Information security and privacy are at the heart of what Grelice values and promotes as a company. As such, we think it’s important to be transparent about how we handle your information. That level of transparency also makes for a lengthy document, but we’ve tried to make it more readable by organizing it into a logical structure and by using plain language.
Grelice offers a variety of services, and certain services may process data differently, or in additional ways, to other services and what’s described in this policy. We note these differences in Product Privacy Notices that are specific to such services, in product documentation, or inside products themselves at places where such information is relevant. In particular, our VPN Products Privacy Notice describes the specific privacy practices our VPN products adopt, including:
Key VPN Product Privacy Points:
Some of Grelice’s services are offered to businesses. For those services, our customer is a business or other organization who may authorize individual end users to use the services that it has purchased from us. Where an organization is our customer, it may maintain accounts with Grelice through which it and its users may submit information (“Customer Data”). That organization typically controls those accounts and any associated Customer Data. In this case, Grelice is generally a processor of Customer Data and the organization is the controller.
1. What information do we collect about you?
This section describes the various types of information we collect from and about you. This information is not collected in all situations, but only in specific situations. For example, our VPN products only collect a limited amount of information. To understand the context in which collection occurs, see Section 2 (How do we use your information?) and our Product Privacy Notices. More information about some of the mechanisms we use to collect this information, such as cookies, is available in Section 4 (Tracking Technologies & Cookies).
1.1. Information you provide to us
1.2. Information collected when you use our services
1.3. Information provided to us by third parties
You generally do not have a duty to disclose personal data to us unless you have a contractual obligation to us to do so. However, we need to collect and process certain information that is necessary or legally required in order to provide the services to you or otherwise perform our contractual relationships with you.
2. How do we use your information?
We use the information we collect for various purposes described below.
To provide, maintain, troubleshoot, and support our services. We use your information for this purpose on the basis that it is required to fulfill our contractual obligations to you. Examples: using information about how much bandwidth you use and how long you use our services in order to provide the services in accordance with a plan to which you have subscribed; using threat and device information to determine whether certain items pose a potential security threat; and using usage information to troubleshoot a problem you report with our services and to ensure the proper functioning of our services.
For billing and payment purposes. We use your information in order to perform billing administration activities and process payments, which are required to fulfill our contractual obligations.
To communicate with users and prospective users. We use your information to communicate with you, including by responding to your requests, and sending you information and updates about our services. We may do this in order to fulfill our contract with you, because you consented to the communication, or because we have a legitimate interest in providing you with information about our services.
To improve our services. We want to offer you the best services and user experiences we can, so we have a legitimate interest in continually improving and optimizing our services. To do so, we use your information to understand how users interact with our services. Examples: we analyze certain usage, device, and diagnostic information to understand aggregated usage trends and user engagement with our services (and, for example, invest in technical infrastructure to better serve regions with increasing user demand); we may use device and threat information to conduct spam, threat, and other scientific research to improve our threat detection capabilities; we review customer feedback to understand what we could be doing better.
To develop new services. We have a legitimate interest in using your information to plan for and develop new services. For example, we may use customer feedback to understand what new services users may want.
To market and advertise our services. We may use your information to provide, measure, personalize, and enhance our advertising and marketing based on our legitimate interest in offering you services that may be of interest. Examples: we may use information such as who or what referred you to our services to understand how effective our advertising is; we may use information to administer promotional activities such as sweepstakes and referral programs. Note that our VPN products do not use your VPN browsing activity for these purposes and we do not maintain any records that show what you were browsing or accessing through a VPN connection.
To prevent harm or liability. We may use information for security purposes (such as to investigate security issues or to monitor and prevent fraud) and to prevent abuse. We may do this to comply with our legal obligations, to protect an individual’s vital interests, or because we have a legitimate interest in preventing harm or liability to Grelice and our users. For example, we may use account, usage, and device information to determine if an entity is engaging in abusive or unauthorized activity in connection with our services.
For legal compliance. We internally use your information as required by applicable law, legal process, or regulation. To learn about our practices regarding sharing your information with third parties for legal compliance purposes, see Section 3.1 below. We also use your information to enforce our legal rights and resolve disputes.
3. Who do we share your information with and why?
3.1. In General
We may disclose your information in the following circumstances:
In accordance with your instructions or consent. For example, some services may allow you to register an account using a third party account (such as a Google or Microsoft account). If you choose to do so, we will share information with the third party account provider.
To your business organization (for our business services). If a business customer is providing you with access to our services through a business account, others in that organization may be able to see and manage your account and the information associated with it (such as an administrator).
For collaborating with others. Some services may provide ways for different users to interact or collaborate with each other. Your information will be shared in connection with those activities if you choose to engage in them.
Affiliates and third party service providers. To help us provide some aspects of our services, we work with trusted third parties and partners. To protect your data, we enter into appropriate confidentiality and data processing terms with these third parties, review their security practices, and limit information sharing to the scope of what they are helping us with. Examples of activities that third parties help us with include:
3.2. Free Products Only
Displaying Third Party Ads. We do not display third party ads in our paid products. With respect to our free mobile apps and other free products, we may serve third party ads to users in certain regions. Although the money we make from
displaying these ads offsets only part of the costs of making these apps and services available for free, we provide free apps because we believe it’s important that everyone has the opportunity, regardless of their situation, to have secure
and private access to the internet.
We do not provide Ad networks with any personal data about you, except for an approximate city-level latitude and longitude which lets them show ads which are more relevant for your approximate geographic location. However, Ad networks may collect information through their SDKs, such as your mobile advertising identifier, IP address, and device information, for the purpose of serving you with “personalized” ads (ads that they think are more relevant to you) and measuring your response to those ads. If you are using a VPN connection, your IP address is hidden from ad networks and replaced with the IP address of our VPN servers. Because we do not provide ad networks with personal data about you (apart from city-level location), Ad networks personalize ads based on information that they collect from you and that they already have about you – not based on information we share with them.
While we request you not to use ad blockers to prevent the display of third party ads because that is how we support our free services, our services are able to continue functioning if you do use ad blockers.
4. Tracking Technologies & Cookies
4.1. About Tracking Technologies
Grelice uses various technologies in our services to help us collect information. For convenience, we refer to these as “tracking technologies,” although they are not always used to track individuals and the information collected is in a non-identifiable form that does not reference any personal data. Tracking technologies include:
4.3. Third Parties
We may allow our business partners to place certain tracking technologies in our services. These partners use these technologies for the following purposes:
4.4. Your Choices
Grelice employs a range of administrative, organizational, technical, and physical safeguards designed to protect your data against unauthorized access, loss, or modification. We continuously work to improve such safeguards.
6. International Data Transfers
6.1. Transfers to Other Countries
Grelice may transfer your personal data to countries other than the one in which you reside. We do this to facilitate our operations, and transferees include other Grelice group companies, service providers, and partners. Laws in other countries may be different to those that apply where you reside. For example, personal data collected within Switzerland or the European Economic Area (EEA) may be transferred and processed outside Switzerland or the EEA for purposes described in this policy. However, we put in place appropriate safeguards that help to ensure that such data receives an adequate level of protection.
7. Data Retention
Grelice generally retains your personal data for as long as is needed to provide the services to you, or for as long as you have an account with us. We may also retain personal data if required by law, or for our legitimate interests, such as abuse detection and prevention, and defending ourselves from legal claims. Residual copies of personal data may be stored in backup systems for a limited period as a security measure to protect against data loss.
8. Your Rights
Depending on your country of residence, you may have certain legal rights in relation to your personal data that we maintain. Subject to exceptions and limitations provided by applicable law, these may include the right to:
9. Age Restriction
Our services are not intended for and may not be used by minors. In this context, minors are individuals under the age of 16. Grelice does not knowingly collect personal data from minors or allow them to use our services. If we discover that we have collected personal data from a minor, we may delete such data without notice. Please note that the legal terms under which we make certain services available may require users to be older than 16 years of age.
11. Contact Us
Borovaya str. 58 office 13, St. Petersburg, Russian Federation
Copyright © 2020 Grelice LLC - All Rights Reserved.