Privacy policy

1.1. Information you provide to us

• Account information. Some services require or allow you to create an account before you can access them. As part of registering for an account, we may collect information such as your name, username, email address, and password.
• Billing and payment information. In order to purchase a service, you may need to provide to us with details such as billing name, billing contact details (street addresses, email addresses), and payment instrument details.
• dentity verification information. Some services require you to verify your identity as part of creating an account to access them. We may collect information such as email addresses for this purpose.
• Communications and submissions. You may choose to provide us with information when you communicate with us (e.g. via email for support or to inquire about our services), including when you fill out an online form, respond to surveys, provide feedback, participate in promotions, or submit information through our services.

1.2. Information collected when you use our services

• Usage information. We collect information about how you interact with our services, such as how much bandwidth you use, and when and for how long you use our services.
• Device information. We collect information from and about the device you use to access our services. For example, we may collect device identifiers, browser types, device types and settings, operating system versions, mobile, wireless, and other network information (such as internet service provider name, carrier name and signal strength), and application version numbers.
• Diagnostic information. We may collect information about the nature of the requests that you make to our servers (such as what is being requested, information about the device and app used to make the request, timestamps, and referring URLs). However, we do not log any information that associates your identity with your VPN browsing activity. We do not maintain any records that show what you were browsing or accessing through a VPN connection.
• Location information. We may collect your location information based on a variety of sources, such as your device's GPS or by calculating an approximate latitude and longitude based on your IP address.

1.3. Information provided to us by third parties

• Referrals. If you are invited to use our service, the person who invited you may submit your personal data, such as your email address or other contact information.
• Third Party Accounts. Some services may allow you to register an account using a third party account (such as a Google or Microsoft account). If you do so, that third party may send us some information about you that they have. You may be able to control what information they send us via your privacy settings for that third party account.
• Threat Information. We may receive information from reputable members of the security industry who provide information to help us to provide, develop, test, and improve our services (for example, lists of malicious URLs, spam blacklists, phone number blacklists, and sample malware). Some of this information may contain personal data on an incidental basis.

3.1. In General

We may disclose your information in the following circumstances:

• In accordance with your instructions or consent. For example, some services may allow you to register an account using a third party account (such as a Google or Microsoft account). If you choose to do so, we will share information with the third party account provider.
• To a new owner. If ownership or control of all or part of our services, assets, or business changes, we may transfer your information to the new owner.
• Aggregated or de-identified data. We may use and share aggregated data and data that is de-identified such that it no longer reveals the identity of an individual user for regulatory compliance, research and analysis, our own marketing and advertising activities and other legitimate business purposes.
• In accordance with your instructions or consent. For example, some services may allow you to register an account using a third party account (such as a Google or Microsoft account). If you choose to do so, we will share information with the third party account provider.
• To comply with legal process and the law. We are fiercely protective of the privacy of our users. For our VPN products, we protect your privacy by ensuring that we do not log or record online activities that you conduct over a VPN connection in any way that can be tied back to you, meaning that we do not have any data to share with law enforcement and government agencies who make requests for information about what you were doing through a VPN connection. Subject to the foregoing, we may share your information if we are required to do so by applicable law; to comply with our legal obligations; to comply with legal process; and to respond to valid law enforcement requests relating to a criminal investigation, or alleged or suspected illegal activity that may expose us, you, or any of our other users to legal liability. If we share your information for these purposes, we limit the information shared to what is legally necessary, and challenge information requests that we believe are unlawful, overbroad, or otherwise invalid.
• To enforce our rights and prevent fraud and abuse. We may share limited amounts of your information to enforce and administer our agreements with customers and users, and to respond to claims asserted against us. We may also share your information in order to protect against fraud and abuse against us, our affiliates, users and others.
• Affiliates and third party service providers. To help us provide some aspects of our services, we work with our affiliates and trusted third parties. To protect your data, we enter into appropriate confidentiality and data processing terms with these third parties, review their security practices, and limit information sharing to the scope of what they are helping us with

3.2. Displaying Advertisements

We may serve ads to users in certain regions. The ads we display in our services are supplied either by advertisers we have relationships with or by third party advertising networks such as Google. To display third party ads in our apps, we integrate into them a software development kit (SDK), which consists of software code provided by the ad network.

We provide limited personal data about you to such third party advertising networks to enable them to provide their services. For example, some of these advertising networks may collect information through their SDKs, such as your mobile advertising identifier, IP address, and device information, for the purpose of serving you with “personalized” ads (ads that they think are more relevant to you) and measuring your response to those ads. If you are using a VPN connection, your IP address is hidden from ad networks and replaced with the IP address of our VPN servers.

Each advertising network collects this information according to their privacy policies. Where an AdChoices logo appears on an ad, you can click it to learn more about the ad network that provided the ad, its privacy policy, and your choices regarding opting out from any personalized advertising. If you opt out from personalized advertising, you may still see non-personalized ads.

While we request you not to use ad blockers to prevent the display of third party ads because that is how we support our free services, our services are able to continue functioning if you do use ad blockers.

4.1. About Tracking Technologies

We use various technologies in our services to help us collect information. For convenience, we refer to these as “tracking technologies,” although they are not always used to track individuals and the information collected is in a non-identifiable form that does not reference any personal data. Tracking technologies include:

Cookies
Cookies are small portions of text that are stored on the device you use to access our services. Cookies enable us (or third parties that we allow to set cookies on your device) to recognize repeat users. Cookies may expire after a period of time, depending on what they are used for.

Pixel Tags / Page Tags / Web Beacons / Tracking Links
These are small, hidden images and blocks of code placed in web pages, ads, and our emails that allow us to determine if you perform a specific action. When you access a page, ad, or email, or click a link, these items let us know that you have accessed that page, opened an email, or clicked a link.

SDKs
SDKs or software development kits are software code provided by our business partners that let our software interact with the services those partners provide. For example, in certain of our mobile apps, we may use an SDK to enable our app to serve ads from an advertising network. Sometimes these interactions will involve that business partner collecting some information from the device on which the software is run.

4.2. Why we use Cookies

We use cookies:

• To provide our services. Some cookies are essential for the proper operation of our services. For example, cookies allow us to authenticate who you are and whether you're authorized to access a resource.
• To store your preferences. Cookies can store your preferences, such as language preferences or whether to pre-fill your username on sign in forms. We may also use them to optimize the content that we show to you.
• For analytics. Cookies are used to inform us how users interact with our services so we can, as a legitimate interest, improve how they work (such as what screens or webpages you access, and whether our advertising is effective).
• For security. Cookies can enable us and our payment processors to detect certain kinds of fraud.
• For advertising-related purposes. We advertise our services online with the help of third parties who show ads and marketing about us on sites around the internet.

4.3. Third Parties

We may allow our business partners to place certain tracking technologies in our services. These partners use these technologies for the following purposes:

• Our Cookies: Most web browsers and some mobile devices give you the ability to manage your cookie preferences, including deleting cookies and blocking cookies from being set on those browsers or devices. Visit the “help” section of your mobile device to understand what controls it gives you over cookies. Note that deleting or blocking certain cookies could adversely impact the proper operation of our services.
• Third Party Advertising Cookies: For information on how to opt out of personalized or interest-based advertising, you can visit the following pages:
  • Network Advertising Initiative opt out page
  • Digital Advertising Alliance opt out page
  • Your Online Choices (for Australian residents)
  • Your Online Choices (for EU residents)
  To opt out from Google ad personalization, visit the Google Ads Settings page. These opt out mechanisms are not provided by us and we are not responsible for the availability or operation of them. Note that after opting out of personalized advertising you may still see non-personalized ads.
• Google Analytics: We use Google Analytics to help us understand how users use our services. Google makes available a Google Analytics Opt Out Browser Add-On if you do not want to participate in Google Analytics.

9.1. Do Not Track Signals

We currently do not respond to “Do Not Track” signals sent by browsers or mobile apps due to a lack of standardization regarding how that signal should be interpreted. Learn more about Do Not Track.

9.2. Third Party Disclosure Requests

California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their “personal information” (if any) as defined under California Civil Code 1798.83 for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties. See the “Contact Us” section below for where to send such requests. Note that we do not share personal information with third parties for their own direct marketing purposes without your prior consent.

9.3 Opt-Out From Sale

You may have the right to opt out of the “sale” of your personal information as defined by the California Consumer Privacy Act (CCPA). The CCPA broadly defines “sale” such that it may include allowing third parties to receive certain information, e.g. cookies, to deliver personalized advertising on our services.

We do not “sell” (as defined by the CCPA) your personal information except in the context of certain versions of our products that are supported by personalized advertising. Advertising, including personalized advertising, enables us to provide certain of our products for free, to provide offers relevant to you, and, because we believe it's important that everyone has the opportunity, regardless of their situation, to have secure and private access to the internet. Personalized advertising enables ads to be shown that are more relevant to you.

Depending on the services you use and how you use them, we may “sell” (as defined by California law) the following categories of personal information for such advertising purposes:

• Identifiers (such as advertising identifiers and cookies)
• Internet or other network or device activity (such as which of our apps you're using)
• Approximate geolocation information

9.4 Additional Rights

California law may permit you to request that we:

• Identifiers (such as advertising identifiers and cookies)
• Internet or other network or device activity (such as which of our apps you're using)
• Approximate geolocation information

You may also have the right to receive information about the financial incentives that we offer to you (if any), and the right to not be discriminated against (as provided for in the CCPA) for exercising certain of your rights.

Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the services to you and for compliance with applicable law.

When you exercise certain rights, we may take reasonable steps to authenticate your identity before fulfilling your request (such as verifying your email address or payment instrument). If you ask us to delete certain information, you may no longer be able to access or use our services.

You are also permitted to designate an authorized agent to submit certain requests on your behalf. In order for an authorized agent to be verified, you must provide the authorized agent with a signed, written permission to make such requests, or a power of attorney. We may also follow up with you to verify your identity before processing the authorized agent's request.

If you would like further information regarding your legal rights under California law or would like to exercise any of them, please contact us at the address listed under the Contact Us section below.

9.5. Summary of How we Handle your Personal Information

The California Consumer Privacy Act (CCPA) requires that we make certain disclosures to California residents, including the categories of personal information we collect, the purposes for which we use that information, the categories of sources of personal information, and the categories of third parties with whom we share personal information. This section lays out this information in the manner specified by the CCPA, but it does not differ in substance from the information in the rest of this policy.