saneter
Sign inGet started

Privacy Policy

Last updated: May 14, 2026

This Privacy Policy explains how Saneter, operating as a sole proprietor (“Saneter,” “we,” “us,” or “our”), collects, uses, shares, and retains personal data when you visit our website, create an account, or use our proxy services (collectively, the “Service”).

This Policy is designed to comply with the EU General Data Protection Regulation (GDPR), the UK GDPR, and similar privacy laws. It should be read together with our Terms of Service and Cookie Policy.

1. Who We Are (Data Controller)

For the purposes of GDPR and similar laws, the data controller for personal data processed in connection with the Service is Saneter, operating as a sole proprietor under the laws of the Hong Kong Special Administrative Region of the People’s Republic of China.

You can reach our privacy contact at [email protected] for any questions about this Policy or the processing of your personal data.

2. Information We Collect

2.1 Information you provide directly

  • Account information. Email address, password (stored hashed), and any optional profile details you choose to add.
  • Billing information. Billing name, billing address, and tax identifiers where applicable. Full payment card numbers and crypto wallet credentials are processed by our payment providers and are not stored on our servers.
  • Support communications. Messages, attachments, and metadata you send when you contact us for support or other inquiries.

2.2 Information we collect automatically

  • Service usage logs. IP addresses you connect from, timestamps, request volume, bandwidth consumed, target endpoints (host only, not URL paths or payloads), and error codes.
  • Device and browser information. User-agent string, operating system, browser type and version, and approximate geolocation derived from IP address.
  • Security and abuse signals. Failed login attempts, anomalous traffic patterns, and information used to detect violations of our Acceptable Use Policy.
  • Cloudflare infrastructure logs. Our website and dashboard are protected by Cloudflare, which generates infrastructure logs (including IP addresses and request metadata) used for security and abuse prevention.

2.3 What we do not collect

We do not embed third-party analytics or advertising trackers on our website. We do not use Google Analytics, Meta Pixel, Hotjar, or similar tools at this time. Our website does not currently use marketing cookies. If this changes in the future, we will update this Policy and, where required, ask for your consent through a cookie banner.

3. How We Use Information

We use personal data for the following purposes:

  • Operating the Service. Creating and maintaining your account, provisioning proxies, routing traffic, and providing support.
  • Billing and payments. Processing your purchases, handling refunds, and detecting payment fraud.
  • Security and abuse prevention. Detecting, preventing, and investigating unauthorized access, fraud, and violations of our Terms of Service and Acceptable Use Policy.
  • Service improvement. Diagnosing technical issues, analyzing aggregate usage patterns, and improving features and reliability.
  • Legal compliance. Complying with applicable laws, regulations, court orders, and lawful requests from public authorities.
  • Communications. Sending you transactional messages (account, billing, security, and important service notices). We do not currently send marketing emails.

4. Legal Bases for Processing (GDPR)

If you are in the European Economic Area, the United Kingdom, or another jurisdiction with similar rules, our legal bases for processing your personal data are:

  • Performance of a contract— to provide the Service you have purchased and to take steps at your request before entering into a contract (e.g., account creation).
  • Legitimate interests— for security, fraud prevention, abuse detection, internal administration, and to keep records of our business. We balance these interests against your privacy rights.
  • Legal obligation— to comply with tax, accounting, anti-money-laundering, and other legal requirements.
  • Consent— for any processing that strictly requires consent. You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

5. How We Share Information

We do not sell personal data. We share personal data only in the following circumstances:

  • Service providers (data processors). Including payment processors, billing platforms, infrastructure providers (such as our upstream proxy network partners), email delivery providers, and Cloudflare (for security and content delivery). These providers are bound by contractual obligations to process personal data only on our instructions and to maintain appropriate security.
  • Legal and regulatory requests. Where we are legally required to disclose data in response to a valid court order, subpoena, or other lawful request from a competent authority.
  • Protection of rights and safety. Where disclosure is necessary to investigate or prevent fraud, security incidents, or other harm, and to enforce our agreements.
  • Corporate transactions. In the event of a merger, acquisition, asset sale, or similar transaction, personal data may be transferred to the successor entity, subject to this Policy and applicable law.

6. International Data Transfers

We are based in Hong Kong SAR. Our service providers and infrastructure partners may be located in other countries, which means your personal data may be transferred to, stored in, or processed in jurisdictions outside your country of residence, including jurisdictions that may not have data protection laws considered equivalent to those of the EEA or UK.

Where required by law, we put appropriate safeguards in place for international transfers, including Standard Contractual Clauses (SCCs) approved by the European Commission or other lawful transfer mechanisms. You may request a copy of the relevant safeguards by contacting [email protected].

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Policy, including operating the Service, complying with legal obligations, resolving disputes, and enforcing our agreements.

  • Account data: for the duration of your account, plus up to 90 days after termination or deletion to handle appeals, security investigations, and post-termination disputes.
  • Billing and tax records: for the period required by applicable tax and accounting laws (typically up to 7 years).
  • Service usage logs: for a rolling period reasonably necessary for security, abuse prevention, and capacity planning, after which logs are deleted or aggregated.
  • Support communications: for as long as needed to provide support and to maintain a record of issues and resolutions.

8. Your Rights

Depending on your location, you have the following rights regarding your personal data. We will respond to verified requests within the timeframes required by applicable law (typically within 30 days under GDPR).

  • Right of access. Obtain confirmation that we process your personal data and receive a copy of that data.
  • Right to rectification. Ask us to correct inaccurate or incomplete personal data.
  • Right to erasure (“right to be forgotten”). Ask us to delete your personal data, subject to legal retention obligations.
  • Right to restriction. Ask us to limit how we process your personal data in certain circumstances.
  • Right to data portability. Receive a copy of your personal data in a structured, commonly used, machine-readable format and, where technically feasible, have it transmitted to another controller.
  • Right to object. Object to processing based on legitimate interests, including profiling.
  • Right to withdraw consent. Withdraw any consent you have previously given, without affecting the lawfulness of processing performed before withdrawal.
  • Right to lodge a complaint. Lodge a complaint with the data protection authority in your country of residence if you believe we have not handled your personal data lawfully.

To exercise any of these rights, contact us at [email protected]. We may need to verify your identity before fulfilling a request, and we may decline requests that are manifestly unfounded, excessive, or prohibited by law.

9. Cookies and Similar Technologies

We use a minimal set of strictly necessary cookies to operate the Service, primarily through Cloudflare (e.g., __cf_bm for bot management and cf_clearance for security challenges) and, in the future, session cookies for the dashboard login. We do not currently use analytics or marketing cookies. For full details, see our Cookie Policy.

10. Security

We implement technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include, where appropriate, encryption in transit (TLS), hashed password storage, access controls, network-level protection through Cloudflare, and routine review of operational practices.

No method of transmission or storage is perfectly secure. While we strive to use reasonable means to protect personal data, we cannot guarantee absolute security.

11. Children’s Privacy

The Service is not directed to individuals under the age of 18, and we do not knowingly collect personal data from anyone under 18. If you believe that a minor has provided personal data to us, please contact [email protected] and we will take appropriate steps to investigate and, where appropriate, delete the data.

12. Third-Party Services and Websites

When you use our proxy services to access third-party websites, those websites are operated independently from us, and their privacy practices are governed by their own policies. This Policy applies only to personal data we process as data controller in connection with our Service.

13. Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, provide additional notice (for example, by email or an in-product notice). Your continued use of the Service after the effective date of the changes constitutes acceptance of the revised Policy.

14. Contact Us

For questions, requests, or complaints regarding this Policy or our handling of your personal data, please contact us at [email protected].

Saneter, operating as a sole proprietor.
Data controller jurisdiction: Hong Kong SAR.