Privacy Policy and GDPR compliance

This Privacy policy, in conjunction with the Terms of Service and other terms and conditions of use which are incorporated herein by reference and may be applicable to specific services, govern your use of PUSHR CDN and are collectively referred to as the "Agreement".

The General Data Protection Regulation (GDPR) becomes effective on 25/05/2018. This privacy policy has been updated to reflect PUSHR CDN's full compliance with the new regulation. Customers that require a written data processing agreement (DPA) with PUSHR CDN should send a request via electronic mail to hello@pushrcdn.com

1. Information collected by PUSHR CDN

PUSHR CDN collects non personally-identifying information such as the browser type, referring site, the date and time of each visit, and also uses third-party analytics tools and heatmap/interest digesting software to better understand how visitors use it's website. PUSHR CDN may release this information to market it's service and to generate reports regarding it's usage.

PUSHR CDN also collects non-personally identifiable information for the usage of it's products by it's customers. This information is being processed automatically and is used for the purposes of statistical data representation for the convenience of the customer inside their control panel, as well as for billing purposes. This data may contain internet bandwidth or data traffic usage, number of processed content requests and geographical data distribution statistics.

PUSHR CDN also collects personally-identifying information like IP addresses. Such information, in addition to any of the information submitted by our customers in their account profiles will not be used for the purposes of marketing or reports generation unless with the explicit opt-in by the customer, or unless required by law.

2. Data Controller

The customer supplies their personally-identifying information and controls how this information is being used by PUSHR CDN. For the purposes of this agreement, the customer acts as a data controller and as such agrees to comply with the requirements applicable under the General Data Protection Regulation (GDPR), as well as any other obligations and requirements that may consist or be a part of applicable laws.

2.1. Age requirements for data controllers

The customer, acting as a data controller in regards to this agreement, agrees not to create, operate or manage in any way or form an account inside PUSHR CDN's infrastructure unless they are at an age of 14 or more years old.

3. Data Processors

In order to render any or all services requested by the customer, as well as to fulfill it's obligations under applicable laws, PUSHR CDN shall process the data supplied by the customer as defined below and acts as a data processor for the purposes of this agreement.

3.1. Data processing by third parties

Where third party services are being used by PUSHR CDN for transmission of communication containing personally-identifying information, or for any data processing, these services shall be audited by PUSHR CDN for full compliance with GDPR.

3.1.1. Third party data processors used by PUSHR CDN

This list of thrid party services used by PUSHR CDN may change at any time without prior notice.

To render any or all of it's services to the customer, PUSHR CDN uses services provided by the following third parties:

1) Mailjet.com, for the purposes of service alerts and automated email notifications. Shared data: email address.

2) Amazon.com, for the purposes of email marketing and updates regarding PUSHR CDN's services, as well as for SMS alerts regarding system events that could negatively effect the good standing of the customer's account. Shared data: email address, phone number (if provided by customer).

3) Crisp.chat, for the purpose of live interaction and support on PUSHR CDN's website. When used, this live chat software may collect the following information, only after it has been provided by the user: email address and phone number.

4) Fraudrecord.com, for the purposes of automatic fraud checks against publicly available databases (see para.5)

5) Vatlayer.com, for the purposes of EU VAT ID check when a VAT ID has been provided by the customer. Shared information: VAT ID

4. Handling of personally-identifying information

All information collected by PUSHR CDN, as detailed below, is being secured via advanced encrytion mechanisms and is stored in a computer environment where no direct access is being provided to third parties, except for the purposes of database administration and maintenance, carried only by PUSHR CDN's employees. A spare backup copy of the information is being stored in an encrypted form on a separate computer system, part of PUSHR CDN's infrastructure, to ensure integrity of collected data in the event of failure of one or more computer systems within our network. This backup copy is being refreshed once per day.

In order to provide services to it's customers, as well as to be compliant with applicable European and Bulgarian laws, PUSHR CDN requires the customer to provide the following information before the purchase of any services available throughout our platform:

1) First and last name, for the purposes of identification, invoicing and account keeping, and fraud check against freely available online databses

2) Company name (where applicable), for the purposes of identification, invoicing and account keeping, and fraud check against freely available online databses

3) VAT number (where applicable), for the purposes of VAT number validity confirmation, invoicing and account keeping 4) Country of residence or country where the customer's company is officially registered, for the purposes of identification, invoicing, accounting and book keeping

5) Billing address, for the purposes of identification, invoicing, accounting and book keeping, and fraud check against freely available online databases

6) IP address which the user has used to register an account with PUSHR CDN, for the purposes of access control and fraud check against freely available online databases, as well as for validation of provided country of residence.

7) Email address, for the purposes of communication with the customer, as well as to grant access to PUSHR CDN's customer panel during a log-in operation, and fraud check against freely available online databases

8) Past invoices, for the purposes of financial planning, accounting, book keeping and law compliance

9) Account top-ups log, for the purposes of error checking of generated invoices and cross-checks of accounting work. Information available in the top ups log contains all details sent by the payment gateway of choice of the customer at the time of payment.

10) Phone number (when provided), for the purposes of automated immediate SMS alerts where an event that could negatively impact the customer's account has been detected by PUSHR CDN's systems.

PUSHR CDN does not collect, nor it has access to financial information, including payment card details, regarding it's customers other than the information available via third-party payment processing gateways at the time of purchase of a PUSHR CDN service. Such information may include name, address and company information of the customer and is subject to processing by the payment gateway(s) in regards to their agreement with the customer, and as such is out of the scope of this Privacy Policy.

4.1. Storage duration for pesonally-identifying information

Unless requested by the customer during cancellation of their services, all information collected by PUSHR CDN will be destroyed 60 days after account suspension or service cancellation. Where one or more of the following events has taken place the information may be kept for longer periods:

1) Where the reason for suspension of services on behalf of PUSHR CDN is due to non-payment or a breach of PUSHR CDN's Terms of Service, for the purposes of submitting the customer's details to the FraudRecord database (see below) and for the purpose of identifying the customer in the future in order to reject services to them.

2) Where ensuring the integrity of the information has been requested by an official authority.

3) Where the customer has explicitly requested that PUSHR CDN does not delete the information on record, or part of it, for the purposes of providing marketing emails regarding PUSHR CDN's service and special discounts applicable to the members of such list in the future.

4.2. Access to collected information

All customers of PUSHR CDN may request to receive a copy of all the information that PUSHR CDN has on file for them. Such requests shall be made via email to the following address: hello@pushrcdn.com and are free of charge. PUSHR CDN reserves the right to apply a fee for the administrative work involved in providing such information in the event that multiple requests have been made by the same customer where no actual change to the personally-identifying information provided by them has been made.

4.3. Requests for removal of personally-identifying information

All customers of PUSHR CDN may request information that PUSHR CDN has on file for them to be destroyed. Such requests shall be made via email to the following address: hello@pushrcdn.com and are free of charge.

4.4. Sharing of personally-identifying information with third parties

Other than for the purposes outlined in 3.1.1. , PUSHR CDN will not submit or knowingly make available any personally-identifying information regarding it's customers to third parties, including it's contractors, infrastructucture providers and marketing partners, unless with the customer's explicit agreement in wiriting.

4.5. Marketing electronic communication

The customer has the option to opt-in to receive marketing-related communication from PUSHR CDN. Unless explicitly requested by the customer, PUSHR CDN will not send such communication in any form. The customer has the right to opt-in and out of such communication at any time by editing their account preferences in their account's dashboard.

5. Fraud check

For the purposes of identifying customers with potentially harmful intentions that could negatively affect PUSHR CDN's infrastructure or compromise and/or attempt to corrupt information stored inside PUSHR CDN's infrastructure, every new customer is subject to an automated fraud check at the time of their account creation, as well as when changing or adding personal information in their account.

This fraud check uses a freely available online database service located at the follwing internet address: https://fraudrecord.com/ . In compliance with the GDPR, a manual review by an entitity within PUSHR CDN's organisation shall be performed on the result from the automed check. This manual review shall be completed by a PUSHR CDN's employee in a reasonable time frame during standard working hours.

Information shared with this online service may include any or all information provided to PUSHR CDN by the customer. The information submitted during the fraud check is not being made available to other users of the fraud check service and is being sent in an ecnrypted form. Further information on processing of personal information by FraudRecord is available at the abovementioed internet address.

In addition to using personally-identifying information when querying the fraud check database, PUSHR CDN may also submit such information to the FraudRecord's database itself in the event the customer has been found to intentionally attempt to abuse or misuse any or all of the services offered by PUSHR CDN.

5.1. Fraud check agreement

PUSHR CDN will request an explicit approval to be provided by the customer in the form of a check box visible on every web page capable of submitting cutomer's data to FraudRecord or no services shall be rendered to the customer.

6. Cookies

PUSHR CDN uses cookies to help identify and track visitors, their usage of PUSHR CDN's website, and their website access preferences. PUSHR CDN visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using PUSHR CDN at the expense of losing some or all functionality of their accounts. When a customer's browser is not explicitly set to disallow cookies, PUSHR CDN will require the customer to confirm they do want to receive these cookies in order to successfully navigate PUSHR CDN's website, as well as to use any or all of the services provided by PUSHR CDN.

7. Business transfers

Should PUSHR CDN be acquired or merged with a third party entity, PUSHR CDN reserves the right to transfer or assign the information we have collected from you as part of any change of control. If such transfer is pending, PUSHR CDN will inform all of it's customers via electronic mail ahead of time.

Last update: May 18th, 2018