At Wickr, we believe privacy is a universal human right. We know that privacy fuels global innovation and economic growth and empowers democracy.
Privacy cannot be only for a select few individuals or organizations. That is not the basis of a fair, safe and secure society.
This belief is essential to our fundamental philosophy that the communications of all Wickr users should always be private at all costs. The privacy of Wickr users – whether everyday citizens, members of the military or business professionals working in some of the world’s most critical organizations – is essential to our mission of delivering the world’s most secure communications platform.
We call this privacy for all.
This simple yet profound belief drives all our decisions – even when those decisions are neither easy nor popular.
Citizens from around the world regularly face arguments for limiting privacy. We couldn’t disagree more. Privacy should never be limited.
Other communications platforms store or share their users’ communications with governing bodies or third-parties. Wickr does not. We will never share the communications of Wickr users. In fact, Wickr does not have access to any encrypted communication conducted on our platform and conversations are never stored on our servers, thanks to our privacy-first architecture. Wickr enables enterprises to implement their own message archival and monitoring regimes in accordance with internal policies and government regulations.
Today, when the right to privacy is under attack across the world, we stand by our beliefs and our role as leaders in end-to-end encryption.
Wickr is committed to operating in an environment of complete transparency. Learn more about Wickr’s privacy position and how we respond to law enforcement requests using the buttons above.
Wickr Me is a free app that provides end-to-end encryption of text, picture, audio and video messages. Senders control who can read their messages and when they expire. Encrypted messages are stored on our servers and are deleted after they are downloaded to the recipient’s device(s). We do not have plaintext copies of messages exchanged through our system or the keys to decrypt user content. We can’t read any of the messages sent through Wickr Messenger, nor do we know who our users are, or with whom they communicate.
Wickr Pro is a separate collaboration platform that allows its customers to create secure professional networks within which to send messages and files. Senders control who can read their messages and when they expire. Encrypted messages are stored on our servers and are deleted after they are downloaded to the recipient’s device(s). We do not have plaintext copies of content exchanged through our system or the keys to decrypt user content. As Wickr business tools are designed to be used within professional environment, each customer network is managed by the customer’s administrator who can invite users within and outside of the enterprise.
Wickr is committed to operating in an environment of complete transparency and to cooperating with law enforcement while respecting each individual’s right to privacy.
Wickr responds to valid legal process issued in compliance with U.S. law. Requests for user account information from U.S. law enforcement should be directed to Wickr through proper service of process.
Wickr accepts service of court orders, search warrants, and subpoenas for information by email from law enforcement and government agencies, provided that these legal requests are sent from an official government email address of the requesting agent. Law enforcement and/or government agencies should submit legal requests directly from their official government email address to legal@wickr.com.
Non-public information about Wickr users’ accounts will not be released to law enforcement except in response to appropriate legal process such as a subpoena, court order, or other valid legal process.
Requests for the contents of communications require a valid search warrant from an agency with proper jurisdiction over Wickr. However, our response to such a request will reflect that the content is not stored on our servers or that, in very limited instances where a message has not yet been retrieved by the recipient, the content is encrypted data which is indecipherable.
Law enforcement or government requests for user information must include:
The descriptions should be as narrow and specific as possible in order to avoid misinterpretation and/or objections for overly broad requests. Wickr will construe received requests narrowly to maintain users’ privacy and ensure that any information disclosed does not exceed the scope of the request.
Further, Wickr requires law enforcement and/or government agencies to include the following information so that requests for user information may be validated:
Wickr’s policy is to notify users of requests for their account information prior to disclosure including providing user with a copy of the request, unless we are prohibited by law from doing so or if there is danger of death or serious physical injury. As soon as legally permitted to do so, we will notify our users of requests for their information.
Wickr has the following information about user accounts on Wickr Messenger:
Wickr has the following information about user accounts on Wickr Pro:
Wickr has the following information about network administrator accounts on Wickr Pro:
For Wickr Pro, the configuration of each network may vary depending on the enterprise needs. Thus, the information Wickr may be able to provide in response to a lawful request for user information will vary as well.
Wickr may provide information to law enforcement in response to a valid emergency disclosure request.
We review emergency disclosure requests on a case-by-case basis and evaluate them under applicable law (e.g., 18 U.S.C. § 2702). If we receive information that gives us a good-faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person, we may provide information to law enforcement to prevent that harm, if we have it.
Law enforcement officers can submit an emergency disclosure request via email:legal@wickr.com.
Emergency disclosure requests must be on law enforcement letterhead and include all of the following information:
Upon receipt of a valid preservation request from law enforcement under applicable law, we will temporarily preserve the relevant account records for 90 days pending service of legal process. We will only disclose preserved records upon receipt of valid legal process.
Preservation requests should be on law enforcement letterhead, signed by the requesting official, and include a valid official email address. Preservation requests may be submitted via the methods described above.
Account Content
Federal law does not allow private parties to obtain account contents (e.g., messages, attachments, etc.) from electronic communication service providers through civil subpoenas. See the Stored Communications Act, 18 U.S.C. § 2702.
Parties to litigation may satisfy party and non-party discovery requirements by seeking the contents of an account directly from the user.
Wickr does not preserve account content in response to a request from a private party.
Customer Records
Wickr may provide customer records in response to a valid subpoena issued by a federal or California or New York court where the requested information is indispensable to the case and not already within a party’s possession. It is Wickr’s policy to give affected account holders prior notice before complying with such subpoenas.
Parties seeking basic subscriber information must specifically identify accounts by Wickr ID.
We provide responsive records in electronic format. We reserve the right to seek reimbursement for the costs of producing records where appropriate.
Wickr does not provide expert witness testimony. However, all substantive responses to legal process requests will be accompanied by a signed Certificate of Authenticity of Business Records, which should eliminate the need for the testimony of a custodian of records.
Wickr’s policy is to promptly respond to requests that are issued via U.S. court upon proper service of process either by way of a mutual legal assistance treaty or letter rogatory.
As a courtesy to international law enforcement agencies, we will review and respond to properly submitted preservation requests while the MLAT or letters rogatory process is underway.
Last modified: May 17, 2018
Why We Use Cookies
As a privacy-focused company, Wickr has built and operated its platform as a ‘zero-knowledge’ system to ensure that our users have full control and ownership of their communications. This means that Wickr as a company is built private-by-design from its very start to provide secure its communications service, and does not collect or monetize your content.
Your trust is important to us and we tirelessly work on improving our services and raising awareness about our products, which are designed to ensure our users’ security and privacy. To accomplish these goals, we use cookies that enable us to learn how our website visitors navigate our content and how web users interact with our marketing materials so we can understand how to improve our website and our content so we can continue building privacy and collaboration-enhancing features accessible to all users. We may also use cookies to recommend content that might interest you based on your past interactions with us. We make every reasonable effort to: a) minimize the information we collect to operate the service, b) limit the amount of time we keep it and c) enable our users to proactively minimize the data they store on their devices to ensure its privacy and security.
What Are Cookies?
A cookie is a small text file, unique to your device or browser, that helps us learn about things like when users arrive at our site, how they use the site, when they leave, and when they come back. We use session-based, persistent cookies and pixel-tags. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire. Pixel tags, which are small blocks of code installed in or on a webpage, also provide us with insight about our users’ preferences. It’s important to note that no information about web traffic associated with our marketing and web optimization efforts can be traced back to the actual end users of Wickr products.
What Types of Cookies We Use
In addition to our own cookies, we use third-party cookies through partners like Google Analytics to understand website performance and customer interest in our product, as well as optimize the on-boarding experience for new network administrators (on Wickr Pro only). These cookies do not allow us to know your personal information, only how you interact with our website and marketing materials published on the web.
We provide the utmost transparency on and up-to-date overview of cookies used on our website including the ability for website visitors to check, withdraw or modify consent for non-necessary cookies at any time.
Deleting Cookies
In addition to modifying cookies by visiting our website, you can also control and delete cookies from your browser. Here is how to do so on different browsers:
Disabling Cookies
You can also disable or block cookies to prevent them from being used in the first place.
For more information about these controls, visit your browser or device’s help material.
The Electronic Frontier Foundation and other leading digital rights organizations recommend a number of ways to do this:
If you have any questions about our use of cookies, please contact us.
As a secure communications platform, we take safety and security of our users seriously. Wickr’s terms of service outline community guidelines and prohibited user conduct. Users cannot utilize the platform for unlawful purposes or to harm others. Wickr is committed to ensuring that our users have a positive experience communicating via Wickr in a socially responsible way.
If you encounter unlawful activities on our platform, please reach out to legal@wickr.com with as much detail as possible about the situation. Our team will carefully review and take appropriate actions to protect the Wickr community and community at large including reporting the abuse to appropriate authorities and removal actions against individual accounts.
Last Modified: June 19, 2018
Thank you for using Wickr Me! Wickr allows you to encrypt and send audio, video, voice, text messages and files, and conduct voice calls, so that you can communicate safely, securely, anonymously — and easily.
This document, our Privacy Policy, governs how Wickr (“we”, “us”, “Wickr”) handles our users’ (“you,” “your,” etc.) data both in the Wickr Me app itself (the “Wickr Me App” or “Wickr Me”) and on our website/servers (collectively, the “Services”). This policy does not cover Wickr business products.
Our Privacy Policy is incorporated into and is subject to the Wickr Terms of Service, so please read both documents carefully. Your use of the Services indicates your consent to this Privacy Policy and our Terms of Service. If you do not want to be bound by these agreements, you may not use our Services.
We work very hard to preserve your privacy and security, and we do our best to be as transparent as possible in explaining how we use your data in providing our Services. Not only is Wickr’s security architecture and proprietary encryption methodology designed to ensure that only users can gain access to their message content, we promise to never monetize your communications or personal information. Ever. Please contact us if you have any questions at privacy@wickr.com
Our Privacy Practices in Brief:
Wickr has to collect some information from you in order to provide our Services to you, but we do so in a highly limited, highly secure way.
What Information Does Wickr Collect and How Is It Used?
We are committed to limiting our collection of your information to what is necessary to provide you with our Services in accordance with applicable data protection and privacy laws.
The limited information we collect, receive, or have access to is used to provide the Service, to allow you to send and receive messages and files, to respond to your requests, and to improve the Service, in line with the legitimate interest we have in delivering the Services to you. It may also be shared under valid legal process and with third party service providers for the limited purposes described below.
What We Don’t Collect
Equally important to us is to share what information we don’t collect. We do not collect your location information or have access to the contents of the communications you send using the Wickr Me App. Remember, however, that if you send a Wickr message to another Wickr user, that message or related content might remain on their device even after you delete it from yours, depending on the value you set for the expiration or burn-on-read time of that message and whether the recipient took a screenshot of the message.
User-Provided Information
We collect some very limited information from you after you download the Wickr Me App in order to allow you to create a Wickr Me Account, and begin using the Wickr Me App.
Optional User-Provided Information
Within the Wickr Me App, we provide a few optional features for your convenience. Some of these features, described below, will ask for personal information. If you want to keep your use of Wickr Me as anonymous as possible, please read these sections carefully in order to understand how we associate information you provide with your Wickr Me account.
Automatically Collected Information
Wickr collects two types of information automatically during your setup and use of the Wickr Me App: Device Information, Aggregate Usage Data, and Crash Logs.
What Information Does Wickr Share with Third Parties?
We do not share any user information we have with third parties, with the exception of the third-party service with whom we share your phone number for the sole purpose of sending you an SMS confirmation if you choose to associate your phone number with your Wickr Me ID. Please note that the provision of a phone number is completely at the user’s discretion.
Law Enforcement:
Please see our full Legal Process Guidelines, but here are the highlights:
We will always notify our users of any third party requests for their information unless we are legally prohibited from doing so. As soon as legally permissible, we will notify our users of requests for their information. We require a warrant before handing over the contents of communications; however, because of the nature of our technology, the contents of communications will be encrypted and undecipherable if obtained.
You Can Terminate Your Account
You can terminate your account at any time. Once terminated, your account will be irrevocably suspended, ensuring that nobody can use that Wickr ID again in order to prevent impersonation. If you wish to terminate your Wickr Me account, go to Settings, “Terminate Account” and verify by entering your password.
We Retain As Little Data As Possible, for the Least Time Possible
Data Retention on Wickrʼs Servers: Our servers store the encrypted messages that you send and receive for up to 6 days to ensure their reliable delivery to each device associated with your account and the accounts to which you transmit messages. We retain certain account data (i.e., types of messages sent and account settings changes) which contain no PII for up to 6 days.
Data Retention on Your Device: All messages are stored in encrypted form on end users’ devices. You choose your own retention policy for your messages by choosing how long a message is viewable before it is deleted (via the expiration or burn-on-read time for sent messages, recall ability and manual deletion for your device). In addition, Wickr’s “secure shredder” technology uses forensic deletion techniques to help reduce the risk of deleted messages and temporary data being recovered.
We Are Serious About Security
We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. For example, we limit access to this information to authorized employees who need to know that information in order to operate, develop, or improve our Services. No sensitive information is in the clear: we take reasonable efforts (as described herein) to ensure that everything we store is not retrievable by us or anyone else.
However, as security experts, we know that no security system can prevent all potential security breaches. Therefore, we have limited the potential implications of such a breach by designing our system so that in the event of a breach, we would have the least possible information about you.
Wickr’s network infrastructure and services are maintained in highly secure, strategically located data centers managed by Amazon Web Services (AWS). Learn more about AWS security policies here.
Children
Wickr is not directed to children under the age of 13. If we learn that we have allowed a child under 13 to access our Services, we will take appropriate steps to promptly remove such account and delete all information associated with such account.
If you live in any other country except those in the European Region, you must be at least 13 years old to register for the Services. If you live in the European Region, you must be at least 16 years old to register for and use our Services.
Customer Service
In an ongoing effort to improve our services and assist our customers with any questions they have about the use of the Wickr Me App, we have developed a comprehensive collection of the most commonly asked customer support questions and answers, which are available here. Any information provided to us by our users voluntarily when they request customer support (e.g., an email address, Wickr Me App version, or any other details related to user issue) will be used to respond to that individual request and may be logged as part of our effort to improve our customer service and solve any product-related issues. This user-provided information cannot be linked to our users Wickr Me accounts, unless users voluntarily include their Wickr Me account information in their customer service-related requests. We strongly discourage our users from disclosing their passwords to Wickr Me accounts to third parties.
Cookie Policy
We tirelessly work on improving our services and raising awareness about our products, which are designed to ensure our users’ security and privacy. To accomplish these goals, we use cookies on the Wickr website that enable us to learn how visitors navigate our content and interact with our marketing materials so we can be more effective at informing our users about product developments.
A cookie is a small text file that is placed in visitors’ browsers to help us learn when users arrive at our site, how they use the site, when they leave, and when they come back. These cookies can never be used to identify user accounts within the Wickr App.
Here is an example of how we may use information collected via cookies: we may think that one of our new features would be very useful to the Wickr community, but cookies may tell us that very few users fully read that feature’s description on our site. That insight would help us to rethink the way we explain that product on our site or present it in an advertisement so that we can better communicate our services to our users.
We make every reasonable effort to minimize the information we collect. For example, we enforce IP masking for the website analytics purposes to conceal the last 4 digits of IP addresses which ensures that visitor’s full IP addresses are not collected via third party services such as Google Analytics.
We provide the utmost transparency on and an up-to-date overview of cookies used on our website including the ability for website visitors to check, withdraw or modify consent for non-necessary cookies at any time. More information on our Cookie Policy can be found here.
Web Forms
To enable our visitors to reach out to us with sales inquiries, we may collect information using online form submissions. Please note that all information you provide via web forms on our site is strictly voluntary and will never be used in any way that is inconsistent with other provisions of this Privacy Policy.
Third Parties
To improve Wickr’s products, website, or marketing, we may engage with various outside partners that have access to the limited data users voluntarily share with Wickr via web forms, cookies, or customer support and sales inquiries. We carefully select each of our partners based on Wickr’s commitment to user privacy and security. Our security team meticulously vets each prospective partner to ensure its policies and practices are on par with Wickr’s standards.
Each of these companies has its own policies for handling user data. Please review the respective privacy policies for Zendesk, Twilio, Pardot, WP Engine, AWS, and Bugsnag for a more complete understanding of their practices.
If you have additional questions regarding our privacy protection practices, please email us at privacy@wickr.com.
We Can Change This Privacy Policy
This Privacy Policy may be updated from time to time, for any reason. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy here along with information about what has changed and an archive of past policies. You are advised to consult this Privacy Policy regularly for any changes. By continuing to use the Services, you agree to be bound by the revised Privacy Policy.
Users Outside the US
If you use our Services, your information will be transferred to the U.S. and will be processed and stored under U.S. data protection and privacy regulations which may differ from those your country of residence. By using our Services and providing information to us, you consent to such transfer to and processing in the U.S. We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this policy. Please note that all user communications on the Wickr Service are protected between devices and are never stored unencrypted hence are undecipherable to Wickr or other third parties.
You are responsible for complying with any laws or regulations in your country that govern use of applications and services like Wickr Me.
Contact Us if You Have Questions or Account-Related Requests
If you have any questions regarding privacy while using our Services, or have questions about our practices, please contact us via email at privacy@wickr.com.
If you live in the European Region, please note the following:
Opt-out. You may contact us anytime to opt-out of:
Access. You may access the data we hold about you at any time within the application or by contacting us directly.
Amend. You can also contact us to update or correct any inaccuracies in your personal data.
Erase and forget. In certain situations, for example, when the data we hold about you is no longer relevant or is incorrect, you can request that we erase your data. Please note that only you can delete your Wickr Me account at any time form within the Service, due to privacy design of the Service, we are unable to delete Wickr Me accounts upon your request.
You may contact us at gdpr@wickr.com on any questions you may have about your personal data and our use of such personal data under the GDPR.
Last Modified: June 19, 2018
Thank you for using Wickr Pro! Wickr Pro is a vetted, simple-to-use end-to-end encryption platform built by an expert security team and designed to facilitate calls and video conferences and protect the transfer of high-value sensitive communications including messages and files. Wickr (“Wickr”, “we”, or “us”) administers Wickr Pro through its messaging network and the application downloaded by the user (collectively, the “Service” or “Services”).
This document, the Wickr Pro Privacy Policy (“Privacy Policy”), governs how we handle users’ data both in the Service itself and on our servers. For more information about our data handling practices for Wickr’s consumer product, please click here. There are a few core differences in these two products, so please read their respective privacy policies carefully.
This Privacy Policy is incorporated into and is subject to the Wickr Pro Terms of Service (“Terms of Service”) and Terms of Use (“Terms of Use”), so please read these documents carefully. Your use of the Services indicates your consent to this Privacy Policy, the Terms of Service and the Terms of Use. If you do not want to be bound by these agreements, you may not use our Services.
We work very hard to preserve your privacy and security, and we do our best to be as transparent as possible in explaining how we use your data in providing our Services. Not only is Wickr’s security architecture and proprietary encryption methodology designed to ensure that only users can gain access to their message content, we promise to never monetize you or your communications. Ever. Please contact us if you have any questions at privacy@wickr.com.
Please review the rest of this Privacy Policy, below, for additional detail about the summary above.
We are committed to limiting our collection of your information to only what is necessary to provide you with the Services in accordance with applicable data protection and privacy laws. An administrator for the entity or organization with which you are affiliated (“Administrator”) may provide us with personally identifiable information about you, such as your e-mail address, for purposes such as sending you an e-mail with a link to download the Service. The entity or organization with which you are affiliated with may retain this information for as long as you are affiliated with that organization or entity or as long it uses the Service. We also collect information from users as described in greater detail below:
Mandatory User-Provided Information: You are required to provide limited information during the registration process to create a Wickr Pro account and to begin using the Service.
Optional User-Provided Information: We provide a few optional features for your convenience, and for the convenience of the entity or organization that you are affiliated with. Some of these features permit you to provide additional personal information at your or your organization’s election.
Automatically-Collected Information: Wickr collects the following information automatically during your setup and use of the Service:
The limited information that we collect, receive, or have access to is used to provide the Service, to allow you to send and receive messages and files, to respond to your requests, and to improve the Service, in line with the legitimate interest we have in delivering the Services to you. It may also be shared under valid legal process and with third party service providers for the limited purposes described below.
Wickr is committed to transparency and to limiting what we disclose in response to legal process. Please see our full Legal Process Guidelines, but here are the highlights:
When we receive a request for customer data related to the Service, we always attempt to redirect the third party to obtain the requested data from our customer. For valid requests that we are not able to redirect to the customer, we disclose information only when we are legally compelled to do so, and we always make sure that we provide only the data specified in the legal order. We will always notify our customers of any third party requests for their information unless we are legally prohibited from doing so. As soon as legally permissible, we will notify our users of requests for their information. We require a warrant before handing over the contents of communications; however, because of the nature of our technology, the contents of communications will be encrypted and undecipherable if obtained.
To improve the Service, we engage with various service providers (“Partners”) that may have access to some user information described in this Privacy Policy. Wickr takes all reasonable steps to minimize the information to which our Partners have access. We carefully select each of our Partners based on Wickr’s commitment to user privacy and security. Our security team meticulously vets each prospective partner to ensure its policies and practices are on par with Wickr’s standards.
Here are the Partners with whom we work to provide the Service:
Each of these companies has its own policies for handling user data. Please review the respective privacy policies for Zendesk, AWS, Twilio, Mailgun, Recurly, Braintree, Bugsnag, and WP Engine for additional detail on their specific practices.
We tirelessly work on improving our services and raising awareness about our products, which are designed to ensure our users’ security and privacy. To accomplish these goals, we use cookies on the Wickr website that enable us to learn how visitors navigate our content and interact with our marketing materials so we can be more effective at informing our users about product developments.
A cookie is a small text file that is placed in visitors’ browsers to help us learn when users arrive at our site, how they use the site, when they leave, and when they come back. These cookies can never be used to identify user accounts within the Wickr App.
Here is an example of how we may use information collected via cookies: we may think that one of our new features would be very useful to the Wickr community, but cookies may tell us that very few users fully read that feature’s description on our site. That insight would help us to rethink the way we explain that product on our site or present it in an advertisement so that we can better communicate our services to our users.
We make every reasonable effort to minimize the information we collect. For example, we enforce IP masking for the website analytics purposes to conceal the last 4 digits of IP addresses which ensures that visitor’s full IPs are not collected via Google Analytics service.
We provide the utmost transparency on and up-to-date overview of cookies used on our website including the ability for website visitors to check, withdraw or modify consent for non-necessary cookies at any time.
More information on our Cookie Policy can be found here.
Data Retention on Wickrʼs Servers
Depending on which Wickr-hosted business product you are using, our servers store the encrypted messages that you send and receive for up to 30 days to ensure their reliable delivery to each device associated with your account and the accounts to which you transmit messages.
We retain certain account data (i.e., when a user account was provisioned, when a user registered, and account settings changes). User profile information is stored on our servers for as long as you use the Service, or until account deletion by an Administrator.
Data Retention by Your Entity or Organization
The entity or organization with which you are affiliated with may retain information about you and your use of the Service, such as your profile information, for as long as the entity or organization desires. Please consult the entity or organization with which you are affiliated with for additional detail about its specific data retention policies.
Data Retention on Your Device
All messages are stored in encrypted form on user devices. Users select a retention policy for their messages by choosing how long a message is viewable before it is deleted (via the expiration time, burn-on read time). The “expiration” time is a length of time before content is destroyed on all devices from the time it is sent (this is the maximum time-to-live). The “burn-on-read” time is a length of time before content is destroyed across all user devices once it has been read by that user (this will never extend the “expiration” time). Your content may be available to you and the recipient(s) locally, on your device(s) until it expires even after we delete it from our servers; however, you will not be able to download pre-existing content to a new device. Note that our application controls cannot destroy exported or maliciously retained messages, so you should always ensure that you are communicating with people you trust.
In addition, Wickr’s “secure shredder” technology uses forensic deletion techniques to help reduce the risk of deleted messages and temporary data being recovered.
The Service is designed for communication purposes by individuals associated with an entity or organization. The Service is not designed for children under the age of 16. If we learn that we have collected personally identifiable information from a child under 16, we will take appropriate steps to promptly remove such account and delete all information associated with such account.
If you use our Services and reside outside the U.S., your information will be transferred to the U.S. and will be processed and stored there under U.S. data protection and privacy regulations which may vary from those of your country of residence. By using the Services, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this policy.
You are responsible for complying with any laws or regulations in your country that govern use of applications and services like Wickr.
We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. For example, within our organization, we limit access to information about you and your use of the Service to authorized employees who need to know that information in order to operate, develop, or improve the Services. As described herein, we take every reasonable step to ensure that message contents are not retrievable by us or anyone else.
However, we know that no security system can prevent all potential security breaches. Therefore, we have limited the potential implications of such a breach by designing our system so that in the event of a breach, we would have only limited information about you. Please note that all user communications on the Wickr Service are protected between devices and are never stored unencrypted hence are undecipherable to Wickr or other third parties.
Wickr’s network infrastructure and services are maintained in highly secure, strategically located data centers managed by AWS. Learn more about AWS security policies here.
We may change this Privacy Policy, which pertains solely to our Wickr Pro Products, from time to time, for any reason. When we do, we will be sure to let you know one way or another by revising the date at the top of the Privacy Policy that’s available on our website and mobile application or we may provide you with additional notice (such as adding a statement to our websites’ home pages or providing you with an in-app notification). Your continued use of the Service following the posting or notice of any changed terms will denote your acceptance of such changes.
If you have additional questions regarding our privacy protection practices while using our Services or otherwise, please contact us via email at privacy@wickr.com.
If you live in the European Region please note the following:
You may contact us at gdpr@wickr.com on any questions you may have about your personal data and our use of such personal data under the GDPR.
Last modified: April 1, 2020
Thank you for using Wickr Enterprise! Wickr Enterprise is a vetted, simple-to-use, end-to-end encrypted secure messaging platform built by an expert security team to protect high-value sensitive communications including messages, files, voice and video conferencing. Wickr (“Wickr”, “we”, or “us”) provides the application downloaded by the user (the “App”). The entity or organization that you are affiliated with (“Provider”) manages the service (the “Service” or “Services”).
This document, the Wickr Enterprise Privacy Policy (“Privacy Policy”), governs how we handle users’ data in the App. Your use of the App indicates your consent to this Privacy Policy. If you do not want to be bound by this agreement, you may not use our App.
We work very hard to preserve your privacy and security, and we do our best to be as transparent as possible in explaining how we use your data in providing our App. Not only is Wickr’s security architecture and proprietary encryption methodology designed to ensure that only users can gain access to their message content, we promise to never monetize you or your communications. Ever. Please contact us if you have any questions at privacy@wickr.com.
Our Privacy Practices in Brief
Please review the rest of this Privacy Policy, below, for additional detail about the summary above.
What Information Does Wickr Collect?
Wickr collects no information from you in the course of your use of the App or the Provider’s Service. We are committed to limiting collection of your information in our App to only what is necessary for your Provider to provide you with the Services in accordance with applicable data protection and privacy laws. The Provider may retain this information for as long as you are affiliated with that organization or entity or as long it provides the Service.
Your provider collects information from users as described in greater detail below:
Mandatory User-Provided Information: You are required to provide limited information during the registration process to create a Wickr Enterprise account and to begin using the Service.
Optional User-Provided Information: We provide a few optional features for your convenience, and for the convenience of your Provider. Some of these features permit you to provide additional personal information at your or your organization’s election.
Automatically-Collected Information: The App collects the following information automatically during your setup and use of the Service:
How Is Information Used and Disclosed?
The limited information that the App collects from you is used by your Provider to provide the Service. For information about how your Provider uses this information, please consult directly with that entity or organization.
Legal Process
For information about how your Provider responds to legal process, please consult directly with that entity or organization.
Third Party Service Providers
To improve the App, we engage with various service providers (“Partners”). These partners have no access to any of the user information described in this Privacy Policy. We carefully select each of our Partners based on Wickr’s commitment to user privacy and security. Our security team meticulously vets each prospective partner to ensure its policies and practices are on par with Wickr’s standards.
Here are the Partners with whom we work to provide the App:
Each of these companies has its own policies for handling user data. Please review the respective privacy policies for Zendesk and WP Engine for additional detail on their specific practices.
Cookie Policy
We tirelessly work on improving our services and raising awareness about our products, which are designed to ensure our users’ security and privacy. To accomplish these goals, we use cookies on the Wickr website that enable us to learn how visitors navigate our content and interact with our marketing materials so we can be more effective at informing our users about product developments.
A cookie is a small text file that is placed in visitors’ browsers to help us learn when users arrive at our site, how they use the site, when they leave, and when they come back. These cookies can never be used to identify user accounts within the Wickr App.
Here is an example of how we may use information collected via cookies: we may think that one of our new features would be very useful to the Wickr community, but cookies may tell us that very few users fully read that feature’s description on our site. That insight would help us to rethink the way we explain that product on our site or present it in an advertisement so that we can better communicate our services to our users.
We make every reasonable effort to minimize the information we collect. For example, we enforce IP masking for the website analytics purposes to conceal the last 4 digits of IP addresses which ensures that visitor’s full IPs are not collected via Google Analytics service.
We provide the utmost transparency on and up-to-date overview of cookies used on our website including the ability for website visitors to check, withdraw or modify consent for non-necessary cookies at any time.
More information on our Cookie Policy can be found here.
Data Retention
Data Retention on Wickrʼs Servers
Wickr does not collect and retains no information about you and your use of the App.
Data Retention by Your Entity or Organization
Your Provider may retain information about you and your use of the Service, such as your profile information, for as long as the entity or organization desires. Please consult you Provider for additional detail about its specific data retention policies.
Data Retention on Your Device
All messages are stored in encrypted form on user devices. Users select a retention policy for their messages by choosing how long a message is viewable before it is deleted (via the expiration time, burn-on read time). The “expiration” time is a length of time before content is destroyed on all devices from the time it is sent (this is the maximum time-to-live). The “burn-on-read” time is a length of time before content is destroyed across all user devices once it has been read by that user (this will never extend the “expiration” time). Your content may be available to you and the recipient(s) locally, on your device(s) until it expires even after we delete it from our servers; however, you will not be able to download pre-existing content to a new device. Note that our application controls cannot destroy exported or maliciously retained messages, so you should always ensure that you are communicating with people you trust.
In addition, Wickr’s “secure shredder” technology uses forensic deletion techniques to help reduce the risk of deleted messages and temporary data being recovered.
Users for Whom the App Is Intended
The App is designed for communication purposes by individuals associated with an entity or organization. The App is not designed for children under the age of 16. If we learn that the App has collected personally identifiable information from a child under 16, we will promptly notify the Provider.
User and Provider Locations
Depending on where your Provider chooses to host the Service, your information may be transferred to, processed and stored under data protection and privacy regulations which may vary from those of your country of residence. By using the App, you agree to this transfer, storing or processing. Please consult you Provider for additional detail about its choice of Service location and the applicable data protection and privacy regulations to which they comply.
You are responsible for complying with any laws or regulations in your country that govern use of applications and services like Wickr.
We Are Serious About Security
We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. As described herein, we take every reasonable step to ensure that message contents are not retrievable by us or anyone else.
However, we know that no security system can prevent all potential security breaches. Therefore, we have limited the potential implications of such a breach by designing our system so that in the event of a breach, the Service would have only limited information about you. Please note that all user communications on the Wickr Service are protected between devices and are never stored unencrypted hence are undecipherable to Wickr or other third parties.
Revisions to the Privacy Policy
We may change this Privacy Policy, which pertains solely to our Wickr Enterprise Products, from time to time, for any reason. When we do, we will be sure to let you know one way or another by revising the date at the top of the Privacy Policy that’s available on our website and mobile application or we may provide you with additional notice (such as adding a statement to our websites’ home pages or providing you with an in-app notification). Your continued use of the App following the posting or notice of any changed terms will denote your acceptance of such changes.
Contact Us if You Have Questions or Account-Related Requests
If you have additional questions regarding our privacy protection practices while using our Services or otherwise, please contact us via email at privacy@wickr.com.
If you live in the European Region please note the following:
We may refer you to your Provider to respond further to these requests. You may contact us at gdpr@wickr.com on any questions you may have about your personal data and our use of such personal data under the GDPR.