Privacy Policy & Data Protection

SaltingIO LLC ("we," "us," or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our proxy service and related services (collectively, the "Service").

This policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR) for European Union users, the California Consumer Privacy Act (CCPA) for California residents, and other relevant privacy laws worldwide.

Data Controller: SaltingIO LLC, a Wyoming limited liability company

Address: 30 N Gould St, STE R, Sheridan, WY 82801, USA

Contact: info@salting.io

Data Storage Location: United Kingdom (UK)

2.1 Information You Provide Directly:

• Account information (email, username, password)
• Profile information (name, company, contact details)
• API keys and credentials (encrypted and secured)
• Payment information (processed by third-party providers)
• Communication records (support tickets, emails)
• Feedback and survey responses

2.2 Information We Collect Automatically:

• Usage data (API requests, response times, error rates)
• IP addresses and geolocation information
• Device information (browser type, operating system)
• Log files and analytics data
• Cookies and similar tracking technologies
• Performance metrics and service diagnostics

2.3 Information from Third Parties:

• Third-party API provider data and responses
• Payment processor information (Stripe) - we do not store full payment card details
• Social media information (if you connect accounts)
• Publicly available information
• Marketing and analytics data from partners

2.4 Payment Information:

We use Stripe, Inc. ("Stripe") as our payment processor. When you make a payment, your payment information is processed directly by Stripe and is subject to Stripe's privacy policy. We do not store, process, or have access to your full credit card numbers, bank account numbers, or other sensitive payment information. We only receive and store limited payment information necessary to process transactions, such as payment method type and transaction identifiers.

3.1 Service Provision:

• Provide and maintain our proxy service
• Process API requests and route traffic
• Implement security measures and rate limiting
• Provide customer support and technical assistance
• Manage your account and preferences

3.2 Service Improvement:

• Analyze usage patterns and performance metrics
• Develop new features and enhance existing services
• Conduct research and analytics
• Optimize service performance and reliability
• Prevent fraud and abuse

3.3 Communication:

• Send service-related notifications and updates
• Provide customer support and respond to inquiries
• Send marketing communications (with consent)
• Notify about changes to terms or policies

3.4 Legal and Compliance:

• Comply with legal obligations and regulations
• Respond to law enforcement requests
• Protect our rights and interests
• Enforce our terms of service

For users in the European Union, we process your personal data based on the following legal grounds:

4.1 Contract Performance:

We process your data to provide the services you have requested and to fulfill our contractual obligations to you.

4.2 Legitimate Interest:

We process your data for our legitimate business interests, including:

• Service improvement and development
• Security and fraud prevention
• Analytics and performance monitoring
• Marketing and business development

4.3 Consent:

We process certain data based on your explicit consent, such as marketing communications and non-essential cookies.

4.4 Legal Obligation:

We may process your data to comply with legal requirements, such as tax obligations or law enforcement requests.

5.1 Third-Party Service Providers:

We may share your information with trusted third-party service providers who assist us in operating our service, including:

• Cloud hosting and infrastructure providers (data stored in the United Kingdom)
• Payment processors (Stripe, Inc.) - payment information is processed by Stripe and subject to Stripe's privacy policy
• Analytics and monitoring services
• Customer support and communication tools
• Security and fraud prevention services

All third-party service providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed. We do not sell your personal information to third parties.

5.2 Business Transfers:

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5.3 Legal Requirements:

We may disclose your information if required by law or in response to:

• Court orders or legal processes
• Government investigations
• Law enforcement requests
• Regulatory compliance requirements

5.4 Protection of Rights:

We may disclose information to protect our rights, property, or safety, or that of our users or the public.

6.1 Security Measures:

We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit and at rest
• Secure authentication and access controls
• Regular security audits and assessments
• Network security and intrusion detection
• Employee training and access restrictions

6.2 Data Breach Response:

In the event of a data breach, we will:

• Notify affected users within 72 hours (GDPR requirement)
• Report to relevant authorities as required by law
• Take immediate steps to contain and remediate the breach
• Provide guidance on protective measures users can take

6.3 Limitations:

While we strive to protect your information, no method of transmission or storage is 100% secure. You acknowledge that you provide information at your own risk.

7.1 Rights Under GDPR (European Union/UK):

If you are in the European Union or United Kingdom, you have the following rights regarding your personal data:

• Right of Access: Request access to your personal data and receive a copy of the data we hold about you
• Right of Rectification: Request correction of inaccurate or incomplete personal data
• Right of Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request restriction of processing of your personal data in certain circumstances
• Right to Data Portability: Receive your personal data in a structured, commonly used format and transmit it to another controller
• Right to Object: Object to processing of your personal data for direct marketing or legitimate interest purposes
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Lodge a Complaint: Lodge a complaint with a supervisory authority if you believe your rights have been violated

7.2 Rights Under CCPA (California Residents):

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request information about the categories and specific pieces of personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of your personal information, subject to certain exceptions
• Right to Opt-Out: Opt-out of the sale of your personal information (we do not sell personal information)
• Right to Non-Discrimination: Exercise your privacy rights without discrimination

7.3 Exercising Your Rights:

To exercise any of these rights, please contact us at info@salting.io with your request. We will respond to your request within the timeframes required by applicable law (typically 30-45 days). We may require verification of your identity before processing your request.

7.4 Authorized Agents:

You may designate an authorized agent to make requests on your behalf. We may require proof of authorization and verification of identity before processing requests from authorized agents.

8.1 Retention Periods:

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy, including:

• Account data: Until account deletion or 3 years of inactivity
• Usage logs: 12 months for operational purposes
• Communication records: 3 years for support purposes
• Payment information: As required by financial regulations
• Legal compliance data: As required by applicable laws

8.2 Deletion:

Upon expiration of retention periods or upon your request, we will securely delete or anonymize your personal data, except where retention is required by law.

9.1 Data Storage Location:

Your personal data is primarily stored and processed in the United Kingdom (UK). By using our Service, you consent to the transfer, storage, and processing of your data in the UK, which may be outside your country of residence.

9.2 Transfer Mechanisms:

When transferring data from the European Economic Area (EEA) or other jurisdictions to the UK or other countries, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by relevant data protection authorities (including UK adequacy decisions)
• Binding corporate rules and certification schemes
• Explicit consent where required by applicable law
• Other legally recognized transfer mechanisms

9.3 UK Data Protection:

The UK has implemented the UK GDPR and Data Protection Act 2018, which provide similar protections to the EU GDPR. We comply with UK data protection laws when processing data stored in the UK.

9.4 Third-Party Transfers:

When we share data with third-party service providers located outside your jurisdiction, we ensure they provide adequate protection for your personal data through contractual safeguards, including Standard Contractual Clauses where applicable.

9.5 Your Rights Regarding Transfers:

If you are located in the EEA or other jurisdictions with data transfer restrictions, you have the right to be informed about international data transfers. You may contact us at info@salting.io to request information about specific data transfers or to exercise your rights regarding such transfers.

10.1 Types of Cookies:

• Essential Cookies: Required for basic service functionality
• Analytics Cookies: Help us understand how you use our service
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used for targeted advertising (with consent)

10.2 Cookie Management:

You can control cookies through your browser settings. However, disabling certain cookies may affect service functionality.

Our service is not intended for children under 16 years of age (or under 13 years of age for users in the United States, in accordance with the Children's Online Privacy Protection Act). We do not knowingly collect personal information from children under the applicable age threshold. If we become aware that we have collected personal information from a child under the applicable age threshold, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@salting.io.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending email notifications to registered users
• Displaying prominent notices on our service

Your continued use of our service after any changes constitutes acceptance of the updated policy.