Welcome to Visor ("we," "us," or "our"). Our website provides a service that
allows you, the visitor, to
gain a comprehensive view of certain low-level network connection details that your browser or client
may expose when connecting to a web server.
The primary purpose of our service is educational: to help you understand
what data your
client software might be revealing and to empower you to make informed decisions about your online
privacy.
This Privacy Policy explains how we handle your information in compliance with
the General
Data Protection Regulation (GDPR) and other relevant privacy laws.
Our Core Privacy Principles
The detailed connection information displayed to you is processed in real-time for the sole
purpose of showing it back to you during your active session.
We do not store your IP address after your session ends.
We do not track your activity across other websites.
We do not build profiles of individual users.
For service improvement, we may retain anonymized and/or
aggregated sets of connection characteristics, which are not linked to your IP
address or any personal identifiers from your session.
2. Data Controller
The data controller responsible for your information is:
When you visit Visor, our servers automatically receive and process certain
technical data from your
connection. This processing occurs for two main purposes:
A. To Provide Our Educational Service
(Real-time Display):
IP Address: Your IP address is necessary for your device to
communicate with our
server. We use it solely to establish the connection and to derive general information sometimes
associated with it (such as an approximate geolocation) for display to you during your session.
Your IP
address is not stored by us after your session ends.
Network Protocol Characteristics: We analyze aspects of the
underlying network protocols (such as TCP) used by your connection. This can reveal certain general
characteristics about your operating system or network configuration, which are displayed to you for
informational purposes during your session. This session-specific data, in its identifiable form, is
processed
in memory and not stored.
Secure Connection (TLS) Parameters: We examine elements of
the Transport Layer Security (TLS) handshake, such as the parameters and preferences your client
software proposes for establishing a secure connection. This can indicate specific attributes of
your client's TLS implementation, which we present for your awareness during your session. This
session-specific data, in its identifiable form, is processed in
memory and not
stored.
Application Protocol (e.g., HTTP/2) Attributes: If your
client uses newer web protocols like HTTP/2,
we may analyze initial communication attributes. This can show general characteristics of how your
client implements these protocols, displayed for educational insight during your session. This
session-specific data, in its identifiable form, is processed in
memory and not
stored.
B. To Improve Our Service (Analysis of
Anonymized Data):
Anonymized and Aggregated Connection Characteristics: To
enhance our service's classification capabilities and overall performance, we may retain and analyze
sets of the technical characteristics derived from network, TLS, and application protocols (as
described above). This data is always anonymized or
aggregated before storage and analysis, meaning it is not linked to your IP address or
any other information that could identify you or your specific session. For example, we might count
the occurrences of certain TLS parameters across many connections to understand common
configurations, but not store that a specific IP address had those parameters.
Overall Purpose of Processing:
The primary purpose of processing your connection information is to provide you
with an
immediate, real-time view and
classification of these types of connection details for your education. Additionally, we process
anonymized and aggregated data to improve the accuracy, scope, and utility of the Visor service for all
users.
4. Legal Basis for Processing (GDPR)
Our legal bases for processing data under GDPR are as follows:
For processing your IP address and connection characteristics to provide the real-time educational display during your session: our
legitimate interest (Article 6(1)(f) GDPR) in operating our website and providing the requested
service directly to you. We believe this interest is not overridden by your interests or fundamental
rights and freedoms, especially given the transient nature of this specific processing and the
direct benefit to you.
For processing anonymized and/or aggregated connection
characteristics for service improvement: our legitimate interest (Article 6(1)(f) GDPR)
in developing and enhancing our service. We ensure that this data is processed in a way that does
not identify individuals, thereby minimizing impact on personal privacy.
Key considerations for our legitimate interest assessment include:
The real-time display data is processed only when you actively visit our site for your direct
benefit.
Your IP address and identifiable session-specific connection characteristics are not stored after your session for the purpose of the real-time
display.
Any data retained for service improvement is anonymized or
aggregated to protect individual privacy.
We do not track you or use any data for purposes like
personalized advertising or building individual user profiles.
By using our service, you are requesting the real-time analysis of your
current
connection for your
own viewing.
5. Data Retention
Session Data for Real-time Display: As
stated clearly, we do not retain your IP address or the
identifiable connection characteristics processed to provide you with the real-time connection details
after your session ends. This data is processed transiently and discarded.
Anonymized Data for Service
Improvement: Anonymized and/or aggregated sets of connection characteristics, which are not
linked to any personal identifiers, may be retained for longer periods as necessary for statistical
analysis, trend identification, and improving our classification algorithms. We periodically review the
necessity of retaining this anonymized data.
6. Data Sharing and Third Parties
We do not sell, trade, rent, or otherwise
share your personal data (including your IP
address or identifiable connection characteristics from your session) with any third parties for their
own purposes. The real-time analysis is performed
on our servers for
your viewing only.
We do not share the anonymized and/or aggregated data sets with third
parties for their independent use. This data is used internally for improving Visor.
Our website itself is hosted by a third-party hosting provider. Hosting
providers may log access data (like IP addresses) for security and operational purposes, which is
subject to their own policies and legal obligations. We have chosen reputable providers and encourage
you to review their privacy practices if you have concerns. However, our application logic itself does
not store or pass your identifiable session data or the specific connection characteristics we analyze
to them beyond what is inherent in the hosting relationship.
7. Cookies and Similar Technologies
Our website, Visor, does not use cookies or any similar tracking technologies.
8. Data Security
We implement reasonable technical and organizational measures to protect the data
while it is being
processed in real-time on our servers, and to secure any anonymized or aggregated data we may store.
This includes using HTTPS to encrypt data in transit between your
browser and our server. However, please remember that no method of transmission over the Internet or
method of electronic processing or storage is 100% secure.
9. Your Rights Under GDPR
Under the GDPR, you have several rights regarding your personal data. Given the
nature of our
data processing, these rights apply as follows:
Right to Access: You can see the data we process from your
connection in real-time
when you visit our site. As we do not store your IP address or identifiable session data, we cannot
provide historical access to this specific information once your session ends. For any anonymized or
aggregated data we hold for service improvement, it is not personally identifiable and therefore
generally outside the scope of individual access requests for personal data.
Right to Rectification: Since we do not store your
identifiable session data,
there is no such stored data to
rectify. The data displayed is a direct reflection of your current connection's characteristics.
Anonymized data, by its nature, cannot be rectified on an individual basis.
Right to Erasure (Right to be Forgotten): This right is
inherently fulfilled for your identifiable session data as we
do not store it beyond your active session. Anonymized data used for service improvement is not
personally identifiable and thus this right typically does not apply to such datasets.
Right to Restrict Processing: You can restrict processing of
your identifiable session data by
choosing not to visit
our site or by closing your session. For anonymized data, this right is generally not applicable as
the processing does not involve personal data in a way that can be linked to you.
Right to Data Portability: As we do not store your
identifiable personal
data from the session, this right is not
applicable in the traditional sense of providing a downloadable file of stored personal data. The
real-time data is
available for you to view and manually copy from your screen during your session.
Right to Object: You can object to the processing of your
identifiable session data by not
using our service. Regarding the processing of anonymized data for service improvement based on our
legitimate interest, you can contact us if you have specific concerns.
Right to Lodge a Complaint: You have the right to lodge a
complaint with a
supervisory authority in your EU member state if you believe our processing of personal data
infringes GDPR.
To exercise any relevant rights or if you have questions, please contact us
at contact@proxy.life.
10. International Data Transfers
Our servers are located in Finland.
When you access our site, your connection data is processed on these servers. Any anonymized and
aggregated data retained for service improvement is also stored and processed on these servers. As we do
not store your identifiable personal data from your session or transfer it to other parties or locations
after your session, further international data
transfer concerns related to your identifiable session data are minimized.
11. Children's Privacy
Our service is not directed to individuals under the age of 16 (or a lower age if
permitted by applicable
law in your country). We do not knowingly collect personal data from children. If we become aware that a
child has provided us with personal data without parental consent, we will take steps to remove that
information from our systems (which, in our case, means ensuring no identifiable data is stored from any
future
accidental interaction, and any anonymized data would not be traceable to a child).
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any
changes by posting the new
Privacy Policy on this page and updating the "Effective Date" at the top. You are advised to review this
Privacy Policy periodically for any changes.
13. Contact Us
If you have any questions about this Privacy Policy, please contact us: