Privacy Policy

This document (“Privacy Policy”) explains the privacy rules applicable to personal data and other information collected or submitted when you access, install, or use Farsi VPN and Websites regardless of the device (computer, mobile phone, tablet, etc.) you use.

By visiting our Website, by submitting your personal data to us, and by accessing, installing and/or using our Services, you confirm that you have read this Privacy Policy and agree to be bound by this Privacy Policy. If you do not agree with this Privacy Policy or any provisions hereof, please do not use our Services and Website.

Additional information on your personal data may also be indicated in contractual terms, supplemental privacy statements, or notices.

1. PROCESSING OF YOUR PERSONAL DATA

Farsi VPN processes personal data to a limited scope to provide Services, process payments for the Services, and enable the functioning of our Websites and mobile applications. We may process the following categories of personal data:

Information for creating your Account

  • Email address. We ask for your email address as part of your registration. It is necessary for the creation of your Farsi VPN Account, retrieving a lost password, and using the Services.

Subscription information

  • Subscription data. When you subscribe to our Services we process certain subscription information (e.g., your email address, the subscription plan you have chosen, subscription term, subscription ID, subscription frequency, amount, currency, status, auto-renewal status, information about enabled/disabled features such as multi-factor authentication (MFA), etc.).

Payment related information (if using paid Services)

  • Payment data. This information is necessary to collect payments for the Services. Our payment processing partners process basic billing information for payment processing and refund requests (e.g., date of purchase, payer’s IP address, postal (ZIP) code, credit card owner's full name and credit card information). We also process some of such billing information ourselves (e. g., date of purchase, credit card owner's full name, part of your credit card number, its expiration date) in cases of recurring payments or when you provide your payment details directly to us.
  • Country details. When making a purchase we process information on the user’s country the purchase takes place from. This information is necessary for VAT calculation purposes.
  • Information for payment fraud prevention. To prevent fraudulent payments for the Services, your personal data (such as payer's email address and device information) can be verified by our and/or our payment processing partners fraud management tools. A payment transaction that is considered high risk may be rejected by us.
  • Information concerning zero authorization for billing. The purpose of the zero authorization is to confirm that your payment method is still valid, which, respectively, leads to a seamless continuation of your Subscription. No personally identifiable information is collected in this case, apart from the fact that your provided payment method is still valid (or not) and the date of such authorization.

Communication data

  • Email address. We use your email address to: i) send you important updates and announcements related to your use of the Services and Websites; ii) respond to your requests or inquiries; iii) send you offers, surveys, and other marketing content (you can opt-out of those at any time).
  • Customer support inquiries. We keep the information that you provide to our customer support team that was necessary to resolve the query. Depending on what information is necessary, it can consist of, but not limited to: payment information for customer verification processes, your country name, information of your OS, local application logs, etc.
  • Communication optimization data. We use various tools to help us optimize our emailing campaigns. These tools may track actions you perform with an email, such as open it or unsubscribe from further communication. We may also be able to see the user device’s operating system (e.g., Windows, Mac, iOS, Android) and country in order to optimize push and email notifications and automatically set the language.
  • Information collected on our applications and Websites
  • Access logs. As most websites on the internet, our Websites collect access logs (such as IP address, browser type, operating system) to operate our Services and ensure their secure, reliable, and robust performance. This information is also essential for fighting against DDoS attacks, scanning, and similar hacking attempts.
  • Cookies. Cookies, pixels, and other similar technologies are usually small text or image files that are placed on your device when you visit our Websites. Some cookies are essential for our Websites to operate smoothly; others are used to improve Websites’ functionality, analyze aggregated usage statistics to improve Websites’ performance, and for advertising. We also use affiliate cookies to identify the customers referred to our Websites by our partners so that we can grant the referrers their commission..

Referrals data

  • Information for participating in referral programs. Participation in referral programs maintained by Farsi VPN requires referrers to submit personal data (e.g., full name, e-mail address, phone number, relationship with the referred party) about themselves and a referred party so that Farsi VPN could i) reach out to the referred party; ii) contact referrers with regards to their participation in referral programs and/or provision of rewards. It is the referrer's responsibility to abide by applicable privacy laws when disclosing third parties’ personal data to Farsi VPN, including informing third parties that they are providing referred parties’ personal data to Farsi VPN and how it will be used and processed. Referred parties may unsubscribe from any future communication at any time. If you believe that one of your contacts has provided us with your personal data and you would like it to be removed from our database, please contact us.

Social networks data

  • Account data. For the purpose of managing and administering our profiles on social networks (e.g., “Facebook”, “Instagram”, “Twitter”, “LinkedIn”, “YouTube” accounts), we may collect and process your personal data (e.g., full name, social network profile name, pictures, and/or public comments) you provided voluntarily.

2. GROUNDS FOR PROCESSING OF PERSONAL DATA

Your personal data is processed:

  • Where it is necessary to fulfill our contract with you at your request. Such cases include: i) to provide access to our Services; ii) to process your purchase transactions; iii) to ensure the secure, reliable, and robust performance of our Services and Websites.

  • When we have a legal obligation to process certain personal data collected from you (e.g., to keep and process records for tax purposes and accounting).

  • Where you have provided your consent to us. Such cases may include: i) to send marketing communication (unless applicable law permits us to contact you without your prior consent); ii) to communicate with you and manage your participation in Farsi VPN’s contests, offers, referrals, or promotions. Please note that although Farsi VPN may also process your personal data for marketing purposes when applicable law permits us to contact you without your separate consent, if you choose not to receive marketing communication from us (i.e., if you opt-out), we will honor your request.

  • We sometimes may process your personal data under the legal basis of our or third parties’ legitimate interest. Such cases include: i) to properly administer business communication with you; ii) to detect, prevent, or otherwise address fraud, abuse, security, or technical issues with our Services and Websites; iii) to protect against harm to the rights, property, and safety of Farsi VPN, our users, or third parties; iv) to improve or maintain our Services and provide new products and features; v) to receive knowledge of how our Websites and applications are being used (crash reports, app store reviews, information about the channel from which our app was downloaded, etc.).

3. SHARING YOUR PERSONAL DATA

We do not share your personal data with third parties except as described in this Privacy Policy.

Service providers. We use third-party service providers to help us with various operations, such as payment processing, email automation, Websites and app diagnostics, analytics, and other. As a result, some of these service providers may process personal data.

Farsi VPN partners. Sometimes our partners, for example, distributors, resellers, and app store partners, will be independent data controllers of your personal data. In such cases, the procedures established by them (e.g., terms of service and privacy policies) will apply to such relationships. In other cases we may collaborate with partners as joint controllers meaning that we jointly define the purpose and means of data processing with them. Both joint controllers are then responsible for the data processing and its compliance with applicable privacy laws.

We also partner with third parties to display advertising on our Websites or to manage our advertising on other sites. These partners help us deliver more relevant ads and promotional messages to you, which may include behavioral, contextual, and generic advertising. We and our advertising partners may process certain personal data to help us understand your preferences so that we can deliver advertisements that are more relevant to you.

Your personal data may be processed in any country in which we engage service providers and partners. When you use our Services and Websites, you understand and acknowledge that your personal data may be transferred outside of the country where you reside.

4. CHOICES RELATED TO YOUR PERSONAL DATA

Please note that there are various data protection laws across different jurisdictions that provide privacy rights to you as a data subject. Subject to those applicable data protection laws, among others, you may have the following rights:

  • Delete: request us to erase your personal data;

  • Access: know and access personal data Farsi VPN has collected about you;

  • Rectify: rectify, correct, update, or complement inaccurate/incomplete personal data Farsi VPN has about you;

  • Object: object to the processing of your personal data which is done on the basis of our legitimate interests (e.g., for marketing purposes);

  • Portability: request us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format or to transmit (if technically feasible) your personal data to another controller (only where our processing is based on your consent and carried out by automated means);

  • Restrict: restrict the processing of your personal data (when there is a legal basis for that);

  • Withdraw consent: withdraw your consent where processing is based on a consent you have previously provided;

  • Lodge a complaint: exercise your rights by contacting us directly or, if all else fails, by lodging a complaint with a supervisory authority.

Please note that you will need to pass through the Account verification process so that we can verify you are the owner of the Account before taking further action on your request.

You can control the use of cookies at the individual browser level on your device. To disable cookies, follow your browser’s instructions on how to block or clear cookies.

If you do not agree with the processing of your personal data by Farsi VPN, please do not use our Services and Websites. You can request us to discontinue processing your personal data, in which case your data will be processed only as much as it is necessary to effect the discontinuation of your use of the Services (e.g., final settlement or deleting all personal data based on your email address), or finalizing other Farsi VPN’s legal relationship with you (e.g., record keeping, accounting, processing refunds). Please note that we or our third-party service providers may be obliged to retain your certain personal data as required by law.

To raise any other questions, concerns, or complaints about our privacy practices or about our processing of your personal data, please contact us as provided below (Section “Contact Us”).

5. DATA SECURITY

We maintain tight controls over the personal data we collect. Our dedicated IT security team has implemented appropriate physical, technical, and organizational measures to protect information about you against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure, or access and against all other unlawful forms of processing:

  • Physical Measures. We control access to our facilities with access cards.We also use security alarm systems and CCTV. We store devices with personal data information only in locked rooms or cabinets. Our printers are protected by access control measures. A clean desk policy is implemented.

  • Technical Measures. We use layered defense with firewalls, anti-malware protection, intrusion detection and prevention systems. Our infrastructure is regularly updated and regular vulnerability scans are in place to detect possible vulnerabilities. We have security event and incident management solutions to correlate and investigate signals in security tools. Servers are hardened and automated configuration tools are used to manage them. All workplaces are managed from a centralized endpoint management tool. Data at rest and in transit are encrypted. Encryption protocols are used according to the newest security practices.

  • Organizational Measures. We adopted information security and data processing policies according to best practices. We have external audits to prove our information security and data processing policies are up to standards. We adopted a constant development culture of security and data protection awareness among our employees (including organizing regular and ongoing training and other awareness activities).. We analyze the threat landscape and attack surface and constantly update our security measures. Access to databases containing personal data is granted on a need-to-know basis.

If we detect something suspicious, we will notify you immediately and guide you through steps to stay better protected. However, no company can guarantee the absolute security of internet communications as no technology is completely bulletproof. By using the Services and Websites, you expressly acknowledge that we cannot guarantee the 100% security of personal data provided to or received by us through the Services and that any information received from you through Websites or our Services is provided at your own responsibility.

6. DATA RETENTION AND DELETION

Farsi VPN will keep your personal data only as long as necessary to provide you with the Services, or for as long as we have another legitimate ground to do so, but not longer than permitted or required by law. Some of more specific data retention terms are provided below:

  • Customer billing information and payment details are kept by Farsi VPN for 10 years from the last payment transaction.

  • Farsi VPN will use your email for marketing communication for 1 year after the end of your Subscription or until you exercise your right to opt-out, whichever comes first.

When we no longer have a legal ground to keep your personal data, it will either be securely disposed of, or de-identified through appropriate anonymization means. Farsi VPN will destroy personal data recorded or stored in the form of electronic files using method(s) that would prevent the recovery of the data.

7. CONTACT US

If you have questions, requests, concerns, or complaints about this Privacy Policy or our personal data processing practices, or you wish to exercise your data subject rights, please contact us via info@farsivpn.com

8. CHILDREN’S DATA

Farsi VPN does not knowingly collect or solicit personal data from anyone under the age of 18. If you are under 18, please do not attempt to send any personal data about yourself to Farsi VPN. If we acknowledge that we have collected and processed personal data from a child under the age of 18, we will delete that data as quickly as possible.

9. OTHER TERMS

Limitation of Liability. To ensure the security of personal data, Farsi VPN employs various technical, physical, and organizational security measures; however, it is your responsibility to exercise caution and reason when using the Services and Websites. You will be personally liable if your use of the Services and Websites violates any third party privacy or any other rights or any applicable laws. Under no circumstances is Farsi VPN liable for the consequences of your unlawful, willful and negligent activities, and any circumstances that may not have been reasonably controlled or foreseen.

Links to other websites. Our Websites may include links to other websites (e.g., social media websites) whose privacy practices may be different from ours. If you access any of those websites via such links and/or submit your personal data to any of those websites, your personal data is processed by the procedures established by them and governed by their privacy policies. We encourage you to carefully read the privacy policy (or other respective privacy notice) of any website you visit.

Prevailing Language. For all purposes, the English language version of the Privacy Policy shall be the original, governing instrument and understanding between you and us. In the event of any conflict between this English language version of the Privacy Policy and any subsequent translation into any other language, the English language version shall govern and control.

Updates to the Privacy Policy. We develop our Services and Websites introducing new features or modifying current ones constantly. Therefore, we may need to amend the Privacy Policy from time to time. If the amendments to the Privacy Policy materially affect the activities of our processing of your personal data, we will notify you in advance of such changes by reasonable means (e.g., notification through the respective applications, our Websites, or via email), and we will always indicate the date of the last update. Unless it is stated by us otherwise, each update of the Privacy Policy comes into force as of the moment when the amended Privacy Policy is published on this Website. You are expected to check this Privacy Policy regularly so that you are familiar with the most current wording of the Privacy Policy. Your continued use of the Services and Websites will be deemed acceptance thereof.