PRIVACY NOTICE

Effective Date: August 18, 2025

Full versionSimplified version

At MacPaw, we care about the privacy of your data and are committed to protecting it.

This Privacy Notice (“Notice” or “Privacy Notice”) will help you understand who we are, how we operate, what personal data we collect, how we use it, on what legal grounds we rely when processing your Personal Data, how we keep your Personal Data secure, as well as your privacy rights and our commitments to comply with them, according to applicable Data Protection Laws.

Our Privacy Notice explains the information we at MacPaw Way Ltd collect when you use our Terms of Service and Website

Important: The text in bold (including this one) serves to explain boring, complex legal stuff. For the original legal text, look to the left.

ABOUT US

ClearVPN operates on macOS, Windows, iOS, Android and web systems.

To learn more about how Terms of Service works and under what conditions, please refer to the Terms of Services. Terms of Services constitute the integral part of this Notice.

To learn more about how this Privacy Notice applies to you, please refer to section "Applicability" below.

The data controller of Your Personal Data is:

MacPaw Way Ltd. (hereinafter “We/we”, “Us/us”, “Our/our” or “MacPaw”)

registration number 428214

registered address: 25 Serifou, Allure Center 11, Office No. 11-12, 2nd Floor, 3046 Zakaki, Limassol, Cyprus.

We are MacPaw, the creators of ClearVPN.

Here, we explain who runs this VPN service, where we’re based, and how we protect your privacy. You’ll also find a link to our Trust Center, where we openly share our security practices.

We ensure secure and confidential data transmission through our robust practices, which we are happy to demonstrate to you. Please visit the Trust Center by following this link.

As our Services are constantly evolving, we reserve the right to change this Privacy Notice at any time subject to the applicable regulations. Any changes will be published promptly on this page and communicated to you by email (to your most recently provided email address) or popup notification. You should, nevertheless, check this page regularly for any updates.

ClearVPN is always improving, so this Privacy Notice may change from time to time. If it does, we’ll update this page and notify you by email or a pop-up message. Still, it’s a good idea to check this page regularly for any updates.

APPLICABILITY

This Privacy Policy applies to the Terms of Service services (the "Services", "Service" or "Terms of Service") provided by MacPaw and Terms of Service content (the "Content"), which includes the Terms of Service website (the "Site").

Please note: when you use the Site, we also collect and use cookies and other tracking technologies; the relevant Cookie Notice can be found by following this link.

This Privacy Notice applies to you if you use our Terms of Service or are simply visiting the website.

When you visit the Site, we use cookies and other tracking technologies. You can find more details in our Cookie Notice.

This policy applies only to ClearVPN services.

It covers the ClearVPN website, apps, and related content.

If you use other MacPaw products — like CleanMyMac or Setapp — please note that they have their own separate privacy policies.

This Privacy Notice does not apply to:

  • Third-party services. Where third-party services are used, and the third party is not a Data Processor, no Personal Data (as defined below) is shared with them;
  • Personal Data that we process about you when you interact as a user with other products/services or our branded social media pages under the brand name "MacPaw". In such cases, the relevant privacy notice of each product/service you interact with will apply accordingly;
  • Anonymized data.

This Privacy Notice does not cover everything. Here you can find some exceptions.

If you are a California resident, please see our "CALIFORNIA ADDENDUM - FOR RESIDENTS OF CALIFORNIA" section below regarding the rights you have under California law and how to exercise them.

Live in California or the United Kingdom of Great Britain and Northern Ireland? You have the right to request access to, transfer, correct, or delete your data.

If you are a United Kingdom of Great Britain and Northern Ireland citizen, please see our "UK GDPR" ADDENDUM section below regarding the rights you have under UK GDPR law and how to exercise them.

GENERAL STATEMENT ABOUT YOUR PRIVACY

When you use our VPN service, we collect only the data strictly necessary to provide you with a secure and privacy-focused experience.

We apply privacy-enhancing practices, including pseudonymisation and guest mode.

We follow a strict no-log policy — we do not record or process any information about your online activity.

We may collect the following data solely to operate and improve Services:

  • Device ID — to enable your subscription.
  • User ID (generated by us) — to manage your account and subscriptions, compile internal aggregated statistics and analytics; your e-mail for technical support, if you provide us with.
  • Basic device data — to ensure service quality, performance diagnostics and fix bugs.
  • Anonymized event data (e.g., connection success or failure) — to provide technical support and improve our protocols in specific locations.
  • Location (country only) — to offer accurate VPN presets. We do not collect your specific location.
  • Email, User ID and usage data — communicate with you, for marketing, targeting and third-party analytics. We rely on your consent.

You can find detailed information about the data we collect, the purposes and the legal bases in the table below.

We don't track your online activity or store sensitive logs.

We only collect the data that's truly needed to run ClearVPN — like a technical ID, country, or app version — and only for performance and support purposes.

NO-LOG STATEMENT

Our no-log approach is at the core of our Service.

We are firmly committed to protecting your privacy. Our Service is designed to ensure that we do not monitor, record, store, or share your online activities.

Specifically:

  • We do not collect or store your browsing history, connection timestamps, IP addresses, session information, traffic logs, or any other usage data related to your online activities.
  • When you use the Service, our VPN servers keep no connection logs, so your connections are kept private.
  • Our systems are intentionally built to eliminate the storage of sensitive data, ensuring that your activities remain private and untraceable — even to us.

We do not pass information about your online activities to any third party.

We have a strict no-log policy — we don't collect, store, or share ANY information about what you do online.

DEFINITIONS

Data Processor means a natural or legal person, public authority, agency, or other body that processes Personal Data on behalf of MacPaw.

This section explains the technical and legal terms used in this document.

It's useful if you're not sure what terms like "Personal Data," "Data Processor," or "Legitimate Interest" mean.

Data Processor – a person or company that processes personal data on behalf of MacPaw.

Data Protection Laws means any applicable data protection or privacy laws or regulations as may be amended or superseded from time to time, including but not limited to: i) the EU General Data Protection Regulation ("GDPR") as implemented by countries within the EEA; ii) the UK General Data Protection Regulation and Data Protection Act 2018, as amended by Brexit legislation ("UK GDPR"); iii) the California Consumer Privacy Act ("CCPA") and California's Shine the Light law; and iv) any other applicable Data Protection Legislation and/or other laws or regulations that are similar, equivalent to, successors to, or that are intended to implement the laws or regulations applicable to you in relation to the transmission and processing of your Personal Data under this Privacy Notice.

Data Protection Laws - GDPR, UK GDPR, CCPA, etc.

Location data means the geographic area where you use your devices when interacting with Our Service(s). This information might be necessary to determine your general geographic location, to deliver an accurate VPN preset.

Location Data – This is information about the country you're in when using ClearVPN. We use it to offer the most relevant VPN settings, but we never track your exact location.

Personal Data means any information relating to an identified or identifiable natural person. We process your contact data, such as e-mail address, to create an account, manage your subscriptions, payment processing with our payment partner and for transactional e-mail communications.

Personal Data – Any information that can identify you — like your email or name.

Special Categories of Data means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, and data concerning health or a person's sex life or sexual orientation. By default, the Special Categories of Data are not processed in any way by the Services or Site. If you believe that we may have unknowingly received your Special Categories of Data, please contact us. We will promptly investigate and, if confirmed, take immediate action to irreversibly delete it.

Special Categories of Data – sensitive information like health details, religion, or political views.

We don't collect this kind of data — and if we do by mistake, we delete it right away.

Service(s) Usage and Device data refers to information collected about how you interact with our Services. This data includes Device Usage Data, which comprises your subscription type, country, Device data (model, OS version, hardware configuration). We collect this data to analyze usage patterns, optimize features, identify technical issues by collecting crash logs and enhance the overall user experience. It also helps us to improve the UX and performance of our Services.

We rely on your consent when processing this data for marketing and measuring the effectiveness of advertising campaigns. For purposes such as fraud prevention, error correction, bug fixing, technical improvements, and internal service analytics, we process this data based on our legitimate interests.

Service(s) Usage and Device Data – information about how you use the app — like your country, device type, or subscription status.

This helps us fix bugs, improve features, and make your experience better.

Standard Contractual Clauses means i) where the EU GDPR applies, the contractual clauses annexed to the European Commission's Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, incorporating Module 1 (Controller to Controller transfers) (EU SCCs); and ii) where the UK GDPR applies, the template Addendum B.1.0 issued by the UK's Information Commissioner's Office and approved by Parliament in accordance with s119A of the Data Protection Act 2018 (UK Approved Addendum) and the accompanying Mandatory Clauses of the UK Approved Addendum, as updated from time to time and/or replaced by any further version published by the Information Commissioner's Office (UK Mandatory Clauses).

Standard Contractual Clauses – special legal agreements we use to protect your personal data when it's transferred to countries outside the EU or the UK. These agreements follow official rules approved by the EU and UK to ensure your data stays safe, no matter where it goes.

All capitalized terms used in this Privacy Notice and not otherwise defined shall have the meanings assigned to such terms in the Terms of Service.

DATA WE PROCESS AND PURPOSES

We collect information that, alone or in combination with other data, could be used to identify you (Personal Data). Some of the information we collect is stored using anonymization instruments that cannot be linked back to you (Non-Personal Data).

We only collect the data we truly need — to run, improve, and support the service. This includes things like your device type, subscription status, or email (if you log in or contact support). Some of this is collected only with your consent.

Detailed information about the disclosure of your Personal Data and the collection of Personal Data by third parties is governed by their privacy practices and data transfer contractual commitments. To learn more, please refer to the section "Third-Party Information and Personal Data Disclosure" of this Notice.

TYPES OF DATA WE PROCESS, PURPOSES AND LEGAL BASIS WE RELY ON

Type of DataPurposeLegal basis

Contact and User ID data, e-mail (only when Login with E-mail/Google/Apple is used), Device Data

Diia Verification parameter that does not contain personal data (only for UA citizens)

  • to offer You Services according to Terms of Service, such as to create an account, manage your subscriptions, payment processing with our payment partner and for transactional e-mail communications;
  • to conclude Terms of Service with You, and provide customer support services
  • performance of or intention to enter into Terms of Service with You and provide You Services;
  • our legitimate interests, provided that they do not override your rights and freedoms

Contact and User ID data, Location Data, Service(s) Usage and Device Data

  • for our internal analytics for the purposes of improving Our Service(s) and to generate statistical reports containing aggregated information;
  • to personalize experience and to deliver content relevant to Your interests (i.e. with push notifications), including targeted offers and ads through third-party sites and via email;
  • to track and measure the effectiveness of marketing campaigns
  • legitimate interests, provided that they do not override your rights and freedoms;
  • per Your consent, when consent is the only proper and lawful legal basis

Contact and User ID data, Log Data

  • to send you important notifications and marketing letters;
  • to receive your feedbacks
  • per your consent

Contact and User ID data, Location data, Service(s) Usage and Device Data,

Information about security settings (exclusively to preserve security and confidentiality of your Personal Data)

  • to comply with our contractual and legal obligations and requirements;
  • to ensure functionality, interoperability and security of our Service(s);
  • for performance diagnostics and bug fixing;
  • to investigate potential violations of the Terms of Service, to enforce those Terms of Service, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, or potential threats against persons, property, or the systems on which we operate Services
  • compliance with legal obligations set forth by applicable Data Protection Laws;
  • our legitimate interests, provided that they do not override your rights and freedoms;
  • our legal obligations to keep your Personal Data confidential and secure

COOKIE FILES AND SIMILAR TECHNOLOGIES

MacPaw uses cookies and similar technologies on our Website that help us provide, analyze, understand, and enhance the use of our Services, enforce our Terms of Service, prevent fraud, improve Website performance, monitor visitor traffic and actions, deliver and tailor our marketing or advertising, and understand interactions with our emails, marketing, and online ads on third-party sites. The Website may also include cookies and similar tracking technologies from third parties, which may collect information about you via the Website and Services and across other websites and online services.

We preserve your privacy when we collect your Personal Data for our internal analytical purposes through the Website. We have developed our own analytics data module that removes any Personal Data and Personally Identifiable Information when you do not provide your consent (including Google clientid, Google gclid) and replaces it with random identifiers that cannot be directly linked to you, so that we gather only aggregated information. For more details about how we use this technology, as well as processing your Personal Data when you consent to it, please see our Cookie Notice. To find more about how we conduct customer surveys, and other marketing and analytics campaigns when we rely on your consent, go to the section "Customer Surveys and Conducting Analytics Campaigns" below.

Girl Scout or chocolate chip? Nope — we mean web cookies. We use them for marketing purposes. For more details, check out our Cookie Notice.

MINORS

Our activities are not aimed at children under 13 years. We do not knowingly collect information from children under the age of 13. If you have not reached the age limit, do not use the functionality of Services and Site and do not provide us with your personal information.

If you are a parent of a child below the age limit and you learn that your child has provided MacPaw with personal information, please contact us at support@Terms of Service.com and insist on exercising your rights of access, correction, cancellation and / or opposition.

Our service is for users aged 13 and older. If we find out we've collected data from someone under 13, we'll delete it from our servers.

THIRD PARTY INFORMATION AND PERSONAL DATA DISCLOSURE

We receive information from third-party business partners, such as marketing data and Service(s) Usage and Device Data.

Some third-party applications and services that work with us may ask for permission to access Your information. Those applications will provide You with notice and request Your consent. Please consider Your selection of such applications and services, and Your permissions, carefully. Data collected by third parties through these apps and plugins is subject to each parties' own policies. We encourage You to read those policies and understand how other companies use Your data.

In most cases, your data is processed within the territory of the European Economic Area (EEA). When we transmit your personal data beyond EU/EEA regions, we rely on Standard Contractual Clauses as approved by the European Commission (EU-US DPF) and confidentiality obligations, ensuring your data is handled with care and responsibility.

We are committed to maintaining the highest security standards to protect Your Personal Data both in transit and at rest. To learn more about Our security commitments, go to section "Security and Confidentiality" below.

In the table below we provide You with information about whom we share Your Personal Data, the purposes, as well as transfer mechanisms we rely on when disclosing Your Personal Data to ensure its secure transmission.

Sometimes we work with trusted partners — like payment or support providers.

They may receive limited data to help us operate, but we make sure they follow strict privacy rules.

Third PartyPurposes and Legal BasisTransfer Mechanism and Contractual Commitments

PADDLE.COM MARKET LIMITED

Judd House 18-29 Mora Street, GB/London EC1V8BT; or Bright Market, LLC d/b/a FastSpring: Address: 801 Garden Street Suite 201, US/SANTS BARBARA 93101

Please note that We do not retain any payment information provided by You. All such information is provided directly to the Third Party

Proceeding of payments, handling returns and providing You with support to perform Terms of Service with You and provide You Our Services Services(s) running and fraud prevention for Our legitimate interests

Data Processing Addendum following this link

Stripe Payments Company

354 Oyster Point Boulevard, South San Francisco, California, 94080

Please note that We do not retain any payment information provided by You. All such information is provided directly to the Third Party

We use Stripe for payments, analytics, and other business services. Stripe may collect personal data including via cookies and similar technologies. The personal data Stripe collects may include transactional data and identifying information about devices that connect to its services. Stripe uses this information to operate and improve the services it provides to us, including for fraud detection, loss prevention, authentication, and analytics related to the performance of its services. You can learn more about Stripe and read its privacy Notice at https://stripe.com/privacy

Data Processing Agreement is placed here

MacPaw Corporate Transactions

MacPaw intra-group sharings between departments of software development, analytics, security IT services, and customer support for Our legitimate interests;

For MacPaw merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding; for Our legitimate interests and comply with legal obligations set forth by applicable Data Protection Laws

Standard Contractual Clauses as approved by the European Commission (EU-US DPF) and MacPaw Corporate Confidentiality obligations

Zendesk

989 Market Street, San Francisco, California 94103 United States

Our customer service solution provider to provide You with information upon your requests; to perform Terms of Service with You and comply with legal obligations set forth by applicable Data Protection Laws

Privacy and data protection commitments can be found here; Binding Corporate Rules can be found here

AppsFlyer

14 Maskit St., Herzliya, Israel, 4673314

Marketing and analytics services provider; per your consent

Data Processing Agreement can be found here

Chargebee

CHARGEBEE INC.

909 Rose Avenue, Suite 950, North Bethesda, MD 20852

Subscriptions management provider; to perform Terms of Service with You

Data Processing Addendum can be found here

Postmark

1 N Dearborn Street, Suite 500, Chicago, IL 60602

Important transactional e-mail notifications partner; to perform Terms of Service with You or our legitimate interests where applicable

Data protection commitments can be found here; Data Processing Addendum is placed here

eSputnik

RETENTION YES SP. Z.O.O, Warsaw city, Poland

Our email service partner to send You marketing emails; per Your consent

Data processing Terms of Service following this link

Google LLC (USA)

Analytics, communication service and marketing data handling provider to provide You Service(s) and to optimize Your user experience, as well as improve content; per Your consent or Our legitimate interests, when applicable.

Standard Contractual Clauses as approved by the European Commission (EU-US DPF).

CookieYes

CookieYes Limited (3 Warren Yard Warren Park, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom, company number 13074037, VAT number GB381305513)

Cookie Consent Management Tool to manage collection of cookies and other tracking technologies via Site, to document Your consent and provide You with a clear and transparent cookie banner; to perform Terms of Service with You and comply with legal obligations set forth by applicable Data Protection Laws

Data Processing Terms of Service following this link;

refer to our Cookie Notice to find more

Functional Software, Inc. d/b/a Sentry

Sentry, 45 Fremont Street, 8th Floor, San Francisco, CA 94105

Our SaaS partner in development, maintenance and errors fixing; for Our legitimate interests.

Standard Contractual Clauses as approved by the European Commission (EU-US DPF). EU-U.S. DPF, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF Certification can be found here

Cloudflare, Inc.

101 Townsend St, San Francisco, CA 94107 USA

Our partner for content delivery network (CDN), security and DDoS protection; for our legitimate interests

Cloudflare Data Processing Addendum can be found here

AWS (Amazon Web Services, Inc.)

Our partner in data hosting and storage, computing resources, to manage and operate our infrastructure; for performance of Terms of Service with you

AWS Data Processing Addendum can be found here

Apple

Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA

Distribution and management platform; your Interactions with App Store; to perform Terms of Service with you

Data and Privacy Apple commitments can be found here

For more information about our other marketing activities and analytics, follow the section "Conducting Customer Surveys and other Interactions" below.

For more information about Third Parties whom we engage for marketing and analytics via Site, follow Our Cookie Notice.

To learn more about what data we process for analytics and marketing, follow the section titled "Conducting Customer Surveys and Other Interactions".

When you use the Website, our Cookie Notice applies.

LEGAL OBLIGATIONS

We may disclose or allow government and law enforcement officials access to your Personal Data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that:
(a) we are legally compelled to do so;
(b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or
(c) such disclosure is required to protect our legitimate business interests, including the security or integrity of our products and services.

If legally required, we may share your information with authorities — but only if there's a valid reason, like a court order or an investigation.

CONDUCTING CUSTOMER SURVEYS AND OTHER INTERACTIONS

We keep records of any correspondence, questions, complaints, or compliments you submit to us through our Services, along with our response. Depending on how you contact us, we may collect your email address and any additional information you provide to us. Having full correspondence records enables our staff to provide the best possible customer support experience.

We also receive Personal Data when you participate in a focus group, contest, activity, or event, request support, interact with our social media accounts, or otherwise communicate with MacPaw. We interact with you upon your consent.

All MacPaw account holders will continue to receive transactional messages related to our Service(s), even if you unsubscribe from promotional emails. Transactional messages mean important communication with you that, for example, may concern software setup, payment confirmation, or any updates to our services and licenses. The legal basis for sending you transactional messages is the performance of the Terms of Service with you.

When you use Services, we can also use your Contact data to send you customer and satisfaction surveys. We will use the results of the surveys to improve our Services and deliver You the customized content. By doing so, we rely on your consent.

We might contact you to ask for feedback or invite you to take a survey.

It's completely voluntary and helps us understand how to improve.

DURATION OF PERSONAL DATA STORAGE

We have developed and implemented an internal Data Retention and Destruction Notice that governs processing activities and scenarios we have carefully developed for each specific activity, specific terms for keeping your Personal Data, the legal basis we rely on, and justifications, as well as data destruction methods when retention periods expire.

We store your Personal Data:

  • For the fulfillment of our contractual obligations and providing services under the Terms of Service, we keep your data during the term of the Terms of Service. To find out more, please refer to the Terms of Service.
  • For the purpose of sending you newsletters, we keep your data for as long as we retain your consent. You may revoke your consent at any time by clicking "unsubscribe" in the email footer.
  • For the fulfillment of tax and accounting obligations in accordance with our legal obligations, we will retain your personal data usually for 10 years (depending on the applicable law).
  • Cookie data will be stored until the relevant cookies expire. You can always check the duration of cookie storage in our Consent Management Tool. We have set the duration in the cookie banner;
  • Crush reports, maintenance and errors fixing data will be deleted not later than within 90 days;
  • For our internal analytics for the purposes of improving Our Service(s), we will retain your data for 3 years.
  • Content of transactional e-mails are stored for 45 days;
  • Users subscription data will be deleted in 120 days after MacPaw account will be cancelled, except for data required for compliance, such as invoices and accounting purposes;
  • When we process your data for the purposes of exercising your rights as the data subject and respond to your access requests, we will retain your data for 5 years.
  • When we process your data for the purpose of establishing, exercising, or defending against legal claims, we will keep the data for as long as it is necessary to defend our specific rights and interests, and, in the case of a dispute, until the final execution of the binding decision of the competent supervisory authority.

Upon expiration of data storage, we will securely destroy your data in accordance with our Data Retention and Destruction Notice and applicable laws and regulations.

If we seek to retain your personal data on file on the basis that a further opportunity may arise in the future, we will inform you with notice, seeking your explicit consent to retain your personal data for a fixed period on that basis.

If you believe that we are keeping your data illegally, please send the respective notice request to [email protected]. We will review your request at our earliest convenience and delete your data unless we are required by law to keep it for a longer period, or unless we can demonstrate legitimate grounds for processing that override your interests, rights, and freedoms. If deletion is impossible, we will securely store your personal data and isolate it from any further processing until deletion is permitted.

We only keep your data for as long as it's needed — then we safely delete it.

Some data (like payment records) must be stored longer to meet legal requirements.

You can read more about the specific rules for how long we retain your personal information and how we securely dispose of it when it's no longer needed.

SECURITY AND CONFIDENTIALITY

We are committed to protecting the privacy and security of Your Personal Data. We have recently achieved ISO 27001 certification, demonstrating our dedication to maintaining a high standard of information security management. This internationally recognized standard sets requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS).

Here's how we ensure the security and confidentiality of Your Personal Data:

  • Information Security Policies: We have established a comprehensive set of information security policies that guide our data protection practices, which are regularly reviewed and updated to remain effective;
  • Access Control: Access to personal data is strictly controlled. We employ user authentication, role-based access controls, and encryption to prevent unauthorized access to your data;
  • Data Encryption: Your personal data is encrypted both in transit and at rest using industry-standard encryption methods to prevent unauthorized access or disclosure;
  • Risk Management: We conduct regular risk assessments to identify potential security threats and vulnerabilities. This proactive approach helps us to implement effective measures to mitigate identified risks;
  • Security Awareness and Training: Our employees receive regular training on information security and data protection best practices to ensure they understand the importance of maintaining data privacy;
  • Incident Management: We have established a comprehensive incident response plan to quickly and effectively address any security incidents or breaches. This includes processes for detection, containment, investigation, and communication;
  • Data Integrity and Accuracy: We implement measures to ensure the accuracy and completeness of personal data and prevent unauthorized alterations;
  • Physical and Environmental Security: Our data centers and office locations are protected by physical security controls such as access restrictions, surveillance, and environmental controls to safeguard against physical threats;
  • Supplier Security and Vendor Check: We assess and monitor our suppliers and vendors to ensure they meet our high standards of data protection and information security;
  • Regular Audits and Continuous Improvement: As part of our ISO 27001 certification, we conduct regular internal and external audits of our ISMS to identify areas for improvement and ensure ongoing compliance with security standards;

Find our ISO 27001 certification by following this link or visit our Trust Center.

We work hard to protect your personal information and keep it secure. We're proud that our services have earned a special safety certification called ISO 27001, which proves we take security very seriously.

Your data is protected through encryption, access controls, and certified processes. We follow global standards and regularly audit our systems to ensure compliance and security.

You can find our ISO 27001 certification by following this link or by visiting our Trust Center.

PERSONAL DATA BREACHES NOTIFICATION

We have developed a strong Incident Response Plan that, inter alia, in case of a Data Breach, will take all reasonable steps to investigate, contain, and report the Data Breach to you.

If the data breach is likely to result in a high risk to your rights and freedoms, we will communicate the Personal Data breach to you without undue delay via email and instruct you on mitigation measures. In case our communication channel with you is compromised by the incident, we will notify you using media channels, and this Site in particular.

Breaches of this Privacy Notice by staff, contractors, or officers of MacPaw will be dealt with under MacPaw's internal grievance and disciplinary Notice and may lead to a disciplinary sanction.

In some cases, MacPaw may process Personal Data pursuant to a legal obligation or to protect your vital interests or those of another person.

We hope this never happens — but if there's a data breach involving your information, we'll notify you and explain what to do next.

YOUR RIGHTS AS THE DATA SUBJECT

You have the following rights in respect to Your Personal Data, including the right to access, correct, or delete Personal Data. You can:

  • Have Your Personal Data corrected or deleted. You may ask Us to correct information You think is inaccurate or completely delete all information that We hold about You by emailing: [email protected]
  • Access Your Personal Data report by submitting a request at [email protected]. This report will include the Personal Data We have about You, provided to You in a structured, commonly used, and portable format.
  • Object to processing Your Personal Data. It is Your right to lodge an objection to the processing of Your Personal Data by emailing: [email protected] if You feel the "ground relating to Your particular situation" applies. The only reasons We will be able to deny Your request is if We can show compelling legitimate grounds for the processing, which override Your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claim.
  • Withdraw consent on marketing emails, including when We use Your Personal Data to send You marketing emails. We only send marketing communications to You with Your prior consent, and You may withdraw Your consent at any time by clicking the "unsubscribe" link found within MacPaw emails and changing Your contact preferences. Please note You will continue to receive transactional messages related to Our Service(s), even if You unsubscribe from marketing emails.
  • Withdraw consent. This right only exists where We are relying on consent as a legal basis to process Personal Data about You ("Consent Withdrawal").
  • Without prejudice to any other administrative or judicial remedy, You have the right to appeal to a supervisory authority if You consider that the processing of Personal Data relating to You is in breach of the applicable laws and regulations. If You’re based in the European Economic Area (EEA) and think that We haven’t complied with data protection laws, You have a right to lodge a complaint with Your local supervisory authority. You can find the list of supervisory authorities via this link.
  • Request to know more details about the categories or specific pieces of Personal Data We collect (including how We use and disclose this Personal Data), to delete their Personal Data, to opt out of any "sales" that may be occurring, and to not be discriminated against for exercising these rights.

You may have other rights as may be provided by Data Protection Laws.

You will not have to pay a fee to access Personal Data about You (or to exercise any of the other rights outlined above). However, except in relation to Consent Withdrawal, We may charge a reasonable fee if Your request is clearly unfounded, repetitive, or excessive, or, We may refuse to comply with Your request in these circumstances.

We may need to request specific information from You to help Us confirm Your identity and ensure Your right to access Personal Data about You (or to exercise any of Your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact You to ask You for further information in relation to Your request to speed up Our response.

We try to respond to all legitimate requests within one (1) month (i.e. 30 calendar days). Occasionally it may take Us longer than a month if Your request is particularly complex or You have made a number of requests. In this case, We will notify You and keep You updated.

Data Protection Officer
To communicate with Our Data Protection Officer, please use our dedicated email channel [email protected].

You have full control over your data.

You can access it, correct it, delete it, or opt out of marketing — anytime.

If you'd like to contact our Data Protection Officer directly, you can email us at [email protected].

CHANGES TO PRIVACY NOTICE

We may need to update this Privacy Notice to keep pace with changes in our Service(s), our business, and the laws applicable to us and you. We will, however, always maintain our commitment to respect your privacy. We will notify you of any material changes that impact your rights under this Privacy Notice by email or popup notification (to your most recently provided email address) or post any other revisions to this Privacy Notice, along with their effective date, in an easy-to-find area of our Site. Therefore, we recommend that you periodically check back here to stay informed of any changes. Please note that your continued use of MacPaw after any change means that you agree with and consent to be bound by the new Notice. If you disagree with any changes in this Privacy Notice and do not wish your information to be subject to it, you will need to stop using the Service(s).

Previous version of Privacy Policy here

We'll inform you about important changes

New versions will be posted here, and may also be sent by email or shown in the app.

CALIFORNIA ADDENDUM - FOR RESIDENTS OF CALIFORNIA

This section provides details about rights of California consumers under the California Consumer Privacy Act (“CCPA”) and California’s Shine the Light law. Therefore, this section applies only to residents of California, United States.

  1. CCPA (CPRA)

    In addition to the rights listed above, CCPA provides you with the following rights:

    • Right to know what Personal Data is sold or shared and to whom. Under that title, you have the right to request that we disclose to you:

      • The categories of Personal Data that we collected about you.
      • The categories of Personal Data that we sold or shared about you and the categories of third parties to whom the Personal Data was sold or shared, by category or categories of Personal Data for each category of third parties to whom the Personal Data was sold or shared.
      • The categories of Personal Data that we disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose.

      You may request such information by contacting us by e-mailing to [email protected]. Please reference California Privacy Rights in your subject line.

    • The Right to Opt Out of Sale or Sharing and limit Use of Personal Data. We may share certain information about you with our partners for purposes of targeted advertising or data analytics, which could in certain circumstances be characterized as “selling,” “sharing,” or “targeted advertising” under California laws. You have the right to opt-out of such sale/sharing of your Personal Data by contacting us via [email protected].

      We will also strive to recognize and process your opt-out preference signal as soon as possible after receiving it.

    • The right not to be discriminated against. Under this title, you have a right not to be discriminated against for exercising any of your rights under the California Privacy Rights Act (CPRA).

  2. Access rights under California’s Shine the Light.

    California also provides its residents with additional access rights. Under Shine the Light law, the residents may ask companies once a year what Personal Data they share with third parties for those third parties' direct marketing purposes. Learn more about what is considered to be Personal Data under the statute.

    To obtain this information from us, please send an email message to [email protected], which includes “Request for California Shine the Light Privacy Information” on the subject line and your state of residence and email address in the body of your message. Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response.

Live in California? You have extra privacy rights. You can:

  • Ask what data we collect, sell, or share.
  • Opt out of your data being sold or shared.
  • Request details about data we share with third parties for marketing.

Be sure you won’t be treated differently for using these rights.

If you want to exercise your rights, just email us at [email protected]

UK GENERAL DATA PROTECTION REGULATION - FOR RESIDENTS OF UK

This section provides details about individuals residing in the United Kingdom and details additional rights they have under the United Kingdom Data Protection Act 2018 (DPA) and the EU General Data Protection Regulation (GDPR) which is retained EU law after Brexit. Therefore, this section applies only to UK residents.

Your Rights and Choices in the UK

As a UK resident, You have several rights in relation to Your Personal Data under this Privacy Notice, including:

  • Right to be informed: You have the right to be provided with clear, transparent, and easily understandable information about how we use your Personal Data and your rights. This is why we’re providing you with the information in this Addendum.
  • Right of access: You have the right to obtain access to your Personal Data (if we’re processing it) and certain other information (similar to that provided in this Privacy Notice). This is so you’re aware and can check that we’re using your Personal Data in accordance with data protection law.
  • Right to rectification: You are entitled to have your Personal Data corrected if it’s inaccurate or incomplete.
  • Right to erasure: This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your Personal Data where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
  • Right to restrict processing: You have the right to ‘block’ or suppress further use of your Personal Data in certain circumstances. When processing is restricted, we can still store your Personal Data, but may not use it further.
  • Right to data portability: You have the right to obtain and reuse your Personal Data in a structured, commonly used, and machine-readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
  • Right to object to processing: You have the right to object to us processing your Personal Data for our legitimate interests or for direct marketing purposes (including in each case any related profiling).
  • Right to withdraw consent: If we have obtained your consent to process your Personal Data for certain activities (for example, for profiling your suitability for certain roles), or consent to market to you, you may withdraw your consent at any time.
  • Rights related to automated decision-making and profiling: You have the right not to be subject to a decision when it’s based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us.

To exercise any of these rights at any time, please contact us using the details in our “Contact Us”section of this Privacy Notice.

In accordance with UK data protection laws, we will handle your request related to these rights with care and in a timely manner. If you are not satisfied with our response, you also have the right to lodge a complaint with the UK’s data protection authority, the Information Commissioner’s Office (ICO). For more information, visit https://ico.org.uk/.

Data Retention and Erasure

We retain your Personal Data for as long as necessary to offer the Product and/or provide the Services you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our policies.

Upon your request, and where it is possible, we will delete your Personal Data or anonymise it so that it no longer identifies you, unless, we are legally allowed or required to maintain certain Personal Data, including situations such as:

  • If there’s an unresolved issue relating to your Account, such as an outstanding credit on your account or an unresolved claim or dispute we will retain the necessary Personal Data until the issue is resolved;
  • Where we are required to retain the Personal Data for our legal, tax, audit, and accounting obligations, we will retain the necessary Personal Data for the period required by applicable law; and/or,
  • Where necessary for our legitimate business interests such as fraud prevention or to maintain Your security.

Live in the UK? You have special rights under UK data protection law.
You can:

  • See, correct, or delete your data.
  • Ask us to stop using it, or get a copy to share elsewhere.
  • Say no to marketing or profiling.
  • Withdraw your consent anytime.

If you’re not happy with how we handle your request, you can also complain to the UK’s data authority (ICO).

We keep your data only as long as needed to provide the service or follow the law.

  • If you ask, we’ll delete or anonymize it — unless we must keep it for legal or security reasons.
  • Sometimes we need to store data longer, for example, if there’s an open issue on your account, or if laws require us to keep it.

If you want to exercise your rights, just email us at [email protected]

CONTACT US

You may contact Us with any questions relating to this Privacy Notice by e-mailing to our customer support: [email protected], or to communicate with Our Data Protection Officer, please use our dedicated email channel [email protected] .

Have questions? We're always here to help.

If you have any questions about how we protect your privacy, you can reach us at [email protected].

If you want to talk to our privacy expert (also known as our Data Protection Officer), email [email protected].

Your best source of information about ClearVPN

Can’t find the answer to your question?

We are here to help you
Live Chat

Can’t find what you’re looking for?

Email Us

Have an idea for ClearVPN?

Share it with us and see it comes to life
Request a feature