Skip to content
Legal

Privacy Policy

Last updated

Template notice. This privacy policy is a template. Running a US-targeted proxy service triggers complex CCPA/CPRA, GDPR (via the EU-US Data Privacy Framework for any EU end users in captured traffic), and sector questions that depend on your specific data flows, your peer-sourcing model, and your customer base. Retain qualified privacy counsel before launch.

1. Who we are

Controller: Proxaro Networks LLC ("Proxaro"), a Delaware limited liability company with registered address at 251 Little Falls Drive, Wilmington, DE 19808, USA. Contact: privacy@proxaro.io.

2. What we collect

From customers

Account identifiers (email, organization name), billing information (processed via Stripe and Card2Crypto — we do not store card numbers), technical metadata (API usage, request counts, IP address of the session origin).

From proxy network peers

Peers who opt in to share bandwidth in exchange for a free product or revenue share grant us a narrow licence to relay traffic through their connection. We collect: a pseudonymous peer identifier, connection metadata (ASN, approximate geo-location, carrier class), and uptime statistics.

3. Legal basis

For customer data, our processing is necessary to perform the contract with you. For peer data, our processing is based on the consent captured in the peer application's onboarding flow. For California residents ("consumers" under the CCPA/CPRA), we process only the categories of personal information necessary for the business purposes disclosed here and in our DPA.

4. What we do not collect

We do not intercept, decrypt, or log the payloads of customer traffic relayed through the gateway. Routing and billing metadata are retained separately from payload data, which is never stored.

5. Sharing and processors

We use the following sub-processors: Stripe (payments), Card2Crypto (card-to-crypto settlement), AWS (infrastructure), Resend (transactional email), and, where enabled on your deployment, Plausible or Google Analytics (website analytics).

6. Retention

Account data: duration of the contract plus seven (7) years for US tax records. Request metadata: 90 days. Peer metadata: duration of participation plus 12 months.

7. International transfers

We operate infrastructure in the United States. Where personal data of individuals in the European Economic Area or the United Kingdom is transferred to us in the US, the transfer is protected by the EU-US Data Privacy Framework (where Proxaro self-certifies) and the EU Standard Contractual Clauses as a fallback. A copy of the SCCs is available on request.

8. Your rights

Under CCPA / CPRA (California residents)

You have the right to know what personal information we collect, to delete it, to correct inaccuracies, to opt out of any "sale" or "sharing" (we do not sell personal information), and to be free from retaliation for exercising these rights.

Under GDPR / UK GDPR (EEA / UK residents in captured traffic)

You have the right to access, correct, port, delete, restrict, or object to the processing of your personal data, and to lodge a complaint with your supervisory authority.

How to exercise

Email privacy@proxaro.io from the account email address or the email address the personal data is associated with.

9. Changes

We update this policy when our processing changes. The date at the top of this page is authoritative.