This Security Policy is subject to and incorporated into the terms of service (the "Terms") between You and Carbonite. You may access the Terms at or by clicking Terms. Capitalized words used in this Security Policy without definition have the meaning given to them in the Terms. By agreeing to the Terms and installing, accessing or using the Services, You are agreeing to this Security Policy and the terms contained herein. For Zmanda products please see the Addendum section at the end of this document for additional information.


Carbonite takes Your right to privacy and the security of Your data very seriously. Carbonite is built with a series of administrative, physical and technical safeguards designed to protect Your Account.


Your backed-up files are encrypted with 128-bit Blowfish encryption prior to transfer and then sent through an encrypted 128-bit SSL tunnel to Carbonite data centers.


After the secure transfer to Carbonite data centers, Your backed-up files are maintained and stored with Carbonite using 128-bit Blowfish encryption. Your backed-up files are accessible only by supplying Your valid login credentials. You can choose to use Carbonite's 1024-bit encryption key or manage Your own encryption key. If You choose to manage Your own encryption key, You must safely archive it because, if lost, You will not be able to restore or otherwise access Your data.


Carbonite servers are located in secure data centers, protected with features such as gated perimeter access, 24 x 7 x 365 on-site staffed security and technicians, electronic card key access and security cameras inside and outside of the buildings.


Your backed-up files may be accessed using the password-protected, web-based Carbonite administrative console by supplying Your valid login credentials and via (1) an Internet-enabled computer other than the computer registered with Carbonite using remote file access, or (2) certain software applications, including the iPhone and BlackBerry applications. Although Carbonite makes good faith efforts to store Your backed-up files in a secure operating environment that is not accessible to unauthorized users, Carbonite cannot guarantee complete security. By using such products and services, You knowingly accept this risk.


Carbonite utilizes independent, third-party consultants to review the safety and security of Your backed-up files and routinely checks its systems for vulnerabilities to ensure that Your backed-up files are safe.


Additional information about Carbonite's security program is available at or by clicking Privacy Policy.

If you would like to contact Carbonite directly with security or privacy questions, please email Carbonite at

Addendum for Zmanda Products


AES 256-bit encryption and transfer over a 128 bit SSL tunnel are optional features.


Carbonite may utilize third-party cloud storage providers in which case the terms and conditions of such third-party cloud storage providers may also apply. If You choose to enable encryption You must safely archive Your encryption key because You will not be able to restore or otherwise access Your data if Your key is lost. For additional information, please contact Your Zmanda sales representative.