Genius Plugin Website Firewall privacy

This Privacy Policy describes how your information maybe collected, used, and shared when you visit or make a purchase from geniusplugin.com.

It is essential to clarify and emphasize that any data transmitted from the Client or their web application to the Company’s Service, encompassing but not limited to emails, ticket requests, post and get requests, account details, and any data stored or manipulated by the Company’s Service, must not hold any inherent value of confidentiality or privacy for the Client.

In no case, under any circumstances, can there be a dispute or claim regarding the confidentiality or privacy of such data. This stipulation is founded on the understanding that the Client has no entitlement to transmit any data to the Company that is inherently confidential or private to them. Therefore, it is the Client’s sole responsibility to ensure that any information, data, or content they transmit to the Service does not possess any confidentiality or privacy value.

The Company will not be held liable for any data, information, or content provided by the Client that is transmitted through our Service. It is crucial for the Client to recognize and acknowledge the unrestricted nature of the data they choose to share with the Company’s Service.

This clause is established to safeguard the Company’s position, ensuring clarity and transparency regarding the nature of data that can be transmitted to our Service and to prevent any potential disputes arising from claims of confidentiality or privacy. It is the Client’s responsibility to adhere to these conditions when utilizing our Service.

INFORMATION WE MAY COLLECT

When you visit the Service, we may automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Service, we may collect information about the individual web pages or products that you view, what websites or search terms referred you to the Service, and information about how you interact with the Service. We refer to this automatically-collected information as “Device Information.” Please note that the technologies used to collect data may not always be activated, may be under maintenance, or may produce errors while we believe they are functioning correctly.

We may collect Device Information using one or more of the following technologies:

“Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
“Log files” track actions occurring on the Service, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
“Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Service.

Additionally when you make a purchase or attempt to make a purchase through the Website, we may collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers or paypal), email address, and phone number. We refer to this information as “Order Information.”

When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.

HOW DO WE USE YOUR PERSONAL INFORMATION?

We use the Order Information that we may collect generally to fulfill any orders placed through the Website (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
Communicate with you;
Screen our orders for potential risk or fraud;
When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.

We use the Device Information that we may collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Service, and to assess the success of our marketing and advertising campaigns). We may collect data from users or visitors of the Service; however, this is not always the case for every visitor or user.

SHARING YOUR PERSONAL INFORMATION

We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Google Analytics to help us understand how our customers use the Service.

You can read about how Google uses your Personal Information here You can also opt-out of Google Analytics here

Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

BEHAVIOURAL ADVERTISING

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at www.networkadvertising.org

You can opt out of targeted advertising from these services :
FACEBOOK
GOOGLE
BING

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at optout.aboutads.info .

SERVICE INFORMATION HANDLING AND PRIVACY

This section outlines our data handling practices and privacy measures at the Company. Before subscribing to our services, we strongly recommend that users carefully review this policy to ensure a clear understanding of how we may collect, store, and utilize data.

Subscription and Implementation

Upon subscription to our service plans, users are required to download a “universal” file or dedicated plugins designed for specific website platforms. These files necessitate the input of a license key before activation, ensuring secure integration into their respective websites. Both the file and plugins have a way to add the license key before they can actually run on the client website. And both have a way to specify which part of the user website (front and/or back office) to protect, and thus to collect data from. By subscribing to our service, you directly authorize the Company to collect, transmit, manipulate, store temporarily, or for a specific period described below, any data we need to protect your website.

User Control Over Service Information Transmission

Our Website Firewall provides users with meticulous control over data transmission. Unlike many competitors, users can selectively activate or deactivate the transmission of various data types, including but not limited to all or part of POST content or HEADERS. The ability to enable or disable the sending of POST, HEADER data associated with each request, and the option to activate or deactivate user intelligence tracking is also in the hands of the user. Deactivating all POST content or HEADERS or intelligence tracking is simple and is generally just a checkbox the user ticks. On the other hand, deactivating granular parts of POST or HEADERS must be made directly in the code provided in the file or plugin and requires some programming skills. The Company empowers users to transparently and directly filter each POST and HEADER variable within the plugin code, providing unparalleled granular control over the data sent to the firewall.

Service Information Privacy-Enhancing Measures

To ensure privacy compliance, we utilize hCaptcha as our human challenge system, adhering to regulations such as GDPR, LGPD, PIPL, and CCPA, safeguarding user data.

Ruleset Service Information Safeguarding

Rulesets, which may contain fragments of visitor data (IP & URL), are retained for a maximum of 60 days. This stringent policy ensures that potentially sensitive information is not stored longer than necessary. This process is set for the duration of the active subscription, plus an additional 30 days after the service expiration date. This extension allows users the opportunity to renew their service without the loss of analytics data.

At the Company, we are committed to maintaining the highest standards of data privacy and security. Users who choose not to adhere to these policies are advised not to proceed with the subscription.

Limited Service Information Retention

During an attack, The Company retains only essential fragments of data, including the visitor’s IP and the URL request. The GET, POST, and HEADER used in the attack. Fragments of attacks are retained for the duration of the active subscription, plus an additional 30 days after the service expiration date. This extension allows users the opportunity to renew their service without loss of analytics data.

DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.

LINKS TO THIRD-PARTY WEBSITES
The Website may contain links to third-party websites that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites. We encourage you to review the privacy policies of those websites before providing any personal information.

DATA SECURITY
We take reasonable measures to protect your personal information from unauthorized access, loss, misuse, alteration, or disclosure. However, please be aware that no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

YOUR RIGHTS
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Website), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.

DATA RETENTION

When you place an order through the Website, we will maintain your Order Information for our records unless and until you ask us to delete this information.

MINORS

The Website is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without verification of parental consent, we will take steps to remove that information from our servers.

CHANGES

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail to contact[at]geniusplugin.com