Home/Privacy Policy

Privacy Policy

How we collect, use, and protect personal data at ProxyScrape, and the rights you hold as a data subject under the GDPR.

Last modified on

August 2023

Controller

Thib BV

Jurisdiction

Belgium / EU

Regulation

GDPR (EU) 2016/679

At a glance

The key points, before the long read

Who runs thisThib BV, the Belgian company behind ProxyScrape, acts as the data controller.
What we collectAccount details, technical data via cookies, communications, and proxy connection logs.
Why we collect itTo deliver our services, comply with legal duties, prevent abuse, and (with consent) improve the site.
Your rightsAccess, correction, deletion, portability, restriction, and the right to object or complain.
01

Introduction

General

The website proxyscrape.com (hereinafter the “Website”) and the services are offered by Thib BV (hereinafter “we” and “us”). Any person who visits our Website (hereinafter the “Visitor”) as well as any person who uses our services (hereinafter the “Customer”) almost inevitably discloses certain personal data. These personal data constitute information that allows us to identify you as a natural person, whether or not we actually do so. You are identifiable as soon as it is possible to create a direct or indirect link between one or more personal data and you as a natural person. The Visitor and Customer is also referred to collectively as “you/your” in this Privacy Statement.

When we process your personal data, the General Data Protection Regulation (“GDPR”) and other relevant legal provisions apply. Any reference in this privacy statement to the GDPR is a reference to the Regulation of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). Through this privacy statement, you are informed of the processing activities we may carry out with your personal data.

Through this privacy statement, we want to inform you in a transparent way about the processing activities that we, as data controller (controller), may carry out. In other words, when we decide “why” and “how” personal data should be processed.

What are personal data?

Personal data is defined in the GDPR as “any information relating to an identifiable person who can be identified, directly or indirectly.” Personal data, in simpler terms, is any information about you that allows you to be identified. Personal data includes obvious information, such as your name and contact information, as well as less obvious information, such as identification numbers, electronic location data and other online identifiers.

Changes

We may update this Policy from time to time by posting a new version on our Website. You will find the date of the current version at the top (“Last modified on”). This may be necessary, for example, if the law changes, or if we change things in a way that affects the protection of personal data. If we are in possession of your email address (for example, because you are subscribed to our newsletter/have an account) we are committed to notifying you of any significant changes to our privacy statement via email.

Contact details

Our Website and services are offered and operated by Thib BV. We are registered in Belgium under registration number 0749 716 760 and our registered office is located at Brugstraat 18/101, 2812, Mechelen. You can contact us by mail, to [email protected].

P

Thib BV

proxyscrape.com

Registered office

Brugstraat 18/101, 2812 Mechelen, Belgium

Registration

0749 716 760

Email

[email protected]

Role

Data controller
02

Personal data we process

Information processing

Depending on the capacity in which you visit or use our Website/services, we may collect and process the following personal data. Each card below lists the categories of personal data, processing purposes, legal basis, and retention period.

Categories of personal data of Visitors and Customers

Technical data through cookies

Visitors

Fields

IP address
geographical location
browser type and version
operating system
reference source
duration of visit
page views
navigation paths
timing, frequency and pattern of use

Purpose

The source of the technical data is the use of (non-) essential cookies. The technical data may be processed for the purpose of analysing/improving the use of the Website (non-essential cookies). Besides the use of non-essential cookies, we also use strictly necessary cookies so that the Website can function technically.

Legal basis

Consent obtained through our cookie banner for non-essential cookies.

Retention

See the Cookie Statement on this Website.

Online appointment data

Visitors

Fields

name
e-mail
web conferencing details
meeting link
time and date of meeting

Purpose

You provide us this data (name and e-mail, date and time of the meeting) when you book a meeting with us. This data is processed to facilitate communication and provide you with the necessary details regarding the meeting.

Legal basis

Our legitimate interest in effectively managing and organizing appointments, ensuring a smooth and efficient scheduling process for both parties involved.

Retention

Data will be kept for 1 year.

Communications data

Visitors

Fields

name
e-mail address
metadata of the e-mail

Purpose

The source of communication data is the information you provide to us when you contact us. Communication data may be processed for the purpose of the communication with you and record keeping.

Legal basis

Our legitimate interest, to respond to requests, questions or comments or to contact you for questions of any kind (e.g., when you contact us via e-mail).

Retention

Records will be kept for 1 year after the response.

Newsletter data (direct marketing)

Visitors

Fields

first name
family name
email address

Purpose

The source of newsletter data is the information you provide to us when you subscribe to the newsletter. Newsletter data is processed to send you newsletters of our services. You may unsubscribe at any time by clicking the “unsubscribe” link in the relevant email or by any other action described therein.

Legal basis

For existing Customers: legitimate interest, to send existing Customers information about our own products or services which are similar to the product/service that the Customer has purchased. For non-Customers: consent.

Retention

Your data will be processed until you unsubscribe.

Categories of personal data of Customers

Customer data

Customers

Fields

contact details (e-mail address)
financial data (bank or payment provider details)

Purpose

The source of the customer data is the data the Customer is providing us when using our services. The purpose for processing this kind of data is for customer administration, order management, invoicing, support and dispute management.

Legal basis

Performance of an agreement between the Customer and us.

Retention

Personal data are kept for the duration of the agreement. After termination of the agreement, personal data will be kept for seven years to fulfill the legal obligation (tax obligation).

Account information

Customers

Fields

name
e-mail
password
authenticated IP address for the proxy
API keys
reason why proxy is being used

Purpose

The source of account data is the information you provide when creating your account or making use of our services. The purpose for this processing is to register, provide and manage your account.

Legal basis

Performance of an agreement between the Customer and us.

Retention

The data is kept until you request its erasure.

Proxy data

Customers

Fields

timestamp
source IP
destination domain or IP
website response codes
used proxy
request/response of the proxy
connection duration

Purpose

The source of the proxy data is the information you provide us when connecting to a domain/website through our proxies. The proxy data is being processed in order to process abuse complaints, and if necessary hand it over to investigators.

Legal basis

Our legitimate interest, in maintaining the security and integrity of our services. By analyzing this data, we can effectively investigate and address reported instances of misuse or misconduct, taking necessary actions to mitigate risks.

Retention

This information will be processed for 30 days.

Notwithstanding the above, we may retain your personal data where this would be necessary for the establishment, exercise or defense of legal claims, whether in judicial proceedings or in administrative or extrajudicial proceedings. The legal basis for this processing is our legitimate interests, namely the protection and exercise of our legal rights.

In addition, we may keep (internal) personal data, especially e-mail, of banned Customers who have seriously damaged our trust and do not comply with our rules of conduct described in our terms and conditions. We base this on our legitimate interest: prevention of fraud, crimes and misconduct. The list is kept indefinitely.

03

Processors

A processor is a natural person or legal entity that processes personal data at our request or on our behalf. We may sometimes contract with this party to provide certain products and/or services. In other words: we use processors because it is necessary for the provision of our services. In this case, we will enter into a written agreement with the processor whereby the security of your personal data is guaranteed by the processor. The processor will always act according to our instructions.

We use the following categories of processors:

  • -Companies we have engaged for marketing purposes
  • -Companies we have engaged for ICT-technical support and hosting purposes
  • -Companies we have engaged for administrative purposes (e.g. CRM system)
  • -Companies we have engaged for communication purposes
  • -Companies we have engaged for online appointment purposes
  • -Companies we have engaged for analytical purposes
  • -Companies we have engaged for payment purposes
04

Providing data to third parties

We will not share your personal data with third parties (other than processors) for any purposes, subject to the following exceptions.

In some circumstances, we may be required by law to share certain personal data, including yours, if we are involved in legal proceedings or for compliance with legal obligations, a court order or the instructions of a government agency, to prevent the misuse of our proxies.

05

International transfer (outside EEA)

We may store or transfer some or all of your personal data in countries that are not part of the European Economic Area (the “EEA” consists of all EU member states, plus Norway, Iceland and Liechtenstein). These are known as “third countries” and may have less stringent data protection laws than those in the EEA. This means that we take additional steps to ensure that your personal data is treated as securely and reliably as it is in the EEA.

We will only transfer your personal data to countries that, in the opinion of the European Commission, provide an adequate level of personal data protection. More information is available from the European Commission. If the third country does not provide an adequate level of personal data protection, we will use specific contracts with external third parties approved by the European Commission (also known as Standard Contractual Clauses: SCC) for the transfer of personal data to third countries. The SCCs guarantee the same level of protection of personal data as would apply under the GDPR. In addition, additional measures are taken to protect your data from unauthorized access. More information is available from the European Commission.

06

Your rights

Some rights are complex and not all details are included here. Therefore, please read the relevant provisions and guidelines of supervisory authorities for a full explanation of these rights. You may exercise your rights with respect to your personal data by notifying us in writing at [email protected]. We will respond to your request within one month of receiving your request. We normally aim to provide a full response within that time. However, in some cases, especially if your request is more complex, more time may be required, up to a maximum of three months from the date we receive your request. You will be kept fully informed of progress.

R-01

The right of access

You have the right to confirm whether or not we process your personal data and, where we do, to access the personal data, along with certain additional information. The first copy will be provided free of charge; additional copies may be provided for a reasonable fee.

R-02

The right of rectification

You have the right to have inaccurate personal data about you corrected and, taking into account the purposes of processing, to have incomplete personal data about you completed.

R-03

The right to erasure

In some circumstances, you have the right to have your personal data erased without undue delay, including where data is no longer necessary, consent is withdrawn, you object under applicable GDPR rules, processing is for direct marketing, or data was processed unlawfully.

R-04

The right to restrict processing

You may restrict processing when you dispute accuracy, processing is unlawful but you oppose erasure, we no longer need the data but you need it for legal claims, or you have objected pending verification.

R-05

The right to object to processing

You may object to processing based on legitimate interests, to direct marketing (including profiling), and to scientific or historical research or statistical processing for reasons related to your particular situation.

R-06

The right to data portability

Where processing is based on consent, contract, or is automated, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, unless this would interfere with the rights and freedoms of others.

R-07

The right to file a complaint

If you believe our processing violates the GDPR, you may lodge a complaint with a supervisory authority. In Belgium, this is the Data Protection Authority (GBA).

R-08

The right to withdraw your consent

Where processing is based on consent, you may withdraw that consent at any time. Revocation does not affect the lawfulness of processing prior to the revocation.

The right to erasure (“right to be forgotten”)

In some circumstances, you have the right to have your personal data erased without undue delay. These circumstances include:

  • -The personal data are no longer necessary in connection with the purposes for which they were collected or otherwise processed
  • -You withdraw your consent to processing based on consent
  • -You object to processing under certain rules of applicable data protection law (the GDPR)
  • -The processing is for direct marketing purposes
  • -The personal data were processed unlawfully
  • -The personal data were collected in the case of a direct offer of services to a child and the processing is thereby based on consent
  • -Personal data must be deleted to comply with a legal obligation incumbent upon us

However, there are exclusions to the right to erase data. The general exclusions include where processing is necessary:

  • -For the exercise of the right to freedom of expression and information
  • -For compliance with a legal obligation imposed on us
  • -For the establishment, exercise or defense of legal claims
  • -For archiving in the public interest, scientific or historical research or statistical purposes
  • -For public health reasons

The right to restrict processing

In some circumstances, you have the right to restrict the processing of your personal data. These circumstances are: you dispute the accuracy of the personal data; the processing is unlawful, but you oppose erasure; we no longer need the personal data for our processing, but you need personal data for the establishment, exercise or defense of legal claims; and you have objected to the processing, pending verification of that objection. If processing is restricted on this basis, we may continue to store your personal data. However, we will only process them otherwise: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for important reasons of public interest.

The right to object to processing

You have the right to object to our processing of your personal data for reasons relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for the purposes of legitimate interests pursued by us or by a third party. If you raise such an objection, we will stop processing the personal data unless we can demonstrate that there are compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or that the processing is for the establishment, exercise or defense of legal claims. In addition, you have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you object, we will stop processing your personal data for this purpose. Furthermore, you have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes for reasons related to your particular situation, unless the processing is necessary for the performance of a task carried out in the public interest.

The right to data portability

To the extent that the legal basis for our processing of your personal data is based on: (a) consent; (b) the processing is necessary for the performance of a contract to which you are a party, or to take action at your request before entering into a contract; or (c) such processing shall be automated, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply when it would interfere with the rights and freedoms of others.

The right to file a complaint with a supervisory authority

If you believe that our processing of your personal data violates the General Data Protection Regulation (GDPR), you have the right to lodge a complaint with a supervisory authority responsible for data protection. In Belgium, the supervisory authority is the Data Protection Authority (GBA). Data subjects from other Member States have the right to complain to their own national supervisory authority. For an overview of the contact details of these authorities, visit the EDPB website.

Data Protection Authority (GBA)

Belgium

Address
Press Street 35, 1000 Brussels
Phone
+32 (0)2 274 48 00
Email
[email protected]
Website
https://www.gegevensbeschermingsautoriteit.be

The right to withdraw your consent

Insofar as the legal basis for our processing of your personal data is consent, you have the right to withdraw this consent at any time. Revocation does not affect the lawfulness of the processing prior to the revocation.

07

Questions about your data

For any questions about how we process your personal data, or to exercise your rights under the GDPR, contact us at [email protected].

Questions about your data?

Reach us at [email protected] to exercise any of your rights.

Contact us