GDPR Compliance

Bottyfier is designed with privacy in mind and is fully compliant with the General Data Protection Regulation (GDPR).

Our Commitment to Privacy

At Bottyfier, we believe that effective bot protection shouldn't come at the expense of user privacy. Our service is designed to detect and prevent abuse while collecting the minimum amount of data necessary and ensuring full compliance with GDPR requirements.

We process data solely for the purpose of protecting our customers' applications from abuse, and we do so in accordance with all applicable privacy regulations.

What Data We Process

Bottyfier processes the following types of data to provide our protection services:

IP Addresses

  • We analyze IP addresses to detect VPNs, proxies, and suspicious networks
  • IP addresses are hashed and anonymized where possible
  • We don't store full IP addresses longer than necessary for detection

Email Addresses

  • We analyze email addresses to detect disposable and temporary email services
  • Email addresses are processed but not stored in plain text
  • We use hashed representations for repeat detection

Technical Metadata

  • Request timestamps and frequency patterns
  • Basic technical information for abuse detection
  • No personally identifiable information is collected

Legal Basis for Processing

Under GDPR, we process data based on the following legal grounds:

Legitimate Interest (Article 6(1)(f))

We have a legitimate interest in protecting our customers' applications from abuse and fraudulent activity. This processing is necessary to provide our core service and is balanced against individual privacy rights.

Contractual Necessity (Article 6(1)(b))

Processing is necessary to fulfill our contractual obligations to our customers who rely on our protection services.

Data Retention

We retain data only as long as necessary to provide our services:

  • Real-time analysis data is processed and discarded immediately
  • Aggregate statistics are retained for service improvement
  • Customer account data is retained while the service relationship exists
  • Data is automatically purged according to our retention schedule

Your Rights Under GDPR

You have the following rights regarding your personal data:

Right to Access

Request information about what personal data we process

Right to Rectification

Request correction of inaccurate personal data

Right to Erasure

Request deletion of your personal data

Right to Object

Object to processing based on legitimate interests

Contact Us

If you have any questions about our GDPR compliance or wish to exercise your rights, please contact us:

Email: [email protected]

Subject: GDPR Request

We will respond to your request within 30 days as required by GDPR.