Purple DNS
Legal Policy

Privacy Policy

16min

Privacy Policy

The underlying policy of Purple DNS is that we want you to remain anonymous. We strongly believe in having minimal data retention because we want you to remain anonymous. However, in some situations, we might process your personal data if you, for example, when are making payments by Stripe or are sending an e-mail or reporting a problem. In those cases, we might process your personal data, and the General Data Protection Regulation (“GDPR”) and other data protection laws may apply to the processing. In this policy, we describe how we are processing your personal data as a data controller and how you as an individual can exercise your rights. We only process personal data in accordance with the GDPR and other applicable legislation.

The purpose and legal basis for each processing

Payments

Payment information is processed for the purpose of providing you with the service we offer, paying out refunds, and accounting purposes. The processing of payment data for the first two purposes is based on a legitimate interest where our rights to process the data for such interest overrides your rights to your personal data. Payment information processed for accounting purposes is necessary for the compliance of a legal obligation to which we are subject.

Support and problem report

Processing of e-mails and problem reports via our app is made for the purpose of answering questions, resolving problems, and providing general support to customers. The processing is necessary for the purpose of legitimate interests where such interest overrides your rights to your personal data.

Networks feature

Starting with Blokada 5.7 for Android, the app can recognize the network your device is connected to, and apply configuration specific to it. You will be asked to grant these permissions when activating the feature for the first time: ACCESS_FINE_LOCATION, ACCESS_BACKGROUND_LOCATION, READ_PHONE_STATE. This will make the app read the connected network name. Activating this feature is optional, and you can use other features of the app without granting these permissions.

Categories of personal data

We are processing the following categories of personal data. Blokada can access the personal data below through our payment service providers but that does not necessarily mean that Blokada is storing the data anywhere else than in the service.

Payments

  • Google In-App Purchase
  • Expiry date
  • Last 4 digits of the card
  • Card type
  • Origin Country

Support and problem report

  • Support by email or support.blokada.org 184: your email address and other information which you have written in the email or posted message.
  • Problem reported via the app: activity logs specific to Blokada, IP addresses used when sending the report log. Please refrain from entering any personal data when reporting a problem via the app.

Networks feature

  • Mobile network carrier name
  • WiFi network SSID

How long is the personal data saved?

The periods for which the personal data will be saved are the following

Payment data

Certain payment data must be kept for the statutory retention period described in applicable local laws such as the Swedish Accounting Act (some information must be stored for seven years from the end of the fiscal year). If not required by law or stated above, the data will be stored for no longer than necessary for the purpose. After the statutory retention periods, the data will be permanently deleted.

Support and problem report

After solving a support case or problem report, all related emails and problem reports are archived (removed from the inbox).

Networks feature

Network names are kept locally on the device to match the app configuration. They are never sent outside of your device. This data will stay on your device until you use system preferences to clear the app’s data or uninstall the app.

Third-party recipients

Your personal data will only be shared with third-party suppliers who are performing services on our behalf and for the purposes stated above. The categories of such recipients are e-mail service providers and payment solution suppliers (which are subject to confidentiality).

Is any transfer made to a third country?

No. We only store your personal data within the EU. If a transfer to a third country occurs in exceptional cases, we will ensure that there is a legal basis for such a transfer and provide you with the necessary information.

Automated decision-making

No automated decision-making (including profiling) takes place.

The Rights of Individuals

You have the right, in certain situations, to request us to correct or delete incorrect personal data regarding you and/or limit the processing. You also have the right to request a copy of your personal data and a registry extract. However, we cannot give out payment data since the purpose of the processing of the payment data does not require identification of the data subject and would require disproportionate effort for us to further acquire or process additional information to identify the data subject (article 11 in the GDPR).

The registry extract and the copy of personal data will be provided to the data subject (if the personal data are not subject to Article 11 in the GDPR) without undue delay and in any event within one month of receipt of the request. If the request is particularly complex or if we receive a large number of requests, the period may be extended where necessary. In this event, we will inform the data subject of any such extension within one month of receipt of the request together with the reason for the delay.

Where the legal basis for the processing is based on a weighing of interests you are as a data subject entitled to object at any time to the processing of your data.

If you are displeased with our processing of your data, please contact us or submit a complaint to the supervisory authority (The Swedish Data Protection Authority, www.datainspektionen.se)

If you would like to exercise your rights, please contact [email protected] for more information.

Please note that exercising some rights may limit our ability to provide the support that requires such information, for example issuing a refund or finding a lost account. We are also unable to approve some requests due to legal requirements or the processing of personal data might be based on a legal basis to which the right does not apply.

Data controller contact information

To exercise your rights under the GDPR or if you have any questions regarding our processing of your data, please send your inquiry to the e-mail address above.

Cookie Policy

We are not store Cookie anywhere in the app

This Privacy policy may be updated and, in such case, a new version will be published on













Updated 21 Apr 2023
Did this page help you?