If you have any privacy or personal data concern related to any of BlufVPN’s products, services, or practices, please contact us at [email protected]
2. WHAT PERSONAL DATA WE COLLECT AND HOW WE COLLECT IT
IMPORTANT:YOUR FAILURE TO PROVIDE CERTAIN PERSONAL DATA MAY MAKE OUR SERVICES OPERATE NOT AS INTENDED OR NOT OPERATE AT ALL FOR YOU. YOUR FAILURE TO PROVIDE CERTAIN PERSONAL DATA MAY ALSO MAKE IT IMPOSSIBLE FOR US TO PROVIDE SOME OF OUR SERVICES TO YOU, BECAUSE OUR SERVICES REQUIRE CERTAIN MINIMUM PERSONAL DATA IN ORDER TO OPERATE AS WE INTEND.
Upon your registration for and use of the Services, we collect certain personal data directly from you, in each case only if applicable, including the following:
First and last name (either through the registration field or through your social media login);
Username and password (in a “hashed” format);
(Certain products only) Public and private keys (in a “hashed” format);
(Certain products only) User uploaded document content and preview;
Team members and their contact information;
Other profile information that you choose to provide to us; and
Any other information that you choose to provide to us by completing a web form, sending to us an email, online chat, forum postings, and any other similar means.
Upon your use of the Services, we collect certain personal data from you, in each case only if applicable, including the following:
Browser type and operating system;
Device name, code, manufacturer, and language;
Time zone, connection type, WiFi network name;
(Certain products only) Total amount of web traffic for each session and session dates;
Number of your devices using the Services;
Other data collected in accordance with our Cookies Policy; and
BlufVPN website/app usage, including version used, activation date, and updates installed.
We may also collect personal data, such as names and contact information, from third parties, such as marketing, research, sales lead generator companies, social networks, as well as from any publicly-accessible sources. We also collect your payment history regarding our Services (but not your payment information) from third-party payment processors, such as Google, Apple, PayPal, Amazon, Stripe, Paymentwall, Symplify, Hotjar, Appsflyer, Voluum, Funnel.
As explained in this Section 2(D), BlufVPN does NOT monitor, store, or log your internet activities (including the internet sites that you visit) while using any of our VPN Services, except the total amount of internet traffic for each session and session dates (this data is collected only if you use personal servers or personal IP address). BlufVPN also stores the number of connected devices for each account – this data is monitored to enforce the maximum device limits. This data can be assessed in the User Office, where you may remove devices from your account.
Certain personal data collected by us automatically (i.e. IP address, connection type, browser type and operating system) is stored only for the duration of your session in the VPN Services. This means that BlufVPN never stores or logs these categories of personal data after the end of your session in our VPN Services – we delete such personal data after your session ends. This also means that your personal data, including your email address, first and last name, username, and IP address, is never connected to any of your internet activities during your VPN Services sessions.
3. HOW WE USE PERSONAL DATA
We use your personal data on the following legal bases, and for the following purposes:
Based on your consent, including:
Contacting you by any means with offers and other marketing regarding the Services;
Accessing your device information relating to your use of the Services, except when we use this personal data based on other legal bases;
and Analyzing, personalizing, and improving our Services and marketing practices.
For the performance of a contract, or in order to take steps prior to entering into a contract, including:
To process an order you have made and to provide you with the Services for which you paid or which you receive in a free trial; Carry out or exercise our rights and obligations arising from any orders;
Accepting, crediting, and tracking payments and any failure to pay related to your use of the Services;
And Communicating with you and providing you with support and troubleshooting services related to the Services.
For compliance with our legal obligations, including:
Carry out or exercise our rights and obligations arising from any orders;
And In the process of litigation and regulatory investigations, when appropriate or necessary.
For the purposes of our legitimate interests, or the legitimate interests of our other users and other third parties, including:
To process an order you have made and to provide you with the Services for which you paid or which you receive in a free trial;
Analyzing, personalizing, and improving our Services and marketing practices, unless our actions in this regard require our specific consent;
Discovering issues in our Services;
Detecting and preventing fraud, illegal activity, and any other activity that infringes upon the legal rights of BlufVPN, our other users, or other third parties;
Carry out or exercise our rights and obligations arising from any orders; and
In the process of litigation and regulatory investigations, when appropriate or necessary.
4. WHEN AND WHY WE SHARE PERSONAL DATA
BlufVPN does not sell or rent your personal data to any third parties without your consent. We will request and obtain your consent prior to selling or renting your personal data to any third parties. We do, however, need to share your personal data to run our everyday business. We share your personal data with our affiliates and third-party service providers for everyday business purposes, including to:
Store, transfer, and manage your personal data;
Process your purchases of the Services;
Manage and service your BlufVPN account;
Detect and prevent fraud, illegal activity, and any other activity that infringes upon the legal rights of BlufVPN, our other users, or other third parties; and
Sell and market the Services.
subpoenas from government authorities and/or private entities;
court orders; and
interrogatories, depositions, and other discovery processes in the context of litigation and regulatory investigations.
We may share your personal data if we are, or propose to be, acquired by or merge with another entity or entities, or if we sell, or propose to sell, all or substantially all of our assets to another entity or entities, in which case we would share your personal data with such entity or entities.
5. YOUR RIGHTS REGARDING YOUR PERSONAL DATA
If the laws of some countries apply to you, you may have the right to do the following:
Request access to your personal data;
Request correction of your personal data or supplementation of your personal data for completeness;
Request erasure of your personal data under certain circumstances, such as when the personal data is processed based on your consent;
Request restriction of processing of your personal data under certain circumstances;
Request transfer of your personal data to another entity under certain circumstances, such as when the personal data is processed based on your consent and the processing of your personal data is carried out by automated means;
Withdraw consent to the processing of your personal data where the processing is based on your consent, without affecting the lawfulness of processing based on consent before its withdrawal; and
File a complaint with your local supervisory authority.
RIGHT TO OBJECT
If the laws of some countries apply to you, you may have the “right to object” to our processing of your personal data when such processing is based on our, or a third party’s, legitimate interests. We will stop processing your personal data, unless:
We demonstrate compelling legitimate grounds for the processing which overrides your interests, rights and freedoms; or
Such processing is necessary for the establishment, exercise or defense of legal claims.
If you object, we will stop processing your personal data for direct marketing purposes.
In order to request to exercise any of your rights, we may require you to provide us with detailed information about your request. Your rights are also subject to certain other limitations contained in the applicable law.
6. WHERE AND HOW WE STORE AND TRANSFER PERSONAL DATA
We use appropriate physical, electronic, technical, and organizational measures to secure and protect your personal data to ensure a level of security appropriate to the risk. You should understand, however, that no safeguards are guaranteed to prevent unauthorized disclosure and/or use of personal data. Because of that, we cannot guarantee or warrant that your personal data will never be exposed. We use third-party service providers globally to store and transfer personal data. We work with our third-party service providers to put in place adequate protections to ensure the security of personal data when it is stored and transferred.
7. HOW LONG WE STORE PERSONAL DATA
The Children’s Online Privacy Protection Act (“COPPA”) is a United States federal law enacted to give parents increased control over what information is collected from their children online and how such information is used. The law applies to websites and services directed to, and which knowingly collect information from, children under the age of 13. The Services are not directed to children under the age of 13, nor do we knowingly collect information from children under the age of 13. If you are under the age of 13, please do not provide personal information of any kind whatsoever to BlufVPN. If a child provides us with personal information, a parent or legal guardian of that child may contact us to obtain that information and/or delete it from our records by sending an email to [email protected].
Information Collected through BlufPass
BlufPass collects two kinds of user information to deliver the service: Secure Data, the information stored within BlufPass accounts, and Service Data which includes but is not limited to server logs, IP address, billing information, number of accounts, and number of items in accounts, company or family name, email addresses and etc.
We acquire Service Data about your use of BlufPass, your account, and your payments. We only retain the data necessary to operate and maintain the services. The data is not used for any other purpose.
BlufPass can’t access your encrypted passwords or other documents stored through our service, since this data is encrypted using secure cryptographic keys that are only known to the user. This also includes your Master Password.
We also collect customer data regarding their activities on our and other websites, as a part of log entries or through cookies with the aim of improving our site and ensuring the best possible perforce and security practices.
Terms For Storing User Data
BlufPass stores clients’ Secure data and Service data indefinitely unless specifically asked to delete it. This is done to preserve the encrypted data in your account.
We use customer data with the sole purpose of providing you with BlufPass services. We have no interest or desire in using or transferring the limited data we collect, for other purposes. While processing and storing customer data, we implement all the necessary measures to guarantee that your personal data is fully protected against accidental or intentional unlawful threats, disclosure, or any other unlawful processing.