UrbanVPN Privacy Policy

[Last Updated: July 5, 2020]

This Privacy Policy (“Privacy Policy”) governs the manner in which we process information collected from our users ("you", "your" or "user") in connection with the access to or use of our: (i) Urban VPN browser, extension (“Extension”); (ii) Urban VPN mobile application (“App”); (iii) the visitors of our website available at: https://www.urban-vpn.com and the Services we provide, all as detailed and defined in our Terms of Use (“Terms”).

This Privacy Policy explains what information we may collect, how such information may be used or shared with others, how we safeguard it and how you may exercise your rights related to their Personal Data (as such term is defined below), among others, and where applicable, as required according to the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

THE HIGHLIGHTS
  • You are not required by law to provide us with any Personal Data. Sharing Personal Data with us is entirely voluntary. Some of our Services however, may depend on providing us with certain Personal Data, as specified below.
  • In general we use Personal Data (1) where we have a legitimate interest to do so (for example for website’s security purposes); (2) in order to perform a contract (for example, to provide you with the Services); (3) where there is a legal obligation imposed on us or to protect our legal rights; and (4) otherwise with your consent to do so.
  • Children under the age of 16 are not permitted to use the Services or provide us with any Personal Data.
  • You may be entitled under applicable law to request to review, amend, erase or restrict the processing of your Personal Data, all as detailed under this Privacy Policy.
  • We do not sell, trade, or rent users’ Personal Data to third parties. We only share Personal Data for limited circumstances as specified herein.

If you have any questions or requests regarding the processing of your Personal Data, or would otherwise like to contact us in connection with this Policy, please send us an email to: privacy@urban-vpn.com

1. Amendments

Except as otherwise described herein, we may at our sole discretion and at any time amend the terms of this Privacy Policy. Such changes shall be effective upon publication of the amended terms in this Privacy Policy. Your continued use of the Services, following the amendment of the Privacy Policy, constitutes your acknowledgement and consent of such amendments to the Privacy Policy. The last revision will be reflected in the "Last Updated" heading above. In the event of a material change we will make a reasonable effort to provide a notification of such change. We recommend that you periodically review this Privacy Policy, as it may be subject to amendments from time to time.

2. Data we collect and purpose of use

The first type of information we collect is aggregated, non-identifiable, non-personal information, which may be made available or gathered via the user's use of the Service (“Non-Personal Data”). We are not aware of the identity of the user from which the Non-Personal Data was collected.

The second type of information is individually identifiable information, namely information that identifies an individual or entity or may with reasonable effort identify an individual (“Personal Data”).

The table below details the data collected by us, how it is used, and our legal basis for data processing. Note that, under the GDPR we are considered of the Data Controller of the data we collect.

What type of data we collect? How do we use it? For EU Individuals
Legal Basis under the GDPR
Online Identifiers
When you use our Services or visit our website, we will collect certain Online Identifiers such as Agent Id, UDID, Android ID, and your IP address.  
We will use your IP address to provide the VPN Services as well as to extract the approximate geographical location (i.e., country). In addition, we will use other Online Identifiers to provide, enable and enhance operation of our Services and of our website. Performance of a contract and necessity of processing for the purposes of our legitimate interests.
Web Browsing Data We collect the URLs of visited websites and apps as well as search queries (meaning in the event the navigation event occurred on the page of a search engine or a website, the value of a URL’s query parameter responsible for a search term involved into the searching context). Note that, in most cases the data detailed above is aggregated Non-Personal Data, however, sometimes Web Browsing Data contains terms that could be considered as Personal Data. This data is deleted a short period following collection. We will use this data for the purpose of operating and providing our Services, for example, in order to create a black listing of target websites and provide the “safe browsing” alerts feature, we will need to review the URL history of our users, as well as for internal operation purposes. Performance of a contrast and necessity of processing for the purposes of our legitimate interests.
Contact Information If you voluntarily contact us, you may be required to provide us with certain information such as your name and email address. We will use this data solely to provide you with the support you have requested or response to your inquiry. We may process the contact history to improve our services, as well as resolve disputes. Your consent.
Technical Data When you use the Service, we will collect Non-Personal Data, such as technical information automatically transmitted by the user's device (for example, type of browser, the type of operating system, access time and date, approximate geographical location, etc.). We use this data solely to provide and enhance our Services and to enable operation of the Services. Performance of a contract and necessity of processing for the purposes of our legitimate interests.
3. How we collect your information?

We collect the above data from you, in the following ways:

  • Automatically, Non-Personal Data may be automatically transmitted by the user's device. Furthermore, when using our Service, we may assign your device with a Java Script code, to collect the data detailed in the table above.
  • When you voluntarily choose to provide us with information, e.g., when you contact us.
  • Whenever technically possible and required under applicable law, we will ask for your consent to collect your Personal Data and offer you the choice to opt-out.
4. With whom do we share information?

We do not sell, trade, or rent users' Personal Data to other parties. We may share information solely in the following events:

  • We will share your information, solely to the extent needed to comply with any applicable law or regulation (including our policies and agreements), solely to the extent needed to establish or exercise our rights to defend against legal claims or to prevent harm to the rights, property or safety of us, our users, yourself or any third party or for the purpose of collaborating with law enforcement agencies or in case we find it necessary in order to enforce intellectual property or other legal rights.
  • We may share your information, in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy.
  • We may share Personal Data with our trusted service providers only to the extent required to fulfill the purposes of providing our Services.

We may share, sell, or make a commercial use of the aggregated coded data we collect from your device (e.g. Web Browsing Data) with other business partners, service providers, and data aggregators. In such events, we enter a commercial agreement with the other party which clarifies the purpose of the use of the data. At any time you can opt-out as detailed here in: https://www.urban-vpn.com/about-us/do-not-sell/

5. Data retention
Data Sets Retention Period
Online Identifiers IPs collected for location purposes are deleted immediately following to the completion of use (not stored). However, note that, if you use our VPN application, the IP collected is necessary for the purpose of providing the Services, and thus, will be deleted solely following completion of such purpose (meaning when you delete the VPN application and cease use of the Services).
Web Browsing Data Anonymized immediately when data received
Contact Detail Deleted Immediately following the completion of your request.
Technical Information For as long as needed to perform the Services.

Notwithstanding the above, in some circumstances we may retain the information we collect for longer periods, for example, when we are required to do so in accordance with legal, tax and accounting requirements. In addition, we may also retain your Personal Data for longer periods if we reasonably believe, at our discretion, that we need to obtain an accurate record of your correspondence or any dealing with us, for example, in the event of any complaints, all, in compliance with applicable laws.

6. User Rights

Data protection and privacy laws provide you with the ability to exercise some rights regarding your Personal Data that we hold (which might be different in each jurisdiction) such as; right to access your Personal Data; right of rectification; the right to erasure of your Personal Data; right to restrict processing of your Personal Data; the right to object to processing of your Personal Data; data portability; the right to file a complaint to a supervisory authority (in the event you are EEA resident); and, the right to withdraw consent.

If you wish to exercise any or all of the above rights, please send it to our Data Protection Officer at: privacy@urban-vpn.com and let us know that you wish to exercise your right of access and specify what Personal Data you would like to receive.

Where we are not able to provide you with the information for which you have asked, we will endeavor to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisor authority. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law. In addition, the process of locating and deleting the data may take up to one (1) month (following the receipt of the validation proof we require) in accordance with applicable law.

Data privacy and related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.

7. Data Security

Your privacy is very important to us and therefore we use security techniques to prevent your information from being accessed without authorization, improperly used or disclosed, unlawfully destructed or accidental loss, as detailed in our Information Security Policy. If you believe that your privacy was treated not in accordance with this Privacy Policy, or you have reasonable concern with that any person attempted to abuse our Service, please contact us at: privacy@urban-vpn.com.

Further, in the event of a security incident, in which we discover your Personal Data may be at risk, we will take reasonable efforts to notify you and the applicable authority (if required, subject to applicable laws).

8. Children Information

You represent and warrant that you are (i) at least sixteen (16) years of age if you are located in the EEA; or (ii) if you are located in any other geography and you are above the age defined as “child” under applicable laws in your jurisdiction (collectively “Child” or “Children”). If you are under 18, please be sure to read the terms of this Privacy Policy with your parents or legal guardians. The Services are not directed or intended for Children, as defined under applicable law, and we do not knowingly collect or solicit information from children. If we later obtain actual knowledge that a user is considered as a Child under applicable law, we will take steps to immediately delete its Personal Data. We request that such individuals do not provide Personal Data through the Services.

If you become aware or have any reason to believe that a Child has shared any information with us, please contact us (as detailed below) and we will take reasonable steps to ensure that such information is immediately deleted from our files.

9. Transfer of Data

We may process or store Personal Data within the EEA, US, and internationally, therefore you hereby accept and agree that by accessing and using our Services from outside the United States, your information may be transferred to, stored, and processed in the United States. If you are a resident of the European Economic Area ("EEA") we will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer outside of the EEA.

10. Do Not Track Disclosure

Our Service does not respond to Do Not Track signals. For more information about Do Not Track signals, please see: http://www.allaboutdnt.com

11. Contacting Us

If you have any comments or questions about this Privacy Policy, please contact us at:

Urban Cyber Security Inc.
501 Fifth Avenue, New York, NY, 10036.
Email: privacy@urban-vpn.com.

PRIVACY NOTICE FOR CALIFORNIA RESIDENTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT

[Last Updated: September 15, 2020]

This privacy notice (“Privacy Notice”) for California Residents under the California Consumer Privacy Act of 2018 (“CCPA”) supplements the information contained in Urban VPN Privacy Policy available at: https://www.urban-vpn.com/about-us/privacy/ and applies solely to all users (as defined in the Privacy Policy) who reside in the State of California (“Consumers” or “you”), as defined under the CCPA. Any terms defined in the CCPA have the same meaning when used in this Privacy Notice. Further, this Privacy Notice is an integral part of our Privacy Policy and thus, definitions used herein but not defined herein shall have the meaning ascribed to them in our Privacy Policy.

As required under the CCPA, we will update this Privacy Notice every 12 months. The last revision date will be reflected in the “Recently Updated” heading located at the top of the Privacy Notice.

TYPES OF PERSONAL INFORMATION WE COLLECT

Under the CCPA, “Personal Information” is defined as any information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device. The categories of Personal Information that we collect (and has collected within the last 12 months), are detailed in the table below.

Please note that, under the CCPA Personal Information does not include: publicly available information from government records and deidentified or aggregated consumer information, information excluded from the CCPA’s scope (e.g., health or medical information covered by applicable laws such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA)); and information covered by certain sector-specific privacy laws (e.g., the California Financial Information Privacy Act (FIPA)).

Category Examples Collected
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. Yes
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.
No
C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). Yes
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes
E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No
F. Internet or other similar network activity. Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. Yes
G. Geolocation data. Physical location or movements. Yes
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. No
I. Professional or employment-related information. Current or past job history or performance evaluations. No
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No
K. Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. No
HOW WE COLLECT INFORMATION

Depending on the nature of your interaction with us, we may collect the above detailed information from you, as follows: (i) directly from you, for example, if you contact us; (ii) indirectly from you, for example, from observing your actions when you use our Services; (iii) from third-party business partners such as analytics providers.

USE OF PERSONAL INFORMATION

We may use, or disclose the Personal Information we collect for one or more of the following business purposes:

  • To fulfill or meet the reason you provided the information. For example, if you contact us with an inquiry and share your name and contact information, we will use that Personal Information to respond to your inquiry.
  • To provide, support, personalize, and develop our website and Services, as well as improve our Services.
  • For security and fraud detection purposes, and to maintain the safety, security, and integrity of our Services.
  • For testing, research, analysis, and product development, including to develop and improve our Services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.

We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

SHARING DATA

We may disclose your Personal Information to a third party for a business purpose. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.

We share your Personal Information with the following categories of third parties:

  • (i) Service providers
  • (ii) Data aggregators
DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE

In the preceding twelve (12) months, the Company has disclosed the following categories of Personal Information for a business purpose:

  • Category A: Identifiers.
  • Category F: Internet or other similar network activity.
SALES OF PERSONAL INFORMATION

In the preceding twelve (12) months, Company has sold Personal Information in a coded (unique ID) format.

  • Category A: Identifiers.
  • Category F: Internet or other similar network activity.
YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION

The CCPA provides consumers with specific rights regarding their Personal Information.  Please review our User Rights Overview regarding your rights under applicable law.

You may exercise any or all of your above rights in relation to your Personal Information by filling out the Data Subject Request Form (“DSR”) form available here and send it to our privacy team at: privacy@urban-vpn.com.

CONTACT US

If you have any questions or concerns regarding privacy issues, or if you wish to be provided with any other information related to our privacy practices, please contact us at:

Urban Cyber Security
501 Fifth Avenue, New York, NY, 10036.
You can also contact our privacy team at: privacy@urban-vpn.com.




Protect Your Privacy with Urban VPN

Download Urban VPN to enjoy complete online security and privacy while hiding IP address.