Last updated: January 6, 2026
At Protect Your PC, we are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal information. This Privacy Policy explains our data practices and your rights under applicable privacy laws including GDPR, CCPA, and other data protection regulations.
What we collect: Account information, billing data, device information, usage analytics, and communication records necessary to provide and improve our PC protection services.
Why we collect it: To deliver protection services, process payments, improve platform performance, provide customer support, and comply with legal obligations.
Your rights: You have the right to access, correct, delete, port, object to processing, and restrict how we use your personal data. You can exercise these rights at any time.
How we protect it: We use encryption, secure storage, access controls, regular audits, and breach notification procedures to safeguard your data.
We collect different categories of personal data to provide, maintain, and improve our services. Below is a detailed breakdown of what we collect, why we collect it, and how long we retain it.
Personal data collected during registration and account management
To create and manage your account, provide personalized services, and communicate with you about your subscription and platform updates.
Financial information required for subscription processing
To process payments, manage subscriptions, generate invoices, prevent fraud, and comply with financial regulations and tax requirements.
Data about your devices and how you interact with our platform
To deliver protection services, optimize platform performance, troubleshoot technical issues, and enhance security through device fingerprinting.
Information about how you use our platform and services
To understand user behavior, improve service quality, develop new features, personalize recommendations, and measure campaign effectiveness.
Content and metadata from your interactions with our support team
To provide customer support, resolve technical issues, improve service quality, and maintain records of our communications for legal protection.
Under GDPR and similar regulations, we must have a lawful basis for processing your personal data. We rely on the following legal grounds:
Processing required to provide services under our Terms of Service
Processing required to comply with applicable laws and regulations
Processing for legitimate business purposes that do not override your rights
Processing based on your explicit consent, which can be withdrawn at any time
You have comprehensive rights over your personal data under applicable privacy laws. Here's how you can exercise each right:
Request a copy of all personal data we hold about you in a structured, commonly used format.
Submit an access request through your account settings or contact privacy@protect-your-pc.com. We will respond within 30 days.
Request correction of inaccurate or incomplete personal data we maintain about you.
Update your information directly in account settings or contact us to request corrections for data you cannot edit yourself.
Request deletion of your personal data, subject to legal and contractual obligations.
Request account deletion through settings or email privacy@protect-your-pc.com. Some data may be retained for legal compliance.
Receive your personal data in a machine-readable format and transfer it to another service provider.
Request data export through account settings. We will provide your data in JSON or CSV format within 30 days.
Object to processing of your personal data for direct marketing, profiling, or other purposes based on legitimate interests.
Opt out of marketing communications via email preferences or contact us to object to other types of processing.
Request temporary restriction of processing while we verify accuracy or assess legitimate grounds for processing.
Contact privacy@protect-your-pc.com to request processing restriction. We will notify you before lifting restrictions.
Response Time:
We will respond to all privacy rights requests within 30 days. For complex requests, we may extend this period by an additional 60 days with notification.
We implement comprehensive technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:
All data transmitted between your device and our servers is encrypted using industry-standard TLS 1.3 protocol.
Personal data is stored in encrypted databases with strict access controls and regular security audits.
Multi-factor authentication, role-based access, and least-privilege principles protect against unauthorized access.
In case of a data breach, we will notify affected users within 72 hours and provide guidance on protective measures.
Third-party vendors undergo security assessments and sign data processing agreements before accessing any user data.
Annual security audits by independent third parties ensure compliance with industry standards and best practices.
Data Breach Protocol:
If we discover a security breach that compromises your personal data, we will notify you within 72 hours via email and provide detailed information about the breach, affected data, and recommended protective actions.
We work with trusted third-party vendors to help deliver our services. These vendors have access to personal data only as necessary to perform their functions and are contractually obligated to protect your data:
Provider: Stripe, Inc.
Data Shared: Billing information, transaction data, payment method details
Purpose: Secure payment processing, fraud prevention, PCI-DSS compliance
Provider: Supabase
Data Shared: Account information, authentication tokens, encrypted passwords
Purpose: Secure data storage, user authentication, real-time data synchronization
Provider: Google Analytics
Data Shared: Anonymous usage statistics, device information, session data
Purpose: Platform optimization, user behavior analysis, performance monitoring
Provider: Resend
Data Shared: Email addresses, names, communication preferences
Purpose: Transactional emails, account notifications, marketing communications (with consent)
Vendor Management: All third-party vendors undergo security assessments and sign data processing agreements (DPAs) that require them to maintain the same level of data protection as outlined in this Privacy Policy.
Your personal data may be transferred to and processed in countries outside your jurisdiction. We ensure adequate protection through the following mechanisms:
EU-approved contractual terms that ensure adequate data protection for transfers outside the EEA
Transfers to countries recognized by the EU as providing adequate data protection
Compliance with Privacy Shield principles for US-based service providers where applicable
Primary Data Location:
Our primary data centers are located in the United States and European Union. We maintain compliance with GDPR, CCPA, and other applicable data protection regulations regardless of data location.
Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.
If we discover that we have inadvertently collected personal data from a child under 16, we will take prompt steps to delete that information from our systems and notify the parent or guardian if contact information is available.
Parents and guardians have the right to review, delete, or refuse further collection of their child's personal information by contacting our Privacy Officer.
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements:
Data is retained for the duration of your account existence and active subscription. You can delete your account at any time through account settings.
After account deletion, most personal data is permanently deleted within 90 days. Some data may be retained longer for legal compliance (e.g., financial records for 7 years).
Accounts inactive for 24 months will receive deletion warnings. After 30 months of inactivity, accounts and associated data will be automatically deleted.
Aggregated analytics data (anonymized) may be retained indefinitely for research and platform improvement. Raw logs are deleted after 90 days.
For questions, concerns, or requests related to this Privacy Policy or your personal data, please contact our Data Protection Officer:
Phone
+1 (555) 123-4567
Monday - Friday, 9:00 AM - 6:00 PM EST
Mailing Address
Protect Your PC
Attn: Data Protection Officer
PO Box 1946
Martinsville, IN 46151
United States
EU Representative
For users in the European Economic Area, our EU representative can be contacted at:
eu-privacy@protect-your-pc.com
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will:
Continued use of our services after policy changes indicates acceptance of the updated terms. If you disagree with the changes, you have the right to close your account and request data deletion.
Version History:
You can view previous versions of this Privacy Policy by contacting our Privacy Team. We maintain records of all material changes for at least 5 years.
If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with the appropriate data protection authority in your jurisdiction:
European Union Users:
Contact your local Data Protection Authority (DPA). A list of EU DPAs can be found at edpb.europa.eu
California Residents:
Contact the California Attorney General's Office at oag.ca.gov/contact
Other Jurisdictions:
Please contact your local privacy or data protection regulator. We will cooperate fully with any regulatory investigations.
For complete information about our data practices and your rights, please also review these related policies: