Privacy Policy & Security

EFFECTIVE DATE: MAY 25, 2018

Your Work is Safe with Us


Our Collection and Use of Personal Information

Pobuca is a website provided by Pobuca Ltd.

Your Trust is of the Utmost Importance To Us, and We Will Never Betray It.

You have chosen to trust us with your professional address book and contact data. We are careful to be very clear when requesting the information that, while personally identifying you (“Personal Information”), is required for the successful operation of the Service. Such information includes personal information you provide to create a personal access login for our Service; we use that information to contact you regarding your use of the Service. Our business is NOT in selling the private contact data from your address book. Our business is in providing you a safe, secure place to unify your address books and keep them all up-to-date, clean and complete.

We collect information under the direction of our clients but do not have direct relationship with the individuals or companies whose data are being processed. If you are a customer of one of our clients and you would like to no longer be contacted by our client who uses our services or to alter or delete inaccurate data, please inform our client directly.

Please be informed that we use third parties to provide the necessary software, hardware, emailing, networking, storage and related technology necessary to run the Service. These third parties are only allowed access to the minimum necessary amount of data for the successful operation of the Service and are GDPR compliant.

Private contact data stored in your address book contains sensitive information like your company’s clients, phone numbers, addresses, photos and email addresses. We consider your private contact data to be privileged information and we will never sell, rent or lease your private contact data. You control who has access to it.

Profile and demographic data we collect may be used to personalize your experience with the Service and display information on this web site and any requested email communications in a way that is more relevant to you. We also compile, in the aggregate only, statistically and anonymously, demographic and product use information, and may, from time to time, choose to make that aggregate information available to the public.

We strictly adhere to a permission-based only email policy. As our customer, your email address is only used to send information that you have requested and to contact you to provide information about your account, subscriptions, billing, and updates to the Service, including information about new features, security or other technical issues. We may also contact you regarding third-party inquiries we receive regarding use of the Service, as described in your agreement. You will not be able to unsubscribe from these non-promotional communications, as they refer to the provision of the Service itself.

As required for complete use of our email marketing software, we allow you to elect to receive, or to not receive, certain information from us, such as our commercial offers or advertisements. Except as mentioned herein, we will not send unsolicited email information. We will not sell, or lease our contact lists nor our customer’s contact lists (including customer data) to any third party. All opt-in emails we send in response to your request have an easy, one-click unsubscribe function for recipients. Unsubscribe requests are fulfilled without further communication being sent to requesting users.

We may only use contact information of your address book, if you agree to provide it to us, for the limited purpose of sending them an invitation to use the Service or other products of our company; we may contact those individuals -after asking your consent to do so - with communications that may include information about you, such as your name and profile photo, for reference purposes only.

In the event we decide to suggest the use of your Personal Information for any purpose other than as stated in this Privacy Policy Statement, we will offer you an effective way accept or to opt out of the use of your Personal Information for those other purposes.

You may authorize other websites such as Facebook, Twitter, LinkedIn, Google Analytics, Google Webmasters, Bing Webmasters, Crashlytics to import information to the Service.

By using the Service and accepting it’s terms and conditions, you expressly consent to the information handling practices described in this policy. If you do not want information about you to be used in the manner set forth in this policy, please do not use the Service.

Contact Data and Contact Record

The administrator/s are in control of your contact data. All users with the same e-mail address (for example name@pobu.ca) will have access to the same address books and information.

We will retain your data for as long as your account is active for the provision of the Service. After your account becomes inactive, a backup of your data will be retained for a period of 35 days, in case you wish to reactivate your account. If wish though, that back up period can be skipped and your data can be deleted immediately after your account becomes inactive.

Any information your administrator/s choose to delete will be permanently deleted from our system.

With whom we share Information

We may need to share your Personal Information and your data with our affiliates, service providers and business partners solely for the purpose of providing the Service to you. The purposes for which we may share your Personal Information or data with our service providers may include, but are not limited to, data storage, database management, web analytics and payment processing. These service providers are authorized to use your Personal Information or data only to the minimum extend necessary as to provide these services to us, which is essential for the provision of the Service to you. In such cases we will also ensure that such affiliates, service providers and business partners comply with this Privacy Policy Statement and adopt appropriate confidentiality and security measures. We will obtain your prior specific consent before we share your Personal Information or data to any person outside Pobuca Ltd for any purpose that is not directly connected with providing the Service to you. We will share your Personal Information with third parties only in the ways and for the reasons that are described in this Privacy Policy Statement. We do not and will not sell your Personal Information to third parties. We may share generic aggregated and anonymized demographic information not linked to any Personal Information regarding visitors and users with our business partners and advertisers. We may also provide access to the minimum extend necessary to your Personal Information when obliged or requested to do so by the competent law enforcement authorities. If we are involved in a merger, acquisition, or sale of all or a portion of its business or assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or use of your Personal Information, as well as any choices you may have regarding your Personal Information.

Third Party Websites

When you click on a link to any other website or location, you will leave our Site and go to another site and another entity may collect Personal Data or Anonymous Data from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of data after you click on links to such outside websites. We strongly advise to review the applicable Privacy Policy of each such outside website.

Payment Information

In case of services requiring payment, we do not request credit card or other payment account information. All payments will be held via third party services, such as PayPal. Therefore, we have no control over, do not review, and cannot be responsible for the third party’s privacy policy by which you will be bound.

Our accounts require that you log in with a username and password. You must secure your login credentials from unauthorized use by a third party.

Please understand that account passwords are encrypted. We cannot see your password; we can only reset them.

The Security and Protection of Other Intellectual Assets

We ensure that all subscriber lists, email content, phone numbers and reports remain private and confidential. We will not sell, lease, or invite external access to a customer’s contact lists.

Cookies and Other Tracking Technologies

We use temporary and permanent cookies to enhance your experience of the Service. Temporary cookies will be removed from your computer each time you close your browser. In the service, a permanent cookie will be stored in your computer and you will not be required to sign-in by providing complete login information each time you return to our website. If you have turned cookies off, you may not be able to use registered areas of the website. We tie cookie information to your email address when you elect to remain logged in so as to maintain and recall your preferences within the website.

Technologies such as: cookies, beacons, tags and scripts may be used by us and our partners [, affiliates, or service providers [such as analytics service providers]. These technologies may be used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We use Local Storage Objects (LSOs) such as HTML5 to store content information and preferences only for authorization and authentication purposes. Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use LSOs such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs.

We will have access to third party personal information provided by you as part of using the Service. This information may include third party names, email addresses, phone numbers and physical addresses and will be used for servicing your requirements as expressed by you to us and solely as part and parcel of your use of the Service. We do not share this third-party personal information with anyone for promotional purposes, nor do we utilize it for any purposes not expressly consented to by you. When you elect to refer friends to the website, we request their email address and name to facilitate the request and deliver a onetime email. To that same email, your friend will notified that he may contact us at hello@pobu.ca to request that we remove this information from our database.

Communications from Us

Updates and Offers. After an initial email welcoming new user and verifying their new account and confirming their passwords and usernames, established users may receive occasional information on our company’s products, services, special deals, and recent news and events or advertisements. Our customers are given the option to not receive these types of communications by using the unsubscribe functionality appearing at the bottom of each email. However, you will continue to receive essential transactional emails.

Service Alerts and Announcements. As required, we may email a service-related announcement. For instance, if our service is temporarily disrupted for any reason, we might send users an email. In general, users may not opt-out of these communications from us; however, their own email filters could block receipt. These mandatory communications are not promotional in nature.

Customer Service. In accordance with the user’s selection, we regularly respond to users’ service requests and account inquiries via either email or ticketing.

Website Usage. At times, we may use your IP address to help diagnose problems with our hardware and software infrastructure, and to administer our website. We also use tracking information to analyze user visits to different pages on our site. We track what information individual users read or view. We also track how often each page is visited. This helps us design and operate a website that delivers the information you want.

Policy Modifications. Our Privacy Policy may change from time to time. If we change this privacy statement, we will post notice of the changes on our home page and sent an email to users who have signaled their preference to receive such emails. Those changes will be posted here, so visitors are encouraged to check back periodically. However, regardless of any future changes to this Privacy Policy, be assured that we will not use the personal information you have submitted under this Privacy Policy in a manner that is materially inconsistent with this Privacy Policy, without your prior consent.

Contact Us About Privacy. Ensuring that the information you provide through this website remains private is important to us as we seek to build strong and enduring customer relationships, and so, we want you to know the specific information we gather about our customers and how we use that information. If, at any time, you have questions or concerns about our privacy practices, please feel free to contact us at hello@pobu.ca.

All users are bound by the personal data laws and regulations applied in the country of use of the Service.

Security. Users have entrusted Pobuca with their contact data, and we make it a priority to take our users’ security and privacy concerns seriously. We strive to ensure that user data is kept securely, and that we collect only as much personal data as is required to provide our services to users in an efficient and effective manner.

Pobuca uses some of the most advanced technology for Internet security that is commercially available today. This Security Statement is aimed at being transparent about our security infrastructure and practices, to help reassure you that your data is appropriately protected. For more information please refer to “Application and User Security” and “Infrastructure protection” on our Privacy Policy Link : https://connect.pobuca.com/privacy-policy-and-security.

Application and User Security

SSL/TLS Encryption: All communications with the pobu.ca website are sent over SSL/TLS connections. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) technology (the successor technology to SSL) protect communications by using both server authentication and data encryption. This ensures that user data in transit is safe, secure, and available only to intended recipients.

User Authentication: User data on our database is logically segregated by account-based access rules. User accounts have unique usernames and passwords that must be entered each time a user logs on. Pobuca issues a session cookie only to record encrypted authentication information for the duration of a specific session. The session cookie does not include the password of the user. Τo supplement the password as a means of access control, we are adopting multi-factor authentication, that includes other methods of demonstrating user’s identity, related to your use of the Service.

User Passwords: User application passwords have minimum complexity requirements. Passwords are individually salted and hashed.

Privacy: We have a comprehensive privacy policy that provides a very transparent view of how we handle your data, including how we use your data, who we share it with, and how long we retain it.

Infrastructure protection 

Pobuca is hosted in Microsoft Azure which is compliant with G.D.P.R requirements and addresses security risks across its infrastructure, such as:

Update management: Security update management helps protect systems from known vulnerabilities. Azure uses integrated deployment systems to manage the distribution and installation of security updates for Microsoft software. Azure uses a combination of Microsoft and third-party scanning tools to run OS, web application, and database scans of the Azure environment.

Physical Security: Pobuca runs in geographically distributed Microsoft facilities, sharing space and utilities with other Microsoft Online Services. Each facility is designed to run 24x7x365 and employs various measures to help protect operations from power failure, physical intrusion, and network outages. These datacenters comply with industry standards (such as ISO 27001) for physical security and availability. They are managed, monitored, and administered by Microsoft operations personnel.

Monitoring and logging: Centralized monitoring, correlation, and analysis systems manage the large amount of information generated by devices within the Azure environment, providing continuous visibility and timely alerts to the teams that manage the service. Additional monitoring, logging, and reporting capabilities provide visibility to customers.

Penetration testing: Microsoft conducts regular penetration testing to improve Azure security controls and processes. Therefore, Microsoft has established a policy for customers to carry out authorized penetration testing on their own—and only their own—applications hosted in Azure.

DDoS Protection: Azure has a defense system against Distributed Denial-of-Service (DDoS) attacks on Azure platform services. It uses standard detection and mitigation techniques. Azure’s DDoS defense system is designed to withstand attacks generated from outside and inside the platform.

Organizational & Administrative Security

Employee Screening: We perform background screening on all employees.

Training: We provide security and technology use training for employees.

Service Providers: We screen our service providers and bind them under contract to appropriate confidentiality obligations if they deal with any user data.

Access: Access controls to sensitive data in our databases, systems and environments are set on a need-to-know / least privilege necessary basis.

Audit Logging: We maintain and monitor audit logs on our services and systems.

Information Security Policies: We maintain internal information security policies, including incident response plans, and regularly review and update them.

Software Development Practices

Coding Practices: Our engineers use best practices and industry-standard secure coding guidelines to ensure secure coding.

Handling of Security Breaches 

Despite best efforts, no method of transmission over the Internet and no method of electronic storage is perfectly secure. We cannot guarantee absolute security. However, if Pobuca learns of a security breach, we will notify you immediately in order for you to proceed to the actions provided by the applicable law to the relevant. Our breach notification procedures are consistent with our obligations under various state and federal laws and regulation, as well as any industry rules or standards that we adhere to. Notification procedures include providing email notices or posting a notice on our website if a breach occurs.

Your rights on your data

You have the right to ask from us access to and rectification or erasure of your personal data or restriction of processing or to object to the processing, as well as the right to data portability, by contacting us. For any processing where legal basis is your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. You also have the right to lodge a complaint with the Data Protection Authority, if you believe your data has been processed illegally.

Your Responsibilities 

Keeping your data secure also depends on you ensuring that you maintain the security of your account by using sufficiently complicated passwords and storing them safely. You should also ensure that you have sufficient security on your own systems, to keep any data you download to your own computer away from prying eyes.

Pobuca Connect Bot

Our Pobuca Connect Bot is enabled by Microsoft Bot Framework. The Microsoft Bot Framework is a set of web-services that enable intelligent services and connections using conversation channels you authorize. As a service provider, Microsoft will transmit content you provide to our bot/service in order to enable the service. For more information about Microsoft privacy policies please see their privacy statement here: http://go.microsoft.com/fwlink/?LinkId=521839 . In addition, your interactions with this bot/service are also subject to the conversational channel's applicable terms of use, privacy and data collection policies. To report abuse when using a bot that uses the Microsoft Bot Framework to Microsoft, please visit the Microsoft Bot Framework website at https://www.botframework.com and use the ‘Report Abuse’ link in the menu to contact Microsoft.