Velocity Digital Labs LLC ("Company," "we," "us," or "our") operates the ClickzProtect platform (the "Service"), accessible at clickzprotect.com and dashboard.clickzprotect.com. This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you access or use our Service.

This Privacy Policy applies to all users of the ClickzProtect platform, including account holders, administrators, and authorized team members. For information about how we process end-user traffic data on behalf of our customers, please refer to Section 2 and our Terms of Service.

By using ClickzProtect, you consent to the data practices described in this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of the Service.

We collect different categories of information depending on how you interact with ClickzProtect:

2.1 Account Information

When you create an account, we collect:

• Full name
• Email address
• Password (stored in hashed form; we never store plaintext passwords)
• Organization name (if applicable)
• Billing and payment information (processed by our third-party payment processor)

2.2 Traffic Analytics Data

When visitors pass through your ClickzProtect campaigns, we collect and process the following data to provide traffic filtering and analytics services:

• IP Addresses: Used for geolocation, proxy/VPN detection, ISP identification, and threat scoring.
• TLS/JA4+ Fingerprints: Cryptographic fingerprints derived from TLS handshake parameters for bot detection and device identification.
• Device Fingerprints: Browser-based fingerprints including canvas, WebGL, audio context, and other hardware characteristics used for visitor uniqueness determination.
• HTTP Headers: User-Agent strings, Accept-Language, referrer URLs, and other standard HTTP request headers.
• Browser and Device Information: Browser type and version, operating system, screen resolution, device type, and installed plugins.
• Behavioral Data: Mouse movements, click patterns, scroll behavior, and keyboard interaction patterns used for bot/human classification.
• Click Data: Click IDs, timestamps, conversion events, sub-IDs, referrer sources, and campaign identifiers.
• Geolocation Data: Country, region, city, and approximate coordinates derived from IP address lookups.

2.3 Cookies and Local Storage

We use cookies and similar technologies on the ClickzProtect dashboard and campaign pages. See Section 8 for detailed information about our cookie practices.

2.4 Usage Information

We automatically collect information about how you interact with the ClickzProtect dashboard, including:

• Pages visited and features used
• Date and time of access
• Referring URLs and navigation paths
• API usage patterns and request volumes

We use the information we collect for the following purposes:

3.1 Service Delivery

• Providing traffic cloaking, filtering, and routing services
• Performing bot detection and threat analysis
• Generating traffic analytics reports and dashboards
• Processing conversion tracking and postback events
• Managing campaigns, rules, and offer configurations

3.2 Account Management

• Creating and maintaining your account
• Authenticating your identity and managing sessions
• Processing subscription billing and payments
• Communicating account-related information

3.3 Security & Fraud Prevention

• Detecting and preventing unauthorized access
• Identifying and mitigating platform abuse
• Maintaining the integrity and security of the Service
• Enforcing rate limits and usage policies

3.4 Service Improvement

• Improving detection algorithms and threat scoring models
• Enhancing platform performance and user experience
• Developing new features and capabilities
• Generating aggregated, anonymized industry benchmarks

3.5 Communication

• Sending service notifications and updates
• Responding to support requests
• Providing information about new features or changes to the Service

For users in the European Economic Area (EEA), United Kingdom, and other jurisdictions that require a legal basis for processing personal data, we rely on the following grounds:

• Performance of Contract: Processing necessary to fulfill our obligations under the Terms of Service, including providing the Service, managing your account, and processing payments.
• Legitimate Interests: Processing necessary for our legitimate business interests, including improving the Service, ensuring security, preventing fraud, and developing our detection capabilities, provided these interests are not overridden by your data protection rights.
• Consent: Where we rely on your consent for specific processing activities, such as sending marketing communications. You may withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.
• Legal Obligation: Processing necessary to comply with applicable laws, regulations, or legal processes.

We do not sell your personal data. We may share information with the following categories of third parties, strictly as necessary to provide and improve the Service:

5.1 IP Intelligence Providers

To provide accurate traffic intelligence, we utilize the following third-party services that process IP address data:

• MaxMind: IP geolocation services for determining visitor country, region, city, and ISP information. MaxMind processes IP addresses to return geographic data. MaxMind Privacy Policy
• Spur: Proxy, VPN, and residential proxy detection services. Spur processes IP addresses to determine if traffic originates from anonymizing services. Spur Privacy Policy
• IPQS (IPQualityScore): Fraud scoring and IP reputation services. IPQS processes IP addresses to generate fraud risk scores and detect malicious traffic. IPQS Privacy Policy

5.2 Payment Processors

Subscription payments are processed by third-party payment providers. Your payment information is transmitted directly to the payment processor and is not stored on our servers. We only retain transaction IDs and subscription status information.

5.3 Infrastructure Providers

We use cloud infrastructure and hosting providers to operate the Service. These providers may process data on our behalf under strict data processing agreements.

5.4 Legal Requirements

We may disclose information when we believe in good faith that disclosure is necessary to:

• Comply with applicable laws, regulations, or legal processes
• Respond to lawful requests from government authorities
• Protect the rights, property, or safety of Velocity Digital Labs LLC, our users, or the public
• Enforce our Terms of Service

5.5 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change and any choices you may have regarding your data.

We retain different types of data for varying periods based on the purpose of collection and your subscription plan:

• Account Data: Retained for the duration of your active account and for up to 30 days after account deletion to facilitate data export requests.
• Traffic Analytics Data: Retained in ClickHouse according to your subscription plan's data retention period (ranging from 30 days to 12 months depending on plan tier). Data is automatically purged after the retention period expires.
• Click and Conversion Data: Retained for the duration specified by your plan, after which it is aggregated into summary statistics and the raw data is deleted.
• Server Logs: Retained for up to 90 days for security monitoring and debugging purposes, then automatically deleted.
• Billing Records: Retained as required by applicable tax and financial regulations (typically 7 years).

You may request early deletion of your data at any time by contacting us at support@clickzprotect.com or through the GDPR data export and deletion features available in your account settings.

If you are located in the European Economic Area (EEA), the United Kingdom, or other jurisdictions that grant similar rights, you have the following rights regarding your personal data:

• Right of Access: You have the right to request a copy of the personal data we hold about you. You can export your data through the account settings or by contacting us.
• Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data. You can update most information directly through your account profile.
• Right to Erasure: You have the right to request deletion of your personal data, subject to legal retention requirements. Account deletion can be initiated through account settings or by contacting support.
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format (JSON). Data export functionality is available through the ClickzProtect API and account settings.
• Right to Restriction of Processing: You have the right to request that we restrict processing of your personal data under certain circumstances.
• Right to Object: You have the right to object to processing of your personal data based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal.

To exercise any of these rights, please contact us at support@clickzprotect.com. We will respond to your request within 30 days, as required by GDPR.

If you believe that our processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with your local data protection supervisory authority.

ClickzProtect uses cookies and similar technologies for the following purposes:

8.1 Essential Cookies

These cookies are necessary for the Service to function and cannot be disabled:

• Authentication cookies: Used to maintain your login session and authenticate API requests.
• Security cookies: Used for CSRF protection and session integrity.

8.2 Functional Cookies

These cookies support Service functionality:

• Preference cookies: Used to remember your dashboard settings, theme preferences, and filter configurations.

8.3 Cloaking and Detection Cookies

As part of our traffic filtering service, ClickzProtect may set cookies on visitors passing through your campaigns for the following purposes:

• Visitor identification: To recognize returning visitors and enforce frequency caps.
• Bot detection: To support JavaScript fingerprinting and behavioral analysis for bot/human classification.
• Click tracking: To maintain click IDs and conversion attribution across redirects.

As a ClickzProtect customer, you are responsible for disclosing the use of these cookies to your end users in accordance with applicable cookie consent laws in your jurisdiction.

Velocity Digital Labs LLC implements industry-standard technical and organizational security measures to protect your data, including:

• Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher.
• Encryption at Rest: Sensitive data stored in our databases is encrypted using AES-256 encryption.
• Password Security: User passwords are hashed using bcrypt with appropriate salt rounds. We never store or have access to plaintext passwords.
• Access Controls: Strict role-based access controls limit employee access to user data on a need-to-know basis.
• API Security: API keys are hashed before storage, and JWT tokens are used for authentication with appropriate expiration periods.
• Infrastructure Security: Our infrastructure is hosted in secure data centers with physical security controls, redundant systems, and regular security audits.
• Rate Limiting: Automated rate limiting protects against brute-force attacks and API abuse.

While we implement commercially reasonable security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

ClickzProtect is operated by Velocity Digital Labs LLC from the United States. If you access the Service from outside the United States, your data may be transferred to, stored, and processed in the United States or other countries where our infrastructure providers operate.

For transfers of personal data from the EEA or UK to countries that have not received an adequacy decision from the European Commission, we rely on appropriate safeguards including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data processing agreements with our sub-processors
• Technical measures including encryption and access controls

By using the Service, you consent to the transfer of your information to the United States and other jurisdictions as described in this section.

ClickzProtect is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age. If we become aware that we have collected personal data from a child under 18, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided personal information to ClickzProtect, please contact us at support@clickzprotect.com so we can take appropriate action.

Velocity Digital Labs LLC reserves the right to update this Privacy Policy at any time. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Send an email notification to the address associated with your account
• Display a prominent notice within the ClickzProtect dashboard

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, you should discontinue use of the Service and delete your account.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Company: Velocity Digital Labs LLC
• Website: velocitydigitallabs.com
• Service Website: clickzprotect.com
• Email: support@clickzprotect.com
• Data Protection Inquiries: support@clickzprotect.com

For GDPR-related requests, we will respond within 30 days of receiving your request. If additional time is needed, we will inform you of the extension and the reasons for the delay.