Greetings,
At the core of our mission lie the principles of security and privacy. Thus,
we hold transparency as a fundamental value in how we manage your information.
This Privacy Policy serves to outline the procedures for processing and handling
data associated with your utilization of our services, which encompass our products, apps,
and websites linked to this policy.
In this document, the term “personal data” refers to information that pertains to an
identifiable natural person and enjoys protection under relevant data protection legislation.
Who We Are: This policy governs the data handling practices of the Cross VPN app. In its context, “we,”
“us,” and “our” signify the specific company listed above that offers our services and assumes
responsibility for data management in accordance with this policy. For our mobile apps, you can
identify the providing company by reviewing the app download page or its terms of service.
1. Information Collection: This section details the different types of information we gather from
and about you, but please note that not all of this information is collected in every situation.
For additional context on when and how this data is collected, refer to Section 2 (How do we
use your information?). More insights into the mechanisms we employ for data collection,
including cookies, are provided in Section 4 (Tracking Technologies & Cookies).
1.1. Information you provide to us:
-
Account information: When creating an account for certain services, we may collect your name, username, email address, and password.
-
Billing and payment information: To purchase our services, you may need to provide billing details such as billing name, contact information (street addresses, email addresses), and payment instrument details.
-
Identity verification information: Some services may require identity verification when creating an account, which may entail collecting information such as email addresses.
-
Communications and submissions: If you communicate with us through channels like email for support, inquiries about our services, filling out online forms, responding to surveys, providing feedback, participating in promotions, or submitting information through our services, you may choose to provide us with information.
1.2. Information collected when you use our services:
-
Usage information: We gather data on how you interact with our services, including bandwidth usage, the duration of your service usage, and specific times of use.
-
Device information: Information is collected from the device you use to access our services, including device identifiers, browser types, device settings, operating system versions, network information (e.g., internet service provider name, carrier name, and signal strength), and application version numbers.
-
Diagnostic information: We may collect data about the nature of requests made to our servers, but we do not log any information that associates your identity with your VPN browsing activity. There are no records of your online activities accessible to us, ensuring your privacy.
-
Location information: We may collect location data from various sources, such as your device’s GPS or by approximating latitude and longitude based on your IP address.
1.3. Information provided to us by third parties:
-
Referrals: If you are invited to use our service by someone else, they may submit your personal data, such as your email address or other contact information.
-
Third Party Accounts: Some services allow registration through third-party accounts, such as Google or Microsoft. In such cases, these third parties may share information about you with us, and you may have control over what information they provide by adjusting your privacy settings.
-
Threat Information: We may receive data from reputable members of the security industry to enhance our services. This information includes lists of malicious URLs, spam blacklists, phone number blacklists, and sample malware. It’s important to note that we do not systematically collect personal data within this context.
In most cases, you are not obliged to provide us with personal data unless you have a contractual obligation to do so. We collect and process information that is necessary or legally required to provide our services to you or fulfill contractual agreements.
2. How We Use Your Information: We employ the data we collect for various purposes, which are summarized below:
-
To provide, maintain, troubleshoot, and support our services: This involves ensuring the proper
functioning of our services, connecting you to the nearest and fastest VPN server, troubleshooting issues, and providing services according to your subscribed plan.
-
For billing and payment purposes: Your information is used to administer billing and process payments, fulfilling our contractual obligations.
-
To communicate with users and prospective users: We use your data for responding to your requests and sending you information and updates about our services, enhancing your experience and engagement with us.
-
To improve our services: We have a legitimate interest in continually enhancing and optimizing our services. This entails using your information to understand user interactions and engagement, making informed decisions to enhance our offerings.
-
To develop new services: We use your data to plan and create new services that cater to user needs and preferences.
-
To market and advertise our services: We may employ your information to provide, measure, personalize, and enhance our advertising and marketing efforts, all with the aim of offering services tailored to your interests.
-
To prevent harm or liability: Information is used for security purposes, such as investigating security issues and preventing abuse, including fraud. These actions are taken to comply with legal obligations, protect vital interests, or address potential harm or liability.
-
For legal compliance: We use your data as required by applicable laws, legal processes, or regulations. Details on sharing your information with third parties for legal compliance purposes can be found in Section 3.1.
3. Who do we share your information with and why: This section outlines the circumstances in which we may
disclose your information:
-
In accordance with your instructions or consent: If you choose to register an account using a third-party account, we will share information with the third-party account provider.
-
Affiliates and third-party service providers: To support various aspects of our services, we collaborate with affiliates and trusted third parties, ensuring data protection through confidentiality and data processing terms. Examples of their roles include processing payments, providing analytics, customer support, and maintaining infrastructure.
-
To a new owner: In the event of a change in ownership or control of our services or assets, we may transfer your information to the new owner.
-
Aggregated or de-identified data: We may use and share aggregated data and de-identified data, which no longer reveals individual identities, for regulatory compliance, research, analysis, marketing, and legitimate business purposes.
-
To comply with legal process and the law: While respecting your privacy, we may share your information if legally required, including responding to law enforcement requests related to investigations, criminal activity, and legal obligations.
-
To enforce our rights and prevent fraud and abuse: Limited data may be shared to protect against fraud, abuse, and claims against us, our affiliates, and users.
3.2. Displaying Advertisements: In certain regions, we may serve ads to users. Our services integrate
third-party advertising networks, such as Google, to display ads that are relevant to your interests.
While using these networks, limited personal data about you may be provided to them for personalized
advertising purposes. Please refer to the “Displaying Advertisements” section above for more
information on how these networks handle your data.
4. Tracking Technologies & Cookies: This section introduces the tracking technologies we employ, how
they work, and how you can manage your preferences. It provides a comprehensive understanding of the
data that is collected and how it is used.
4.1. Cookies and similar technologies: Cookies are tiny data files that are stored on your device
when you visit certain websites or applications. They serve various purposes, including enhancing
your experience and providing analytics. Our services use both session-based and persistent cookies
to store your preferences and analyze usage.
By using our services, you consent to the use of cookies in accordance with this Privacy Policy.
You can manage your preferences for cookies through your browser settings or through our cookie
consent tool, as described in the “Cookie Preferences” section above.
4.2. Do Not Track (DNT): Some web browsers offer a “Do Not Track” (“DNT”) signal, which is
a preference you can set in your browser to inform websites that you do not want to be tracked.
Our services do not respond to DNT signals.
4.3. Analytics Services: We use analytics services provided by third parties, such as
Google Analytics, to collect and analyze data about your use of our services. These
services use cookies and other tracking technologies to collect information about your
use of our services and generate reports on user activity for us.
5. Data Security: The security of your personal data is of utmost importance to us. We have implemented security measures to help protect your data from unauthorized access, disclosure, use, and modification. We regularly review our data collection, storage, and processing practices, as well as security measures, to safeguard against unauthorized access and unauthorized disclosure of information. These efforts include encryption, pseudonymization, access controls, and regular security audits.
6. International Data Transmission In the course of our operations, it may be necessary
for us to transfer your personal data to countries different from your country of residence.
These transfers may encompass various parties, including our affiliated companies, service providers,
and partners. It is worth noting that the legal frameworks in these foreign jurisdictions may differ
from the regulations in your home country. To illustrate, personal data gathered in regions such as
Switzerland, the United Kingdom, or the European Economic Area (EEA) might undergo transmission and
processing beyond the boundaries of Switzerland, the United Kingdom, or the EEA, as outlined in this
policy. Nevertheless, we diligently implement suitable protective measures to ensure that such data
enjoys a commensurate level of security and safeguarding. If you desire more details concerning these
protective measures, please do not hesitate to contact us.
7. Data Retention: We retain your data for as long as your account is active and as long as is necessary for the purpose for which it was collected, unless a longer retention period is required by law. For example, we may retain certain information even after you close your account if it is necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.
8. Your Data Protection Rights: As a data subject, you have the following rights, which you can
exercise by contacting us using the contact details provided below:
-
Access: You can request a copy of the personal data we hold about you.
-
Rectification: You can request that we correct any inaccuracies in your personal data.
-
Erasure: You can request that we delete your personal data, subject to certain legal exceptions.
-
Restriction: You can request that we limit the processing of your personal data under certain circumstances.
-
Portability: You can request a copy of your personal data in a structured, machine-readable format.
-
Objection: You can object to the processing of your personal data for certain purposes.
9. Your Privacy Rights in California (Applicable to California Residents Only)
9.1. Handling of “Do Not Track” Signals
At present, we do not respond to “Do Not Track” signals transmitted by browsers or mobile
apps due to a lack of standardization in interpreting such signals. You can learn more about
“Do Not Track” and its implications on privacy.
9.2. Requests Regarding Third-Party Disclosures
In accordance with California law, California residents may request and obtain, free of charge
once a year, a list of the third parties to whom we may have disclosed their “personal
information” (as defined by California Civil Code 1798.83) for direct marketing purposes
during the previous calendar year, along with the types of personal information disclosed.
For details on where to submit such requests, please refer to the “Contact Us” section below.
It’s important to note that we do not share personal information with third parties for their
direct marketing purposes without your prior consent.
9.3. Opting Out of Personal Information Sale
You may possess the right to opt out of the “sale” of your personal information,
as defined by the California Consumer Privacy Act (CCPA). The CCPA’s definition of
“sale” may encompass allowing third parties to receive specific information (e.g.,
cookies) for delivering personalized advertising on our services. We do not “sell”
your personal information, as defined by the CCPA, except in the context of certain
versions of our products supported by personalized advertising. Personalized advertising
allows us to offer certain products for free, present you with relevant offers, and ensure
that everyone, regardless of their circumstances, has secure and private internet access. The
information categories we may “sell” (as per California law) for advertising purposes include:
● Identifiers (e.g., advertising identifiers and cookies)
● Internet or network activity (e.g., the use of our apps)
● Approximate geolocation information
To opt out of our use of your information for these purposes, please visit our “Do Not Sell
My Personal Information” page. Please be aware that we do not knowingly sell the personal
information of minors under 16 years of age without legally-required affirmative authorization.
9.4. Additional Rights
California law may grant you the ability to:
● Request information about the categories of personal information we collected or
disclosed in the past twelve months, the categories of sources, the purpose of collection
or sale, and the third parties with whom we shared personal information. This information
can be found in this Notice.
● Obtain access to or copies of certain information held about you.
● Request the deletion of specific information we have about you.
You may also have the right to receive information about any financial incentives offered to you and
the assurance that you won’t face discrimination (as stipulated by the CCPA) for exercising certain
rights. Certain information might be exempt from these requests under applicable law. For example,
we need certain types of information to provide our services and comply with the law. When you
exercise certain rights, we may take reasonable steps to verify your identity before fulfilling
your request, which may involve confirming your email address or payment instrument. If you request
the deletion of specific information, it may affect your access to our services.
You are also entitled to designate an authorized agent to submit certain requests on your behalf,
provided you supply the agent with a signed, written permission to make such requests or a power
of attorney. We may follow up with you to verify your identity before processing the authorized
agent’s request. If you require additional information about your legal rights under California
law or wish to exercise them, please contact us using the address provided in the “Contact Us”
section below.
9.5. Summary of How We Handle Your Personal Information
The California Consumer Privacy Act (CCPA) necessitates that we provide specific disclosures to
California residents, outlining the categories of personal information we collect, the purposes for
which it’s used, the sources of personal information, and the categories of third parties with
whom we share it. While this section presents this information as specified by the CCPA, it
does not deviate in substance from the information found throughout this policy.
Sources of Personal Information All categories of personal information we collect come from the
following sources:
● You (voluntarily submitted or automatically collected, e.g., during your use of our services)
● Third parties (e.g., service providers, other users, or marketing partners who may refer
you to our services)
Categories of Personal Information Collected and Sharing The categories
of personal information we collect, as described earlier, may be shared with the following
categories of third parties:
● Our affiliates
● Third-party service providers conducting services on our behalf (e.g., payment processors,
analytics providers)
● Third-party advertising networks (e.g., Google)
● Third parties for legal purposes (e.g., in response to legal requirements)
● Others with your consent or at your direction
Categories of Business & Commercial Purposes The categories of personal
information we collect, as outlined previously, are used for the following purposes:
● Providing, maintaining, troubleshooting, and supporting our services.
● Billing and payment functions.
● Communication with users and prospective users.
● Improving our services.
● Developing new services.
● Marketing and advertising our services.
● Preventing harm or liability.
● Complying with legal requirements.
For further information on these categories, including specific use cases,
please refer to Section 2 above.
10. Age Limitations
Our services are not designed for and may not be used by individuals under the age of 16
(or as applicable per jurisdiction). We neither knowingly collect personal data from minors
nor allow them to use our services. If we discover that we have collected personal data from
a minor, we may delete such data without notice.
11. Privacy Policy Updates
This Privacy Policy may be updated periodically in line with this section, driven by
factors such as changes in laws, industry standards, and business practices. We will
post any updates on this page and revise the “Last updated” date accordingly. In the
event that updates significantly impact your privacy rights, we will also make reasonable
efforts to provide advance notice, which may include email notifications or service
notifications. If you disagree with any policy updates, you have the option to terminate
your services account. Failing to cancel your account before the effective date of the
update will imply your consent to abide by the revised Privacy Policy.