Last updated:03 March 2024 - 00:20 UTC
We, CompassVPN and its affiliates, are committed to protect your privacy. We limit the
collection of your data that is required to maintain the service.
This Privacy Policy describes how we collect, use, and share your data in connection
with your use of our websites (including www.compassvpn.com), services, and applications
(collectively, "CompassVPN "). The Privacy Policy does not apply to data that you send
and/or receive from third party websites that you may process through CompassVPN.
1. COLLECTION OF DATA
1.1 Data we do NOT collect
We do NOT collect the following data:
① Names
② Addresses
③ Phone numbers
④ Payment details
a. We do not collect your payment details for CompassVPN. We do not collect or store
credit card numbers, bank account numbers, or billing records.
b. When you make payments to us, CompassVPN may redirect you to the website of a
third-party payment processor to complete the transaction. To understand what
personal
data the third-party processor collects and stores, please refer to the respective
processor's terms and privacy policy.
c. We do NOT collect sensitive data as we've engineered our systems to categorically
eliminate the storage of sensitive data.
We do NOT collect any data related to your online activities, including:
① Browsing activities
② Traffic destination
③ Data content
④ DNS queries
We do NOT collect data of your connection logs, including:
① Your original IP addresses
② Your outgoing VPN IP addresses
③ Connection timestamps
④ Session durations
1.2 Data we collect
We limit the collection of your data. We only collect data that is required to maintain CompassVPN.
1.2.1 Data that you give us
We collect the data that you give us through your interaction with CompassVPN. The
amount
of data you give us depends on your privacy settings. When you register for an account,
we may ask for your email address. It is optional because not connecting email won't
affect the account signup, but if you can choose to connect an email, we would use your
email to:
① Communicate with you,
② Send you updates and announcements, or
③ Send marketing information, such as our offers, surveys, invitations, and other
content.
If you contact us directly, we may receive data such as your name, email address, phone
number, the contents of the message and/or attachments you may send us, and any other
personal data you may choose to provide to us in your communication to us.
You may withdraw your consent to our use of your email address for the above
purposes.
1.2.2 Data that you give us
We collect the data that you give us through your interaction with CompassVPN. The
amount
of data you give us depends on your privacy settings. When you register for an account,
we may ask for your email address. It is optional because not connecting email won't
affect the account signup, but if you can choose to connect an email, we would use your
email to:
① Communicate with you,
② Send you updates and announcements, or
③ Send marketing information, such as our offers, surveys, invitations, and other
content.
If you contact us directly, we may receive data such as your name, email address, phone
number, the contents of the message and/or attachments you may send us, and any other
personal data you may choose to provide to us in your communication to us.
You may withdraw your consent to our use of your email address for the above
purposes.
2. USE OF DATA
We use, combine, and process your data for the following purposes:
2.1 Security
We authenticate your use of CompassVPN by assigning a unique identifier to you while you
register for the service via your email address. This unique identifier identifies you
through your device identification code without reference to other data. The purpose of
the unique identifier is for us to determine the level of service you have signed up for
before we establish your CompassVPN connection.
We do not use other forms of your data to verify your identity.
2.2 System diagnostics
We use your data related to your CompassVPN usage to perform internal operations
necessary to maintain CompassVPN. This includes troubleshooting operational problems,
conducting data analysis, and analysing activity trends.
2.3 Customer support
We use your data to resolve customer support issues. For example, we may investigate and
address concerns, monitor and improve our customer support responses, respond to your
questions, and feedback, and inform you of steps taken to resolve customer support
issues.
We may communicate with you to provide you with updates relating to CompassVPN, and for
marketing and promotional purposes.
2.4 Research and development
We use your data to understand your use of CompassVPN to improve our products, services,
features, and functionality.
2.5 Service providers
We use data from service providers and third-party vendors to provide and market
CompassVPN.
3. SHARING AND TRANSFER OF DATA
We share and transfer your data in various ways, including the following:
3.1 Aggregated anonymous data
We use and share your data with our partners in aggregated or anonymised form that
cannot be used to identify individual users.
3.2 Referral
If you sign up for CompassVPN through a referral from a friend, we may let your friend
know that you used their referral to sign up for CompassVPN.
3.3 Analytics
We share and transfer your anonymised statistics and analytics data for network
diagnostics.
3.4 Business transfers
Your data may be disclosed and otherwise transferred to any potential acquirer,
successor, or assignee as part of any proposed merger, acquisition, debt financing, sale
of assets, or similar transaction, or in the event of insolvency, bankruptcy, or
receivership.
3.5 With your consent
With your consent and instruction, we may share your data.
3.6 International data transfers
We may process your data to any countries in which we engage service providers. You
acknowledge the transfer of your data outside of the country where you reside. We will
ensure your data is protected before transferring the data.
4. SECURITY MEASURES
We implement robust security measures to protect your data from unauthorised access,
collection, use, disclosure, copying, modification, disposal, or similar risks. We
ensure that our computer networks are secure. We adopt access control measures. Our
staff's access to your data is restricted to a need-to-know basis.
We do not collect or store any traffic data or personal data in our data centres.
5. DATA RETENTION
We retain your data when we have an ongoing legitimate business need to do so, such as
providing you with a service you requested, or complying with applicable legal, tax, or
accounting requirements.
When we have no ongoing legitimate business need to process your data, we will delete or
anonymise it. If it is not possible to delete or anonymise your data (for example,
because it has been stored in backup archives), then we will securely store it and
isolate it from any further processing until deletion is possible.
6. RIGHT TO BE FORGOTTEN
We will erase your data when:
① Your data is no longer necessary for the purpose which we originally collected or
processed it for.
② You withdraw your consent to us holding your data, and we are relying on your consent
as the lawful basis for holding on to your data.
③ You object to our processing of your data, and there is no overriding legitimate
interest for us to continue such processing; or
④ We are processing your data for direct marketing purposes and you object to that
processing.
7. THIRD-PARTY SERVICES
You may access other third-party services while using CompassVPN, for example, by
clicking on links of third-party services from within CompassVPN. We are not responsible
for the privacy policies and/or practices of these third-party services. We encourage
you to carefully review their privacy policies.
8. ADVERTISING
1) Paid CompassVPN
For paid CompassVPN, we do not work with third party advertising partners.
2) Free CompassVPN
For free CompassVPN, we work with third party advertising partners to offset the cost of
providing our services. We do not target advertisements based on your data. We do not
share or use your data in connection with third party advertisers without your prior
consent.
Third party advertising partners may set and access their own cookies, pixel tags, and
similar technologies on our services, and may otherwise collect or have access to data
about you which they may collect over time and across different online services.
9. CHILDREN's PRIVACY
We encourage parents and guardians to teach their children about privacy and how their
information may be used on the Internet. Children should never disclose their name,
address or phone number, or any personal information, without their parents' or
guardian's prior permission.
We consider a user to be a child if they are under the age of 13, unless more stringent
regulation applies in their state of residence.
If we consider that any of our services are directed at users under the minimum legal
age required in their country of residence, we can block such users from using the
services or from providing information and/or limit the collection of information from
such users as described below in more detail.
No personal information should be submitted to CompassVPN by users under the minimum
legal age required in their state of residence. We apply the following limitations to
personal information collection for a user that is not of the minimum legal age required
in their state of residence.
Such a user cannot:
display their real name or any information in CompassVPN
access the chat, forums, social medias
subscribe to newsletters
use any other feature where users could appear under their real names
With respect to such a user, we will prevent the collection and use of their precise
geolocation data and display to them contextual advertising only (excluding any
behavioral advertising).
Children can be invited to take part in testing our apps with their parents' or
guardians' authorization and/or their parents' or guardians' physical presence being
required depending on the state where the playtest is conducted.
Parents must exercise their privacy rights for their children provided in this Privacy
Policy.
10. ORDERS COMPELLING THE DISCLOSURE OF YOUR DATA
Our collection of your data is limited. We collect your device identification code, and
other data you may volunteer to us when you voluntarily contact us by way of email,
phone, or interactions on CompassVPN's application page on Google Play or App Store. We
do not collect IP addresses, browsing activities, traffic data, or DNS queries that
could be used to identify you. As such, the extent of any disclosure of your data is
limited.
We are committed to safeguarding your data. Nonetheless, we may be compelled to disclose
your data where we are served with a valid court order that is enforceable in Singapore,
an order from law enforcement agencies, or where we are legally obligated to disclose
your data. We will require the recipient of your data to undertake to protect your data,
to a standard that is at least comparable to the protection required under Singapore's
Personal Data Protection Act (“PDPA”).
11. ACCESS
When you become a user of CompassVPN, you may request to access your data that is
associated only with you by emailing [email protected] .
To protect your privacy and security, we may take reasonable steps to verify your
identity before acceding to your request. Upon our approval of your access request,
we will provide you with your data that is in our possession or under our control.
Where applicable, we will provide you with information about the ways in which your
data has been or may have been used or disclosed by us within a year of your
request. We may charge you a fee for the access request.
12. CORRECTION
You may make a request to correct an error or omission about your data that is in our
possession or control, by emailing [email protected].
We will consider whether the correction should be made. If such correction is to be
made, we shall correct your data as soon as practicable and send the corrected data
to every other organisation to which your data was disclosed by us within a year
before the date the correction request was made, unless that other organisation does
not need the corrected data for any legal or business purpose.
To protect your privacy and security, we may take reasonable steps to verify your
identity before correcting your data. Your data may be archived or stored
periodically by us according to backup processes conducted in the ordinary course of
business for disaster recovery purposes.
13. GDPR
If you are a resident of the EEA, we ask that you keep the information that you provide
to us updated. You can correct any information you have provided by contacting us
through this form.
You represent and warrant that all information you provide us is true and correct, and
relates to you and not to any other person.
You can exercise your rights at any time and ask CompassVPN for access to, or
rectification or erasure of, your information.
Please note that other third parties (our data partners) may be controllers of your
information. You can obtain more details and opt out of the sharing of your personal
information to third parties for any purpose by contacting us by emailing
[email protected].
If you have previously consented to any direct marketing communication from us or
subscribed to our newsletters, you can unsubscribe by clicking on a link available
in each communication and newsletter we send you.
Please note that VPN functionality, services and features can be affected by your
actions. Some of your information and its processing is mandatory for CompassVPN to
provide the services.
Your actions may force CompassVPN to cease providing the services. When the
conditions below apply, it will be reset:
① If you ask for the modification of this mandatory information, we may not be able
to continue to link CompassVPN or our services to you.
② If you request limitations to processing that are mandatory for CompassVPN, or you
object to such processing (in which case, we may not be able to provide you with
CompassVPN or our services).
③ If you withdraw your consent or ask for the deletion of your information.
④ If you withdraw your consent or ask for the deletion of your information, we will
not use or process your information anymore but we will store it to answer
regulatory or police requests. We also reserve the right to retain an archive of
such information for a commercially reasonable time to ensure that its deletion does
not affect the integrity of our data; and we further reserve the right to retain an
anonymous version of such information.
Please specify your request by emailing [email protected].
If you are the parent of a child who is under 13 years of age (or under another
age specified by applicable regulations) and believe your child has provided us
with information, please fill out by emailing [email protected] and we will delete
the
information from our system.
To preserve the confidentiality of your information, we must be able to
correctly identify you. For this reason, please provide us with a copy of an
official document to prove your identity. This copy will be safely destroyed
within two months of your request being received and closed.
Our team will look into your request and answer you within one month, unless
your request requires further investigation. You'll be specifically informed
if that is the case.
14. CCPA
The California Consumer Privacy Act of 2018 (CCPA) permits California residents to
request from a business, with whom the California resident has an established business
relationship, certain information about the types of personal information the business
has collected, shared with, and/or sold to third parties for a business or commercial
purpose during the immediately preceding calendar year.
As a Californian consumer, you also have the right, at any time, to opt out of any type
of selling of your personal information.
Please note that we do not sell your personal information to provide CompassVPN or our
services described in this Privacy Policy. Our partners and providers who work with us
may have access to your personal information in order to provide you with the services
within the limits and throughout the duration of our agreement, but they can't reuse
your personal information for any other purposes. Our contracts are strictly drafted to
protect your personal information and your privacy rights.
15. BREACH NOTIFICATION
We will report serious breaches of your data to the relevant supervisory authority to
ensure your data is protected.
16. CHANGES TO THIS PRIVACY POLICY
To ensure compliance with applicable laws, this Privacy Policy may be modified from time
to time without prior notice to you. Your continued use of CompassVPN constitutes your
acceptance of our Privacy Policy. Changes to this Privacy Policy will be posted on our
websites.
If we materially change the ways in which we use or share your data previously collected
through CompassVPN, we will notify you through CompassVPN, email, or other
communication.
17. GOVERNING LAW
This Privacy Policy is governed by and construed in accordance with the laws of the
Republic of Singapore.
18. DATA PROTECTION OFFICER
Frank is our Data Protection Officer ("DPO"). The DPO may be contacted at
[email protected].
If you have any questions or concerns about this Privacy Policy, please feel
free to contact us at [email protected].
