Privacy Policy

Privacy notice (short version)

The following privacy notice shall provide you with a general overview about the collection, processing and use (hereinafter together referred to as "processing") of your personal data. For more information regarding our processing activities, please view our complete Privacy Policy.

What kind of personal data do we process?

  1. While using our products: Adblock Plus or Adblock Browser (automatically, except for Issue Reporter)
    • Extension updates, subscription downloads, emergency notifications:
      • Browser version
      • Extension version
      • Operating system
      • Date of last update
      • IP address
      • Additionally, you may manually submit the following information about a web page with a bug using the Issue Reporter: URL, blockable items, matching filters, active filter lists (voluntary)
    • Adblock Browser for Android
      • eyeo collects no data. Adblock Browser, being based on Mozilla Firefox, provides Firefox specific functionality which, however, may send data to Mozilla.
    • Adblock Browser for iOS (automatically):
      • Error and crash report data:
        • Bundle identifier, bundle version and short bundle version string of Adblock Browser for iOS
        • Device type, CPU architecture and version of the operating system
        • Timestamp of crash
        • UUID
        • Plain-text class name and message value of the exception
        • Instruction pointer, method or function names, signal data, pointer registers and information about the loaded binary images
        • String / function name identifying the error
  2. While using our websites:
    • Automatically:
      • IP address (stored separately)
      • The time at which the request was made
      • The web address accessed
      • The browser identifier
      • The referring page
      • Aggregated analytics data
    • Voluntary:
      • Forum registration data
      • Email address
      • Data you provide in comments
      • Feedback and filter data

How do we collect data?

List of techniques and tools we use for data collection:

  1. In our products:
    • Update checks
    • Subscription downloads
    • Sending issue reports
    • Emergency notification checks
  2. On our websites:
    • Cookies, only where you can log in
    • Log files
    • Data, like name and / or email address, sent by you when using our forum or blog, or when sharing manually added filters
    • Via Google Analytics

How and why do we process your data?

We process your personal data in compliance with the European General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), the applicable EU laws and German national data protection laws.

How long do we keep data?

  1. For a period of 30 days:
    • Issue report data
    • Crash and error reporter data
    • Website logs
    • Data related to subscription downloads, extension update checks, emergency notifications
  2. Blog and forum data as long as the respective comment / account exists

Note: “Aggregated usage statistics”, such as analytics data and other data without any connection to a single user, may be retained beyond these periods.

Our values

We collect as little data as possible. As far as anonymous or pseudonymous use is possible we anonymize or pseudonymize your data.

What rights do you have?

Questions?

Contact our Data Protection Officer, Dr. Judith Nink, via email or phone.


Privacy Policy (long version)

General information about your privacy

The following information applies to the collection, processing and use of personal data in connection with our services, as but not limited to, the Adblock Plus extension, Adblock Browser and on our websites.

  1. General notes
  2. Who is responsible for data processing?
  3. What is personal data?
  4. What is the purpose of data processing and what is the legal basis?
  5. Do we disclose personal data?
  6. What rights do you have?
  7. Deletion of your data
  8. Changes to this Privacy Policy
  9. Collection and processing in our products

General notes

Your protection and data confidentiality is of utmost importance to us ("eyeo" "we" "our"). We take the protection your personal data very seriously and collect as little data as possible. Nevertheless, collecting data helps our products and websites function correctly, and allows us to communicate with you. Our general privacy policy is to avoid collecting more data than necessary. Collected data is anonymized, if possible, and deleted when no longer needed. This privacy policy shall inform you about the collection, processing and use of your personal data. We gather and use personal data firmly within the provisions of the European General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), the applicable EU Laws and German national data protection laws. In the following text we will inform you about the specific data, the scope and the purpose of the collection and use of personal data by eyeo when using our products and visiting our websites.

Who is responsible for data collection and processing (contacts)?

The legal person responsible for the collection, processing and / or use of personal data in connection with our websites and products ("Controller") is:

Controller

eyeo GmbH
Lichtstr. 25
50823 Cologne
Germany

Data Protection Officer

If you have any questions regarding your personal data, please do not hesitate to contact our Data Protection Officer:

Dr. Judith Nink
Phone
+49 (0) 221 / 65028 598
Email
email address
Fax
+49 (0) 221 / 65028 599

What is personal data?

The purpose of data protection is to protect personal data. Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

This information includes, for example, details such as name and email address, but also nicknames and information in your forum posts.

What is the purpose of data processing and what is the legal basis?

Purpose of data collection and processing

In compliance with Art. 5 (b) GDPR, we collect and process your personal data for specified, explicit and legitimate purposes and do not further process your data in a manner that is incompatible with those purposes.

We collect and process your personal data solely for the following purposes:

  1. We collect and process your personal data, such as website logs and data relating to subscription downloads, extension update checks (such data is collected and processed by Google, see Google Privacy Policy), emergency notifications and Issue Reporter data sent by you, for technical purposes. We mainly collect and process such data to prevent security attacks and are thus able to provide our services to you in a secure and data-efficient manner.
  2. We collect and process your personal data relating to subscription downloads, extension updates, emergency downloads, and Issue Reporter data sent to us by you to improve and evaluate our products.
  3. We send emergency notifications in order to inform you about urgent issues in connection with our products.
  4. We collect and process the data you have provided us with in our blog and forum in order to communicate with you and / or to assist you.

We collect and process your personal data in compliance with the GDPR and the applicable EU laws and German national data protection laws.

We will always ask for your consent to collect and process your personal data for the aforementioned specific purposes, unless the collection and processing of your personal data is permitted by statutory laws. Where you have provided us with your consent to the collection and processing of your personal data for the aforementioned specific purposes, you have the right to withdraw your consent at any time.

Collection and processing is necessary for taking steps prior to enter into a contract - Art. 6 (1) b GDPR

The collection and processing of your personal data may be necessary for the performance of a contract to which you may be a party. Prior to entering into such a contract, the collection and processing of your personal data may also be necessary in order to take steps at your request. This applies for installation (data gathered by the browser and / or app store) and the use of our products.

Collection and processing is necessary for compliance with a legal obligation to which the Controller is subject – Art. 6 (1) c GDPR

Collection and processing of your personal data may be necessary for compliance with a legal obligation to which we are subject under EU laws or the laws of an EU Member State.

Collection and processing is necessary for the purposes of our legitimate interests - Art. 6 (1) f GDPR

The collection and processing of your personal data may be necessary for the purposes of our legitimate interests. We collect and process website logs for technical reasons, such as, but not limited to, preventing denial of service attacks. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. Preventing such overloads of our systems and any security issues by denial of service attacks is in your and our vital interest and therefore we use the website logs. We use information collected and processed via subscription downloads, extension update checks, emergency notifications and feedback data sent by you, for technical reasons, such as, but not limited to, ensuring the security of the extension version used by you. Ensuring the security of our extension is in your and our vital interest and therefore we use such data. Furthermore, we collect and process such data to ensure that our website and extension are constantly improved and adjusted to the changing requirements for an efficient usability and the technical environment. Ensuring the usability of our websites and of our products is in your and our vital interest and therefore we use such data.

Do we disclose any personal data?

We may only transfer your personal data to third parties without informing you separately beforehand in the following exceptional cases as explained below:

We will not transfer your personal data to third parties as a matter of course without letting you know in advance. We will ask for your prior permission unless the transfer of such data is permitted by GDPR or any other applicable EU laws and German national data protection laws.

What rights do you have?

In compliance with the GDPR and the applicable EU laws and German national data protection laws and to the extent legally permitted, you have the following rights to protect your personal data collected and processed by us:

Information, access, rectification and restriction rights

Naturally you have the right to receive, upon request, information about the personal data stored by us about you and information about how we collect, process and store your personal data. Where that is the case, you have the right to gain access to such personal data stored by us. You have the right to request from us the rectification of your inaccurate personal data. Taking into account the purposes of collecting and processing your data, you have the right to have incomplete personal data completed. You have the right to request restriction of processing.

Right to data portability

You also have the right (1) to receive all personal data concerning you and which you have provided to us, in a structured, commonly used and machine-readable format and (2) to transmit that data to another controller.

Right to erasure your data

You have the right to demand from us the erasure of your personal data, where – inter alia – one of the following grounds applies:

Please note, if data needs to be retained for legal purposes pursuant to Art. 17 (3) GDPR, we will restrict the use of the respective data.

Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the collection and processing of personal data relating to you infringes the GDPR.

Right to object to the processing of your data

You have the right to object at any time to the collection and processing of your personal data on grounds relating to your particular situation, when collection and processing is based on our legitimate interest (Art. 6 (1) f GDPR).

You have the right to withdraw your consent at any time, when you have provided us with your consent to the collection and processing of your personal data for one or more specific purposes.

How to exercise your rights

To exercise your rights, please contact us via email or mail to:

eyeo GmbH
Lichtstr. 25
50825 Cologne
Germany

Changes to this Privacy Policy

This Privacy Policy may be changed from time to time. The respective current version is available at: https://adblockplus.org/privacy.

Collection and processing in our products

Adblock Plus extensions

When you use the Adblock Plus browser extension, we collect and process the following data:

Extension update checks

Your browser periodically checks for updates of all your extensions, including Adblock Plus. Some general information - browser version, extension version, operating system, date of last update and your IP address - are transmitted during an update check. Updates for Adblock Plus for Android and Internet Explorer are handled by the Adblock Plus website and the data transmitted is subject to the Adblock Plus Privacy Policy. Updates to Adblock Plus for Firefox are handled by the Mozilla website and are subject to the Mozilla's Privacy Policy. Updates to Adblock Plus for Chrome are handled by the Google Web Store website and are subject to the Google Privacy Policy. Updates to Adblock Plus for Opera are handled by the Opera Add-ons website and are subject to the Opera Privacy Policy. Updates to Adblock Plus for Safari are handled by the Safari Extensions website and are subject to the Apple Privacy Policy.

Subscription downloads

If you add filter subscriptions to your Adblock Plus installation, the subscription will be requested to regularly retrieve updates. Every update results in the hosting website receiving your IP address as well as some general information like your Adblock Plus version, browser and browser version.

Furthermore, if a subscription download fails on several consecutive occasions, the updated address of the filter list is requested from the AdblockPlus.org domain. The data transmitted includes the Adblock Plus version, subscription address and any information about the error encountered. This data is used to identify issues that have not been reported by subscription maintainers and is subject to this Privacy Policy.

Issue Reporter

Adblock Plus allows you to send issue reports that will be temporarily stored on the AdblockPlus.org website. These reports contain information required to investigate the issue including the Adblock Plus version, browser version, address of the web page where the problem is visible, blockable items on the web page, matching filters, active subscriptions, type of issue report (i.e. false positive or false negative), and a screenshot of the issue (it is possible to remove particularly sensitive sections of the page before the report is sent). Parameter values are removed from all transmitted addresses to avoid unintentionally leaking private information.

You can voluntarily:

Access to the reports

The processed reports can only be accessed by an individual who knows their unique ID. These IDs are only shared with:

  1. Maintainers of the filter subscriptions mentioned in the report, as EasyList authors, who are not employed at eyeo.
  2. Certain members of eyeo’s filter list team. eyeo will use the reports for troubleshooting and support monitoring purposes only.
Emergency notification

Adblock Plus contains an emergency notification mechanism that allows it to notify users about important issues affecting their Adblock Plus installation. This feature requires all Adblock Plus installations to query an address in the AdblockPlus.org domain regularly to retrieve the list of active notifications. This request makes your IP address visible to the website and also sends some general information like your Adblock Plus version, browser, browser version and the number of previous Adblock Plus downloads (the download number is limited to four, and will be displayed as 4+ after reaching this number). This data allows serving different notifications to different clients and is subject to this Privacy Policy.

Further requests

Adblock Plus may make further requests to AdblockPlus.org as required. For example, a documentation link is clicked or the full list of filter subscriptions needs to be downloaded. These requests are subject to this Privacy Policy.

Data retention

Data related to subscription downloads, extension update checks, emergency notifications, Issue Reporter data (as well as the full reports and their associated data) are automatically removed after 30 days. Only a subset of the data will be kept longer. This includes only the country code of users filing an issue (extracted from the IP address) for analytic purposes, which is stored separately from the full reports and cannot be connected to an individual after deletion of the full reports.

Adblock Plus stores some data in the Firefox profile on your computer. Adblock Plus never transmits this data to any servers, but other extensions and services, such as Firefox Sync, may do so. Most of the data (your preferences, filter subscriptions and custom filters) is unobjectionable privacy-wise. However, filter hit statistics and recent issue reports could be used to reconstruct your browsing history. Adblock Plus treats this information identically to how history data is treated by the browser; this data isn't stored if you are using private browsing mode and is removed if you choose to clear your browsing history.

Adblock Browser for Android

Adblock Browser for Android is based on Mozilla's Firefox browser. Some data collection and processing in connection with Adblock Browser for Android are subject to Mozilla's Privacy Policy. Please note that Adblock Browser automatically connects to Mozilla and its service providers to provide security, snippets and other features (Firefox's Privacy Notice); and when you ask it to, Adblock Browser also connects to Mozilla to provide you with features such as location services (Firefox's Privacy Notice).

Deviating from the description in Firefox's Privacy Notice, Firefox updates are provided under eyeo's control and some features, such as the Firefox Health Report, crash reporting and add-ons, are disabled.

Adblock Browser for iOS

Crash and error reporter

In the event of an unexpected crash or error, Adblock Browser for iOS collects data relevant for analyzing the cause of the malfunction and transmits it to eyeo's HockeyApp account. The data is solely used for individual troubleshooting (as well as for identifying general defects which lead to unexpected crashes or errors) and is never shared with any third parties other than HockeyApp.

During a crash, the following data is sent:
During an error, the following data is sent:

Said data is only collected when the application crashes or throws an error. Furthermore, Adblock Browser for iOS explicitly asks for permission to send the collected information after the crash or error happened.

In order to learn more about HockeyApps's privacy policy, please consult their Terms of Service as well as their crash report documentation and event report documentation.

Data retention:

All reports stored on our servers are removed after 30 days.

Collection and processing on our websites

When using our websites, as AdblockPlus.org and AdblockBrowser.org (Websites), we automatically collect the following data in order to provide you with our services, and for security reasons:

Automatically collected information
Website logs

All requests to our Websites are recorded in the website logs. Data stored includes your IP address (solely for the purpose of IT security and only accessible by eyeo's IT Security team), the time at which the request was made, the web address accessed, the browser identifier and the referring page. This data (IP address only aggregated via hashing with a daily changing salt) is used to generate usage statistics as well as to investigate potential security issues and forum or blog spam. Detailed logs are retained for a period of 30 days, after which only the aggregated usage statistics that cannot be connected to a single user remain. Everything else is deleted.

Data retention

The request to our Websites, including your IP address, is stored when you create a forum post, submit a contact form, or add a blog comment. This allows administrators to effectively address spam content and security breaches. All stored requests are deleted after 30 days.

Cookies

Several areas of our Websites use cookies to recognize signed-in users or to store settings. Cookies are small files that are stored on your computer with the help of your internet browser. Cookies are not evaluated in any other manner and are never used to track Website visitors. If you do not want to enable cookies, you can opt against using them by selecting the appropriate settings on your browser. Please note that the efficiency and range of eyeo's services may be restricted as a result.

Google Analytics

We use Google Analytics, a web analytics service from Google Inc. ("Google"), on our Websites. Google Analytics uses so-called "cookies" (text files stored on your computer that enable us to analyze your use of our Websites). Information generated by the cookies (including your abbreviated IP address) is transmitted to and stored at a Google server in the United States. Google uses this information to assess your use of our Websites, to compile activity reports, and to provide more services connected with the use of our Websites. It is possible that Google may transmit this information to third parties if required by law, or if third parties process this information on behalf of Google.

You can deactivate Google Analytics by means of a browser add-on if you do not want to participate in website analytics. You can download the add-on from Google:

http://tools.google.com/dlpage/gaoptout

At adblock.ai

On our website, adblock.ai, we automatically collect the following information:

Facebook Messenger integration

We have embedded the Facebook Messenger functionality, owned by Facebook, Inc., into the adblock.ai website to enable you to submit screenshots to our bot (“Adblock AI”) via Messenger, without having to access the Facebook website. Please note that Messenger is hosted by Facebook. We have disabled the function that would otherwise send personal data to Facebook when you access our website; however, when you click on the button to help train Adblock AI with your screenshots (“START NOW”) you will activate Messenger. Only then will some personal data, including IP address, be transferred to Facebook. For more information, please review Facebook's Privacy Policy. If you do not want to transfer data to Facebook, please do not click on the button to send information to Adblock AI through Facebook Messenger.

Information you give to us on a voluntary basis

The Adblock Plus forum and blog are both publicly available to all visitors. If you write a post or comment, we collect and process personal data as follows:

Forum registration

We use personal data you entered during forum registration to form the user's public profile, which is visible to other forum visitors for the purpose that users can associate forum posts with a particular person.

Passwords and email addresses will not be visible to other forum visitors.

Note: Registration is not required to read articles in the forum and you can delete your account at any time.

Blog comments

When you add a comment on the Adblock Plus blog, you can optionally specify an email address. Unlike the other fields, the email address is never displayed to other visitors and is only used to notify the comment author about replies to their comments, if any.

Email collection

Some of eyeo's Websites host product campaigns that rely on email collection. For example, you can request a link by email to install Adblock Browser on your mobile device. We do not use third parties to manage these campaigns. Instead, data that you submit is handled in-house (i.e. turned into an email or used to send the email). We will never share or sell your email address, or any other information collected, to any third parties.

Email collection

Data provided by you in connection with our blog and our forum will be retained for the same time as the comment and / or your account exists.

In general, we do not store your email address unless it’s specifically required to execute the related campaign (i.e. email signups for a newsletter or signing up to get notified about a product launch). In cases where we do store your email address, we only store it for the length of time that is needed to execute the campaign (i.e. once you’ve been notified of the launch).