PepeProxy Ltd – Privacy Policy

Last updated: 6 May 2025

1. Who We Are

PepeProxy Ltd (registered in Cyprus, "PepeProxy," "we," "our," "us") provides residential proxy services and operates the website at pepeproxy.com (the "Service"). This Privacy Policy explains how we collect, use, disclose and protect your information when you use the Service.

2. The Data We Collect

CategoryDetailsPurposeLegal Basis (GDPR)
Account Data
  • Email address
  • Password (bcrypt‑hashed)
  • Display name (optional, can be pseudonymous)
Create and secure your account, provide the ServiceContract (Art. 6 (1)(b))
Website Metadata
  • IP address, timestamp and user‑agent on login and dashboard requests
Security, fraud prevention, abuse detectionLegitimate interest (Art. 6 (1)(f))
Payment Metadata
  • Payment ID/transaction token from our payment processor (no card details or billing name ever touch our servers)
Process pay‑as‑you‑go chargesContract (Art. 6 (1)(b))
Support MessagesCustomer support, dispute resolutionLegitimate interest (Art. 6 (1)(f))
Cookies
  • Essential session cookie
Keep you logged inContract (Art. 6 (1)(b))

We do not log or inspect the content, destination, or headers of traffic that flows through our proxy nodes.

3. How We Use Your Data

  • Operate, maintain and improve the Service.
  • Authenticate logins and secure accounts.
  • Detect, investigate and stop abuse (e.g., hacking attempts).
  • Bill you for bandwidth consumed.
  • Respond to legal requests where we are obliged to comply.

4. Sharing & Disclosure

We disclose data only:

  1. to our payment processor (for transaction tokens);
  2. to infrastructure providers within the EU who host our dashboard and billing API; and
  3. where required by a valid court order or other legal obligation under Cyprus law.

We have no U.S.‑based subprocessors.

5. International Transfers

Our servers and subcontractors are located in the European Economic Area (EEA). If we ever need to move data outside the EEA, we will use an approved transfer mechanism (e.g., Standard Contractual Clauses) and update this Policy.

6. Retention

  • Account Data & Payment Metadata – kept until you delete your account or 24 months after your last billing event, whichever is sooner.
  • Website Metadata – retained for 30 days for security logging, then anonymised or deleted.
  • Support Messages – retained for the life of the ticket and up to 12 months after closure.

We retain no proxy traffic logs.

7. Your Rights (EEA/UK‑specific)

You may:

  • access, correct or delete your personal data;
  • restrict or object to certain processing; and
  • request data portability.

Send requests to [email protected]. We will respond within 30 days.

8. Children's Privacy

We do not knowingly collect personal data from children under 13. If you believe we have inadvertently done so, contact us and we will delete the data.

9. Security

We use industry‑standard safeguards (encryption in transit, hashed passwords, least‑privilege access). No method is 100% secure; you use the Service at your own risk.

10. Changes to This Policy

We may update this Policy. We will post the revised version on our site and, if the changes are material, email you or display a prominent notice. Updates take effect 14 days after posting.

11. Contact Us

For privacy questions, data‑subject requests or complaints, email [email protected] or write to PepeProxy Ltd, Cyprus.

If you believe we have infringed your privacy rights, you may lodge a complaint with the Office of the Commissioner for Personal Data Protection (Cyprus) or your local supervisory authority.

© 2025 PepeProxy Ltd. All rights reserved.