The following information applies to the collection, processing and use of personal data in connection with our services, as but not limited to, the GreenGuard extension, GreenGuardBrowser and on our websites.
General notes
What is personal data?
-What is the purpose of data processing and what is the legal basis?
-Do we disclose any personal data?
-What rights do you have?
-Changes to this Privacy Policy
-Collection and processing in our products, website and user support
Your protection and data confidentiality is of utmost importance to us ("GreenGuard", "we", "our"). We take the protection of your personal data very seriously and collect as little data as possible. Nevertheless, collecting data helps our products and websites function correctly, and allows us to communicate with you. Our general privacy policy is to avoid collecting more data than necessary. Collected data is anonymized, if possible, and deleted when no longer needed. This privacy policy shall inform you about the collection, processing and use of your personal data. We gather and use personal data firmly within the provisions of the European General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR"), the applicable EU Laws and Dutch national data protection laws. In the following text we will inform you about the specific data, the scope and the purpose of the collection and use of personal data by GreenGuard when using our products and visiting our websites.
The purpose of data protection is to protect personal data. Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
This information includes, for example, details such as name and email address, but also nicknames and information in your forum posts.
In compliance with Art. 5 (b) GDPR, we collect and process your personal data for specified, explicit and legitimate purposes and do not further process your data in a manner that is incompatible with those purposes.
We collect and process your personal data solely for the following purposes:
1. We collect and process your personal data, such as website logs and data relating to subscription downloads, extension update checks (such data is collected and processed by Google, see Google Privacy Policy), emergency notifications and Issue Reporter data sent by you, for technical purposes. We mainly collect and process such data to prevent security attacks and are thus able to provide our services to you in a secure and data-efficient manner.
2. We collect and process your personal data relating to subscription downloads, extension updates, emergency downloads, and Issue Reporter data sent to us by you to improve and evaluate our products.
3. We send emergency notifications in order to inform you about urgent issues in connection with our products.
4. We collect and process the data you have provided us with in our blog and forum in order to communicate with you and / or to assist you.
5. We collect data in connection with donations you have made to support us for accounting purposes.
We collect and process your personal data in compliance with the GDPR and the applicable EU laws and Dutch national data protection laws.
We will always ask for your consent to collect and process your personal data for the aforementioned specific purposes, unless the collection and processing of your personal data is permitted by statutory laws. Where you have provided us with your consent to the collection and processing of your personal data for the aforementioned specific purposes, you have the right to withdraw your consent at any time.
The collection and processing of your personal data may be necessary for the performance of a contract to which you may be a party. Prior to entering into such a contract, the collection and processing of your personal data may also be necessary in order to take steps at your request. This applies for installation (data gathered by the browser and / or app store) and the use of our products.
Collection and processing of your personal data may be necessary for compliance with a legal obligation to which we are subject under EU laws or the laws of an EU Member State.
The collection and processing of your personal data may be necessary for the purposes of our legitimate interests. We collect and process website logs for technical reasons, such as, but not limited to, preventing denial of service attacks. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. Preventing such overloads of our systems and any security issues by denial of service attacks is in your and our vital interest and therefore we use the website logs. We use information collected and processed via subscription downloads, extension update checks, emergency notifications and feedback data sent by you, for technical reasons, such as, but not limited to, ensuring the security of the extension version used by you. Ensuring the security of our extension is in your and our vital interest and therefore we use such data. Furthermore, we collect and process such data to ensure that our website and extension are constantly improved and adjusted to the changing requirements for an efficient usability and the technical environment. In addition, we collect personal data to remember your privacy settings and/or to keep you logged in. Ensuring the usability of our websites and of our products is in your and our vital interest and therefore we use such data.
To build and improve upon products and features more efficiently, we share personal data, in compliance with GDPR, within the context of a joint controllership with partners. This does not affect how we process personal data as outlined in this privacy policy or how you can exercise your data subject's rights towards us. You can always contact us with questions or feedback about our privacy policy and can receive the essence of the arrangement between us and our partners via e-mail to info@greenguard.me.
We may only transfer your personal data to third parties without informing you separately beforehand in the following exceptional cases as explained below:
We will not transfer your personal data to third parties as a matter of course without letting you know in advance. We will ask for your prior permission unless the transfer of such data is permitted by GDPR or any other applicable EU laws and Dutch national data protection laws.
For the following services, we use non-EU/EEA service providers. We have carefully selected these external service providers and review them regularly to ensure that your privacy is preserved. The service providers provide sufficient guarantees to ensure an adequate level of data protection and may only use personal data for the purposes stipulated by us and in accordance with our instructions. We also contractually require the service providers to treat your personal data solely in accordance with this Privacy Policy and the European data protection laws:
We use external service provider tools for email (GSuite); for non-EU/EEA users only to analyze your use of our Websites for non-EU/EEA users only for A/B testing based on the analytics data and for crash reports and event tracking in our mobile products. These services are provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In order to ensure an adequate level of data protection, we have entered into a data processing agreement including the EU Standard Contractual Clauses (processors) -- Commission Decision C(2010)593. You can access a copy of this agreement here.
We may store data on servers in countries outside the European Union, but only provided that an adequate level of protection is guaranteed and recognized by a specific adequacy decision of the European Commission (pursuant to Art. 45 GDPR). You can access the list of countries that the European Commission has recognized as providing adequate protection here.
In compliance with the GDPR and the applicable EU laws and Dutch national data protection laws and to the extent legally permitted, you have the following rights to protect your personal data collected and processed by us:
Naturally you have the right to receive, upon request, information about the personal data stored by us about you and information about how we collect, process and store your personal data. Where that is the case, you have the right to gain access to such personal data stored by us. You have the right to request from us the rectification of your inaccurate personal data. Taking into account the purposes of collecting and processing your data, you have the right to have incomplete personal data completed. You have the right to request restriction of processing.
You also have the right (1) to receive all personal data concerning you and which you have provided to us, in a structured, commonly used and machine-readable format and (2) to transmit that data to another controller.
You have the right to demand from us the erasure of your personal data, where -- inter alia -- one of the following grounds applies:
Please note, if data needs to be retained for legal purposes pursuant to Art. 17 (3) GDPR, we will restrict the use of the respective data.
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the collection and processing of personal data relating to you infringes the GDPR.
You have the right to object at any time to the collection and processing of your personal data on grounds relating to your particular situation, when collection and processing is based on our legitimate interest (Art. 6 (1) f GDPR).
You have the right to withdraw your consent at any time, when you have provided us with your consent to the collection and processing of your personal data for one or more specific purposes.
To exercise your rights, please contact us via email.
When you use the GreenGuard browser extension, we collect and process the following data:
Your browser periodically checks for updates of all your extensions, including GreenGuard. Some general information - browser version, extension version, operating system, date of last update and your IP address - are transmitted during an update check. After a successful update, a website may be automatically opened. Data stored on this website includes your IP address (solely for the purpose of IT security and only accessible by GreenGuard's IT Security team), the time at which the request was made, the web address accessed, the browser identifier and the referring page. This data (IP address only aggregated via hashing with a daily changing salt) is used to generate usage statistics as well as to investigate potential security issues and forum or blog spam. Detailed logs are retained for a period of 30 days, after which only the aggregated usage statistics that cannot be connected to a single user remain. Everything else is deleted.
Updates for GreenGuard for Android and Internet Explorer are handled by the GreenGuard website and the data transmitted is subject to the GreenGuard Privacy Policy. Updates to GreenGuard for Firefox are handled by the Mozilla website and are subject to the Mozilla's Privacy Policy. Updates to GreenGuard for Chrome are handled by the Google Web Store website and are subject to the Google Privacy Policy. Updates to GreenGuard for Opera are handled by the Opera Add-ons website and are subject to the Opera Privacy Policy. Updates to GreenGuard for Safari are handled by the Safari Extensions website and are subject to the Apple Privacy Policy.
GreenGuard allows you to send issue
reports that will be temporarily stored on the GreenGuard.me website. These
reports contain information required to investigate the issue including the GreenGuard
version, browser version, browser build number, if any, URL of referred page,
if any, URL of page that opened the given webpage, address of the webpage where
the problem is visible, blockable items on the webpage, matching filters, active
subscriptions, type of issue report (i.e. false positive or false negative),
and a screenshot of the issue (it is possible to remove particularly sensitive
sections of the page before the report is sent). Parameter values are removed
from all transmitted addresses to avoid unintentionally leaking private
information.
You can voluntarily:
The processed reports can only be accessed by an individual who knows their unique ID. These IDs are only shared with:
1. Certain members of GreenGuard's filter list team. GreenGuard will use the reports for troubleshooting and support monitoring purposes only.
Emergency notification
GreenGuard contains an emergency
notification mechanism that allows it to notify users about important issues
affecting their GreenGuard installation. This feature requires all GreenGuard
installations to query an address in the Greenguard.me domain regularly to
retrieve the list of active notifications. This request makes your IP address
visible to the website and also sends some general information like your GreenGuard
version, browser, browser version and the number of previous GreenGuard
downloads (the download number is limited to four, and will be displayed as 4+
after reaching this number). This data allows serving different notifications
to different clients and is subject to this Privacy Policy.
GreenGuard may make further requests to Greenguard.me
as required. For example, a documentation link is clicked or the full list of
filter subscriptions needs to be downloaded. These requests are subject to this Privacy Policy.
When uninstalling GreenGuard for desktop and/or donating to us, you will be referred to an uninstallation and/or donation webpage where the following information is automatically collected: Language of your browser, extension name and version, browser type and version, operating system and version, number of notification downloads, information whether the local storage of the extension configuration is corrupted, version parameter of filter lists, and whether any filter subscriptions have been enabled or disabled at the time of uninstallation. On a voluntary basis, you can provide us with your reason why you have uninstalled GreenGuard. We need this information to improve our products.
Data related to subscription downloads, extension update checks, emergency notifications, Issue Reporter data (as well as the full reports and their associated data), and data in connection with uninstallations and donations are automatically removed after 30 days. Only a subset of the data will be kept longer. This includes only the country code of users filing an issue (extracted from the IP address) for analytic purposes, which is stored separately from the full reports and cannot be connected to an individual after deletion of the full reports. Donation report data is stored for a period of 10 years in accordance with the Dutch tax law requirements.
GreenGuard stores some data in the Firefox profile on your computer. GreenGuard never transmits this data to any servers, but other extensions and services, such as Firefox Sync, may do so. Most of the data (your preferences, filter subscriptions and custom filters) is unobjectionable privacy-wise. However, filter hit statistics and recent issue reports could be used to reconstruct your browsing history. GreenGuard treats this information identically to how history data is treated by the browser; this data isn't stored if you are using private browsing mode and is removed if you choose to clear your browsing history.
When using our websites, as Greenguard.me
(Website), we automatically collect the following data in order to provide you
with our services, and for security reasons:
All requests to our Websites are recorded in the website logs. Data stored includes your IP address (solely for the purpose of IT security and only accessible by GreenGuard's IT Security team), the time at which the request was made, the web address accessed, the browser identifier and the referring page. This data (IP address only aggregated via hashing with a daily changing salt) is used to generate usage statistics as well as to investigate potential security issues and forum or blog spam. Detailed logs are retained for a period of 30 days, after which only the aggregated usage statistics that cannot be connected to a single user remain. Everything else is deleted.
The request to our Websites, including your IP address, is stored when you create a forum post, submit a contact form, or add a blog comment. This allows administrators to effectively address spam content and security breaches. All stored requests are deleted after 30 days.
We use cookies to recognize signed-in users or to store your privacy preferences. Cookies are small files that are stored on your computer with the help of your internet browser. The cookies are necessary to provide you with our services, are not evaluated in any other manner, and are never used to track Website visitors. If you do not want to enable cookies, you can opt against using them by selecting the appropriate settings on your browser. Please note that the efficiency and range of GreenGuard's services may be restricted as a result.
We use Google Analytics, a web analytics service from Google Inc. ("Google"), on our Websites. Google Analytics uses so-called "cookies" (text files stored on your computer that enable us to analyze your use of our Websites). Information generated by the cookies (including your abbreviated IP address) is transmitted to and stored at a Google server in the United States. Google uses this information to assess your use of our Websites, to compile activity reports, and to provide more services connected with the use of our Websites. It is possible that Google may transmit this information to third parties if required by law, or if third parties process this information on behalf of Google.
Our Website uses Google Tag Manager for the implementation of Google Analytics. Google Tag Manager, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"), is a solution that allows marketed website tags to be managed using an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not register personal data. The tool causes other tags to be activated. These tags then may register data under certain deactivated domains or on a cookie level. This setting will remain in place for all tracking tags implemented with Google Tag Manager.
Our Website uses the web analysis and optimization service Google Optimize provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). We use the Google Optimize service to increase the attractiveness, content and functionality of our Website by playing new features and content to a percentage of our users and statistically evaluating the usage change (A/B testing). Google Optimize is a sub-service of Google Analytics.
Google Optimize uses cookies, which enable us to optimize and analyze your use of our Website. The information generated by these cookies about your use of our Website is usually transferred to a Google server in the USA and stored there. We use Google Optimize with activated IP anonymization so that your IP address is shortened by Google within member states of the European Union, or within the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information for the purpose of evaluating your use of our Website, compiling reports on optimization tests and related website activity and providing other services relating to website activity and internet usage.
If you have any questions about this section or how to exercise your rights under the CCPA, please contact us.
September 2023