We occasionally may need to make changes to our Services without notice. Though we do our best to make the Services operate smoothly, like in any other service or software, we cannot guarantee that Loop will always run uninterrupted, or be immune from errors or bugs. In those cases, we will do all we can to fix things immediately but cannot guarantee this will always be possible.
Your account ("Account") is automatically created when you sign in to our Services by using the log-in details to your existing email account (i.e. email and password). The best way to keep your account secure is to make sure that no other person uses your Account or knows your password. Our Services are designed for work and by using our Services, you are representing that you are over 13 and that you have the legal ability to use our Services.
We collect, store and use the following types of information and data: 1. Personally identifiable information (PII); 2. Non-personal information (NPI); 3. Your private email data including metadata and email content. Personally identifiable information Personally identifiable information (PII) is information that can be used to identify an individual person and includes information such as IP addresses, Account details, emails addresses, names, contact lists and all similar information retrieved by any other email client when accessing public email exchange information.
We collect, store, and use PII for the sole purpose of being able to deliver our Services to you.
Accounts are added to Loop through OAuth 2.0 protocol where possible. OAuth 2.0 is an open standard authorization protocol that allows third parties to access user data without needing to know or store user passwords. Also, OAuth 2.0 authentication allows users to revoke app access at any moment in app settings. If a user revokes Loop app access, our Services do not have access to any of the user data anymore.
Where OAuth 2.0 is not supported, we keep your account username and password secure in our Services. To ensure the greatest possible levels of security, user passwords are never stored in our databases. For secure storage of user credentials, we use a certified secure storage service called MS Azure Key Vault, with special purpose Hardware Security Modules (HSMs) accessed using a 2048 bit digital certificate. We then use the authorization provided to download your emails to our cloud servers and push to your device.
We use Amazon Web Services (AWS) infrastructure to store your data. Apart from AWS security policies, we take a number of measures to ensure that your data is never read by anyone else. We ensure that all transmission is secured with HTTPS so that no one else can access your data. For this, we use a strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA), and a strong cipher (AES_128_GCM) with industry standard 256 bit encryption using TLS/SSL (HTTPS). Non-personal information Non-personal information (NPI) is information which cannot be used to identify an individual person, such as technical information about your device, location, time zone, activity usage, performance metrics, configuration settings, anonymous behavioral information and other aggregated information.
Additionally, whenever you interact with our Services, we automatically receive and record ‘cookie’ information from your browser or device. ‘Cookies’ are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in our Services are visited and by how many people. You may be able to change the preferences on your browser or device to prevent or limit these, but this may prevent you from taking advantage of some of our features.
We use NPI to customize content for you and to provide the functionality of the Services, such as email follow-ups and categorization, based on your usage patterns. We also use NPI in order to improve your user experience when using our Services. We may use internal and third party processing and analytic systems to analyze user experience, behavior and trends with NPI.
Private emails (message headers, subject, body, attachments and other metadata) are stored by Loop's cloud service and some of that content is stored locally on your device. They are used exclusively to provide you with our Services.
You can request the deletion of your data from Loop by writing to firstname.lastname@example.org. Email content stored locally on your device can be removed by deleting the Loop apps. Access to data Except as described elsewhere in these Terms, no Loop employees, contractors, agents or other personnel (collectively ‘Loop personnel’) will access or use your data in a manner that would identify you as an individual.
We have strict controls and processes in place which are designed to limit access to and use of your data by Loop personnel. We have technical controls and audit policies in place which are designed to ensure that any access to such data by Loop personnel is logged. All Loop personnel who may have or require access to your data as part of their services to Loop are bound to our policies regarding your data and we treat the privacy and security of your data with utmost respect.
Loop personnel may need to access your data in connection with troubleshooting or responding to a problem, system maintenance or upgrades, or other activities in the ordinary course of operating our Services. In most cases, we will notify you and ask for your permission prior to giving Loop personnel permission to access your data. However, we may access and disclose certain data if we have a good-faith belief that such access, use, preservation or disclosure of your data is reasonably necessary to:
Loop considers the security, confidentiality and availability of your information to be of the upmost importance. It is policy that manifests itself through all aspects of the delivery of our Services, including the infrastructure our Services run on and all Loop personnel. Loop’s approach to information security management is based on adherence to best practice methodologies such as ISO 27001, regular third-party penetration testing and close monitoring of customer security requirements.
Loop is a web, mobile & desktop email client that works with other email providers (Gmail, Office 365 and Microsoft Exchange accounts). In order to send and receive user emails, our Services need to have access to user email accounts.
When you log into your email account through our Services, you are granting Loop permission to securely access the information contained in or associated with that account. The whole process is similar to connecting any other email client.
In order for our Services to achieve this, we need to store user email account access tokens:
To ensure safe and reliable operations of our Services, we rely on the most advanced and secure solution available in the industry – Amazon Web Services (AWS). Apart from AWS security policies, we encrypt all data between the client and our service. For client encryption and authentication, we user a strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA), and a strong cipher (AES_128_GCM) with industry standard 256 bit encryption using TLS/SSL (HTTPS).
Our Services are made available to you only for your personal or internal business use, which must be in compliance with all applicable laws, rules and regulations and must not infringe or violate third party rights. You may not make commercial use of our Services, including but not limited to selling or distributing our Services to any third party.
You may not register with Loop Services using existing email account information that you do not have the right to use, or another person’s existing email account information with the intent to impersonate that person. You represent and warrant that you are of legal age to form a binding contract (or if not, you have received your parents’ or guardian’s permission to use our Services and gotten your parent or guardian to agree to these Terms on your behalf).
If you are agreeing to these Terms on behalf of an organization or entity, you represent and warrant that you are authorized to agree to these Terms on that organization or entity’s behalf and bind them to these Terms (in which case, the references to “you” and “your” in these Terms, except for in this sentence, refer to that organization or entity). You will only use our Services in a manner that complies with all laws that apply to you.
You further represent, warrant, and agree that you will not use our Services or interact with our Services in a manner that:
Any violation of any of the aforementioned is grounds for termination of your right to use or access our Services. Any unauthorized use of any Loop Services is a violation of these Terms and such violations may subject the unauthorized user and his or her agents to civil and criminal penalties.
Loop Services are currently free. We reserve the right to charge for our Services in the future. We will notify you a reasonable period before any of our Services you are using begin carrying a fee. Changing these Terms We are constantly trying to improve our Services, so these Terms may change occasionally too. We reserve the right to change the Terms at any time. When we do, we will update the date to make it clear that a new version has been created and we will bring the update to your attention in a timely manner by sending you an email or by some other means within the app.