Privacy and compliance commitments

Privacy Policy

Your trust is foundational to every product decision we make. This policy explains what we collect, why we collect it, and the controls we provide so your organization can operate with confidence.

Updated February 21, 2026

We collect only the data required to deliver secure file operations and account reliability.
You retain ownership of your content and can request export or deletion at any time.
Optional marketing analytics are consent-gated and can be turned off from on-page privacy controls.

What we collect

We collect account profile details, authentication metadata, and service usage events needed to run MultiDrive reliably and securely.

When you connect external storage providers, we process only the scoped data required for search, migration, sharing, and automation features you enable.

  • Account data such as name, email, organization, and role-based permissions.
  • Operational telemetry such as page path, click/scroll/engagement events, session identifiers, and campaign attribution values.
  • Security attributes such as hashed IP/network values, user-agent, and optional IP-derived geo metadata (country/region/city/timezone/ASN).
  • Billing and plan details required to manage subscriptions and invoicing.

How we use your data

We use your information to provide core services, improve performance, and prevent abuse. We do not sell personal data.

Processing activities are limited to product delivery, customer support, fraud prevention, legal compliance, and platform quality improvements.

  • Secure account access, identity verification, and session management.
  • Cross-provider workflows including search, migration, and controlled sharing.
  • Support diagnostics and security incident investigation when required.

Security controls and protection

We apply layered safeguards that include encrypted transport, hardened service boundaries, and role-gated operational access.

Administrative actions are logged to preserve accountability and help customers satisfy internal audit requirements.

  • Encryption in transit and controlled encryption at rest for managed data.
  • Least-privilege access controls and continuous monitoring for anomalous behavior.
  • Security review workflows for privileged actions and sensitive data paths.

Retention and deletion

We retain data only as long as necessary for service delivery, contractual obligations, and legal compliance.

Customers can request deletion and account closure workflows through support channels. Retention exceptions are documented and disclosed when applicable law requires.

  • Configurable retention windows for logs and operational metadata.
  • Deletion workflows for user accounts and related service records.
  • Documented retention exceptions for legal and regulatory obligations.