Please refer to our Terms of Service and Use policy describing specifics of personal data processing within our products and services available on each brand’s website (PIXEL, PIXEL5, ZIMZIM, NETSTAIRS, OZWALL).
Personal Data We Process
Personal data refers to any information relating to an identified or identifiable natural person (“Personal Data”).
We may collect data or ask you to provide certain data when you visit and use our websites, products, and services. The sources from which we collect Personal Data include:
We organize the Personal Data we process into these basic categories: Billing Data, Account Data, and Product, and Authentication Data.
Billing Data includes your name, email address, masked credit card number, PayPal, license information, Activation Code Keys (ACK) and in certain circumstances, your billing address and your phone number. In most circumstances, you purchase our products and services from a trusted third-party service provider, reseller, or app store. In those circumstances, your Billing Data is processed by the relevant third party and we only receive a subset of this data to keep proper business records. In these instances, see below an example of Billing Data and what we use it for:
|Billing data||What we use it for|
|User ID||Your Username|
|Email address||To send you purchase receipts & notifications|
|Masked PayPal or credit card number||To process the payment and billing records|
|Activation Code Key||To identify a specific license for a follow-up actions such as renewal or troubleshooting|
|User type||To enable features based on the purchased license|
|Renewability||To check if a given subscription can be renewed|
|Date of expiration||To check whether an account is valid|
Account Data includes information needed to set up and customize an account, such as your email address and username, and information connected with our services, such as activation code keys (ACK). For some of our products or some of their functions creating an account is necessary. See below an example of Account Data and what we use it for:
|Account data||What we use it for|
|Email address||To send you communications regarding your license and support|
|Username||To manage your account and facilitate your login into the service|
|Subscription renewal date||To tell us until when the account is valid|
|Trial User||Where applicable. To add a trial period before the account is charged|
An account is also necessary for some features of our Forum. You have the option to provide additional information within your account such as personal texts, disclose your birth date, identify your gender, instant messaging number, messenger username, or website name and address, disclose your physical location, and select an avatar or personalized picture. Any information you provide here will be visible to other users (including your total number of posts, and posts per day, the date and time you registered, your local time, and the date and time of your last activity).
Product Data includes two sub-categories:
These sub-categories differ for each product and service. If you want more detail about Device and Service Data we process on a product basis, please refer to our Products Policy available on each brand’s website (PIZEL by NETSTAIRS, PIXEL5, ZIMZIM, OZWALL).
Why We Process Your Personal Data
We use your Personal Data for the following purposes and on the following grounds:
Based on fulfilling our contract with you or entering a contract with you on your request, in order to:
Based on your consent, in order to:
We will always ask for your consent before any processing that requires it and provide you with necessary information or otherwise as applicable.
Based on legal obligations, we process your Personal Data when it is necessary for compliance with a legal tax, accounting, anti-money laundering, legal order, or other obligation to which we are subject.
Based on our legitimate interest we will use your Personal Data for:
We have balanced the interests for the above mentioned processing operations. You have the right to object, on grounds relating to our situation, to those processing operations. For more details please see section Your Privacy Rights.
Evaluating Legitimate Interests
Before relying on our legitimate interests, we composed them against your interests and made sure they are compelling enough and will not cause any unwarranted harm. With respect to the purposes below we consider necessary to explain what these interests are in detail.
Systems, Apps and Network Security
We process Personal Data for network and information security purposes. In line with U.S. and EU data protection law, organizations have a recognized legitimate interest in collecting and processing Personal Data to the extent strictly necessary and proportionate for the purposes of ensuring network and information security. This primarily covers the ability of a network or of an information system to resist events, attacks or unlawful or malicious actions that could compromise the availability, authenticity, integrity and confidentiality of stored or transmitted data, or the security of the related services offered by, or accessible via those networks and systems.
Both as an organization in our own right, and as a provider of cybersecurity technologies and services which may include hosted and managed cybersecurity technology services, it is necessary for the functionality of our systems, products and services and in our legitimate interests as well as in our users’, to collect and process Personal Data to the extent strictly necessary and proportionate for the purposes of ensuring the security of our own, and of our users’ networks, devices, and information systems. This includes the development of threat intelligence resources aimed at maintaining and improving on an ongoing basis the ability of networks and systems to resist unlawful or malicious actions and other harmful events (“cyber-threats”).
The Personal Data we process for said purposes includes, without limitation, network traffic data related to cyber-threats such as:
Depending on the context in which such data is collected, it may contain Personal Data concerning you or any other Data Subjects. However, in such cases, we will process the data concerned only to the extent strictly necessary and proportionate to the purposes of detecting, blocking, reporting (by removing any personally identifiable elements) and mitigating the cyber-threats of concern to you, and to secure your network, device and systems. When processing Personal Data in this context, we do not seek to identify a Data Subject.
In-product and Email Messages
We have a legitimate interest for messaging our users about possible security, privacy and performance improvements and products that supplement or improve purchased products.
If you are our customer, we feel a responsibility to inform you about possible problems to your device and software that go beyond our product that is installed and provide you with effective solutions relevant to these problems, which may include also our own solutions. We thus have legitimate interest to optimize the content and delivery of this type of communication to you so that you will be most likely to find them relevant and non-intrusive at the same time.
New Product Development
We have a legitimate interest to use necessary Personal Data to develop new products or features so that we can provide you with state-of-the-art security, privacy and performance platforms as a service.
Third-party Analytics (user acquisition, user interactions)
We have a legitimate interest to use necessary Personal Data for third-party analytics to understand user conversions, acquisitions and campaign performance through various distribution channels, and users’ download, activation keys and interactions with our products because these analytics help us maintain functionality, effectiveness, security and reliability of our products and business activities.
How We Process Your Personal Data
We do our best to disconnect or remove all direct identifiers from the Personal Data that we use:
Processing of IP Addresses
For paid products including platforms as a service, and performance, your IP address is collected at the time at which your product or service is being provided, for the purpose of facilitating our billing process. Specifically, our third-party billing partner will or may collect your IP address for its billing process; we do not store the IP address from this process.
For complementary and paid products including Platform-as-a-Service, your IP address is also processed for the purpose of downloading certain products and malware detection.
Please refer to our Products’ Policy for specific use of IP address by our products and services.
No Automated Decision-Making, Including Profiling
We do not take any decisions involving the use of algorithms or profiling that significantly affects you.
How We Disclose Your Personal Data
If you opt to pay for use of our services, we will use a third party payment processor to take payment from you. These third parties are properly regulated and authorized to handle your payment information and are prohibited from using your Personal Data for any other purposes other than arranging these services for us. However, they are independent controllers of your data with their own responsibility.
These are our long-term payment processors:
|PayPal||https://www.paypal.com/en/webapps/mpp/ua/privacy-full||US, EU, Worldwide|
|Google Play Store (for mobile apps)||https://policies.google.com/privacy||TBA|
|Apple Store (for mobile apps)||https://www.apple.com/legal/privacy/||TBA|
Such service providers may include contact centers, professional consultants (including for defense or exercise of our rights), and marketing/survey/analytics/software suppliers.
Sometimes these service providers, for example, our distributors, resellers, and app store partners, will be independent controllers of your data and their terms and conditions, end user license agreements (“EULA”) and privacy statements will apply to such relationships.
To be able to offer our products and services for complementary, we serve third-party ads of advertising companies in our products for mobile devices. To enable the ad, we embed a software development kit (“SDK”) provided by an advertising company into the product, which then collects Personal Data in order to personalize ads for you.
Please note that only few of our complementary products may serve third-party ads. You will be asked for consent during the installation process of such product. For further information, including the exact scope of processed Personal Data and names of relevant products.
We have partnered with Clicky Inc., that uses stripped and de-identified data to build products and services that provide trend analytics for companies. For more information please refer to https://clicky.com.
We may provide your Personal Data to our partners for the purpose of distribution, sale or management of our products. Our partners may use your Personal Data to communicate with you and others about NETSTAIRS products or services. In addition, you purchase our products directly from our distributor, a reseller, or an app store. Because your relationship in these cases is with that distributor, reseller or an app store, such third party will also process your Personal Data.
Analytics Tool Providers
We use analytical tools, including third-party analytical tools, which allow us to, among other things, identify potential performance or security issues with our products, improve their stability and function, understand how you use our platforms ,products, and websites, so that we can optimize and improve your user experience, as well as evaluate and improve our campaigns. We use Service and Device data for analytics.
While we generally prefer using our own analytical tools, we sometimes need to partner with other parties, which have developed and provide us with their own tools and expertise. Below, we list these partners and tools and their privacy policies.
|Google Analytics (Google)||user behavior||https://support.google.com/analytics/answer/6004245 https://policies.google.com/privacy https://support.google.com/analytics/answer/6366371?hl=en&ref_topic=2919631||Worldwide|
|Firebase Analytics (Google)||user behavior (advanced features like A/B testing, predictions)||https://firebase.google.com/support/privacy/ https://policies.google.com/privacy||Worldwide|
|Firebase Crashlytics (Google)||crash reporting||https://try.crashlytics.com/terms/privacy-policy.pdf https://policies.google.com/privacy||Worldwide|
|Facebook Analytics (Facebook)||user behavior||https://www.facebook.com/about/privacy https://developers.facebook.com/docs/analytics/overview||Worldwide|
Please note that not all our platforms use all these third-party analytics tools. Analytics tolls that we use for diagnosing your product are necessary for service provision. You will find relevant tools listed under each product in our Products Policy.
In certain instances, it may be necessary for us to disclose your Personal Data to public authorities or as otherwise required by applicable law. No Personal Data will be disclosed to any public authority except in response to:
Mergers, Acquisitions and Corporate Restructurings
Like any other company, we too go through its own cycle of growth, expansion, streamlining and optimization. Its business decisions and market developments therefore affect its structure. As a result of such transactions, and for maintaining a continued relationship with you, we may transfer your Personal Data to a related affiliate.
If we are involved in a reorganization, merger, acquisition or sale of our assets, your Personal Data may be transferred as part of that transaction. We will notify you of any such deal and outline your choices in that event, when applicable.
Cross-Border Transfers of Personal Data among NETSTAIRS Entities and to Third-Party Vendors
We are a global business that provides its products and services all around the world. In order to reach all our users and provide all of them with our software, we operate on an infrastructure that spans the globe. The servers that are part of this infrastructure may therefore be in a country different than the one where you live. In some instances, these may be countries outside of the European Economic Area (“EEA”). Regardless, we provide the same GDPR-level of protection to all Personal Data it processes.
At the same time, when we transfer Personal Data outside of the EEA, we always make sure to put in place appropriate and suitable safeguards, such as standardized contracts approved by the European Commission or specialized regimes such as Privacy shield, which legally bind the receiving party to adhere to a high level of protection, and to ensure that your data remains safe and secure at all times and that your rights are protected.
Situations where we transfer Personal Data outside of the EEA include provision of our products and services, processing of transactions and your payment details, and the provision of support services. Further, an outside-EEA transfer may also occur in case of a merger, acquisition, or a restructuring, where the acquirer is located outside of the EEA (see the Mergers, Acquisitions and Restructurings section).
How We Protect Your Personal Data
We maintain administrative, technical, and physical safeguards for the protection of your Personal Data.
Access to the Personal Data of our users is limited to authorized personnel who have a legitimate need to know based on their job descriptions, for example, employees who provide technical support to end users, or who service user accounts. In the case of third-party contractors who process personal information on our behalf, similar requirements are imposed. These third parties are contractually bound by confidentiality clauses, even when they leave. Where an individual employee no longer requires access, that individual’s credentials are revoked.
We store your personal information in our database using the protections described above. In addition, we utilize up-to-date firewall protection for an additional layer of security. We use high-quality Platform-as-a-Service and anti-malware software, and regularly update our virus definitions. Third parties who we hire to provide services and who have access to our users’ data are required to implement privacy and security practices that we deem adequate.
Access to user information in our database by Internet requires using an super admin access, moderator, except for email which requires user authentication. Otherwise, access is limited to our physical premises. Physical removal of Personal Data from our location is forbidden. Third-party contractors who process Personal Data on our behalf agree to provide reasonable physical safeguards.
We strive to collect no more Personal Data from you than is required by the purpose for which we collect it. This, in turn, helps reduce the total risk of harm should data loss or a breach in security occur: the less data we collect, the smaller the overall risk.
We do NOT have products and services designed specifically to assist you as a parent by providing child online protection features. In such cases, our services are for adults unless specified in each service for a project and or assignment. We will only collect, and process Personal Data related to any child under 13 years of age, which you choose to disclose to us or otherwise instruct us to collect and process. Details about this processing is included in our Products Policy. Please refer to the specific applicable notices for this information.
How Long We Store Your Personal Data
We will hold your Personal Data on our systems for the following periods:
Storage of Your Personal Data
The data we collect from you may be stored, with risk-appropriate technical and organizational security measures applied to it, on in-house as well as third-party servers in the United States, as well as anywhere we or our trusted service providers and partners operate.
In all cases, we follow generally accepted standards and security measures to protect the personal data submitted to us, both during transmission and once we receive it.
Your Privacy Rights
You have the following rights regarding the processing of your Personal Data:
Right to contact supervisory authority, court – You may contact and lodge a complaint with the supervisory authority or your local authority or a relevant court.
The fulfillment of data subject rights listed above will depend on the category of Personal Data and the processing activity. In all cases, we strive to fulfill your request.
We will action your request within one month of receiving a request from you concerning any one of your rights as a Data Subject. Should we be inundated with requests or particularly complicated requests, the time limit may be extended to a maximum of another two months. If we fail to meet these deadlines, we would, of course, prefer that you contact us to resolve the situation informally.
Where requests we receive are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or (b) refuse to act on the request.
For the complementary versions, we do not and will not maintain, acquire, or process additional information solely in order to identify the users of our complementary products and services. This is simply not necessary for the complementary versions of our products to be provided to you and function.
This means, when you use a complementary version of our products and services, you may contact us with a request concerning your Personal Data. Please note, consistent with our privacy by design, privacy by default and minimization practices, we may not be able to identify you in connection with your Product Data about your specific complementary products and services. If such a situation occurs, please go to your product settings, and explore your options.
Your Choices in products
You can make certain choices about how your data is used by us by adjusting the privacy settings of the relevant product. Please check your product settings to set your privacy preferences there.
In order to make it easier for you to reach out to us and obtain the necessary information and action changes, corrections or deletions of your Personal Data, we have decided to provide you with a portal, which can show you the Billing Data and Account Data we have collected from you as well as your email preferences.
We undertake all the actions necessary to ensure security of your Personal Data.
You are legally entitled to receive information related to processing your Personal Data. To exercise this right, you have to submit a request to contacts indicated below in the Contact Us section.
You have the right to revoke the consent at any time by sending us an e-mail at contacts indicated below via sending an email to [email protected]. Once we receive the revocation notice from you we will stop processing and destroy your Personal Data, except as necessary to provision the contract or service to you. However, please note once you have revoked your consent, we may not be able to provide to you the products and services you request and may not be able to ensure proper work of our products.
We do not transfer your Personal Data to the countries that are not deemed to provide adequate protection to the individuals’ rights in the area of data privacy.
We do not offer, sell, or otherwise make available our products or services that have access to, collect and process (or allow us to do the same) Personal Data of third parties in the Russian Federation without the consent of such third parties.
If any provisions of this Policy contradict the provisions of this section, the provisions of this section shall prevail.
California Privacy Rights
This section applies to California, USA residents:
Categories of collected personal information
You can see all categories of collected personal information listed in the section Personal Data We Process.
Sources from which the personal information is collected
You can find information about the sources of data in the section Personal Data We Process.
Business or commercial purpose for collecting or selling personal information
You can find all purposes of processing your personal information listed in the section Why We Process Your Personal Data.
Categories of third parties with whom the business shares personal information
You can find all categories of recipients of personal information listed in the section How We Diclose Your Personal Data. NETSTAIRS does not sell (as such term is defined in the California Consumer Privacy Act) your personal information we collect (and will not sell it without providing a right to opt out). Please note that we do use third-party cookies for our advertising purposes as further described in our cookies policies.
You have the right to:
Right to opt out of Notifications & Sale
If your personal information is subject to a sale you have the right to opt out from that sale through a link to a website which will be given to you now of collection of personal information. We will respect your decision to opt out for at least 12 months before asking you again to authorize the sale of your personal information.
You can submit your requests using contacts indicated below in the Contact Us section. If you are a California resident under the age of 18, you may be permitted to request the removal of certain content that you have posted on our websites. You can also designate an authorized agent to exercise these rights on your behalf.
To exercise any of your rights, or if you have any other questions or complaints about our use of your Personal Data and its privacy, write our Privacy Team through the most convenient channel below:
We are registered as NETSTAIRS.COM, INC. is a Florida “C” Corporation address is Cypress Business Park Center, 6750 N. Andrews Ave. Suite 200. Fort Lauderdale, FL. 33308 USA. You can always reach us by email at [email protected]. Please type “PRIVACY REQUEST” in the message line of your email so we can have the appropriate member of the NETSTAIRS team respond.
If you prefer, you can send paper mail to NETSTAIRS.COM, Inc. Attention: Compliance. Cypress Business Park Center, 6750 N. Andrews Ave. Suite 200. Fort Lauderdale FL. 33308 USA Be sure to write “Attention: PRIVACY COMPLIANCE” in the address so we know where to direct your correspondence.
Data Protection Officer
As required under the GDPR, we have a data protection officer (DPO) to monitor our compliance with the GDPR, provide advice where requested and cooperate with supervisory authorities. You can contact our data protection officer via [email protected]