1. Introduction
NetSurf ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.
Scope of This Policy
This policy applies to:
- Our website: netsurf.pk
- Our internet services and products
- Customer support and communications
- Marketing and promotional activities
- All users of our services worldwide
Compliance Statements
NetSurf complies with:
- GDPR: General Data Protection Regulation (EU) 2016/679
- CCPA: California Consumer Privacy Act
- PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
- LGPD: Lei Geral de ProteΓ§Γ£o de Dados (Brazil)
2. Information We Collect
2.1 Personal Information
We collect personal information that you provide directly to us:
Contact Information
- Name and surname
- Email address
- Phone number
- Mailing address
- Company/organization
Account Information
- Username and password
- Account preferences
- Service history
- Billing information
- Payment details
Technical Information
- IP address
- Device information
- Browser type and version
- Operating system
- Service usage data
2.2 Automated Collection
We automatically collect certain information when you use our services:
2.3 Third-Party Sources
We may receive information from:
- Business partners and service providers
- Social media platforms (when you connect your account)
- Publicly available sources
- Marketing and advertising partners
3. How We Use Your Information
Service Provision
- Provide and maintain our services
- Process transactions and payments
- Manage your account
- Provide customer support
Communication
- Send service-related communications
- Respond to inquiries and support requests
- Send marketing communications (with consent)
- Provide updates and notifications
Improvement & Analysis
- Improve our services and website
- Conduct research and analysis
- Develop new features and services
- Monitor service performance
Legal & Security
- Comply with legal obligations
- Enforce our terms and policies
- Protect our rights and property
- Prevent fraud and abuse
Legal Basis for Processing (GDPR)
Under GDPR, we process your personal data based on:
- Consent: When you have given clear consent
- Contract: To fulfill our contractual obligations
- Legal Obligation: To comply with legal requirements
- Legitimate Interests: For our legitimate business interests
4. Information Sharing and Disclosure
4.1 Service Providers
We share information with trusted service providers who assist us in operating our business:
4.2 Legal Requirements
We may disclose your information when required by law or to protect our rights:
- To comply with legal obligations
- To respond to lawful requests from authorities
- To protect our rights, privacy, safety, or property
- In connection with business transfers or mergers
4.3 International Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:
EU-US Data Privacy Framework: We comply with the EU-US Data Privacy Framework for transatlantic data transfers.
Standard Contractual Clauses: We use EU-approved Standard Contractual Clauses for international data transfers.
5. Data Security
Our Security Measures
We implement appropriate technical and organizational measures to protect your personal data:
Encryption
Data encryption in transit and at rest using industry-standard protocols (TLS 1.3, AES-256)
Access Controls
Role-based access controls and multi-factor authentication for system access
Security Audits
Regular security assessments, penetration testing, and vulnerability scanning
Compliance
ISO 27001 certified security management system
β οΈ Important Security Notice
While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.
Your Role: Keep your account credentials secure and notify us immediately of any unauthorized access.
6. Your Privacy Rights
6.1 Rights Under GDPR
If you are in the European Economic Area, you have the following rights:
Right to Access
Request access to your personal data and information about how we process it.
Right to Rectification
Request correction of inaccurate or incomplete personal data.
Right to Erasure
Request deletion of your personal data in certain circumstances.
Right to Restriction
Request restriction of processing your personal data.
Right to Data Portability
Receive your personal data in a structured, commonly used format.
Right to Object
Object to processing of your personal data in certain situations.
6.2 Rights Under CCPA
If you are a California resident, you have the following rights:
- Right to Know: Request information about data collection and sharing
- Right to Delete: Request deletion of personal information
- Right to Opt-Out: Opt-out of sale of personal information
- Right to Non-Discrimination: Not receive discriminatory treatment for exercising rights
6.3 How to Exercise Your Rights
To exercise your privacy rights, please contact us using the information below. We will respond within 30 days.
Verification: We may need to verify your identity before processing your request.
Fees: We do not charge fees for legitimate requests, except for repetitive or excessive requests.
Response Time: We aim to respond to all requests within 30 days.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
9. Children's Privacy
Protecting Children's Privacy
Our services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to delete such information.
Age Restrictions by Region:
- GDPR: Age of consent is 16 (member states may lower to 13)
- COPPA (US): Under 13 years old
- CCPA: Under 16 years old (opt-in required for sale)
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
Continued Use: Your continued use of our services after any changes constitutes acceptance of the updated Privacy Policy.
Review Policy: We encourage you to review this Privacy Policy periodically for any changes.
11. Contact Us
Data Protection Officer
For questions, concerns, or requests regarding this Privacy Policy or your personal data:
privacy@netsurf.pk
Phone
+92 370 8207172
Mon-Fri 9AM-5PM PKT
Data Protection Officer
NetSurf Inc.
Mezzanine Floor, Hyder Plaza, Block 5, Gulshan-e-Iqbal
Karachi 75300, Pakistan
Pakistan
Regulatory Authorities
If you have unresolved privacy concerns, you have the right to contact your local data protection authority:
EU/EEA Residents
Contact your national data protection authority or the European Data Protection Board.
UK Residents
Information Commissioner's Office (ICO)
Website: ico.org.uk
California Residents
California Attorney General's Office
Website: oag.ca.gov