefender 1997-2020

Edison Trends Research. We use the Commercial Data we collect to create, share and use Edison Trends research data as described above. Commercial Data shall not be used to provide Edison Trends to third parties where such use is not permitted.

Legal Compliance. In certain situations, Edison Software may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement. We may disclose to: (a) conform to the law, comply with legal process served on us or our affiliates, or investigate, prevent, or take action regarding suspected or actual illegal activities; (b) to enforce our Terms of Service, take precautions against liability, to investigate and defend ourselves against any third-party claims or allegations, to assist government enforcement agencies, or to protect the security or integrity of our site; and (c) to exercise or protect the rights, property, or personal safety of ourselves, our Services, customers, or others.

Please note: Our policy is to notify you of legal process seeking access to your information, such as search warrants, court orders, or subpoenas, unless we are prohibited by law from doing so. In cases where a court order specifies a non-disclosure period, we provide delayed notice after the expiration of the non-disclosure period. Exceptions to our notice policy include exigent or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.

Corporate Change or Business Transfer. We may also transfer or assign your information in the course of a corporate change or business transfer including, but not limited to, divestitures, mergers, or dissolution. We will continue to take measures to protect the confidentiality of personal information and give affected users notice before transferring any personal information to a new entity.

Your Choices to Manage Information

Opt-Out of Data Sharing for Trends. You can always decline to share your information for Edison Trends from the ‘Manage Privacy’ page in the Email app settings or OnMail settings. If you do so, we will not share your Commercial Data with any third parties.

Revoke Access to Email & Social Network Accounts.Upon request, Edison Software will provide you with information about whether we hold any of your personal information by contacting mailsupport@edison.tech. You may choose to disconnect your email account or social networking accounts from our Services through your account settings. For steps on how to remove yourself from our Services please visit our FAQ pages for our Email App and for our Assistant App. If you no longer have access to your phone or your application, you can also contact your email account provider to revoke our access to your account, or contact us at mailsupport@edison.tech.. We will respond to your request within a reasonable timeframe

Data Retention. We may retain your information for as long as your account is active or as needed to provide our services, comply with our legal obligations, resolve disputes and enforce our agreements.

Data Update. You can request update of any of your personal information by contacting us at mailsupport@edison.tech. We can only update the data after verifying identity and if the data is collected by our systems.

Email Data Deletion. You can request deletion of any of your information collected and stored by Edison under the “Manage Privacy” settings within the Email app. For assistance with other apps, please contact us at mailsupport@edison.tech.

Unsubscribe. If you receive commercial emails from us, you may unsubscribe at any time by following the instructions contained within the email. Alternatively, you can send us an email at mailsupport@edison.tech requesting to unsubscribe. Please note, even after you opt out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding our Services.

Security

It is your responsibility to keep your passwords private and secure. We strongly recommend against sharing your logins and passwords with others.

We take the protection of your information very seriously and employ measures through administrative, technical, and physical safeguards designed to protect information against loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. We encrypt all data in transit and at rest. We take reasonable precautions to ensure the integrity and security of our network and systems, but cannot guarantee these security measures will prevent third parties from obtaining information by illegal actions or attacks.

Privacy Notice for California Residents

This notice applies to natural persons who are residents of California for compliance with the California Consumer Privacy Act of 2018 (“CCPA”). Edison does not sell and will not sell your personal information, including in the past 12 months, regardless of your age. Edison shall not discriminate against you in any way should you exercise your rights under the CCPA.

USE AND SHARING.

Edison collects, uses, and discloses your personal information as follows:

Category

Description of Personal Information

Collected in last 12 months?

Commercial or Business Purpose

Source

Categories of 3rd Parties we share your personal information with

A

Identifiers such as a real name, postal address, email address, account name, or other similar identifiers.

Yes

Provide Edison Apps to You

Send emails to you to notify you about changes to our Services or new Edison services.

Creation of Commercial Data

Your accounts connected with the Edison Apps

App Measurement Service Providers, Email Service Companies, Government Entities (upon subpoena), Demographic Services Providers.

B

Any categories of personal information described in subdivision (e) of Section 1798.80.

Includes name, physical address

Yes

Only to provide the Edison Apps to you.

Your accounts connected with the Edison Apps

App Measurement Service Providers, Email Service Companies, Government Entities (upon subpoena), Demographic Services Providers.

D

Commercial information, including records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Yes

Provide the Edison Apps to you

Creation of Commercial Data

Your accounts connected with the Edison Apps

App Measurement Service Providers, Email Service Companies, Government Entities (upon subpoena), Demographic Services Providers.

• The Services allow you to access the full content of your emails, which includes additional categories of personal information, however these categories are accessed directly via the Services on your device from the email server of your email service provider (e.g., outlook.com) and not collected, used, or disclosed by Edison.

YOUR RIGHTS UNDER CCPA

  • Right to Know. You have the right to request that we disclose what personal information we collect, use, disclose, and sell. To make a request, contact Edison via email at mailsupport@edison.tech.

  • Deletion Rights. You have the right to request deletion of your personal information. See the section above titled “Your Choices to Manage Information” for options and processes for deleting your personal information. Deletion requests require a two-step process, first by making the request, then a second confirmation either via a response from your email account or a second confirmation inside the Services.

  • Verification. Edison verifies requests made via email by first sending a confirmation email to the account connected with the Services, verification is completed when you reply to that email confirming the request. If a request is made on your device from within the Services, then the request for data is confirmed via a pop-up in the Services.

  • Response Time. Edison responds promptly to all requests, but will confirm receipt of requests within 10 days, and respond within 45 days from the day you made the request. If additional response time is necessary, up to 45 days, Edison will provide you notice and explanation.

  • Who may make a request. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf as your agent, may make a request related to your personal information.

  • Denials. If we are unable to verify the request, the request is unlawful, or exceeds your rights under the CCPA, we will deny the request.

  • Non-Discrimination. You have the right not to receive discriminatory treatment by Edison for the exercise of your privacy rights under the CCPA.

DEIDENTIFIED INFORMATION

Edison sells Commercial Data that is deidentified information to its Edison Trends subscribers. This is not the same as selling personal information and it is important that you understand the difference.

Under the CCPA, personal information does not include deidentified information (Cal Civ Code § 1798.140(0)(3))

To be deidentified, information “cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular consumer” (Cal Civ Code § 1798.140 (h)).

FURTHER, TO USE DEIDENTIFIED DATA, EDISON IS REQUIRED TO:

  1. Have implemented technical safeguards that prohibit reidentification of the consumer to whom the information may pertain.

  2. Have implemented business processes that specifically prohibit reidentification of the information.

  3. Have implemented business processes to prevent inadvertent release of deidentified information.

  4. Make no attempt to reidentify the information. (Cal Civ Code § 1798.140 (h))

Edison meets or exceeds these deidentification requirements. As a technical safeguard, we deidentify Commercial Messages to create Commercial Data by obfuscating usernames and email addresses, reducing the fidelity of physical addresses, and the use of filters and algorithms to identify personal information and remove it from the Commercial Data we provide to our subscribers, making reidentification unreasonable. Edison’s business processes prohibit reidentification of personal information in the Commercial Data sold to our subscribers and include security controls to safeguard against breaches of both personal information and the deidentified information in Commercial Data. Edison does not attempt to reidentify personal information contained in the Commercial Data sold to our subscribers, nor allows our subscribers to.

CONTACT FOR MORE INFORMATION.

For any additional questions related to your personal information, our privacy policies, or privacy practices, please contact us by email at privacy@edison.tech.

International Users

If you are residing in the EU or other regions outside the US, please note that information collected through our Service, will be transferred to and processed in the US or elsewhere. These locations may not have the same data protection laws as the country in which you initially used our Services.

What Rights Do I Have as an EEA User?

Individuals located in the European Economic Area (EEA) have certain rights in respect of your personal information, including:

  • the right of access to your personal information;

  • the right to correct or rectify any inaccurate personal information;

  • the right to restrict or oppose processing of personal information;

  • the right to erase your personal information;

  • the right to personal information portability

Where you have consented to data processing, your consent provides the legal basis to process your personal information, such as when you consent to processing in relation to the processing of your data for Trends or for the Services. You have the right to withdraw consent at any time. Please note that your withdrawal of consent to collect and process your personal information will not affect the lawfulness of processing your personal information based on your consent before you withdraw your consent.

We may also process your personal information on the basis of contractual necessity to perform a contract we have with you. For example, we process the messages in your email accounts when you link them to your Edison account in order to provide you with the Edison Services.

We may also process your personal information on the basis of our legitimate interests, including analytic reporting and improving the Services. For example, Edison has a legitimate interest in collecting information about your device hardware and operating system to better understand how users access and use the Edison Services. We also have a legitimate interest in providing and developing improved AI algorithms to deliver better product features to our users.

In some cases, Edison may process personal information pursuant to legal obligations or to protect your vital interests or those of another person.

How May I Exercise My Individual Rights as an EEA User?

Right to Data Portability: Users located within the EEA may contact us with questions or requests regarding their personal information using the contact information below. Please note that Edison may request additional information from you to verify your identity before we disclose any personal or account information.

Right to Restrict or Oppose: Where we rely on legitimate interests to process your personal information, you have the right to object to such processing by using the contact information below. Please note that some processing is essential to providing the Edison service.

Right to Access Correct and Rectify: Edison account holders may access, correct and rectify their personal information through their account settings in the Edison Services.

Right To Delete: You can request deletion of any of your information collected and stored by Edison under the “Manage Privacy” settings within the Email app. For assistance with other Services, please contact us at mailsupport@edison.tech

Revoking Consent: For the purposes of EU data protection legislation, the "data controller" of your personal information is Edison. Edison has appointed, Hetal Pandya, to be its representative. You can contact them directly regarding the processing of your personal information by Edison by email at privacy@edison.tech

Privacy Shield

Edison complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Edison has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit http://www.privacyshield.gov.

In compliance with the Privacy Shield Principles, Edison commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Edison at the contact address below. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

The Privacy Shield Principles describe Edison’s accountability for personal information that it subsequently transfers to a third party agent. Under the Principles, Edison shall remain liable if third party agents process the personal information in a manner inconsistent with the Principles, unless Edison proves it is not responsible for the event giving rise to the damage.

The Federal Trade Commission has jurisdiction over Edison’s compliance with the Privacy Shield.

As a last resort and under limited circumstances, EU individuals with residual privacy complaints not resolved pursuant to the foregoing mechanisms may invoke a binding arbitration option before the Privacy Shield Panel. For more information regarding the submission of complaints, please see https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint.

How We Handle Minors’ Information

Our services are not intended for use by persons under the age of 16. If we become aware that a person under the age of 16 has opened an account or provided us with personal information, we will immediately delete the account and any such personal information.

Links to Other Sites

Our Services may contain links to other sites that are not under our control and have their own privacy policies. Please read over the rules and policies of third party sites before you proceed to use them. We are not responsible for the acts, omissions, or content linked on websites, and we provide these links solely for the convenience and information of our users.

Privacy Policy Updates

We may update this Policy from time to time, so you should review this Policy periodically. When we change the Policy, we will update the ‘last modified’ date at the top of this Policy. If we materially change our Policy, we will notify you of such changes by posting them on this page and/ or by a notification within our Services or via an email. Changes to this Policy are effective when they are posted on this page. Your continued use of our Services after the revised Policy has become effective indicates that you have read, understood, and agreed to the current version of this Policy.

Google User Data

Additional Limits on Use of Your Google User Data: Notwithstanding anything else in this Privacy Policy, consumer Gmail account information obtained via the Gmail APIs, is subject to these additional restrictions:

  • The Services may read, write, modify, delete or control Gmail message bodies (including attachments), metadata, headers, and settings to provide an email client that allows users to compose, send, read, delete and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.

  • The Services will not use this Gmail data for serving advertisements.

  • The Services will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the Services’ internal operations and even then only when the data have been aggregated and de-identified.

These restrictions do not apply if you have created an App password for the Services with your Google account with the 2-step verification process.

(App’s) use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Contact Us

If you have any questions about this Policy or our practices, please contact us at privacy@edison.tech or at:

Edison Software
555 Clyde Avenue, Suite 100
Mountain View, CA 94043