Privacy Policy

Effective date: 27.10.2025
Last updated: 27.10.2025

This Privacy Policy explains how we collect, use, disclose, and protect personal data in connection with the mobile proxy marketplace (the “Platform”). It complements our Terms of Service and Refund & Replacement Policy. If you do not agree with this Policy, please do not use the Platform.

1) Who we are (Controllers) and contacts

  • INTERNATIONAL TEAL COMPANY PTE. LTD. ("ITC SG") — 216 JOO CHIAT ROAD, #02‑16/6, SOHO LIFE, SINGAPORE, 427483 — primary operator of the Platform.
  • PT DART GROUP INTERNASIONAL ("DART ID") — Banjar Tegalsaat, Desa Pejeng Kangin, Kec. Tampaksiring, Kab. Gianyar, Prov. Bali, Indonesia, 80552 — payment processing for certain transactions.

For Platform operations, ITC SG acts as the data controller. For payment settlement and compliance records, ITC SG and DART ID may act as independent controllers of their respective payment data sets.

Privacy contact: [email protected]

2) What we do not process

We do not provide telecommunications services and we do not route, monitor, filter, or access the content of your proxied traffic. Buyers connect directly to Suppliers’ endpoints. Our systems may handle limited non‑content technical metadata solely for billing, support, fraud‑prevention, and platform security.

3) Data we collect (categories)

We collect the following categories of personal data, either directly from you, automatically through your use of the Platform, or from third parties (e.g., payment and anti‑fraud providers):

  1. Account & identity data: name/alias, email, password hash, country/region, business details (if you register as a Supplier).
  2. Transaction & payment data: order history, amounts, currency, the payment method used, masked PAN or tokenized instrument identifiers (as provided by payment processors), settlement status, chargebacks/refunds, Account Balance ledger entries, and applicable tax data.
  3. Technical & device data: IP address, language, time zone, referrer/UTM, cookie IDs, session IDs, and limited connection metadata (timestamps and endpoint/handshake outcomes).
  4. Support & communications: tickets, emails, chat transcripts, and attachments you voluntarily provide (we instruct you not to include traffic content).
  5. Compliance data (where required): KYC/KYB documentation, sanctions/AML screening results.
  6. Marketing & analytics data: page views, events, campaign attribution, and preference/consent records (cookie/CMP logs).
  7. Supplier data (for Suppliers): payout details, inventory/listings, performance metrics, and compliance attestations.

4) Purposes and legal bases (GDPR/UK GDPR)

We process data for the purposes and under the legal bases below:

  • Provide and operate the Platform (create/manage accounts, deliver orders, Account Balance/cashback, support) — Art. 6(1)(b) contract.
  • Payments, refunds, tax, and accountingArt. 6(1)(b) contract and Art. 6(1)(c) legal obligation.
  • Security, fraud, and abuse prevention (rate‑limiting, anomaly detection, sanctions screening) — Art. 6(1)(f) legitimate interests and, where applicable, Art. 6(1)(c).
  • Customer support and diagnostics (non‑content logs) — Art. 6(1)(b)/(f).
  • Analytics and service improvement (aggregate/product analytics) — Art. 6(1)(f) legitimate interests; where cookies/trackers require consent, Art. 6(1)(a) consent.
  • Direct marketing for our own services (emails about our offers/updates) — Art. 6(1)(f) legitimate interests or Art. 6(1)(a) consent as required; opt‑out at any time.
  • Legal compliance and claims (responses to lawful requests, enforcement of ToS/AUP) — Art. 6(1)(c)/(f).

We do not "sell" personal data and do not "share" it for cross‑context behavioral advertising within the meaning of the CCPA/CPRA. If this changes, we will provide required notices and opt‑out mechanisms.

5) Cookies and similar technologies

We use cookies and similar technologies to run the Platform, remember preferences, protect accounts, measure performance, and attribute campaigns. Where required, we display a consent banner/CMP and store your choices. You can change preferences at any time in the cookie settings. Some strictly necessary cookies cannot be disabled.

6) How we disclose data (recipients)

We disclose personal data only as necessary for the purposes above:

  • Payment processors and gateways (cards, bank transfers, e‑wallets, crypto processors);
  • Cloud hosting and infrastructure providers;
  • Analytics and marketing tools used for our own service and audiences (no cross‑context ad sales);
  • Customer support/ticketing and communications platforms;
  • Fraud‑prevention, sanctions/AML, and KYC/KYB providers (where applicable);
  • Professional advisers (legal, accounting) and auditors;
  • Government authorities and law enforcement where required by law;
  • Corporate transactions (merger, acquisition, or asset transfer), with safeguards.

All vendors act as processors on our instructions unless stated otherwise (e.g., independent payment controllers). We maintain contracts and appropriate safeguards.

7) International transfers

Where data is transferred outside your country (e.g., from the EEA/UK to non‑EEA/UK countries), we implement safeguards such as EU Standard Contractual Clauses (SCCs), UK IDTA/Addendum, and additional measures where needed. You can contact us for a copy of the relevant transfer mechanism (with redactions).

8) Retention

We retain personal data for no longer than necessary for the purposes set out above:

  • Account data — for the life of the account and up to 24 months after closure (unless longer required by law or to resolve disputes).
  • Transaction/financial records — up to 7 years (statutory/accounting).
  • Technical diagnostics/logs (non‑content) — up to 30–90 days unless needed for investigations.
  • KYC/KYB and sanctions screening — per legal requirements (typically 5–10 years, depending on jurisdiction).
  • Marketing and analytics — typically 24 months or as configured by the tool, unless you withdraw consent/opt‑out.
  • Cashback and Account Balance ledgers — as long as necessary to account for usage, expiry, and audit (see ToS).

9) Your rights

Depending on your location, you may have the following rights:

GDPR/UK GDPR (EEA/UK): access, rectification, erasure, restriction, portability, and objection (including direct‑marketing opt‑out), plus the right to withdraw consent at any time where processing relies on consent. You also have the right to lodge a complaint with your data protection authority.

CCPA/CPRA (California): right to know/access, delete, correct, and to opt‑out of sale or sharing (not currently applicable because we do not sell/share as defined), and to limit the use of sensitive personal information (not used for additional purposes). We honor Global Privacy Control (GPC) signals where applicable.

To exercise rights, contact [email protected]. We may need to verify your identity. We aim to respond within 30 days (GDPR/UK) or 45 days (CCPA), subject to extensions permitted by law.

10) Children and minors

The Platform is intended for adults and business users only. You must be 18 years or older to create an account or use the Platform. We do not knowingly collect personal data from anyone under 18. If you are under the applicable age of consent in your region (e.g., 13 in the U.S. under COPPA; up to 16 in parts of the EEA/UK), do not use the Platform or provide personal data. If we become aware that we have collected personal data from a person below the applicable age, we will take steps to delete the data and, where appropriate, disable the account. Parents/guardians who believe a child has provided data may contact [email protected].

11) Security

We implement technical and organizational measures appropriate to the risk, including encryption in transit, access controls and logging, least‑privilege principles, and vendor due diligence. No system is 100% secure; we maintain incident response procedures and will notify regulators/users of breaches when legally required.

12) Marketing

We may send you service announcements and updates. You can opt‑out of non‑essential marketing at any time via the link in emails or by contacting support. Opt‑out does not affect transactional or safety messages.

13) Do Not Track and signals

Our Platform does not respond to browser Do Not Track (DNT) signals. Where required, we honor GPC signals to effect opt‑outs under applicable law.

14) Changes to this Policy

We may update this Policy. Material changes will be notified via the Platform or email where feasible. The “Last updated” date indicates the latest version.

15) How to contact us

  • Privacy inquiries: [email protected]
  • General support: [email protected]
  • Postal address (primary controller): INTERNATIONAL TEAL COMPANY PTE. LTD., 216 JOO CHIAT ROAD, #02‑16/6, SOHO LIFE, SINGAPORE, 427483.
  • Payment entity: may be ITC SG or PT DART GROUP INTERNASIONAL (see your receipt).