OwlProxy Privacy Policy
Updated: 2025-05-21
Effective: 2025-05-21
This OwlProxy Privacy Policy (hereinafter referred to as "this Privacy Policy") is intended to protect the privacy and information of users in any system contractually agreed upon between OwlProxy as a service provider and any natural or legal person as a service user.
By using this website www.Owlproxy.com (hereinafter referred to as "this System"), you agree to this Privacy Policy, which may be updated without further notice to users.
1. General Terms and Definitions
1.1 OwlProxy is a legal entity incorporated in Hong Kong with registration number 77312088 and address at Room D07, 8/F, Phase 2, Kaide Factory Building, 99 King Fuk Street, San Po Kong, Hong Kong. (hereinafter referred to as "the Company"/"we"/"us").
1.2 Anyone who uses the Company's services/systems shall be deemed to be the Company's customer (hereinafter referred to as "Customer"/"you").
1.3 The Company and the Customer are legally bound by the terms and conditions of this Agreement (hereinafter referred to as "this Agreement"), which apply to the contractual relationship between the Company as a service provider and the Customer, any natural or legal person, Service User, or System User before logging in/creating an account (hereinafter referred to as Account).
1.3.1 The Company provides a variety of IP address proxy infrastructure solutions, including IP addresses used by customers to connect to the Internet, and data collection and proxy management solutions using the Company (hereinafter referred to as "the Service"). The Service is available through the System.
1.4 The application and interpretation of this Privacy Policy shall be consistent with this Agreement. The definitions set forth in this Agreement shall apply to this Privacy Policy.
1.5 You may use the pop-up chat box in the System or send us an email to inquire about questions related to the Privacy Policy.
1.6 The Company has the right to unilaterally modify and/or update this Privacy Policy at any time without further notice. The Customer's continued use of the Service/System shall be deemed to have accepted the latest version of this Privacy Policy. Any customer should check and evaluate this Privacy Policy regularly. Any updates to this Agreement will be effective when they are posted in this System.
1.7 The latest version of this Privacy Policy can be found at the following URL: https://www.owlproxy/tos/privacy-policy.html
1.8 By agreeing to the rules set out in this Agreement, you automatically agree to this Privacy Policy. For the avoidance of doubt, you acknowledge and understand that you are also bound by this Privacy Policy when using this System in any way before creating an account (Section 4 of this Agreement) or when you are not logged into this System (for example, when browsing the blog section of this System), and the Company may automatically collect your data/information.
1.9 If you do not agree to be bound by this Privacy Policy in any scope or manner, you must not use or must immediately stop using this Service, this System or any part thereof, including its features and functions.
1.10 The Company values your trust in the Company when using this Service/System. Therefore, privacy and data security are extremely important to the Company. It is very important for the Company to make you feel safe when you access our System, use our Services and in all other business transactions with the Company. Once you use our system/service, you entrust us to process your personal data. We want to provide you with the best system experience to ensure that you can use our service happily now and in the future. That is why we want to understand the behavior of users on our system in order to continuously improve it. Therefore, processing your personal data is not only necessary for providing services, but also necessary for improving user-friendliness. Therefore, in this privacy policy, you will be informed in detail what personal data we collect from you, how we process this data, and to whom we pass it on. In addition, we will inform you of the precautions we take to protect your personal data, the rights you have in this case, and who you can contact for data protection issues.
1.11 In view of the above, we strive to protect your privacy and are obliged to process your personal data in accordance with the following rules and principles:
1.11.1 The processing process should be carried out in a legal, fair and transparent manner.
1.11.2 Personal data must be sufficient and limited to the data necessary for the purpose of processing personal data.
1.11.3 Personal data should be accurate and, if necessary, kept up to date.
1.12 This Privacy Policy is formulated in accordance with the Personal Data Protection Ordinance and other relevant laws, as well as the best practices and principles of data protection.
1.13 For terms used in this Privacy Policy, such as "processing" or "controller", we refer to the definitions of the PDPL.
2. Scope of Application
2.1 This Privacy Policy applies to all persons who use this system/service or otherwise interact with the Company (such as business partners, stakeholders, service providers, etc.); hereinafter collectively referred to as "customers" or "you".
2.2 The Company's systems and services are not intended for anyone under the legal age. Only persons of legal age are allowed to use this system, this service and register an account. Therefore, the Company will not intentionally collect personal information from minors. Therefore, if you are under the age of 18/under the legal age prescribed by law, please do not use this system/service and do not provide us with any personal data.
2.3 If you are a legal representative using the Company's system/service, you should be aware that your personal data will also be collected in accordance with this Privacy Policy.
2.4 You are responsible for ensuring that you are eligible to use our system and/or services.
3. Controllers and their obligations and scope
3.1 For the purposes of applicable data protection laws, we are generally the "data controller" of any personal information provided to us. In very rare cases, we may act as a "processor" to a specific retainer (processing personal data only in accordance with the instructions of the data controller or otherwise permitted by law).
3.2 As a data controller (or data processor in some cases), we have the following obligations:
3.3 Data processing records. We shall keep data processing records at our discretion, except where required by law.
3.4 Data breach notification. We strive to protect your personal data in the best possible way. However, data breaches may sometimes occur, and there may be various reasons for such incidents.
3.4.1 If a data breach compromises the privacy, confidentiality and security of the personal data of the data subject, we, as the data controller, shall immediately notify the data controller of such data breach upon becoming aware of such data breach.
3.4.2 If a data breach compromises the privacy, confidentiality and security of the personal data of the data subject, the Company, as the data controller, shall promptly notify the Data Office of such data breach upon becoming aware of such data breach. The required notification shall include details such as: the nature, category, cause, approximate number and record of the data breach, a description of the possible consequences of the data breach; and a description of the measures and remedial actions taken by the controller to address the data breach.
3.4.3 Data Retention. After the purpose of processing personal data has been achieved, the Company shall not store personal data unless the identity of the data subject cannot be identified through the use of anonymization technology.
3.4.4 Protection of Sensitive Personal Data. In general, the Company does not process any special categories of personal data of customers. This includes data that reveals racial or ethnic origin, political opinions, religious or ideological beliefs or trade union membership, as well as genetic and biometric data. In some cases, during the verification process, in addition to the actual verification data (such as screenshots of identity documents and their identity data, place of residence, identity of politically exposed persons, video data, etc.), biometric data (such as personal data generated by specific technical processing related to a person's physical, physiological or behavioral characteristics and data used to clearly identify characteristics, such as facial images, fingerprint data) will also be recorded. Such biometric data processing is only based on your explicit consent, which you can withdraw at any time.
3.4.5 Appropriate agreement between the controller and the processor. The processor shall process and implement personal data in accordance with the instructions of the controller and in accordance with the contract and agreement signed by the two parties. The contract and agreement shall clearly specify the scope, subject, purpose and nature of the processing, the type of personal data and the category of data subjects. The Company, whether as a controller or a processor, should ensure in advance that these agreements have been reached and are applicable to the planned data processing.
4. Data categories and sources
4.1 The Company may collect your personal information in the course of providing services, when you use this system to contact us or request information from us, or due to your relationship with any of our personnel or customers.
4.2 The personal information we may process includes:
4.2.1 Contact Data. When creating a new user account or communicating with the Company (for example, by contacting our support team), we may process basic details such as your name, date of birth, job/title, employer, your relationship to a person, and your contact information (such as your email address, physical address, contact number).
4.2.2 Verification Data. If the account/other details are verified, and depending on the level of verification, we may process, for example, screenshots of national identification documents such as passports, driver's licenses, identity cards and identification data from such documents, utility bill details for residence verification, data on the identity of politically exposed persons, video data from video verification programs, biometric data for verification, and information collected from public sources for verification of such documents.
4.2.3 Order Data. In the case of a subscription to the Service, we may process information related to the matter for which you seek our services.
4.2.4 Financial Data. In the case of refunds or withdrawals related to ordering services and accepting payments (or any other applicable plans/offers), we may process information such as bank details (IBAN, BIC), information about payment service providers, payment details or transaction IDs.
4.2.5 Log data. During the activity of this system (website) and the use of this service, we may process information such as IP address, your location, location data, traffic data, transaction data (such as deposit, payment, refund withdrawal address), computer or mobile device information, page interaction data such as visit frequency, time, visit duration, operating system, browser type, device type, unique device identifier, identification cookies, optional form data, crash reports, performance data, third-party cookies, etc.
At any time when using this system/service, we will collect and process the following log data:
4.2.5.1 IP address of the first or last login.
4.2.5.2 Account credentials and other information as specified in Article 4 of this Agreement, including account creation date and time, login date and time.
4.2.5.3 Information collected, such as: browser type, web pages you visited and the time spent on them, access time and date, unique device identifier, etc. The data mentioned in this clause may be collected without being assigned to a specific user.
4.2.6 Company details. If you use the Service as a legal entity or enter into a commercial agreement with the Company, we may process information such as business registration reports, data of beneficial owners, and records or other information of recent, past or planned business activities, other data required to determine/verify the structure, any authorization letters from beneficial owners or companies, etc.
4.2.7 Marketing data. If you visit the System or our social media sites, we may process statistical and marketing data, such as: number of visitors, frequency, number of clicks, time, location, target group, data on cookies and similar technologies (Pixel, ClearGIF, etc.), consumer behavior, interests and preferences, market research and target group survey data, etc.
4.2.8 Photo, video and audio data. When we attend or organise events or trade fairs or conduct interviews with people, or when you visit our offices or our meetings and events, we may take photographs or otherwise record such events and process photographic, video and audio data, as well as data such as time, location, list of participants, etc. However, we will always inform you separately of any such recordings made by photographic or video images and/or audio recordings.
5. Purpose and Legal Basis
5.1 All processing is carried out in accordance with the PDPL. We process your personal data on the basis of at least one of the legal bases described below. If the Company requests additional personal data other than those listed above, this data and the purposes and legal basis for collection and processing will be communicated to the Client at the time of collecting the personal data.
5.1.1 Performance of contractual obligations under this Agreement. The Controller (the Company)/Processor may process personal data with the consent of the Data Subject (you) to whom the data relates, if the processing is necessary for the performance of a contract (this Agreement) to which the Data Subject is a party, or in order to take steps at the Data Subject’s request to enter into, modify or terminate a contract,
5.1.2 Consent We may ask you to provide your consent if the consent of the Data Subject (you) is the lawful basis for processing your personal data. For example, we may ask you to provide your consent before entering into this Agreement or using the System when you are not logged in, and before collecting/processing any other personal data not described in this Privacy Policy.
If you have given us your consent to process your personal data, the processing will only be for the defined purposes and to the extent agreed in the consent statement. If you no longer consent to the processing, you may withdraw your consent at any time without stating a reason with immediate effect. With your consent, we will process data for the following purposes, such as:
Direct marketing and advertising (e.g. customer satisfaction surveys, event newsletters, sweepstakes and other advertising communications). By creating an account, you consent to direct marketing and advertising. By creating an account, you confirm that you understand that the contact information provided to the Company may be used by the Company for direct marketing, advertising and other electronic communication purposes. By creating an account, you agree to receive various marketing and advertising materials.
Website analytics and tracking for advertising purposes.
Certain uses of audio, video and photo data (e.g., commercials, interviews, etc.), for marketing and other performance purposes through various channels.
Automated authentication process (identity verification).
Application management system, recruitment process and processing of your application.
Withdrawal of your consent does not affect the lawfulness of processing based on your consent before its withdrawal.
5.1.3 Compliance with legal obligations. Processing of personal data may also be necessary to comply with various legal obligations.
These legal obligations include, but are not limited to, the following data processing operations: contract management, accounting and invoicing, monitoring to prevent fraud, abuse, money laundering and the financing of terrorism; providing information to criminal authorities in the context of fiscal criminal proceedings or proceedings against an official order; assessing employees’ work capacity or providing healthcare/social care, etc.
5.1.4 Protection of legitimate interests. Data processing may be carried out outside of the performance of the contract if necessary to ensure the legitimate interests of our company or a third party. This legitimate interest includes the following data processing operations:
Prevention of fraud, abuse (e.g. for illegal purposes), money laundering and the financing of terrorism.
Risk management and risk minimization, e.g. by checking with credit agencies, debtor directories or business analytics providers.
Identification and checking of potentially incorrect or suspicious business cases and visits to our website (e.g. website analytics by Sift Science).
Transfer of data within the company for internal administrative purposes.
Customer management and processing of general customer requests and inquiries.
Measures to protect our customers and partners and to ensure network and information security; as well as measures to protect our employees and property, e.g. by video surveillance and external data centers and service providers.
Processing of inquiries from authorities, lawyers, debt collection agencies in the context of legal prosecutions and enforcement of legal claims in the context of legal proceedings.
Market research, business management and subsequent development of services and products.
Processing of statistical, performance and market research data via websites, applications or social media platforms (e.g. Facebook, LinkedIn, YouTube, etc.).
Processing of customer preferences (e.g. language, region) via cookies on our websites.
Direct marketing and advertising (e.g. implementation of marketing strategies, customer targeting, issuance of vouchers, advertising of our company and partner companies).
Use of audio, video and photo data from public places (e.g. public events, fairs, etc.) on our social media channels or websites for marketing and other presentation purposes.
5.2 Our company may also process personal data without the consent of the data subject in cases where the data subject has made the data public (Art. 4 GDPR).
6. Social media presence and other communications
6.1 Our company maintains a social media presence on various platforms (see below) in order to communicate with its active customers, potential customers and interested social media users about our services, products and other news. When visiting such social media platforms, the general terms and conditions and privacy policies of these operators also apply. We would like to point out that user data can also be processed outside the United Arab Emirates or your region/location. Due to the different legal frameworks, this may pose risks for users (e.g. the enforcement of data subject rights may become more difficult).
6.2 As part of the technical processes of various social media platforms (such as Google, Facebook, Twitter, etc.), when you click on the content or website you are visiting, they detect whether you are logged into your social media account at the same time. This information is collected by the social media platform and assigned to your social media account, regardless of whether you click on the content of the platform or not. By logging out of your account, you prevent these companies from associating the collected information with your account.
6.3 The activities of these companies are not controlled by the Company and we therefore do not assume any liability for any damages that may be caused to you as a result of the use of your data by these companies.
6.4 The Company may only process personal data of social media users who communicate directly with the Company via the social media platform (e.g. visits, published articles, likes, direct messages, customer inquiries, comments, etc.). In these cases, the Company is also responsible for the processing of the personal data collected thereby. In addition to our processing of data, other providers, in particular social networks and platform operators, also process personal user data. We have no influence on and are not responsible for this data processing – the data processing takes place solely within the scope of responsibility of the other providers.
6.5 For a detailed description of the respective processing and the possibilities of objection (opt-out) by the providers of the social media networks, please refer to the privacy policies of the respective providers. In the case of information requests and assertions of the data subject’s rights regarding data processing by other providers, we point out that these rights can be asserted through the providers listed below. Only the providers have access to the user’s data and can directly take corresponding measures and provide information.
6.6 When participating in any social media communication (e.g. exchanging messages or leaving comments), you should always make sure that the social media account belongs to us before submitting or disclosing any of your personal information.
6.7 You should be aware that SMS/message and email services are susceptible to spoofing and phishing attacks and should be cautious when viewing messages claiming to be from us. If you are unsure of the authenticity of a communication or notification, you should always contact us by logging into your account at https://www.Owloroxy.com, using the communication tools in this system or by sending us a query via email. Please note that phishing attacks occur from time to time and can be carried out through SMS, email or similar services, or through search engines or advertisements on search engines or other fraudulent links. The Company is not responsible for any losses caused by fraud, phishing or other similar attacks.
7. Your rights
7.1 You have the following rights:
7.1.1 Right to withdraw consent and right to opt-out. In any case, you have the right to object to or suspend the processing of your personal data for direct marketing purposes; or the processing of your personal data for the purpose of statistical surveys. If you do not agree/wish to withdraw your consent to receive direct marketing and advertising materials to any extent or in any manner, you must:
7.1.1.1 not complete the creation of an account, or
7.1.1.2 after the account is created, withdraw your consent (consent obtained by creating an account) by clicking the "Unsubscribe" button in the email you receive from the Company, or
7.1.1.3 at any other time, withdraw your consent by clicking the "Unsubscribe" button displayed in any other email sent by the Company as direct marketing and/or advertising material.
7.1.1.4 You have the right to withdraw your consent at any time by the methods described in this Privacy Policy or by sending an email. Please note that if you withdraw your consent, we may no longer be able to provide you with all of our services. Withdrawing your consent does not affect the lawfulness of processing your personal data based on your consent before its withdrawal.
7.1.1.4.1 By checking the corresponding box during the registration process (creating an account) or updating it after logging into your account, you explicitly confirm that you have read this Agreement and the data processing described herein (creating an account) or by checking the corresponding box when updating it after logging into your account, you explicitly confirm that you have read the other policies indicated in that notice.
7.1.1.4.2 By checking the corresponding box during the registration process (creating an account) or logging into your account to get news and updates (including event briefings and other marketing materials) by email, you explicitly consent to receiving electronic communications.
7.1.1.4.3 By creating an account, you explicitly consent to receiving direct marketing and advertising materials, as well as other electronic communications.
7.1.1.4.4 By ticking the appropriate checkbox when using this system to use cookies, you expressly consent to the use of cookies in accordance with this policy, notices and your preferences expressed by ticking all/any boxes.
7.1.2 Before the processing activities begin, in order to obtain information for the purpose of processing, the Company may use appropriate safeguards in the context of cross-border processing, and will share your personal data with departments or entities within and outside Hong Kong.
7.1.3 The right to request additional information, including:
7.1.3.1 Whether we are processing personal data related to you.
7.1.3.2 The type of personal data of the data subject processed;
7.1.3.3 Decisions made on the basis of automated processing;
7.1.3.4 Rules and guidelines for the storage and retention period of personal data;
7.1.3.5 Measures to be taken after a data breach occurs.
7.1.4 Right to rectification. You have the right to request the correction of inaccurate personal data related to you, and the right to request the completion of incomplete personal data.
7.1.5 Right to erasure. You have the right to request that we erase your personal information if:
7.1.5.1 the personal data is no longer necessary in relation to the purposes for which the personal data was collected or processed;
7.1.5.2 you withdraw your consent or explicitly object to processing and there is no legitimate reason for us to continue processing.
7.1.5.3 the personal data is unlawfully processed.
7.1.5.4 erasure of the personal data is necessary for the performance of a legal obligation imposed by law to which we are a subject.
7.1.6 The right to obtain a copy and transmit your personal data to another controller, where technically feasible. You have the right to receive the personal data concerning you that you have provided to us, in a structured, commonly used and machine-readable format, where the processing is based on your consent or is necessary for the performance of a contractual obligation and is carried out by automated means. You also have the right to request that this data be transmitted directly to another controller of your choice, where technically feasible and does not prejudice the rights and freedoms of others. The right to data portability can only be exercised where the processing is based on your consent or on a contractual need or pre-contractual necessity and is automated. The right to data portability does not apply to processing that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7.1.7 Right to object to decisions based on automated processing. We do not generally use any personal data for automated decisions, including profiling (i.e. decisions based solely on automated processing of personal data, including profiling, that have legal effects on the data subject or that significantly affect him or her in any other way). If we make such a decision to any extent, you have the right to object to it.
In addition, you have the right to object to the processing of your personal data at any time if the processing is based on your legitimate interests. If you object to the processing, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms or the processing is for the establishment, exercise or defence of legal claims. The objection does not affect the lawfulness of processing your personal data based on legitimate interests until you withdraw your consent.
7.1.8 Right to restriction of processing. You have the right to ask us to restrict processing if one of the following conditions is met:
7.1.8.1 You contest the accuracy of the personal data (the restriction applies for a period of time to enable us to verify the accuracy of the personal data).
7.1.8.2 The processing of your personal data is unlawful and you refuse to have your personal data erased and request to restrict its use instead.
7.1.8.3 We no longer need your personal data for the purposes of the processing, but you require them to assert, exercise or defend legal claims.
7.1.8.4 You have objected to the processing of your personal data and it has not yet been determined whether our legitimate grounds outweigh your legitimate grounds.
7.1.9 Right to lodge a complaint with the Data Protection Office.
7.1.10 Right to contact. To exercise any of the above rights, you may send us an email or write to OwlProxy, Room D07, 8/F, Phase 2, Kaide Factory Building, 99 King Fuk Street, San Po Kong, Hong Kong. Please note that for such inquiries, we will require further identification information (e.g. passport, ID card, etc.) to ensure that only your personal data is passed on to you. We will respond within 30 days from the date of receipt of the inquiry (subject to two 30-day extensions).
7.2 In any case, we encourage you to contact us directly. We believe that the best decision can be made through mutual agreement and joint efforts.
7.3 As a general principle of our company, we process personal data only for the purpose for which it was collected. However, in special cases, we may use your personal data that we have collected for other purposes. In this case, we will inform you of the corresponding purpose, the duration of storage of your personal data, the exercise of data subject rights, the possibility of withdrawing consent, the existence of the right to complain to a data protection authority, whether the data is necessary for legal or contractual reasons, the possible consequences of not providing the data, and whether automated decision-making or profiling is carried out before the intended processing.
8. Data security
8.1 The security of data is very important to us and we are committed to protecting the data we collect. We implement comprehensive administrative, technical and physical measures to protect your personal data against accidental, unlawful or unauthorized destruction, loss, modification, access, disclosure or use. These measures meet the highest international security standards and are regularly reviewed for their effectiveness and suitability to meet the expected security requirements.
8.2 The technical, physical and organizational measures we implement are as follows:
8.2.1 Appoint a DPO and conduct employee training.
8.2.2 Use SSL encryption on our systems that transmit personal data.
8.2.3 Use two-factor authentication (2FA) for this system.
8.2.4 Ensure the confidentiality, integrity, availability and resilience of our systems and services.
8.2.5 Use encryption systems.
8.2.6 Pseudonymize and anonymize personal data.
8.2.7 Implement controls on entry, access and transmission to our offices and systems.
8.2.8 Design measures to quickly restore the availability of personal data in the event of a physical or technical incident.
8.2.9 Privacy measures designed and default in our platform, such as preventing user enumeration.
8.2.10 Introduce procedures for regular review, assessment and evaluation of the effectiveness of technical and organizational measures to ensure the security of processing, such as our bounty program.
8.2.11 Internal IT security practices and monitoring, internal communication and rapid response mechanisms.
8.2.12 Incident response management.
8.3 When using this system/service, customers are advised to use two-factor authentication (2FA).
8.4 Your personal data may be accessed, transferred and/or stored by employees or providers in destinations outside your country, where the data protection laws may have lower standards than those in the United Arab Emirates. However, we will protect personal data in accordance with this Privacy Policy in any case.
8.5 If we process personal data in a third country (for example, within the European Union (EU) or the European Economic Area (EEA)), or if this occurs in the context of using third-party services or disclosing and/or transferring personal data to third parties, we will only transfer personal data based on our consent, legal obligations or our legitimate interests to fulfill our contractual obligations and pre-contractual obligations. Where permitted by law or contract, we will only
Personal data is processed in a third country or by a third party only if conditions are met that ensure an adequate level of protection for the rights and freedoms of the data subject with regard to the processing of personal data. This means, for example, that the processing and transfer is carried out on the basis of special guarantees, such as compliance with a code of conduct or a certification mechanism, and that the recipient has given binding and enforceable commitments in the third country, that appropriate guarantees apply for data protection or that official recognized special contractual obligations are observed (e.g. the "Standard Contractual Clauses" published by the European Commission).
9. Recipients of personal data
9.1 The Company transfers your personal data only within the scope described below or upon instructions when the data was collected from you. In addition, the personal data we collect about you will not be sold or otherwise passed on to third parties by us.
9.2 Within the Company, departments or employees who need your personal data to fulfill contracts, legal obligations and legitimate interests will receive your personal data. The purpose of our transfer of personal data is to use it for our daily business operations, such as account management and other processes requested by you, as well as to effectively perform internal administrative activities in a joint manner, and to maintain and improve our products and services.
9.3 To a limited extent, we also transfer personal data to processors who provide services to us, such as video authentication services, IT services, legal services, customer support, improving our website, fulfilling contracts, account management, accounting, invoicing, application management, marketing services and sending marketing materials. Processors may only use or transfer this data as necessary to provide services to us or comply with legal requirements. We contractually require these processors to ensure the confidentiality and security of your personal data they process on our behalf.
9.3.1. Main service providers contracted by the Company that may process your data:
Marketing, application analytics and diagnostic service providers, such as Facebook (provided by Meta platform, Inc.), Google (provided by Google), X (provided by X Corporation), Cookiebot (provided by Usercentrics, A/S).
This list is reviewed regularly and may be updated accordingly.
9.4 We may also transfer your personal data in the following circumstances:
(i) we are required to do so by law or legal process,
(ii) we believe disclosure is necessary to avoid damage or financial loss, or
(iii) in connection with an investigation of suspected or actual fraudulent or illegal activity.
9.5 If we are acting as a joint controller with another party (e.g., processing data for jointly defined purposes within multiple affiliated entities), we may provide personal data to them, where applicable, based on at least one of the legal bases set out in Section 5 above. In the case of joint control, we transfer your personal data only on the basis of an adequate agreement with the partner.
9.6 We may transfer your personal data to others at the request of the person concerned for the purpose of transferring or fulfilling a contract or taking steps at the request of the data subject prior to entering into a contract.
10. Retention period
10.1 Unless otherwise stated in the notice/consent, we will only retain your personal information for as long as necessary to:
10.1.1 Provide you with the services you have ordered and ensure the correct use of the system/account;
10.1.2 Comply with the law, including mandatory data collection periods;
10.1.3 Support a claim or defense in court or take action in other legal proceedings.
10.2 In all cases, log data (Section 4.2.5) shall be retained for at least 6 months from the date of collection. Log data after account termination or suspension is retained by the Company for the same period from the moment of termination or suspension. The Company has the right to retain this data for a longer period if necessary for legitimate purposes.
10.3 In any case, the account data set out in Article 4 of this Agreement, including identification data (if applicable), shall be kept throughout the period during which you are a customer and for at least 6 months from the date of account termination.
11. Privacy Statement for Customers Living in the European Union and California
11.1 If you live in the European Union ("EU") region, please note:
11.1.1 We are working hard to ensure your rights under the EU General Data Protection Regulation ("GDPR"). You can find more information about the GDPR and your rights at this link: https://gdpr.eu/
11.1.2 You have the rights set out in Article 3.2 of the GDPR. The GDPR states that the GDPR applies to non-EU organizations if two conditions are met: the organization provides goods or services to EU citizens, or the organization monitors their online behavior. If you are using this system/service, it falls within the scope of Article 3.2 of the GDPR.
11.1.3 Our obligations may be limited due to exceptions set out in the GDPR (such as the number of our employees).
11.1.4 If you have any questions or concerns about this Privacy Policy or the GDPR, you may contact our DPO.
11.1.4.1 Please contact us by email, sending your enquiry to our Data Protection Team at Owlproxy@gmail.com.
11.1.4.2 Please contact us by letter, please write to OwlProxy, Room D07, 8/F, Phase 2, Kaide Factory Building, 99 King Fuk Street, San Po Kong, Hong Kong.
11.2 If you are a California resident, please note:
11.2.1 We always work to ensure that you have rights under the California Consumer Privacy Act of 2018 (California Code of Civil Procedure §§ 1798.100-1798.199) and the Attorney General's California Consumer Privacy Act regulations (collectively, the "CCPA").
11.2.2 You have the right to:
11.2.2.1 Know what personal information is collected.
11.2.2.2 Know if and when personal information is sold or disclosed.
11.2.2.3 Opt out of the sale of personal information.
11.2.2.4 Delete information.
11.2.2.5 Access personal information;
11.2.2.6 Get comparable services and prices.
11.2.3 For requests verified by you, the Company shall provide information about your personal information collected within one year prior to the request:
11.2.3.1 The categories of personal information collected by the Company about you;
11.2.3.2 The categories of sources of the personal information collected;
11.2.3.3 The business or commercial purpose for the personal information collected;
11.2.3.4 The business or commercial purpose for collecting and selling residents' personal information;
11.2.3.5 The categories of third parties with whom the Company shares personal information;
11.2.3.6 The specific personal information collected by the Company about you.
11.2.3.7 Copies of stored personal information.
11.2.4 In addition, the Company guarantees that the Company will not sell your personal information in any way. Therefore, the Company does not provide a "Do Not Sell My Personal Information" prompt box in this system.
11.2.5 If you have any questions or concerns about this Privacy Policy or CCPA, you can contact the Company's DPO.
11.2.5.1 Please contact us by emailing us with your inquiries to our Data Protection Team at Owlproxy@gmail.com
11.2.6 The Company shall respond to your inquiries within the period specified in this Policy, but in any event no later than 45 days after a verifiable request is made (with the possibility of an extension of 45 days).
11.2.7 The following is a list of the categories of personal information that the Company has collected about California residents for business purposes in the past 12 months. No collected data is sold.
11.2.7.1 Account Data as set out in Section 4 of this Agreement:
(i) Personal information of the Customer/its representative;
(ii) Company name if the Customer is a legal entity;
(iii) Valid email address;
(iv) Valid telephone number;
(v) Country of residence;
(vi) Unique password created by the Customer;
(vii) Service requirements (estimated monthly IP usage, purchase type, etc.);
(viii) Confirmation that the Customer agrees to this Agreement and the Company's Privacy Policy;
(ix) Confirmation that the Customer/its representative is a natural person.
11.2.7.2 Recorded data covered by Article 4.2.5. For example:
(i) IP address, your location, location data, traffic data, transaction data (such as deposits, payments, refund withdrawal addresses), computer or mobile device information, access frequency, time, access duration and other page interaction data, operating system, browser type, device type, unique device identifier, identification cookies, optional form data, crash reports, performance data, third-party cookies, etc.;
(ii) At any time when using this system/service, we will collect and process the following log data: IP address of the first or last login; account credentials and other information specified in Article 4 of this Agreement, including the date and time of account creation, and login date and time; information collected by cookies and Google Analytics, such as browser type, web pages you have visited and the time spent on them, access time and date, unique device identifier, etc. The data mentioned in this clause can be collected without targeting specific users.
11.2.7.3 Other information you can choose to insert in "Your Billing Information".
12. Cookies handling
We use cookies to ensure the correct display of website content and the convenience of online browsing on Owlproxy.com. They are small files stored on your device. They help the website remember information about you, such as which language you use to access the website and which pages you have opened. This information will come in handy the next time you visit. With the help of cookies, browsing the website becomes more convenient. You can learn more about these files here. You can set your browser to accept and block cookies. Failure to accept cookies may limit the functionality of the website.
13. Our details
This system (this website) is owned and operated by OwlProxy. We are registered in Hong Kong with registration number 77312088 and our registered office is at Room D07, 8/F, Phase 2, Kaide Factory Building, 99 King Fuk Street, San Po Kong, Hong Kong. You can contact us by email, sending your enquiries to Owlproxy@gmail.com.
77312088, the address is Room D07, 8/F, Phase 2, Kaide Factory Building, 99 King Fuk Street, San Po Kong, Hong Kong.
