Privacy Policy & Security

EFFECTIVE DATE: OCTOBER 28, 2016

Your Work is Safe with Us


Our Collection and Use of Personal Information

Pobuca (hereinafter “the Service”) is a website provided by Pobuca Ltd (hereinafter “We”).

Your Trust is of the Utmost Importance To Us, and We Will Never Betray It.

You have chosen to trust us with your professional address book and contact data. We are careful to be very clear when requesting the information that, while personally identifying you (“Personal Information”), is required for the successful operation of the Service. Such information includes personal information you provide to create a personal access login for our Service; we use that information to contact you regarding your use of the Service. Our business is NOT in selling the private contact data from your address book. Our business is in providing you a safe, secure place to unify your address books and keep them all up-to-date, clean and complete.

We collect information under the direction of our clients but do not have direct relationship with the individuals or companies whose data are being processed. If you are a customer of one of our clients and you would like to no longer be contacted by our client who uses our services or to alter or delete inaccurate data, please inform our client directly.

Please be informed that we use third party vendors, and hosting partners to provide the necessary software, hardware, emailing, networking, storage and related technology necessary to run the Service. These companies are authorized to use your personal information only as necessary to provide these services to us.

Private contact data stored in your address book contains sensitive information like your company’s clients, phone numbers, addresses, photos and email addresses. We consider your private contact data to be privileged information and we will never sell, rent or lease your private contact data. You control who has access to it. However, we may need to store and process this private contact data behind the scenes in order to improve our services to you.

Profile and demographic data we collect may be used to personalize your experience with the Service and display information on this web site and any requested email communications in a way that is more relevant to you. We also compile, in the aggregate only, demographic and product use information, and may, from time to time, choose to make that aggregate information available to the public.

We strictly adhere to a permission-based email policy. As our customer, your email address is only used to send information that you have requested and to contact you to provide information about your account, subscriptions, billing, and updates to the Service, including information about new features, security or other technical issues. We may also contact you regarding third-party inquiries we receive regarding use of the Service, as described in your agreement. You will not be able to unsubscribe from these non-promotional communications.

As required for complete use of our email marketing software, we allow you to elect to receive, or to not receive, certain information from us, such as our commercial offers or advertisements. Except as mentioned herein, we will not send unsolicited email information. We will not sell, rent, or loan our contact lists or our customer’s contact lists (including customer data) to any outside firms. All opt-in emails we send in response to your request have an easy, one-click unsubscribe function for recipients. Unsubscribe requests are fulfilled without further communication being sent to requesting users.

We may only use contact information of your address book if you agree to provide it to us for the limited purpose of sending them an invitation to use the Service or other products of our company; we may contact those individuals with communications that may include information about you, such as your name and profile photo.

In the event we decide to use your Personal Information for any purpose other than as stated in this Privacy Policy Statement, we will offer you an effective way to opt out of the use of your Personal Information for those other purposes.

You may authorise other websites such as Facebook, Twitter, LinkedIn, Google Analytics, Google Webmasters, Bing Webmasters, Crashlytics to import information to the Service.

By using the Service, you expressly consent to the information handling practices described in this policy. If you do not want information about you to be used in the manner set forth in this policy, please do not use the Service.


Contact Data and Contact Record

The administrator/s are in control of your contact data. All users with the same e-mail address (for example name@pobu.ca) will have access to the same address books and information.

We will retain your data for as long as your account is active.

Any information your administrator/s choose to delete will be permanently deleted from our system.


With whom we share Information

We may need to share your Personal Information and your data to our affiliates, resellers, service providers and business partners solely for the purpose of providing the Service to you. The purposes for which we may disclose your Personal Information or data to our service providers may include, but are not limited to, data storage, database management, web analytics and payment processing. These service providers are authorized to use your Personal Information or data only as necessary to provide these services to us. In such cases we will also ensure that such affiliates, resellers, service providers and business partners comply with this Privacy Policy Statement and adopt appropriate confidentiality and security measures. We will obtain your prior specific consent before we share your Personal Information or data to any person outside Pobuca Ltd for any purpose that is not directly connected with providing the Service to you. We will share your Personal Information with third parties only in the ways that are described in this Privacy Policy Statement. We do not sell your Personal Information to third parties. We may share generic aggregated demographic information not linked to any Personal Information regarding visitors and users with our business partners and advertisers. Please be aware that the laws in Greece where we operate may obligate us to disclose user information and the contents of your user account to the local law enforcement authorities under a legal process or an enforceable government request. In addition, we may also disclose Personal Information and contents of your user account to law enforcement authorities if such disclosure is determined to be necessary by us in our sole and absolute discretion for protecting the safety of our users, employees, or the general public. If we are involved in a merger, acquisition, or sale of all or a portion of its business or assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.


Third Party Websites

When you click on a link to any other website or location, you will leave our Site and go to another site and another entity may collect Personal Data or Anonymous Data from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of data after you click on links to such outside websites.


Payment Information

In case of services requiring payment, we do not request credit card or other payment account information. All payments will be held via third party services, such as paypal. Therefore, we have no control over, do not review, and cannot be responsible for the third party’s privacy policy by which you will be bound.

Our accounts require that you log in with a username and password. You must secure your login credentials from unauthorized use by a third party.

Please understand that account passwords are encrypted. We cannot see your password; we can only reset them.


The Security and Protection of Other Intellectual Assets

We ensure that all subscriber lists, email content, phone numbers and reports remain private and confidential. We may scan the content of your email campaigns to ensure they comply with our Agreement — for example, to protect against defamatory, inaccurate, abusive, obscene, profane, or threatening material that is racially or ethnically offensive. We will not sell, rent, loan, or invite external access to a customer’s contact lists.


Cookies and Other Tracking Technologies

We use temporary and permanent cookies to enhance your experience of the Service. Temporary cookies will be removed from your computer each time you close your browser. By selecting ‘keep me signed-in’ option in the Service, a permanent cookie will be stored in your computer and you will not be required to sign-in by providing complete login information each time you return to our website. If you have turned cookies off, you may not be able to use registered areas of the website. We tie cookie information to your email address when you elect to remain logged in so as to maintain and recall your preferences within the website.

Technologies such as: cookies, beacons, tags and scripts may be used by us and our partners [such as reseller partners], affiliates, or service providers [such as analytics service providers]. These technologies may be used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We use Local Storage Objects (LSOs) such as HTML5 to store content information and preferences. Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use LSOs such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs.

We will have access to third party personal information provided by you as part of using the Service. This information may include third party names, email addresses, phone numbers and physical addresses and will be used for servicing your requirements as expressed by you to us and solely as part and parcel of your use of the Service. We do not share this third party personal information with anyone for promotional purposes, nor do we utilize it for any purposes not expressly consented to by you. When you elect to refer friends to the website, we request their email address and name to facilitate the request and deliver a one time email. Your friend may contact us at hello@pobu.ca to request that we remove this information from our database.


Communications from Us

Updates and Offers. After an initial email welcoming new users and verifying their new account and confirming their passwords and usernames, established users may receive occasional information on our company’s products, services, special deals, and recent news and events or advertisements. Our customers are given the option to not receive these types of communications by using the unsubscribe functionality appearing at the bottom of each email. However, you will continue to receive essential transactional emails.

Service Alerts and Announcements. As required, we may email a service-related announcement. For instance, if our service is temporarily disrupted for any reason, we might send users an email. In general, users may not opt-out of these communications from us; however, their own email filters could block receipt. These mandatory communications are not promotional in nature.

Customer Service. In accordance with the user’s selection, we regularly respond to users’ service requests and account inquiries via either email or ticketing.

Website Usage. At times, we may use your IP address to help diagnose problems with our hardware and software infrastructure, and to administer our website. We also use tracking information to analyze user visits to different pages on our site. We track what information individual users read or view. We also track how often each page is visited. This helps us design and operate a website that delivers the information you want.

Policy Modifications. Our Privacy Policy may change from time to time. If we change this privacy statement, we will post notice of the changes on our home page and sent an email to users who have signaled their preference to receive such emails. Those changes will be posted here, so visitors are encouraged to check back periodically. However, regardless of any future changes to this Privacy Policy, be assured that we will not use the personal information you have submitted under this Privacy Policy in a manner that is materially inconsistent with this Privacy Policy, without your prior consent.

Contact Us About Privacy. Ensuring that the information you provide through this website remains private is important to us as we seek to build strong and enduring customer relationships, and so, we want you to know the specific information we gather about our customers and how we use that information. If, at any time, you have questions or concerns about our privacy practices, please feel free to contact us at hello@pobu.ca.

All users are bound by the personal data laws and regulations applied in the country of use of the Service.

Security. Users have entrusted Pobuca with their contact data , and we make it a priority to take our users’ security and privacy concerns seriously. We strive to ensure that user data is kept securely, and that we collect only as much personal data as is required to provide our services to users in an efficient and effective manner.

Pobuca uses some of the most advanced technology for Internet security that is commercially available today. This Security Statement is aimed at being transparent about our security infrastructure and practices, to help reassure you that your data is appropriately protected.



Application and User Security

SSL/TLS Encryption: All communications with the pobu.ca website are sent over SSL/TLS connections. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) technology (the successor technology to SSL) protect communications by using both server authentication and data encryption. This ensures that user data in transit is safe, secure, and available only to intended recipients.

User Authentication: User data on our database is logically segregated by account-based access rules. User accounts have unique usernames and passwords that must be entered each time a user logs on. Pobuca issues a session cookie only to record encrypted authentication information for the duration of a specific session. The session cookie does not include the password of the user.

User Passwords: User application passwords have minimum complexity requirements. Passwords are individually salted and hashed.

Privacy: We have a comprehensive privacy policy that provides a very transparent view of how we handle your data, including how we use your data, who we share it with, and how long we retain it.


Infrastructure protection

Pobuca is hosted in Microsoft Azure which addresses security risks across its infrastructure, such as:

Update management: Security update management helps protect systems from known vulnerabilities. Azure uses integrated deployment systems to manage the distribution and installation of security updates for Microsoft software. Azure uses a combination of Microsoft and third-party scanning tools to run OS, web application, and database scans of the Azure environment.

Physical Security: Pobuca runs in geographically distributed Microsoft facilities, sharing space and utilities with other Microsoft Online Services. Each facility is designed to run 24x7x365 and employs various measures to help protect operations from power failure, physical intrusion, and network outages. These datacenters comply with industry standards (such as ISO 27001) for physical security and availability. They are managed, monitored, and administered by Microsoft operations personnel.

Monitoring and logging: Centralized monitoring, correlation, and analysis systems manage the large amount of information generated by devices within the Azure environment, providing continuous visibility and timely alerts to the teams that manage the service. Additional monitoring, logging, and reporting capabilities provide visibility to customers.

Penetration testing: Microsoft conducts regular penetration testing to improve Azure security controls and processes. Therefore, Microsoft has established a policy for customers to carry out authorized penetration testing on their own—and only their own—applications hosted in Azure.

DDoS Protection: Azure has a defense system against Distributed Denial-of-Service (DDoS) attacks on Azure platform services. It uses standard detection and mitigation techniques. Azure’s DDoS defense system is designed to withstand attacks generated from outside and inside the platform.


Organizational & Administrative Security

Employee Screening: We perform background screening on all employees.

Training: We provide security and technology use training for employees.

Service Providers: We screen our service providers and bind them under contract to appropriate confidentiality obligations if they deal with any user data.

Access: Access controls to sensitive data in our databases, systems and environments are set on a need-to-know / least privilege necessary basis.

Audit Logging: We maintain and monitor audit logs on our services and systems.

Information Security Policies: We maintain internal information security policies, including incident response plans, and regularly review and update them.


Software Development Practices

Coding Practices: Our engineers use best practices and industry-standard secure coding guidelines to ensure secure coding.


Handling of Security Breaches

Despite best efforts, no method of transmission over the Internet and no method of electronic storage is perfectly secure. We cannot guarantee absolute security. However, if Pobuca learns of a security breach, we will notify affected users so that they can take appropriate protective steps. Our breach notification procedures are consistent with our obligations under various state and federal laws and regulation, as well as any industry rules or standards that we adhere to. Notification procedures include providing email notices or posting a notice on our website if a breach occurs.


Your Responsibilities

Keeping your data secure also depends on you ensuring that you maintain the security of your account by using sufficiently complicated passwords and storing them safely. You should also ensure that you have sufficient security on your own systems, to keep any data you download to your own computer away from prying eyes.