Social Media
Government
Streaming
Online Delivery
Finance
iGaming
E-commerce
Travel
Ads
Healthcare
Account takeoverPreventing unauthorized logins
Multi-accountingPreventing duplicate accounts
Data scrapingSafeguarding sensitive business data
API AbuseDetecting abnormal API activity
Account sharingIdentifying shared accounts
Fake accountsBlocking fake registrations
Brute force attackBlock automated credential attacks
Form spamFiltering automated submissions
Coupon fraudPreventing promo exploitation
SMS pumpingMitigating SMS-based fraud
Industries
Use Cases
DocumentationBlogPricing
Log in
Start for Free
On this page

Privacy Policy

As a high-tech company, we believe that everyone has the right to privacy. Therefore we have developed this Privacy Policy (the “Privacy Policy”) to give you a comprehensive understanding of how we collect and use personal data and to whom and when we share it. This Privacy Policy governs the processing of personal data in your interactions with us, including when you: (1) use our Software, (2) use our website including https://botbye.com and any other websites that we may publish and manage (the “Website”), (3) communicate with us and as otherwise described in this Privacy Policy.

Brief info about us

BotBye! is a tool that you can integrate into your websites, mobile applications, and APIs (the “Software”). It allows you to analyze users’ behavior on your websites, mobile applications, and APIs to protect you from account takeover, scraping, credential stuffing, and fake account creation (the “Services”).

Our e-mail: [email protected]

Depending on who determines the purposes and means of the processing of personal data, we may act either as the “controller” or “processor” of personal data:

a. we act as a “controller”, when we provide Services to you (our customers), as we determine the purposes and means of the processing of personal data.

However, there are cases when we do not control the processing of your personal data, and it is processed by others who independently determine the purposes and means of the processing of personal data. For example, in some cases, the payment providers you use to pay for our Services may also act as a “data controller”. In such a situation, we will act as an independent controller and will not be responsible for the processing of your personal data by other controllers, as they have their own obligations to protect personal data.

b. we act as a “processor”, when we process personal data of users of websites, mobile applications, and APIs of you in providing Services.

As we do not determine the purpose and methods of processing, but act on behalf of you (our customers), we act as a processor of personal data in this situation.

In this Privacy Policy, we have endeavored to answer the following questions as fully as possible in order to disclose all information about the processing of your personal data:

1. Where do we get your personal data from?

We only process your personal data when you use our Software or Website. Please be aware that we do not purchase personal data or use publicly available personal data. There are various ways in which we obtain personal data, but we process personal data in the following ways:

a. when you provide us with personal data.

In individual cases, you provide us with your personal data in order to realize the purposes of the processing. For example, in order to create an account, and carry out marketing or informational mailings, we need the personal data we receive from you.

b. when personal data is collected automatically.

There are tools that allow us to collect technical personal data about you when you use the Website or during providing services. For certain purposes (e.g. to enable you to technically use the Website, to track and fix bugs on the Website), we automatically collect your personal data where there is a legal basis to do so.

2. For what purposes, what personal data, on what legal basis do we process personal data?

We process your personal data only when it is necessary to achieve the purpose of the personal data processing and only to the extent necessary to achieve the purpose of the processing. Furthermore, we keep your personal data for a limited period of time and once the processing period has expired we delete all existing copies of your personal data.

Below we have provided you with a full description of the purposes for which we process personal data, what personal data we process, and how much, and have also given you information on the basis on which we carry out the processing.

We process personal data as a controller in the manner described below:

Processed personal data

Legal basis for the processing

Data retention period

Ensure the normal operation of the Website, monitor technical problems in the webwork of the Website, and fix them.

- IP - Device name - OS name - Device model - Time zone of the device - Language of the device - Device ID

Legitimate interest:

your interest is in using our Website free from any bugs;

our interest is in keeping the Website up and running

1 month from the date of visiting the Website

Respond to your support inquiries when you contact us with a question.

- e-mail address - other data that you provide in the issue and further correspondence

Legitimate interest:

your interest is in receiving response to the issue;

our interest is in improving the quality of Services provided, Website, or the Software

1 year after receipt of the request

Send you technical notices, security alerts, support messages, and other administrative messages.

- e-mail address - name (optional)

Legitimate interest:

your interest in keeping up to date with important security messages;

our interest is in improving our Services provided, Website or the Software

3 years from the last time you logged into your account on the Website

Register an account on the Website for using Services.

- e-mail address - name

Performance of a contract (Terms Of Use)

As long as the account is active on the Website and 5 years from the last time you logged into your account on the Website

Fill out a profile and manage your account on the Website for using Services.

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • address (city, state/province, country, zip/postal code)
  • VAT/GST

Representative of the legal entity:

- first name - last name

Performance of a contract (Terms Of Use)

As long as the account is active on the Website and 3 years from the last time you logged into your account on the Website

Carry out informational and marketing mailings

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • e-mail

Representative of the legal entity:

- first name - last name - e-mail

Consent

3 years from the time of consent

Provide Services

(i.e. connection of the Software to websites, mobile applications, and APIs, analysis of your users, potential prevention of account takeover, scraping, credential stuffing, fake account creation, as well as the formation of a report on the Services provided)

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • address (city, state/province, country, zip/postal code)
  • VAT/GST

Representative of the legal entity:

- first name - last name

Performance of a contract (Terms Of Use)

As long as the account is active on the Website and 5 years from the last time you logged into your account on the Website for accounting purposes

Provide Services

(i.e. connection of the Software to websites, mobile applications, and APIs, analysis of your users, potential prevention of account takeover, scraping, credential stuffing, fake account creation, as well as the formation of a report on the Services provided)

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • address (city, state/province, country, zip/postal code)
  • VAT/GST

Representative of the legal entity:

- first name - last name

Performance of a contract (Terms Of Use)

As long as the account is active on the Website and 5 years from the last time you logged into your account on the Website for accounting purposes

Process payments prior to providing the Services

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • address (city, state/province, country, zip/postal code)
  • VAT/GST

Representative of the legal entity:

- first name - last name

Performance of a contract (Terms Of Use)

As long as the account is active on the Website and 5 years from the last time you logged into your account on the Website for accounting purposes

Ensure the normal operation of the Website, monitor technical problems in the webwork of the Website, and fix them.

Processed personal data:

- IP - Device name - OS name - Device model - Time zone of the device - Language of the device - Device ID

Legal basis for the processing:

Legitimate interest:

your interest is in using our Website free from any bugs;

our interest is in keeping the Website up and running

Data retention period:

1 month from the date of visiting the Website

Respond to your support inquiries when you contact us with a question.

Processed personal data:

- e-mail address - other data that you provide in the issue and further correspondence

Legal basis for the processing:

Legitimate interest:

your interest is in receiving response to the issue;

our interest is in improving the quality of Services provided, Website, or the Software

Data retention period:

1 year after receipt of the request

Send you technical notices, security alerts, support messages, and other administrative messages.

Processed personal data:

- e-mail address - name (optional)

Legal basis for the processing:

Legitimate interest:

your interest in keeping up to date with important security messages;

our interest is in improving our Services provided, Website or the Software

Data retention period:

3 years from the last time you logged into your account on the Website

Register an account on the Website for using Services.

Processed personal data:

- e-mail address - name

Legal basis for the processing:

Performance of a contract (Terms Of Use)

Data retention period:

As long as the account is active on the Website and 5 years from the last time you logged into your account on the Website

Fill out a profile and manage your account on the Website for using Services.

Processed personal data:

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • address (city, state/province, country, zip/postal code)
  • VAT/GST

Representative of the legal entity:

- first name - last name

Legal basis for the processing:

Performance of a contract (Terms Of Use)

Data retention period:

As long as the account is active on the Website and 3 years from the last time you logged into your account on the Website

Carry out informational and marketing mailings

Processed personal data:

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • e-mail

Representative of the legal entity:

- first name - last name - e-mail

Legal basis for the processing:

Consent

Data retention period:

3 years from the time of consent

Provide Services

(i.e. connection of the Software to websites, mobile applications, and APIs, analysis of your users, potential prevention of account takeover, scraping, credential stuffing, fake account creation, as well as the formation of a report on the Services provided)

Processed personal data:

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • address (city, state/province, country, zip/postal code)
  • VAT/GST

Representative of the legal entity:

- first name - last name

Legal basis for the processing:

Performance of a contract (Terms Of Use)

Data retention period:

As long as the account is active on the Website and 5 years from the last time you logged into your account on the Website for accounting purposes

Provide Services

(i.e. connection of the Software to websites, mobile applications, and APIs, analysis of your users, potential prevention of account takeover, scraping, credential stuffing, fake account creation, as well as the formation of a report on the Services provided)

Processed personal data:

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • address (city, state/province, country, zip/postal code)
  • VAT/GST

Representative of the legal entity:

- first name - last name

Legal basis for the processing:

Performance of a contract (Terms Of Use)

Data retention period:

As long as the account is active on the Website and 5 years from the last time you logged into your account on the Website for accounting purposes

Process payments prior to providing the Services

Processed personal data:

Depending on who is using the Services:

Individual:

  • first name
  • last name
  • address (city, state/province, country, zip/postal code)
  • VAT/GST

Representative of the legal entity:

- first name - last name

Legal basis for the processing:

Performance of a contract (Terms Of Use)

Data retention period:

As long as the account is active on the Website and 5 years from the last time you logged into your account on the Website for accounting purposes

We process personal data of the users of your websites, mobile applications, and APIs as a processor in the manner described below:

Provide Services to you and help you analyze the users of your websites, apps, and APIs:

  • IP
  • device name
  • OS name
  • device model
  • time zone of the device
  • language of the device
  • device ID
  • GeoIP

The legal basis and data retention period is determined by you (our customer), so please refer to their privacy policies for information on such processing.

Please be aware that after the expiration of the data retention period determined by you (our customer) or after the termination of the contract for the Services, we only store this personal data in an anonymized form.

3. How long do we keep your personal data?

We keep your personal data for as long as necessary to fulfill the purpose of the processing. Specific timeframes are specified in Section 2 “For what purposes, what personal data, on what legal basis do we process personal data?”.

Please keep in mind that there are many business processes for processing personal data, in some cases processing the same personal data for different purposes. Therefore, when the retention period for one purpose expires, we will no longer use the data for the realization of that purpose, but if the same personal data is necessary for the realization of another purpose, we will process the personal data for the realization of that purpose.

In addition, under certain circumstances, we may be required to retain your personal data for a longer period of time in accordance with applicable law or regulatory requirements. This may include but is not limited to, situations involving legal proceedings, investigations, or government inquiries. We will only retain your personal data for as long as necessary to comply with these legal obligations, and we will take appropriate measures to ensure its security and confidentiality during this period.

4. To whom and in what situations do we share your personal data?

Your privacy is of utmost importance to us, and we handle your personal data with the highest level of care and responsibility. While we endeavor to minimize the sharing of your personal data, there are certain circumstances where it becomes necessary to disclose it to third parties.

We share your personal data in such cases:

a. to comply with applicable law.

We are committed to complying with all applicable laws, regulations, and legal obligations. In certain situations, we may be required to disclose your personal data to comply with legal requirements, such as to respond to subpoenas, court orders, or other lawful government requests. We may also share your personal data if we believe in good faith that such disclosure is necessary to protect our rights, enforce our Terms Of Use, investigate fraud, or protect the safety of you.

b. to accomplish the purposes set forth above.

In an effort to provide an exceptional experience, we work closely with a select group of trusted partners and service providers. These partners play an important role in supporting various aspects of our business, thereby enhancing the quality of the Services, Website, and the Software. When selecting the partners with whom we share your personal data, we take a cautious approach, ensuring that we only work with companies that take strict measures to protect personal data from unauthorized access, disclosure, or misuse.

In addition, we enter into data processing agreements with each partner to legally enforce their obligations to process personal data in accordance with applicable data protection laws and regulations.

Although we carefully screen our partners, it is important to recognize that we cannot guarantee absolute compliance with data protection legislation in all cases. We encourage you to review the privacy policies of these third parties to gain an understanding of their practices in processing your personal data.

Here’s a breakdown of the different partners or categories of partners we collaborate with:

a. Analytics Services.

We aim to make our Website and Software the most convenient and useful for you. To do this, we constantly analyze which features are useful and convenient and which require improvement. For these purposes, we involve third parties; they help us collect, accumulate, and summarize the necessary personal data.

The principal location of data recipients: USA.

b. Hosting providers.

We take responsibility for the storage of your personal data and store it only with trusted hosting providers.

The principal location of data recipients: European Union and USA.

c. Third-party payment providers.

You may be required to provide payment data when making payments for Services. When you make payments using third-party services, such processing is subject to the privacy policy of third-party payment systems.

The principal location of data recipients: USA.

d. Third parties who help us do the mailings.

We always try to keep you up to date on all major developments related to our Service. For example, we may send you security notices and, subject to your consent, send you marketing and informational mailings. In order to conveniently administer this newsletter, we engage third parties to help us carry it out.

The principal location of data recipients: USA.

5. How do we process cookies?

Cookies are small files that we use to improve the quality of the Website. They are stored on the browser of your computer or mobile device. We use only strictly necessary cookies in order to facilitate the operation of the web browser.

These cookies do not gather any personal information and are usually set automatically by the Website. They enable basic functions like page navigation, user authentication, and access to secure areas of the Website. Disabling these cookies may adversely impact your ability to utilize basic Websites.

Below we have described how you can control your cookie settings:

a. Remove cookies from your device

In order to delete all cookies from your device, you need to follow these steps:

  • go to the browser settings on your device;
  • clear history, including advanced settings.

b. Block cookies

Most browsers offer the option to block cookie processing across all websites. However, a complete block may hinder the processing of necessary cookies, potentially impacting the Website’s and other websites’ functionality.

Please refer to your browser’s help menu for further instructions:

  1. Google Chrome
  2. Internet Explorer
  3. Mozilla Firefox
  4. Safari (Desktop)
  5. Safari (Mobile)
  6. Opera
  7. Opera Mobile

6. What rights do you have and how can you exercise them?

As a data subject, you have certain rights regarding your personal information. We are committed to upholding these rights and ensuring that you can exercise them effectively.

Below, you can find the information regarding your rights as a data subject under EU legislation:

Right of access

This right allows you to request access to the personal data we hold about you.

How to exercise this right?

To exercise this right, please contact us at the e-mail indicated above.

Our actions: upon receiving your request we will provide you with a copy of the personal data we process in the form in which you have requested the provision of this information. Please note that in some cases we may charge you a reasonable fee for providing this information. If we are unable to fulfill your request for any reason, we will provide you with an explanation and inform you of your rights to appeal the decision.

Right to rectification

This right enables you to request the correction or updating of any inaccurate or incomplete personal data we hold about you.

How to exercise this right?

You can exercise this right in two ways:

  1. By yourself by following this steps:

    • log in to your account on the Website
    • open a personal profile on the Website
    • locate personal data you wish to correct and edit it
    • save the changes to update your data instantly

  2. By contacting us at e-mail indicated above.

Our actions: upon receiving your request for rectification, we will review the accuracy and completeness of your personal data and make any necessary corrections or updates.

Right to erasure

This right allows you to request the deletion or destruction of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected or processed (or, as we all know, the “right to be forgotten”).

How to exercise this right?

You can exercise this right in two ways:

  1. By yourself by following this steps:

    • log in to your account on the Website
    • open a personal profile on the Website
    • click “Delete Account” option

  2. By contacting us at e-mail indicated above.

Our actions: upon receiving your request for erasure, we will assess whether the conditions for erasure are met and, if so, promptly delete or anonymize your personal data from our systems and notify any third parties to whom the data have been disclosed.

Right to restrict processing

This right allows you to request the restriction of processing of your personal data in certain circumstances, such as when the processing is unlawful, when we no longer need the personal data, or when you have objected to the processing.

How to exercise this right?

To exercise this right, please contact us at the e-mail indicated above.

Our actions: upon receiving your restriction to processing will not process your personal data (except for storage) unless it is based on consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest.

Right to data portability

This right allows you to receive a copy of your personal data in a structured, commonly used, and machine-readable format if it is technically possible to do so and to transmit those data to another controller.

How to exercise this right?

To exercise this right, please contact us at the e-mail indicated above.

Our actions: upon receiving your request for data portability, we will provide you with a copy of your personal data in the requested format, where technically feasible.

Right to object

This right enables you to object to the processing of your personal data in certain circumstances, such as where the processing is based on legitimate interests or for direct marketing purposes.

How to exercise this right?

To exercise this right, please contact us at the e-mail indicated above.

Our actions: upon receiving your objection to processing, we will assess the validity of your objection and, if valid, cease processing your personal data for the purposes to which you have objected.

Right to withdraw consent

You have the right to withdraw your consent to the processing of your personal data at any time. This means that if we are processing your personal data based on your consent, you have the right to revoke that consent.

How to exercise this right?

You can exercise this right in two ways:

  1. if you wish to withdraw your consent to receive e-mail newsletters, you can do so by clicking on the unsubscribe button in the e-mail you receive

    OR

  2. By contacting us at e-mail indicated above.

Our actions: upon receiving your request to withdraw consent if we do not have any other legal basis for processing your personal data, we will stop processing it.

Right to lodge a complaint

If you believe that our processing of your personal data violates applicable legislation, you have the right to lodge a complaint with a supervisory authority.

Please note that these rights are subject to certain limitations and exceptions as provided by law. To exercise any of these rights or for further inquiries, please contact us using the provided contact information.

We will review your request as soon as possible, but not more than within one (1) month. Please keep in mind that this period may be extended for an additional two (2) months, if necessary, based on the complexity and number of your requests. In that case, we will tell you about the extension within one (1) month of receipt of your request and explain the reasons for the delay.

If you are a California resident , you have certain rights under the California Consumer Privacy Act (CCPA) and other applicable laws regarding the collection, use, disclosure, and sale of your personal data. This section of our Privacy Policy outlines those rights and explains how can you exercise them:

Right to know

California residents have the right to request that we disclose the categories and specific pieces of personal data that we have collected about them, the categories of sources from which the personal data was collected, the purposes for which the personal data was collected, and the categories of third parties with whom we have shared the personal data.

How to exercise this right?

To exercise this right, please contact us at the e-mail indicated above.

Our actions: upon receiving and verifying your request, we will promptly provide you with the requested information for the 12-month period preceding your request free of charge in a readily usable format, unless an exception applies.

Right to delete

California residents have the right to request the deletion of their personal data that we have collected, subject to certain exceptions as permitted by law.

How to exercise this right?

You can exercise this right in two ways:

  1. By yourself by following this steps:

    • log in to your account on the Website
    • open a personal profile on the Website
    • click “Delete Account” option

  2. By contacting us at e-mail indicated above.

Our actions: upon receiving your request for erasure, we will assess whether the conditions for erasure are met and, if so, promptly delete or anonymize your personal data from our systems and notify any third parties to whom the data have been disclosed.

Right to opt-out

California residents have the right to opt-out of the sale of their personal data. Sale is defined broadly in the CCPA to include “selling, renting, releasing, disclosing, disseminating, making available, transferring or otherwise communicating” the personal data of California residents.

Please, note, that we do not sell personal data to third parties. As we do not sell personal data, you do not need to take any action to exercise this right.

Right to non-discrimination

California residents have the right to non-discrimination under which we cannot refuse to provide goods or Services, charge you a different price, or provide goods or Services of a different level or quality just because you exercised your rights under the CCPA.

We will not deny Websites, charge different prices, or provide a different level or quality of Websites based on their exercise of CCPA rights.

Right to correct

California residents have the right to ask us to correct inaccurate personal data that we have about them.

How to exercise this right?

You can exercise this right in two ways:

  1. By yourself by following this steps:

    • log in to your account on the Website
    • open a personal profile on the Website
    • locate personal data you wish to correct and edit it
    • save the changes to update your data instantly

  2. By contacting us at e-mail indicated above.

Our actions: upon receiving and verifying your request, we will promptly review your personal data and make corrections as appropriate, ensuring that it is accurate and complete.

Right to limit

California residents have the right to direct us to only use your sensitive personal data (for example, your social security number, financial account information, your precise geolocation data, or your genetic data) for limited purposes, such as providing you with the Websites you requested.

We do not process such sensitive personal data.

Please note that these rights are subject to certain limitations and exceptions as provided by law. For the rights to deletion and correction, we have specific procedures in place to ensure their effective realization. We encourage you to first utilize the account functions available to you to modify your data or delete your account for data removal. If you encounter any difficulties or if these options are not available, please contact us directly, and we will assist you in fulfilling your request. To exercise any rights or for further inquiries, please contact us using the provided contact information.

We will respond to your request within 45 calendar days or extend that deadline by another 45 days (90 days total).

7. Do we process children’s personal data?

We do not knowingly collect or solicit your personal data to anyone under the age of 13 (in USA) or 16 (in European Economic Area) or knowingly allow such persons to use our Software or Website. If you are under the age of 13 (or 16, where applicable), please do not provide any personal data to us. If we learn that we have collected personal data about a child under the age of 13 (or 16, where applicable), we will delete that personal data as soon as possible. If you believe that we might have any personal data from or about a child under the age of 13 (or 16, where applicable), please contact us at the e-mail indicated above.

8. Will we notify you of changes to the Privacy Policy?

We may periodically update this Privacy Policy. Your continued use of the Services, Website and the Software after the effective date of the updated Privacy Policy will be subject to the new Privacy Policy. If we make any major changes to our Privacy Policy and will need your explicit consent for further processing of your personal data, we will request your consent or your renewed consent (in case it was obtained previously).