This privacy policy statement (“Privacy Policy”) describes how Brooog, LTD. and our affiliates (“Brooog,” “we,” “us,” or “our”) obtain, use, store, change, disclose, and delete our users' (“you,” or “your”) personal data as it relates to Brooog's Services and Brooog's marketing practices. This Privacy Policy is a part of and is incorporated into the Brooog, LTD. End User Agreement.
If you have any privacy or personal data concern related to any of Brooog's products, services, or practices, please contact us at [email protected]. Please also review our other relevant agreements: END USER AGREEMENT.
1. BROOOG'S STRICT NO-LOGS GUARANTEE (VPN SERVICES)
Your privacy is our mission. We are committed to a strict No-Logging Policy for our Virtual Private Network (VPN) Services. This means we do not monitor, record, or store any data related to your online activity that could identify you.
We absolutely DO NOT monitor, store, or log:
- Browsing history, websites visited, or content accessed during your session.
- Traffic destinations, data content, or DNS queries.
- VPN connection timestamps, duration, or session metadata.
- Your original IP address after your VPN session ends.
- Server usage or bandwidth consumption that can be linked to a specific user.
The Minimal Data We Collect (and Why):
To ensure service quality and prevent abuse, we collect the following minimal, non-identifying data:
- **Number of Connected Devices:** Used solely to enforce the maximum device limit specified in your subscription.
- **Total Amount of Web Traffic & Session Dates:** Collected only if you use a personal server or personal IP address, for capacity planning purposes. This data does not include any detail on what the traffic was.
This policy ensures that your personal data, including your email address and username, is **never** connected to any of your internet activities during your VPN Services sessions.
2. WHAT PERSONAL DATA WE COLLECT AND HOW WE COLLECT IT
IMPORTANT: YOUR FAILURE TO PROVIDE CERTAIN PERSONAL DATA MAY MAKE OUR SERVICES OPERATE NOT AS INTENDED OR NOT OPERATE AT ALL FOR YOU.
2.A. PERSONAL DATA THAT YOU PROVIDE (Registration & Use)
Upon your registration for and use of the Services, we collect certain personal data directly from you, including the following:
- First and last name (or through your social media login).
- Email address.
- Username and password (stored in a **“hashed”** format, which means the data was passed through a one-way cryptographic hash function and cannot be restored by Brooog).
- Company name (if applicable).
- Other profile information that you choose to provide (e.g., web form submissions, email, online chat).
- (Certain products only) Public and encrypted private keys, domain names, or block list categories.
2.B. PERSONAL DATA THAT WE COLLECT AUTOMATICALLY
Upon your use of the Services, we collect certain personal data automatically, including the following:
- IP address (stored only for the duration of a VPN session, then deleted).
- Browser type and operating system.
- Device name, code, manufacturer, and language.
- Time zone, connection type, WiFi network name, and country.
- Brooog website/app usage, including version used, activation date, and updates installed.
- Other data collected in accordance with our Cookies Policy.
2.C. PERSONAL DATA THAT WE COLLECT FROM OTHER SOURCES
We may also collect personal data, such as names and contact information, from third parties, such as marketing, research, sales lead generator companies, social networks, and publicly-accessible sources.
We collect your payment history regarding our Services (but **not** your full payment card information) from third-party payment processors (e.g., Google, Apple, PayPal, Amazon, Stripe, and Paymentwall).
3. HOW WE USE PERSONAL DATA AND THE LEGAL BASIS FOR PROCESSING
We use the personal data we collect for the following purposes and rely on the corresponding legal bases:
To provide the Services:
To process your order, manage your account, and deliver the Services you have requested.
Legal Basis: Performance of a Contract.
To improve our Services:
Analyzing, personalizing, and improving our Services and marketing practices; discovering issues in our Services.
Legal Basis: Our Legitimate Interests.
For security and fraud prevention:
Detecting and preventing fraud, illegal activity, and any other activity that infringes upon the legal rights of Brooog, our other users, or other third parties.
Legal Basis: Our Legitimate Interests and Compliance with Legal Obligations.
For marketing:
To send you promotional communications about the Services.
Legal Basis: Your Consent (where required) or Our Legitimate Interests (for existing customers).
4. WHEN AND WHY WE SHARE PERSONAL DATA
4.A. VPN Services Personal Data (The No-Sharing Guarantee)
As detailed in Section 1, Brooog does not monitor, store, or log your internet activities while using our VPN Services. Consequently, **Brooog does not share, transfer, sell, rent, or disclose in any way to third parties ANY personal data about the users of the VPN Services for ANY purpose.**
4.B. General Services Personal Data
Brooog does not sell or rent your personal data to any third parties without your consent. We share your personal data with our affiliates and third-party service providers for everyday business purposes, including to:
- Store, transfer, and manage your personal data (e.g., cloud hosting and infrastructure providers).
- Process your purchases of the Services (e.g., payment processors: Google, Apple, PayPal, Amazon, Stripe, Paymentwall).
- Manage and service your Brooog account (e.g., customer support and email platforms).
- Sell and market the Services (e.g., marketing automation tools).
4.C. Legal Disclosures and Business Transfers
We may share your personal data when appropriate or necessary to respond to lawful legal processes, including:
- Lawful subpoenas from government authorities and/or private entities;
- Court orders; and
- In the context of litigation and regulatory investigations.
We may also share your personal data in the event we are acquired by, merge with, or sell all or substantially all of our assets to another entity.
4.D. CALIFORNIA CONSUMER PRIVACY ACT (CCPA/CPRA)
Brooog does not sell or "share" (as defined under California law) your personal information for monetary or other valuable consideration. We treat all personal data under the strict non-disclosure terms outlined in this Privacy Policy. If we were to ever change this practice, you would be notified and provided with a clear and prominent link titled "Do Not Sell or Share My Personal Information."
5. YOUR RIGHTS REGARDING YOUR PERSONAL DATA
Depending on your location and applicable law (such as GDPR), you may have the following rights regarding your personal data:
- **Right of Access:** Request a copy of the personal data we hold about you.
- **Right to Correction/Rectification:** Request correction or supplementation of your personal data for completeness.
- **Right to Erasure ("Right to be Forgotten"):** Request the deletion of your personal data under certain circumstances.
- **Right to Restriction of Processing:** Request us to limit the way we use your personal data.
- **Right to Data Portability:** Request the transfer of your personal data to another entity under certain circumstances.
- **Right to Withdraw Consent:** Withdraw consent to the processing of your personal data where the processing is based on your consent.
- **Right to Object:** Object to our processing of your personal data when such processing is based on our, or a third party's, legitimate interests.
How to Exercise Your Rights
To request to exercise any of the rights listed above, we may require you to provide us with detailed information about your request for identity verification purposes.
Please send a detailed request to our Privacy Team at: [email protected]
6. WHERE AND HOW WE STORE PERSONAL DATA (SECURITY)
We use appropriate physical, electronic, technical, and organizational measures to secure and protect your personal data to ensure a level of security appropriate to the risk.
We employ security measures such as **data encryption in transit (SSL/TLS)** and **encryption at rest** where appropriate to safeguard your personal data. We work with our third-party service providers globally to put in place adequate protections to ensure the security of personal data when it is stored and transferred.
You should understand, however, that no safeguards are guaranteed to prevent unauthorized disclosure and/or use of personal data. Because of that, we cannot guarantee or warrant that your personal data will never be exposed.
7. HOW LONG WE STORE PERSONAL DATA
We do not store certain personal data (i.e., IP address, connection type, browser type, and operating system) that we collect automatically for our VPN Services after the session ends (see Section 1).
We store some of your personal data that we collect from you and from other sources as long as you remain a user of the Services. We retain personal data necessary for compliance with our legal obligations and contractual performance for the longer of: (i) the required time period under applicable law; or (ii) seven years.
8. COPPA (CHILDREN'S PRIVACY)
The Services are not directed to children under the age of 13, nor do we knowingly collect information from children under the age of 13. If you are under the age of 13, please do not provide personal information of any kind whatsoever to Brooog.
If a child provides us with personal information, a parent or legal guardian of that child may contact us to obtain that information and/or delete it from our records by sending an email to [email protected].
9. CHANGES TO THIS PRIVACY POLICY
We may make changes to this Privacy Policy as the applicable laws, relevant technologies, and our data processing practices change. We will notify you of changes to this Privacy Policy by posting the updated policy on our website and in our applications and other Services.
The changes shall become effective upon such posting (as indicated by the "Last Updated:" date at the top of this Privacy Policy), or as otherwise required by applicable law. We encourage you to review this policy regularly.