Documents & Resources

Welcome to BotGuard Knowledge Base

BotGuard Knowledge Base

Please login to see your partner documents.Login

Last updated on: 17.09.2020

  1. DEFINITIONS

    This Privacy Policy is adopted by Botguard OÜ (registry code 14847036, address Pärnu mnt 22, 10141 Tallinn, Estonia, e-mail info@botguard.net) (“BotGuard”, “Provider” or “we”, “us” or “our”). BotGuard is the owner and operator of Botguard website located at www.botguard.net and its subdomains (“Web Site”), and provides the cloud-based BotGuard solution, including the software, databases, interfaces, associated media, documentation, updates, new releases and other components or materials incorporated therein or integrated therewith, that enables to protect websites against malicious bots, crawlers, scrapers, and hacker attacks (hereinafter collectively “Platform” or “Portal”).

    Unless defined in this Privacy Policy, the terms used in Privacy Policy are used in the meaning given to them in Article 4 of the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”).

    This Privacy Policy sets out the principles of processing your personal data by BotGuard. If you have any questions about how we process your personal data or if you wish to submit an application for exercising your rights related to processing your personal data, please contact us through the contact information provided in the section "Contacts" below.

    “Service” The Portal based website cloud bot traffic management and protection service provided by BotGuard, including software technology.
    “Personal data” Any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular on the basis of such a record as the name, personal identification code, place of location information or network identifier, or on the basis of one or more physical, physiological, genetic, mental, economic, cultural or social identities.
    “Data subject” Natural person whose personal data is processed by BotGuard.
    “Processing” Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
    “Customer” Any private individual or legal entity other than the Provider that uses the Service as an end user, and not for the purposes of distribution or resale.
    “Hosting provider” Legal entity that uses the Service for the purposes of distribution or resale.
    “Customer personal data” Personal data related to any person (Customer or Hosting provider) who has entered into agreement with BotGuard and to whom we provide the Service.
    “Data controller” Natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. For the purposes of this Privacy Policy, BotGuard is the data controller of its Customers’ personal data.
    “Data Processor” Natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. As part of provision of the Service, BotGuard acts as Data Data Processor for its Customers or Hosting providers who use BotGuard Service on their websites or as part of their services.
  2. WHY WE PROCESS CUSTOMER PERSONAL DATA AND WHAT PERSONAL DATA DO WE PROCESS AS DATA CONTROLLER?
    1. When the Customer or the Hosting provider has opted to use our Portal and Service, we need to process your personal data to enable the Service.
    2. Upon the provision of the Service, we process Customer personal data that is submitted to us directly by the Customers or the Hosting providers in the course of using our Service. Such data includes the following data:
      1. general personal information: name (first name, last name);
      2. contact details: e-mail address and password used for creating account via Portal;
      3. website details: website address(es) and other details concerning the website(s) related to which the Service is used;
      4. payment data: if the use by the Service is subject to any fees, then payment data related to the use of the Service.
    3. We also process Customer personal data that is submitted to us directly by any data subject, for example if data subject contacts us with a query or question via Portal or via any other channel (by sending an e-mail, for example). In such a case we process Customer personal data included in the inquiry to the extent that is necessary to respond to it.
    4. Upon maintaining the Portal, we may also process usage data. We may process information about how our Portal is used. Information about the usage of the Portal may be processed for the purposes of development and improvement of the Service.
  3. WHAT IS THE LEGAL BASIS FOR PROCESSING CUSTOMER PERSONAL DATA?
    1. We process Customer personal data to provide the Service in accordance with BotGuard Terms of Service, as available on our Web Site or in accordance with the terms of agreement entered with the respective Customer/Hosting provider. Legal basis for such data processing is GDPR Article 6-1-(b), i.e. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
    2. In certain specific situations we might also process Customer personal data where processing of personal data is necessary for the purpose of our legitimate interests pursued by us. Legal basis for such data processing is GDPR Article 6-1-(f). In such a case we shall ensure that processing is proportionate and that we have carried out legitimate interest impact assessment. For example, for the purpose of our legitimate interest we analyse how our Service and Portal are used by the Customers and Hosting providers so we can provide better service.
    3. .In certain specific situations we may also process Customer personal data based on the consent. Legal basis for such data processing is GDPR Article 6-1-(a). In those situations, we process Customer personal data on the terms as provided in the consent that has been granted to us by each data subject.
    4. Additionally, we might process Customer personal data when processing is necessary for compliance with a legal obligation to which we are subject, for example for accounting purposes under applicable accounting legislation or when Customer personal data is requested from us on the basis of valid request by competent authorities, such as on the basis of valid court order issued by the court. Legal basis for such data processing is GDPR Article 6-1-(c).
  4. WHEN DO WE SHARE CUSTOMER PERSONAL DATA?
    1. To the extent this is necessary for the provision of our Service, we may share your personal data with certain third parties.
    2. We may also share your personal data with third party suppliers providing services to us, e.g. IT suppliers or other service providers. At the moment of adopting this Privacy Policy, we use the following service providers:
      1. Hetzner Online GmbH for data storage and data centre service. We use Hetzner data centre located in the EU, in Gunzenhausen, Germany. Privacy terms for Hetzner Online are available here: https://www.hetzner.com/rechtliches/datenschutz;
      2. Hetzner Finland Oy for data storage and data centre service. We use Hetzner data centre located in the EU, in Tuusula, Finland. Privacy terms for Hetzner Online are available here: https://www.hetzner.com/rechtliches/datenschutz;
    3. As a general rule, we do not transfer personal data to third countries, i.e. countries outside the EU/EEA area, for the purposes explained in this Privacy Policy. However, when transferring personal data to third countries, we will ensure that the transfer is subject to appropriate safeguards under GDPR and that your rights are protected.
  5. HOW LONG IS CUSTOMER PERSONAL DATA RETAINED?
    1. Botguard does not retain personal data longer than it is necessary for the purposes of processing personal data or pursuant to applicable law.
    2. Personal data related to contracts can be retained during the term of the contract and based on our legitimate interest pursuant to Article 6 (1) (f) of the GDPR until the end of the statutory limitation periods under applicable law. Accordingly, as a general rule, Botguard retains Customer Data collected in relation to the provision of the Service as long as it is necessary for the provision of the Service during the term of the contract concluded between Customer and Botguard and for 3 years after the term of the contract. In this regard, as a general rule, if the Customer has not used our Portal for 3 years (you have not logged in to your profile on our Portal for 3 years), your profile and all personal data therein will be deleted, unless we have a legal basis for retaining your personal data for longer time period.
    3. Pursuant to the Accounting Act, we retain accounting documents for 7 years.
  6. DATA PROCESSING AS DATA PROCESSOR
    1. .As part of provision of our Service to Customers/Hosting providers, we process a limited amount of personal data concerning the persons who enter or try to enter to the webpages of our Customers or who try to enter to the web pages managed by the Hosting providers. This data includes mostly technical data and cannot be associated with any particular data subject by us. However, in conjunction with additional data not obtained by us (for example, on the basis of data obtained by telecommunications service providers), this technical data could be also associated with specific data subject.
    2. If you try to enter the webpage on which the Service is used, the following data about you is processed by us:
      1. IP-address used to enter to the webpage, country of you location, your internet service provider;
      2. full HTTP(S)-request of the software used by you and the operating system used by you;
      3. metadata about the connection (TLS handshake data, various properties of network packets)
    3. Based among other data on the data outlined above, BotGuard software solution will automatically determine whether the visitor of the webpage is a human user, legitimate search engine bot, a malicious bot or hacker and access to the webpage by malicious bot or hacker will be denied.
    4. Data collected as a Data Processor is retained by us for a maximum of 3 months.
  7. HOW DO WE PROTECT PERSONAL DATA?

    To protect your personal data from unauthorized access, unlawful processing or disclosure, accidental loss, modification or destruction, we use appropriate technical and organisational measures that comply with applicable laws. These measures include but are not limited to the implementation of appropriate computer security systems, protection of paper and electronic format files by technical and logical means, controlling and limiting access to documents and buildings.

  8. COOKIES
    1. Our Portal uses cookies. This section incorporates our cookie policy (the Cookie Policy) that applies when you use Portal.
    2. .Cookies are small data files stored on your hard drive by a website. Cookies help us monitor and improve the functionality and usage of our Portal and your experience on Portal. We can use cookies to see which areas and features are popular and to count visits to our Portal to recognise you as a returning visitor and to tailor your experience of the Portal according to your preferences. We may also use cookies for targeting or advertising purposes.
    3. We use following type of cookies on our Portal:
      1. Strictly necessary cookies, that are essential in order to enable you to move around and navigate on Platform and use the features of Portal.
    4. The specific cookies that Portal uses are the following:
      Name Purpose Retention period
      _gat_* This is a Google Analytics cookie. This allows the web site to obtain data on visitor behaviour for statistical purposes 1 day
      _ga This is a Google Analytics cookie. This allows the web site to obtain data on visitor behaviour for statistical purposes 2 years
      _gid This is a Google Analytics cookie. This allows the web site to obtain data on visitor behaviour for statistical purposes. 1 day
      session Used by BotGuard to temporarily store navigation and access details for a logged user. Session
      __stripe_mid This is a Stripe payment gateway cookie used by Stripe for payment fraud prevention. 1 year
    5. You can delete or block cookies on Portal through your browser settings at any time. However, some cookies might be necessary for the functionality of Portal. Therefore, you understand that when blocking or deleting the cookies some features of Portal might not function correctly.
    6. For more general information about cookies including the difference between session and persistent cookies please see www.allaboutcookies.org.
    7. In case you have any question concerning Cookie Policy, you may contact us via contact details provided below.
  9. DATA SUBJECT RIGHTS
    1. Botguard is dedicated ensuring that all data subject rights arising under applicable law are always guaranteed to you. In particular, any data subject has:
      1. the right to access the personal data that Botguard processes about you;
      2. the right to request that Botguard rectifies any inaccurate personal data about you;
      3. the right to request that Botguard erases your personal data and/or restricts processing of your personal data if we do not have valid legal basis for processing;
      4. the right to receive your processed personal data in a structured, commonly used and machine-readable format and have the right to transmit your personal data to another controller;
      5. the right to object to the processing of your personal data.
    2. .If you believe that your rights have been infringed, you may contact and lodge a complaint to the supervisory authority applicable for your jurisdiction (Data Protection Inspectorate in Estonia address Tatari 39, Tallinn 10134, info@aki.ee or other competent authority in your jurisdiction).
  10. GOVERNING LAW AND JURISDICTION

    This Privacy Policy shall be governed by the laws of the Republic of Estonia. Any disputes arising from these Privacy Policy shall be settled in the Harju County Court in the Republic of Estonia, unless you have a right to turn to the court of your residence pursuant to statutory law.

  11. CONTACTS

    If you have any questions about this Privacy Policy or Cookie Policy or if you have any concerns about how we use your personal or if you want to exercise your rights as described above, you may contact us via e-mail or in writing using the following contact information:

    Botguard OÜ

    address Pärnu mnt 22, 10141 Tallinn, Estonia,

    e-mail info@botguard.net