PRIVACY POLICY
Provider Details
The Website and Services are offered by AccessMaster LLC registered in Bulgaria on October 21, 2024 located at Sofia, Zaharna fabric entry A, 3rd floor, 5th ap.
We aim to ensure transparency about the data we gather, how it is used, and the parties with whom it may be shared. Therefore, we encourage all users to review our Privacy Policy thoroughly to make informed decisions when using our Services.
This document outlines how your personal information is handled when you visit our Website, access your Account, or use our Services. Periodic updates will be made to this Privacy Policy, and the latest version will always be available on our Website to reflect changes in data management practices or applicable legal requirements.
By registering for an Account, using our Website, or updating your preferences after logging in, you explicitly confirm that you have read and agree to the terms outlined in this Privacy Policy.
If you disagree with any part of this Privacy Policy, you must refrain from using the Website or Services immediately.

KEY TERMS AND DEFINITIONS
The following terms, unless otherwise specified, are defined as follows:
Company: Refers to AccessMaster LLC (referred to as "we," "us," or "our"), a Bulgarian legal entity registered in on October 21, 2024 located at Sofia, Zaharna fabric entry A, 3rd floor, 5th ap.
Client: Denotes any individual or entity (referred to as "you" or "Client") utilizing the Services or Website. A Client may be a natural person or an organization represented by a natural person.
Website: Refers to proxyhero.app and console.proxyhero.app.
Services: Include a suite of IP proxy infrastructure solutions, such as IP addresses for internet connectivity and access to the Company's data-gathering and proxy management systems. These Services are accessible through the Website.
Note: The Company reserves the right to amend the list of Services (e.g., modify, update, suspend, or terminate them) without prior notification to the Client.
Account: To access the Services, users must create an Account on the Website by completing the registration form. Information required may include:

1. Name (or organization name)
2. Email address
3. Phone number
4. Country of residence
5. Password
6. Billing information
7. Additional details as necessary

Registration Form Link: https://console.proxyhero.app/auth/register
Personal Data: Any information that identifies or could identify an individual, including names, identification numbers, location data, and online identifiers.
Processing: Any action performed on personal data, such as collection, storage, retrieval, or deletion.
Restriction of Processing: The act of marking data to limit its future use.
Profiling: Automated evaluation of personal data to assess individual characteristics, such as preferences, behavior, or location.
Roles in Data Processing

1. Controller: The entity determining the purpose and means of data processing.
2. Processor: A party processing data on behalf of the Controller.
3. Recipient: Any party to whom personal data is disclosed.
4. Third Party: A natural or legal entity other than the data subject, Controller, or Processor authorized to process personal data.

Specific Data Types

1. Genetic Data: Information about an individual's genetic traits derived from biological samples.
2. Biometric Data: Data from physical or behavioral characteristics enabling unique identification (e.g., facial images, fingerprints).
3. Health Data: Information concerning a person’s physical or mental health status.

Legal Framework and Supervision

• Supervisory Authority: An independent entity established by an EU Member State to oversee GDPR compliance.
• Cross-Border Processing: Data processing activities spanning multiple EU Member States or significantly affecting individuals across Member States.

Consent: A clear, voluntary, and informed agreement to data processing.
Data Breach: Any security incident causing the accidental or unlawful loss, destruction, or unauthorized access to personal data.

GENERAL PROVISIONS
Scope of the Privacy Policy
This policy applies to all individuals (“data subjects”) interacting with the Website or Services, including visitors, clients, business partners, and service providers.
Role of the Company
The Company operates as both a Controller and Processor of personal data.
Restrictions on Minors
The Website and Services are not intended for individuals below the legal age. The Company does not knowingly collect data from minors. If under 18 years of age (or the applicable legal age), do not use the Services or provide personal data.
Representation of Legal Entities
If representing a legal entity, note that your personal data will also be processed under this Privacy Policy.
Legal Compliance
The Company is established within the EU and adheres to the General Data Protection Regulation (GDPR). Users from Canada and Australia are subject to additional laws, including:

• Canada: Personal Information Protection and Electronic Documents Act (PIPEDA).
• Australia: Privacy Act 1988 (Cth).
• Data Protection Officer (DPO)

A Data Protection Officer has been appointed to oversee compliance with data protection regulations. Contact details for the DPO are provided in a later section.
Automatic Data Collection

1. By accessing the Website without creating an Account, you acknowledge that your data may still be collected and processed.

Consent for Marketing

1. By creating an Account, you consent to receiving marketing materials and other communications.
2. If you wish to withdraw this consent:

• Do not complete the Account registration process.
• Use the "Unsubscribe" link provided in marketing emails after account creation.
• At any time, click the "Unsubscribe" link in any Company email containing marketing or promotional content.

WHAT TYPES OF PERSONAL DATA DO WE PROCESS?
We collect only the personal data that is necessary for the specific purposes outlined below, including providing our Services to you. This document outlines the types of personal information we may process when you interact with our Website, contact us, request information, or utilize our Services.
Personal Data Categories
1. Personal Details and Contact Information
When creating an account or communicating with us (via email or Live Chat), we may collect basic information such as:

• Full name (first and last).
• Confirmation of your status as a natural person.
• Your relationship to a legal entity (if applicable).
• Contact details, including phone number, country of residence, and email address.

2. Commercial Information
Data related to your service requirements, such as:

• Expected monthly IP usage, type of purchase, traffic volume, and required service duration.
• Service history and records.
• Correspondence between you and us (via dedicated email or Live Chat).

3. Consent Records
Confirmations regarding your agreement to the Privacy Policy and Cookies Policy.
4. Marketing Information
Data such as your IP address, full name, and email address may be processed for marketing purposes.
5. Financial Data
For order processing, payments, and refunds, we may collect:

• Bank account details.
• Payment service provider information.
• Payment details and transaction IDs.

6. Log Data
Information generated during account activity and service use, such as:

• IP address, encrypted passwords, location data, device details, and browser type.
• Traffic data, operating system, unique device identifiers, cookies, crash reports, and performance metrics.

7. Account Information
Details including account creation date and time, as well as login timestamps.
8. Third-Party Data
When using third-party services to log in (e.g., Google), we may receive information such as your name and email address.
9. Cookies and Analytics Data
Data collected during Website visits, including:

• Browser type, pages visited, time spent on pages, access timestamps, and unique device identifiers.
• Anonymous traffic data from tools like Google Analytics, which provide statistics on user behavior without personally identifying you.

For more on Google Analytics or to opt out, visit:

1. Google Analytics Opt-Out.

10. Company Information (for Legal Entities)
If you represent a legal entity or enter into a commercial agreement, we may process:

• Commercial register details.
• Data about beneficial owners.
• Records of past, recent, or planned business activities.
• Information required to confirm business structure, beneficial ownership, or powers of attorney.

11. Marketing Data
Statistical and behavioral data, including:

• Visitor counts, click frequency, time, location data, target groups.
• Insights from cookies and similar technologies.
• Market research data, consumer preferences, and behavior analysis.

DATA VERIFICATION AND UPDATES
To ensure the accuracy of your data, we may occasionally request updates or additional verification. If there are reasonable doubts regarding your identity when making requests, we may ask for supplementary information to confirm your identity.
Data Sources
The personal data processed by us may be obtained from:

• Direct interactions: For example, when you create an account or communicate with us.
• Third-party services: For example, when logging in through external providers like Google.

YOUR CHOICE
Providing personal data is entirely voluntary. You will not face negative consequences for choosing not to provide it. However, note that withholding certain data may prevent us from fulfilling certain purposes outlined in this Privacy Policy and limit access to specific tools or services.

PURPOSES AND LEGAL BASIS
Below is an outline of how and why we use your personal data, along with the legal grounds for each purpose.

1. Account Access and Service Provision
We process limited personal data necessary for providing access to your account and enabling our services. This includes:

• Information Collected: First and last name, phone number, email address, country of registration, account registration date, subscription details, encrypted password, and IP address.
• Legal Basis: The fulfillment of a contract. Without this information, we cannot deliver our services.

2. Communication and Support

• Purpose: To provide updates about our services, handle inquiries, and respond to questions.
• Data Processed: Email address, inquiry details, and additional information you provide during communication.
• Live Chat Information: Your IP address is used to verify server connections and troubleshoot issues.
• Legal Basis: Contractual obligations (essential communications) or your consent (support queries).

3. Consent-Based Processing
Your explicit consent allows us to process your data for specific purposes such as:

• Direct marketing and advertising.
• Website usage analysis.
• Consent is sought before processing additional personal data not covered in this document.
• Revocation: You may withdraw consent at any time, effective for future processing. This does not affect the legality of past processing based on your consent.

4. Payment Information
Payment data is handled primarily by our payment processors to facilitate transactions and manage chargebacks.

• Data We Access: A portion of payment details (e.g., partial credit card numbers, payer IP, payment amount, and date).
• Purpose: Fraud prevention and compliance with regional tax regulations.
• Legal Basis: Legal obligations (e.g., VAT calculations) and legitimate interests (e.g., fraud prevention).

5. Compliance with Legal Obligations
We retain certain data to comply with accounting, tax, and legal requirements, as well as to support law enforcement when required.

• Data Retained: Email address, subscription details, payment records, and legal documentation.
• Legal Basis: Legal obligations and legitimate interest in protecting our rights.

We guarantee that no personal data will be sold by our company.

Handling Sensitive Data
We strictly avoid processing any personal data that reveals racial or ethnic origin, political views, religious or philosophical beliefs, trade union membership, genetic or biometric information, health data, sexual life or orientation details, or criminal records (including data about suspected criminal activities).

COOKIES
What They Are and How We Use Them
Cookies are small text files downloaded to your device when you visit a website. They help websites recognize your device and enhance functionality. Below is how cookies are used on our platform:
Purpose of Cookies
Cookies are employed to:

• Recognize visitors.
• Enhance website efficiency.
• Collect usage statistics.

Managing Cookies
You can block or delete cookies through your browser settings. Note, however, that deleting or disabling cookies might affect website functionality.
Browser-Specific Instructions:

• Google Chrome
• Mozilla Firefox
• Safari on macOS
• Microsoft Edge

For more details on managing cookies for other browsers, visit About Cookies or Cookie Central.
Types of Cookies

• Persistent Cookies: Remain stored on your device until their set expiration date or until manually deleted.
• Session Cookies: Automatically expire when your browser session ends.
• First-Party Cookies: Created by our website to support its functionality.
• Third-Party Cookies: Created by external services to track website usage (e.g., pages visited, links clicked).

Be aware that disabling cookies may limit the availability of certain website features.

We use cookies on our website as described in the table below. Please note that from time to time we may test additional analytical cookies on our website. The table below is supplemented with the relevant analytical cookies once we have made a final decision to use them on an ongoing basis.

ddg1 is used to identify the user when sending a verification request, during a DDoS attack or suspicious activity (1 year).

ddg2 is used to identify the user when sending a verification request, during a DDoS attack or suspicious activity (1 year).

ddgid is used to identify the user when sending a verification request, during a DDoS attack or suspicious activity (1 year).

ddgmark - is used to identify the user when sending a verification request, during a DDoS attack, or
suspicious activity (1 day)

csrf is used for authorization of the user (1 year)

session is used for authorisation of the user (1 month)

All cookies are essential. The service is technically could not be provided without any of them.


DATA RETENTION POLICY
How Long Do We Keep Your Personal Data?
We retain your personal information only as long as necessary, following strict records management and retention protocols. Your data is deleted after a reasonable period based on the following criteria:

• Account Usage:
• Personal data required for your Account is retained as long as you use the Account and for a maximum of three years after inactivity.
• Service Provision:
• Information necessary for delivering our Services and enhancing Website or Service performance is stored while our relationship with you is active (e.g., while you hold an Account with us).
• Active Consent:
• Data necessary for providing Services is retained as long as your Account is active or you consent to its retention.
• Customer Support:
• Personal data related to customer support communications is kept for up to three years after your last interaction with us.
• Marketing:
• Data used for marketing and promotional activities is retained for the duration of our relationship with you.

Data Deletion on Request
You may request the deletion of your personal data unless retention is required under applicable law. Retention may occur in cases such as:

• Unresolved Issues:
• We retain necessary data to resolve outstanding disputes or claims tied to your Account.
• Legal and Regulatory Compliance:
• Retention is maintained for tax, legal, audit, or accounting purposes as mandated by law.
• Business Interests:
• Data may be kept to safeguard legitimate business interests, including fraud prevention and user safety.

Sharing of Personal Data Third-Party Sharing Policy
We share personal information with third parties only for purposes permitted under applicable laws and outlined in this policy. Your data is never sold to anyone.
Sharing occurs under the following conditions:

• Service Providers & Advisors:
• These include entities offering legal, customer support, payment processing, email deployment, accounting, and auditing services.
• Public Authorities:
• Data may be disclosed to government bodies when required by law.
• Corporate Operations:
• In cases such as mergers, acquisitions, asset sales, or similar business transitions, data may be shared.

International Data Transfers
Your personal data may be transferred outside the European Economic Area (EEA) or Australia. We ensure compliance with relevant privacy standards:

• Transfers to countries deemed by the European Commission to have adequate data protection.
• Utilization of standard contractual clauses approved by the European Commission.

For Australian data, transfers comply with the Privacy Act 1988 (Cth) and related amendments.
Service Providers Contracted by the Company
Primary service providers that may process your personal data include:

• Email Services: SendGrid by Twilio (Ireland, USA)
• Application Analytics: Google Analytics by Google (USA)

Legal and Security-Related Sharing
Data may also be shared:

• When legally required or during legal proceedings.
• To mitigate damages, financial losses, or investigate suspected fraud or illegal activities.

Automated Decision-Making and Profiling Use of Automation
We do not engage in decisions solely made through automated processes, including profiling, that could have legal consequences for you. Profiling involves analyzing personal traits, behaviors, and preferences to predict or decide outcomes.
If automated decisions are applied in the future, you retain the right to object.

YOUR CHOICES REGARDING THE USE OF YOUR INFORMATION
We adhere to GDPR and other relevant privacy regulations. These laws grant individuals specific rights concerning their personal data. Below, we outline the rights available to you:
Right of Access
You have the right to confirm whether your personal data is being processed and to access that data. This information is provided free of charge.
However, if your request is clearly unfounded or excessive (e.g., repetitive requests), we reserve the right to:

• Charge a reasonable fee reflecting the administrative costs of fulfilling your request.
• Decline to act on your request.

Right to Rectification
You may request the correction of inaccurate personal data or the completion of incomplete personal data.
Right to Erasure
You can request the deletion of your personal data without undue delay if any of the following conditions apply:

• The data is no longer needed for the purpose it was collected or processed.
• You withdraw your consent, and there are no other legal grounds for processing.
• You object to the processing, and no overriding legitimate grounds exist.
• The data was processed unlawfully.
• Deletion is necessary to comply with a legal obligation.

Right to Restriction
You can request limited processing of your personal data under specific conditions:

• You dispute the data's accuracy, pending verification.
• The processing is unlawful, but you prefer restricted use rather than deletion.
• The data is no longer required for processing but is necessary for legal claims.
• You have objected to processing, pending verification of whether legitimate grounds override your objection.

Right to Object
You may object to the processing of your personal data. This right is not absolute and may not apply if we demonstrate compelling legitimate grounds for processing or if processing is necessary for legal claims.
You may also object to the use of your personal data for direct marketing, including related profiling. This objection can be made at any time.
Right to Data Portability
You can request a copy of your personal data in a structured, commonly used, and machine-readable format. You may also ask us to transmit the data directly to another controller if technically feasible.
Right to Withdraw Consent
If processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the legality of prior processing. Please note that withdrawal may impact your ability to use certain services.
Right to Lodge a Complaint
You have the right to file a complaint with a data protection supervisory authority.
To exercise any of the rights listed above, please contact us at: privacy@proxyapp.net

HOW WE PROTECT YOUR PERSONAL DATA
The Company is committed to safeguarding your personal data. We implement robust measures to prevent unauthorized access, loss, or misuse. These measures include:

• Technical Security: SSL/TLS encryption, hashed passwords, firewalls, and network segmentation (database servers are not accessible externally).
• Organizational Safeguards: Regular independent audits, staff training, and the assignment of a Data Privacy Officer.
• Physical Security: Measures to protect our infrastructure and data centers.

Despite these precautions, no online platform can guarantee complete security. By using our Website and Services, you acknowledge the inherent risks of online data transmission. Any information shared is at your own risk.

CONTACT INFORMATION
For any inquiries related to this Privacy Policy or data protection concerns, please reach out to us through the following channels:
Email: privacy@proxyapp.net
Mailing Address: ap. 5, 5th floor, g.k. Zaharna fabrika, 31А, 1345 Sofia, Bulgaria

For matters requiring the attention of the Data Protection Officer (DPO):
Email (DPO): privacy@proxyapp.net
Mail (DPO): Clearly mark your correspondence "For the Attention of the Data Protection Officer" and send it to the address provided above.
We aim to respond to your inquiries within one month, with the possibility of extending this period by up to two additional months in complex cases.

POLICY UPDATES
This Privacy Policy remains valid until replaced by a new version. Updates will be made at our discretion, with significant changes highlighted through prominent notifications (e.g., email alerts).
The latest version of the Privacy Policy will always be available on our website. Your continued use of our Website and Services implies acceptance of the updated terms.
We will not reduce your rights under this policy without your explicit consent. Any significant changes involving data processing purposes or data transfers to third countries will be communicated clearly and in advance.
This updated version enhances formatting, ensures clarity, and maintains all key legal provisions from the original document.