Privacy Policy

Introduction

Simona Mutinova, trading as SfProxy ("we," "our," or "us"), is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our proxy services. As a business registered in the Czech Republic, this policy is designed to comply with the EU General Data Protection Regulation (GDPR), Czech Act No. 110/2019 Coll. on Personal Data Processing, and other applicable data protection laws.

1. Information We Collect

1.1 Personal Information

When you purchase or use our services, we may collect:

• Email address
• Payment information (processed securely through Stripe — we do not store card data)
• Billing address (if provided)
• Name (if provided during checkout)

1.2 Technical Information

We automatically collect certain technical information:

• IP address used to access our website
• Browser type and version
• Operating system
• Connection timestamps for billing purposes

1.3 Usage Data

We collect minimal usage data strictly for service operation:

• Bandwidth consumption (aggregate data only)
• Connection duration
• Service performance metrics

2. What We DO NOT Collect

3. How We Use Your Information

We use the collected information for:

• Providing and maintaining our proxy services
• Processing payments and preventing fraud
• Sending important service updates and notifications
• Responding to your support requests
• Complying with Czech and EU legal obligations
• Improving our services and user experience

4. Legal Basis for Processing (GDPR)

Under GDPR and Czech Act No. 110/2019 Coll., we process your personal data based on:

• Contract Performance (Art. 6(1)(b) GDPR): To provide the proxy services you have purchased
• Legal Obligation (Art. 6(1)(c) GDPR): To comply with applicable Czech and EU laws and regulations
• Legitimate Interests (Art. 6(1)(f) GDPR): To improve our services and prevent fraud
• Consent (Art. 6(1)(a) GDPR): For marketing communications (which you can opt out of at any time)

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Payment Processors: Stripe processes payments securely on our behalf under their own GDPR-compliant privacy policy
• Legal Requirements: When required by Czech or EU law, court order, or legal process
• Service Providers: Trusted third parties who assist in operating our website and services, bound by confidentiality and data processing agreements

6. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

• Right to Access (Art. 15): Request a copy of your personal data
• Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data
• Right to Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten")
• Right to Restriction (Art. 18): Request restriction of processing your data
• Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
• Right to Object (Art. 21): Object to processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at privacy@sfproxy.org or by phone at +420 739 158 374. We will respond within 30 days as required by GDPR.

7. Data Security

We implement industry-standard security measures to protect your data:

• SSL/TLS encryption for all data transmission
• Encrypted storage of sensitive information
• Regular security audits
• Access controls and authentication mechanisms
• Minimal data collection principle (data minimisation per Art. 5 GDPR)

8. Data Retention

We retain your personal information only for as long as necessary:

• Account and service data: Duration of your active subscription plus 30 days
• Billing records: 5 years, as required by Czech accounting law (Act No. 563/1991 Coll.)
• Support communications: 2 years
• Marketing consent records: Until you withdraw consent

9. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission and adequacy decisions for transfers to countries with equivalent data protection standards.

10. Cookies and Tracking

We use only essential session cookies necessary for our website to function (e.g., shopping cart state). We do not use tracking cookies or third-party analytics services without your explicit consent. You can manage cookie preferences through your browser settings.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have collected information from a child, please contact us immediately at privacy@sfproxy.org.

12. Supervisory Authority

As a Czech-registered business, our supervisory authority is the Office for Personal Data Protection (Úřad pro ochranu osobních údajů — UOOU). If you are located in the EEA and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with the UOOU or your local data protection authority:

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through a prominent notice on our website. Your continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Information

For questions about this Privacy Policy or to exercise your rights, contact us: