Last updated: January 20, 2024. View previous privacy policy

Welcome to the Privacy Policy for Send Anywhere (collectively "we", "us" or "our"). We provide cloud services for file storage, sharing/transfer in the Send Anywhere website, the Send Anywhere mobile applications and all the products you can download on our website (the “Services”).

Send Anywhere is a Service provided by Rakuten Symphony Korea, Inc. We are part of the Rakuten Group, Inc., is based in Tokyo, Japan. More information about Rakuten is available at https://global.rakuten.com/corp/about/company

This Privacy Policy explains how we collect, use, share and protect your personal data. We also explain what options and rights you have and how to use them.

We collect personal data in different ways when you sign up for or use our Service. The following is a list of the categories of personal data we collect, and how we obtain it.

We do not collect, access, or use the information contained in the files and documents that you upload when you use the Services, except for the limited occasions described below:.

• When necessary to comply with applicable laws and legal procedures.

• When there is a compelling request from government or judicial authorities.

Information that you directly provide to us

You provide personal data to us when you sign up for an account,/  for us to provide you our Service. This contains:

• Basic information:
  • Personal details (first name and last name)
  • Contact details (email address)
  • Account login details (username, registered country, password, social login account ID, Send Anywhere account ID, Rakuten ID)

• Financial information:
  • Payment card details (cardholder name, card number, expiration date, CVC code)

Information we collect via cookies and tracking technologies:

When you use our Service, we will collect the following data using tracking technologies placed in our website. These data types are:

• Identifiers for devices you have used to access our Services (Device Identifiers):

• Unique device identifier or MAC identifier

• Advertising related identifiers

• IP address (from which your approximate location can be inferred);

• Internet activity information: information about your visits to our website and login sessions, and usage of the Services (include what you view)

Further information about our use of Cookies and Tracking Technologies is available in our Send Anywhere Cookies & Tracking Technologies Policy https://send-anywhere.com/cookie_policy

Information that will be inferred about you from how you use the Service:

• Interests

For more details about how we process the inferred information about you, including the purposes and the legal basis for which this data is collected, please see the “How we use your data and the basis on which we use it” Section.

Information we collect about you from other sources:

When you register or sign up into our Services using third parties’ services,

we collect personal data about you from third parties, at your request, to allow your registration and authentication in our Services. The categories of information that we collect about you from these sources are:

• Facebook: Facebook account ID (email)

• Apple: Apple account ID (email)

• Google: Google account ID (email)

The use and collection of your data by these third parties is governed by their own Terms & Conditions and Privacy Policy.

We always need a proper reason to process your data. 

The basis shall be the collection of personal data for the purpose of performing our contract with you (create your account); where applicable, fulfilling our legitimate interests, only when we have a valid interest that shall not override yours (the collection of data in order to secure our Services); complying with our legal obligations; as well as, where applicable, processing personal data based on your consent (when you voluntarily request to participate in our marketing activities). 

If we ask for your consent to process your personal data, you may withdraw your consent at any time (for example, you can unsubscribe from our marketing emails in each communication you receive or reject cookies via our cookie settings).

You can find here the information regarding the purposes for which we process the types of personal data listed above, as well as our basis for such processing operations.

• See more

  Purpose of Use	Type of Data	Basis for Processing	Retention period
  Provide you the Services	• Account details   - Social media account, account ID, or Rakuten ID • Contact details (email)  For guest users none of the above categories are collected.  • IP address  • Device Identifiers	Performance of a contract:   ・We process your data to provide, operate and deliver you our Services: file storage, sharing/transfer cloud Service.	Until your account is canceled or after one (1) year if your account is deactivated.
  Authentication & Account management	• Contact details (email)  • Account Details  - Account ID   - Social Media account, account ID or Rakuten ID    • IP address  • Device Identifiers	Performance of a contract  ・Allow you to register, log in or activate your account.  ・Verify that your identification you when you log into our Service (authentication).  ・We record your configuration and settings, to manage your accounts.  ・Creating and update your profile, with the information you provided to us.  Legitimate interest  ・To create a Rakuten ID if you sign up for one. We share your account credentials and profile information for log-in function. This service is jointly provided by the Rakuten ID services as directed by you, if you sign up with another Rakuten ID service. See further information  here.: https://corp.rakuten.co.jp/privacy/en/rakuten-id.html	Until your account is canceled or after one (1) year if your account is deactivated.
  Provide customer support and Service communications	• Personal details  (First and last name)   • Contact details (email address)   • Device Identifiers • Data we collect from your communications with us	Legitimate interest  ・We use your data to reply to your requests and inquiries, and to notify you about changes and updates to our Services.	Until your account is canceled or after one (1) year if your account is deactivated.
  Subscriptions & purchased Services	• Personal details  (First and last name)   • Contact details (email address)  • Account details (account ID)  • Payment card details   - Cardholder name  - Card expiration date  - CVC code  - Card number  • Transactional data (date, time, amount, and the only the last four digits of the card number)	Performance of contract  ・ We need your financial information to provide you the with our premium features and add-ons with your Send Anywhere paid plan account. You can find more information about the features of each plan on our website.    Your credit card number and CVC code will be provided by you directly to the applicable provider of payment services, and we will not have access to this data.    Legal obligation  ・ We are required by law to collect and save transactional data when you make a purchase.	For CVC, code and card number, deleted right after transaction.    Transactional data will be kept up to five (5) years after transaction, due to our legal obligation.
  Safety, security, and fraud prevention	• Personal details  (First and last name)   • Contact details (email address) • IP address  • Device Identifiers  • Access logs	Legitimate interest  ・We use data to protect our Service from fraud and other threats. We analyze log-in patterns (access logs) to protect your account against being accessed by someone else.	Logs are stored for a maximum of thirteen (13) months after collection.    For other data, until your account is canceled or after one (1) year if your account is deactivated.
  Marketing and advertising activities	• Personal details  • Contact details (email address)   • Device Identifiers  • IP address  • Internet and activity information   • Inferred interests	Consent  ・We send you marketing messages if you agree to it.  ・Profiling: We personalize, with your prior consent, to deliver to you appropriate advertising and make them more relevant and interesting for you. For this purpose, we share your device data and unique IDs and IP address with third party advertising partners. Additional information (including how to opt-out of data collection using cookies) is available on our https://send-anywhere.com/cookie_policy  ・To improve your experience, by providing interactive or personalized elements.	When you unsubscribe or request deletion. If there is no request, until your account is canceled.
  Improve and customize the Services for you.	• Account Details  • Device Identifiers	Legitimate interest  ・ To provide benefits or operational improvements for smoother user experience. ・Internal analytics about how our Service is used. ・Develop new features for Service improvements.   ・Improving the technical functionality of the Service.  Consent if you are located in the People’s Republic of China.	Until your account is canceled or after one (1) year if your account is deactivated.
  Compliance with law requirements	Depending on the circumstances, any data as detailed under “The personal information we use” Section above.	Legal obligation  We may be required by law to disclose data to law enforcement bodies (such as a court or the police).	As long as required by law.

Profiling

We may create a profile about you, based on your usage of the Service, to personalize the marketing and advertising provide to you, if you consented to it.

The rights and choices about your data are different depending on your location. This includes the right to request:

• access to your data; either if you want to know what data we have about you;

• get a copy of your data in a machine-readable format (right to data portability);

• correct any information that is wrong;

• delete your data;

• restrict usage to the bare minimum (for example, if you ask us to delete, but we still need to keep your order history for legal reasons, like tax audits of our business);

• object to specific uses (you can opt-out of marketing e-mails);

• ask us where we got certain data about you, how we use it and with whom we share it; or

• withdraw your consent easily; if you do so, the lawfulness of processing based on your consent before its withdrawal will not be affected;

Please see below the rights available under the applicable law for your region.

• See more

  	Access	Portability	Correction	Deletion	Objection	Consent withdrawal
  EEA	☑️	☑️	☑️	☑️	☑️	☑️
  China	☑️	☑️	☑️	☑️	☑️	☑️
  Japan	☑️	N/A	☑️	☑️	N/A	N/A
  South Korea	☑️	☑️	☑️	☑️	☑️	☑️
  United Kingdom	☑️	☑️	☑️	☑️	☑️	☑️

You can always ask us to exercise these rights without having to be afraid of discrimination. Also, you can file a complaint with your data protection authority, where applicable, if you think we mishandled your data. If you want to request any of this from us, please just get in touch with us by using the “Contact” Section below. We will always try to find a good and easy solution together.

We share your data with:

• Other Rakuten services that use Rakuten ID; in case that you log in to any service with the same Rakuten ID. The Rakuten Group aims to provide you with a unique service experience through the “Rakuten ID”. Rakuten ID is a unified program that allows you to easily connect to other Rakuten services by a single log-in function, share your account information or join a loyalty program with the Rakuten Group companies jointly participating in the Rakuten ID program.

  Your data will only be shared if you chose to connect to another Rakuten ID service. By connecting to another Rakuten ID service, you direct the Rakuten ID services to share your data for the purposes explained in our joint privacy policy here: https://corp.rakuten.co.jp/privacy/en/rakuten-id.html.

• Rakuten Group, Inc. (Japan), our parent company; when using Rakuten ID to log-in; supports the ID service as a processor, and for security and compliance purposes, as well as for service improvements and analytics. See further information here

• Service providers and business partners, who help us make our Service possible (they are data processors). We ensure they only have access to such information that is strictly necessary for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with all applicable data protection regulations.

• Law enforcement bodies where we are required to share data or with a court if necessary to enforce our claims or other legal rights.

• Asset purchasers. In case our Service or our company are fully or partly purchased by another company, data will be shared. The acquiring company will be bound by this privacy policy.

• Advertising partners. We disclose or share your personal data, with you consent if it is required, for advertising purposes. Further information about data sharing using cookies and other device identifying technologies is available in our Send Anywhere Cookies & Tracking Technologies Policy https://send-anywhere.com/cookie_policy

Find here the list of our services providers, business and advertising partners, the data we share and the countries where they are located.

• See more

  Recipient’s category	Recipients name	Country	Data Shared	Retention
  Service provision	Amazon Web Services	United States	• Personal details  • Contact details  • Device Identifiers  • Account details (social media login account ID)  • IP address  • File transfer history	Until your account is canceled or after one (1) year if your account is deactivated.
  	Microsoft Azure	Japan
  Payments  We share your personal data with them, to process secure payments	Stripe	United States	• Personal details  • Your payment card details (cardholder name・card expiration date・CVC code ・ card number)  • Transactional data (date, time, amount, and the only the last four digits of the card number).	For CVC code and payment card number, deleted right after transaction.    Transactional data will be kept up to five (5) years after transaction, due to our legal obligation.
  We receive payment from them but We do not share  your payment data with them	Gogle Play Store Apple Store	We receive payment if you subscribe to the Services via their application store. They act independently and based on their own privacy policies below. We will not have access to this data. Apple Store: Link to the privacy policy  Google Play: Link to the privacy policy
  Marketing purposes  We share your personal data with them, to send newsletters, and marketing emails.	Mailchimp	United States	• Your personal details   • Contact details (email)	When you unsubscribe or request deletion. If there is no request until your account is canceled.
  Communication, support and customer services    We share data for messaging Services (sending important Service updates, notifications) and to respond to your inquiries.	Mailchimp   Google Zendesk	United States	• Personal details  • Contact details (email address)  • Device Identifiers	Until your account is canceled or after one (1) year if your account is deactivated.
  Improve and customize the Services	Google Analytics   Firebase	United States	See more details in Send Anywhere Cookies & Tracking Technologies Policy https://send-anywhere.com/cookie_policy.	Until your account is canceled or after one (1) year if your account is deactivated.
  Advertising partners  Disclose or share your personal data, where you consent, to provide you advertising.	App Lovin Google AdSense   Google Ad Manager  Admob Criteo  Facebook  Yahoo	United States	See more details in Send Anywhere Cookies & Tracking Technologies Policy https://send-anywhere.com/cookie_policy.	Until your account is canceled or after one (1) year if your account is deactivated.
  	Daum	South Korea
  Other Rakuten services  We share your personal data with another Rakuten ID services if you chose to connect with them.	Please see detail information about recipients and their countries here: https://corp.rakuten.co.jp/privacy/en/rakuten-id.html.		• Account ID and profile information (first and last name, email address)	Until your account is canceled or after one (1) year if your account is deactivated.

Because we operate as part of a global business, the recipients referred to above may be located outside the jurisdiction in which you are located (or in which we provide the Services). See the Section on "International Data Transfers" below for more information.

We are a global business. That means your data will be shared to other Rakuten Group companies around the world. Also, we use service providers in different countries. Data are sent to them as well as indicated in the “Data Sharing” Section above. We have taken steps to keep your data safe. We are always watching out to ensure they are trustworthy, and we have strict contracts in place.

Inside the Rakuten Group, we have BCRs (Binding Corporate Rules), a set of privacy internal rules that we apply across all the Rakuten Group companies. The BCRs are Rakuten global standard for the protection of privacy and processing of personal data. Rakuten’s BCRs allow secure transfers of data within the Rakuten Group companies and have been approved by the relevant Data Protection Authorities in Luxembourg and the United Kingdom. You can find them

We have strict security measures in place in accordance with high security standards to ensure that your account and your data are safe with us. Some of these are technical, like password rules and monitoring of log-in patterns. Others are organizational, like having proper processes and access rules in place. We do so to prevent unauthorized access or unauthorized disclosure of your information, to maintain the accuracy of such information and, when necessary, to ensure its proper destruction.

When collecting or transferring your personal information, we employ data encryption technology, and restrict access only to those persons who require it to fulfil their job responsibilities. We conduct periodic reviews of our practices to ensure that our safeguards are properly implemented and remain state of the art. We make sure to always keep up with the latest developments.

As long as you have your account, we keep your data. When you delete your account, we will retain data only if we are required to do so by law, or in case we still need it for our defense in court proceedings. See retention period’s details in the “How we use your data and the basis on which we use it” Section above.

In order to protect your personal data, accounts with no activity for over one (1) year will be converted into deactivated accounts and will be kept separated. We will send you a deactivation notice to your e-mail address or a mobile push thirty (30) days before the deactivation of your account. In addition, we may post a notice about the deactivation when you log in and will ask for your consent to reactivate your account.

If you do not log in into your account within one (1) year after being temporarily deactivated, the account and all your personal data, if it is not subject to legal retention requirements under the applicable laws, shall be deleted. If you do not want your account and personal data to be deleted after the deactivation period, you can log in into the Services at any time before the above term, provide your consent to reactive your account and use the Services normally.

Symphony Korea Inc. is the responsible for the personal data we collect and process. Our Privacy Officer is Cho, Jiwook. Our main offices are in located 11F, 368, Sapyeong-daero, Seocho-gu, Seoul, Republic of Korea. If you have questions or concerns regarding the way in which your personal information has been used, please contact support@send-anywhere.com (Send Anywhere Help Center).

Please note that when contacting us, we may ask you for certain information to verify your identity and respond to your request appropriately.

Our privacy officer can be contacted from the above email address. If you have any complaint, we hope we can work with you to achieve a good solution. If we are not able to, you can contact your local data protection authority. Additionally, you can contact the data protection authority of Luxembourg here.

We may update this privacy policy from time to time. If there is going to be a substantial change, we will notify you in advance.