This Privacy Policy (“Privacy Policy”) governs the manner in which we process information collected from our users ("you", "your" or "user") in connection with the access to or use of our Urban Shield browser extension (“Extension”).
This Privacy Policy explains what information we may collect, how such information may be used or shared with others, how we safeguard it and how you may exercise your rights related to their Personal Data (as such term is defined below), among others, and where applicable, as required according to the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
In the event you are a California resident and the CCPA apply to you – please review our CCPA Privacy Notice.

THE HIGHLIGHTS
• You are not required by law to provide us with any Personal Data. Sharing Personal Data with us is entirely voluntary. Some of our Services however, may depend on providing us with certain Personal Data, as specified below.
• In general we use Personal Data (1) where we have a legitimate interest to do so (for example for website’s security purposes); (2) in order to perform a contract (for example, to provide you with the Services); (3) where there is a legal obligation imposed on us or to protect our legal rights; and (4) otherwise with your consent to do so.
• Children under the age of 16 are not permitted to use the Services or provide us with any Personal Data.
• You may be entitled under applicable law to request to review, amend, erase or restrict the processing of your Personal Data, all as detailed under this Privacy Policy.
• We do not sell, trade, or rent users’ Personal Data to third parties. We only share Personal Data for limited circumstances as specified herein.
If you have any questions or requests regarding the processing of your Personal Data, or would otherwise like to contact us in connection with this Policy, please send us an email to: privacy@urban-vpn.com

1. Amendments
Except as otherwise described herein, we may at our sole discretion and at any time amend the terms of this Privacy Policy. Such changes shall be effective upon publication of the amended terms in this Privacy Policy. Your continued use of the Services, following the amendment of the Privacy Policy, constitutes your acknowledgement and consent of such amendments to the Privacy Policy. In the event of a material change we will make a reasonable effort to provide a notification of such change. We recommend that you periodically review this Privacy Policy, as it may be subject to amendments from time to time.

2. Data we collect and purpose of use
The first type of information we collect is aggregated, non-identifiable, non-personal information, which may be made available or gathered via the user's use of the Service (“Non-Personal Data”). We are not aware of the identity of the user from which the Non-Personal Data was collected.
The second type of information is individually identifiable information, namely information that identifies an individual or entity or may with reasonable effort identify an individual (“Personal Data”).
The table below details the data collected by us, how it is used, and out legal basis for data processing. Note that, under the GDPR we are considered of the Data Controller of the data we collect.
What type of data we collect?
1. Online Identifiers
>>How do we use it?
When you use our Service, we will collect certain Online Identifiers such as Agent Id, UDID, and your IP address.
>>For EU Individuals Legal Basis under the GDPR
We will use your IP address in order to provide the VPN Services as well as in order to extract the approximate geographical location (i.e., country).
Not that, we use MaxMind’s services for the purpose detailed above, which its privacy policy is available here.
In addition, we will use other Online Identifiers to provide, enable and enhance operation of our Services and of our website.
Performance of a contract and necessity of processing for the purposes of our legitimate interests.
2. Web Browsing Data
>>How do we use it?
We collect the URLs of visited websites as well as search queries (meaning in the event the navigation event occurred on the page of a search engine, the value of a URL’s query parameter responsible for a search term involved into the searching context) and blocked ads. Note that, in most cases the data detailed above is aggregated Non-Personal Data, however, sometimes Web Browsing Data contains terms that could be considered as Personal Data. This data is deleted a short period following collection.
>>For EU Individuals Legal Basis under the GDPR
We will use this data for the purpose of operating and providing our Adblocking Services, for example, in order to define if the blocked element is an advertisement item, as well as to improve ads detection rate through different URLs.
Performance of a contract and necessity of processing for the purposes of our legitimate interests.
3. Technical Data
>>How do we use it?
When you use the Service, we will collect Non-Personal Data, such as technical information automatically transmitted by the user's device (for example, type of browser, the type of operating system, access time and date, approximate geographical location, etc.).
>>For EU Individuals Legal Basis under the GDPR
We use this data solely to provide and enhance our Services and to enable operation of the Services.
Performance of a contract and necessity of processing for the purposes of our legitimate interests.

3. How we collect your information?
We collect the above data from you, in the following ways:
• Automatically, Non-Personal Data may be automatically transmitted by the user's device. When furthermore, when using our Service, we may assign your device with a Java Script code, to collect the data detailed in the table above.
• When you voluntarily choose to provide us with information, e.g., when you contact us.

Whenever technically possible and required under applicable law, we will ask for your consent to collect your Personal Data and offer you the choice to opt-out.

4. With whom do we share information?
We do not sell, trade, or rent users' Personal Data to other parties. We may share information solely in the following events: 
• We will share your information, solely to the extent needed to comply with any applicable law or regulation (including our policies and agreements), solely to the extent needed to establish or exercise our rights to defend against legal claims or to prevent harm to the rights, property or safety of us, our users, yourself or any third party or for the purpose of collaborating with law enforcement agencies or in case we find it necessary in order to enforce intellectual property or other legal rights.
• We may share your information, in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy.
• We may share Personal Data with our trusted service providers only to the extent required to fulfill the purposes of providing our Services.


5. Data retention
Data Sets
* Online Identifiers
>>Retention Period
IPs collected for location purposes are deleted immediately following to the completion of use (not stored).
* Web Browsing Data
>>Retention Period
Anonymized immediately when data received
* Technical Information
>>Retention Period
For as long as needed to perform the Services.

Notwithstanding the above, in some circumstances we may retain the information we collect for longer periods, for example, when we are required to do so in accordance with legal, tax and accounting requirements. In addition, we may also retain your Personal Data for longer periods if we reasonably believe, at our discretion, that we need to obtain an accurate record of your correspondence or any dealing with us, for example, in the event of any complaints, all, in compliance with applicable laws.

6. User rights
Data protection and privacy laws provide you with the ability to exercise some rights regarding your Personal Data that we hold (which might be different in each jurisdiction) such as; right to access your Personal Data; right of rectification; the right to erasure of your Personal Data; right to restrict processing of your Personal Data; the right to object to processing of your Personal Data; data portability; the right to file a complaint to a supervisory authority (in the event you are EEA resident); and, the right to withdraw consent. For more information, please review our User Rights Overview.
If you wish to exercise any or all of the above rights, please fill out the Data Subject Request Form (“DSR”) form available here, and send it to our Data Protection Officer at: privacy@urban-vpn.com and let us know that you wish to exercise your right of access and specify what Personal Data you would like to receive.
Where we are not able to provide you with the information for which you have asked, we will endeavor to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisor authority. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law. In addition, the process of locating and deleting the data may take up to one (1) month (following the receipt of the validation proof we require) in accordance with applicable law.
Data privacy and related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.

7. Data security
Your privacy is very important to us and therefore we use security techniques to prevent your information from being accessed without authorization, improperly used or disclosed, unlawfully destructed or accidental loss, as detailed in our Information Security Policy. If you believe that your privacy was treated not in accordance with this Privacy Policy, or you have reasonable concern with that any person attempted to abuse our Service, please contact us at: privacy@urban-vpn.com.
Further, in the event of a security incident, in which we discover your Personal Data may be at risk, we will take reasonable efforts to notify you and the applicable authority (if required, subject to applicable laws).

8. Children information
You represent and warrant that you are (i) at least sixteen (16) years of age if you are located in the EEA; or (ii) if you are located in any other GEO you are above the age defined as “child” under applicable laws in your jurisdiction (collectively “Child” or “Children”). If you are under 18, please be sure to read the terms of this Privacy Policy with your parents or legal guardians. The Services are not directed or intended for Children, as defined under applicable law, and we do not knowingly collect or solicit information from children. If we later obtain actual knowledge that a user is considered as a Child under applicable law, we will take steps to immediately delete its Personal Data. We request that such individuals do not provide Personal Data through the Services.
If you become aware or have any reason to believe that a Child has shared any information with us, please contact us (as detailed below) and we will take reasonable steps to ensure that such information is immediately deleted from our files.

9. Transfer of data
We may process or store Personal Data within the EEA, US, and internationally, therefore you hereby accept and agree that by accessing and using our Services from outside the United States, your information may be transferred to, stored, and processed in the United States. If you are a resident of the European Economic Area ("EEA") we will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer outside of the EEA.

10. Do Not Track Disclosure
Our Service does not respond to Do Not Track signals. For more information about Do Not Track signals, please see: http://www.allaboutdnt.com/.

11. Contacting us
If you have any comments or questions about this Privacy Policy, please contact us at:
Urban Cyber Security Inc.
501 Fifth Avenue, New York, NY, 10036.
You can also contact our privacy team at: privacy@urban-vpn.com.