PrivadoVPN Privacy Policy
Last Updated: May 1, 2026
- We do not collect or record the contents of what you are viewing, browsing, communicating, or doing through the PrivadoVPN connections.
- We encrypt all data over the PrivadoVPN connections.
- For the PrivadoVPN service, we do not log browsing history, traffic destination, data content, VPN session IP logs, or DNS queries.
- For the PrivadoVPN service, we do not maintain records that would allow us to link activity on our VPN servers to a specific account.
- We do not sell PrivadoVPN usage data.
This Privacy Policy (“Policy”) describes how Privado Networks ehf (“Privado,” “we,” “us,” or “our”) collects, uses, discloses, retains, and otherwise processes personal data in connection with the Services. This Policy should be read together with our Terms of Service.
Where applicable law requires your consent for a specific processing activity such as the use of non-essential cookies or similar technologies, on our public-facing websites, we will rely on the consent mechanism presented to you at the relevant time. Nothing in this Policy should be understood to mean that Privado generates or retains VPN activity logs for the PrivadoVPN service.
Email Relay Service. If you choose to use our optional Email Relay service, additional terms apply. Please review our Email Relay Privacy Policy for detailed information about how we handle email forwarding, including data retention, security measures, and your rights.
This Policy informs the customers and users (“you” or “user”) of our Services of how we collect, process and store personal data. We strive to collect only the minimal data required to provide the Services.
Data Controller:
Privado Networks ehf, a private limited company organized under the laws of Iceland, is the data controller for the processing of personal data pursuant to this Policy. You can notify us of any data protection related concerns using support@privadovpn.com.
Data Protection Officer
Privado Networks ehf has determined that it is not currently required to appoint a Data Protection Officer under Article 37 GDPR. Our core service encrypts user traffic in transit without monitoring, logging, or profiling the content of that traffic, and we do not engage in large-scale processing of special categories of personal data. If you have questions or concerns about our data protection practices, you may contact us at support@privadovpn.com.
Supervisory Authority
If you are located in the EEA or Iceland and believe that our processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with a supervisory authority. The supervisory authority for Iceland is:
Persónuvernd (The Icelandic Data Protection Authority)
Rauðarárstígur 10
105 Reykjavík, Iceland
Tel: +354 510 9600
Email: postur@personuvernd.is
Website: www.personuvernd.is
If you reside in another EEA member state, you may also lodge a complaint with your local supervisory authority.
Data That We Collect (data that you provide to us):
- Account Creation: We collect minimal data when you create an account. This is data that you provide to us, including your email address, your username and hashed password.
- Payment Information: We use third-party payment processors to facilitate payment for the Services. We do not collect or store your credit card number. The specific information collected varies based on your choice of payment method. We recommend using a cryptocurrency when subscribing to minimize payment data that is collected.
Depending on your payment method and your jurisdiction, payments may be processed by one of the following affiliated entities, each acting solely as a payment processor on behalf of Privado Networks ehf:
- Privado Networks, LLC, registered at 1000 N West Street, Wilmington, DE 19801, United States. Privado Networks, LLC may process payments for users residing in the United States. In its capacity as payment processor, Privado Networks, LLC may receive and process transaction-related data, including your name, billing address, payment method details (excluding full credit card numbers, which are handled by the card network or payment gateway), transaction amount, currency, and transaction identifiers.
- Privado Networks AG, registered at Grafenauweg 8, CH-6300 Zug, Switzerland. Privado Networks AG may process payments depending on the payment method selected. In its capacity as payment processor, Privado Networks AG may receive and process the same categories of transaction-related data described above.
These entities process payment data exclusively on behalf of, and under the instructions of, Privado Networks ehf as data controller. They do not use your payment data for any independent purpose. Your subscription agreement and all rights and obligations under the Terms of Service remain exclusively between you and Privado Networks ehf. Where required, data processing agreements incorporating appropriate safeguards (including the European Commission’s Standard Contractual Clauses for transfers to the United States) are in place between Privado Networks ehf and each payment processing entity.
For information about how third-party payment gateways (such as card networks or payment platforms) handle your data, please refer to those providers’ own privacy policies.
- Support: We do collect and keep data that you share with us regarding support issues or customer requests. We may use support providers acting on our behalf in connection with ticketing, support reporting, and customer service operations.
Data We Collect Automatically When You Use Our Services
When you use our Services, we may collect the following information:
- Desktop & Mobile Applications: We collect information regarding which application version(s) you have activated for troubleshooting and assisting with support issues. We may also collect anonymous, aggregate statistics, such as the type of operating systems and devices that are most commonly used, including total number of installs, total number of uninstalls and the number of active users over a period of time.
- Desktop & Mobile Analytics Software: We use self-hosted Sentry crash reporting tools to send us crash reports so we can provide bug fixes and address technical issues rapidly.
- Mobile Identifiers: We use mobile identifiers provided by iOS and Android devices. These identifiers do not contain your email address or name. Mobile identifiers provide us with statistics related to marketing or channel partners. Users may turn-off or reset Mobile Identifiers at any time. iOS users should review Apple’s support page at support.apple.com/en-us/HT205223. Android users should review Google’s support page at support.google.com/android/answer/3118621?hl=en.
- Android Device Location Data: Location permissions are required to use the Privado TrustedNetwork feature on Android. If enabled, the PrivadoVPN Android application will access the device location data to identify the WiFi network SSID (Service Set Identifier) connected for evaluation by TrustedNetwork. This location data, specifically the WiFi network SSID, is accessed regularly in the background by the application, only ever stored locally and never transmitted off device.
Crash reports, mobile identifiers, and related diagnostics are used only for troubleshooting, attribution, security, and marketing or channel-partner measurement as described in this Policy. They are not used to monitor activity within the encrypted PrivadoVPN connection, to create or maintain VPN activity logs, or to associate websites visited through the PrivadoVPN service with a specific account.
Please note that Desktop & Mobile Applications statistics described above are aggregated and, where applicable, de-identified. To the extent such statistics are truly anonymous and cannot be linked to an identifiable individual, they fall outside the scope of applicable data protection law. We collect this information to maintain, secure, troubleshoot, and improve the Services.
Information Collected on Our Websites (Cookies, Pixels & Trackers)
Important Distinction: this section applies only to our public-facing websites and not to the encrypted PrivadoVPN connection. We do not use marketing cookies, tracking pixels, or third-party behavioral analytics within the PrivadoVPN connection. When you visit our public-facing websites, we and our vendors may use cookies, pixels, local storage, software development kits, and similar technologies to operate the site, remember your preferences, measure website performance, detect fraud and abuse, and, where permitted by your settings and applicable law, measure advertising effectiveness or display interest-based advertising relating to our public-facing websites.
These technologies may process information such as device and browser information, online identifiers, pages viewed on our public-facing websites, referring URLs, and settings or preferences. Data collected through these technologies relates only to your interactions with our public-facing websites. It is not used to monitor the websites, services, or content you access through the encrypted PrivadoVPN connection, and it is not used to create or maintain VPN activity logs.
We categorize these into four types:
- Essential: Required for basic website functionality and security.
- Preferences: Enables the website to remember information like your preferred language or region.
- Analytics: Helps us anonymously learn which features are popular and where we need to make improvements.
- Advertising: Delivers personalized ads and tailored offers, which helps support our ability to provide a free VPN tier.
Your Consent and Third-Party Service Providers: Where applicable law requires consent, we use non-essential cookies and similar technologies only after you provide the required consent through our cookie consent manager. You may withdraw or change your choices at any time through the cookie settings made available on the relevant website. Essential technologies may be used without consent where permitted by applicable law because they are necessary for website functionality, security, or to provide a service you request.
Some providers used in connection with our public-facing websites may process data on our behalf under contract, while others may receive data as separate third parties depending on the technology used and your choices. Additional information about the categories of technologies used, their purposes, providers, and retention periods is available in our cookie consent manager.
Opting Out: You can manage your cookie preferences at any time through our website’s privacy settings. Additionally, you can install Google’s opt-out browser add-on to prevent your data from being used by Google Analytics. For information on how our advertising partners allow you to opt out of receiving ads based on your web browsing history, please visit youronlinechoices.eu or, if you reside in the United States, optout.aboutads.info. The technologies described in this section may involve online or pseudonymous identifiers associated with your device or browser. They are limited to interactions with our public-facing websites and are not used by Privado to monitor activity within the encrypted PrivadoVPN connection, to create or maintain VPN activity logs, or to associate websites visited through the PrivadoVPN service with a specific account.
Information Collected on Social Media or Blogs: We may collect information on our blog via our websites or through our social media accounts, including but not limited to Facebook, Reddit, and Twitter. Any communication you provide to us on external social media accounts is done at your own risk and without guarantee of privacy. If you post a comment on one of our blogs or websites, please contact us if you want it deleted.
External Links: Our Services may contain links to other websites or other services of interest. We are not responsible for the content or material on any website that we link to, as these external sites and services are governed by their own terms and privacy policies
Free Services
Privado may offer a free tier of the Services subject to the features, limits, and conditions described at the point of use or on our website. The availability of a free tier does not change our no-logging commitments for the PrivadoVPN service. For both free and paid users, we do not log browsing history, traffic destination, data content, VPN session IP logs, or DNS queries, and we do not maintain records that would allow activity on our VPN servers to be linked to a specific account.
The existence of a free tier may be supported in part by advertising, analytics, or other website-related activities on our public-facing websites, as described in this Policy. Those activities are separate from the PrivadoVPN service itself, remain subject to your privacy settings and applicable law, and do not involve logging VPN traffic, linking activity on our VPN servers to a specific account, or using VPN activity as consideration for the service.
If you are a paid subscriber, any advertising or analytics processing described in this Policy is not a condition of your paid subscription and remains subject to your privacy settings and applicable law.
Bandwidth Utilized and Plan Limits
We measure account-level or plan-level bandwidth counters for network capacity planning and, where applicable, to enforce plan-level data transfer limits. These counters record only the total volume of data transferred associated with the relevant account or plan. They do not record websites visited, traffic destinations, data content, VPN session IP logs, or DNS queries.
Bandwidth counters are not VPN activity logs and are not used to reconstruct or infer a user’s browsing activity. For plans described as unlimited, Privado may still measure bandwidth at the account or plan level for network integrity, abuse prevention, performance monitoring, and capacity planning. We do not log the contents of data sent over the PrivadoVPN connections.
Control Tower DNS
Control Tower is an optional, feature-specific smart DNS service that operates differently from the core PrivadoVPN service. It may allow users to block ads and trackers, block IP-level threats, or apply other DNS-based preferences without using the VPN client.
If you use Control Tower outside the PrivadoVPN client, you may need to register an IP address so Control Tower can recognize the connection authorized to use your selected configuration. A registered Control Tower IP address is used only to authenticate your use of the feature and apply your chosen rules. It is not a VPN session log.
For the PrivadoVPN service, Privado does not generate or retain browsing history, traffic destination, data content, VPN session IP logs, or DNS query logs, and it does not maintain records that would enable activity on VPN servers to be linked to a specific account. A registered Control Tower IP address is feature-specific account data only. It is not used to monitor your browsing activity, create activity profiles, or associate websites visited through the PrivadoVPN service with a specific account.
Control Tower registered IP addresses are retained only while the feature remains enabled and are deleted when you de-register the IP address or delete the associated account, unless retention is required by law. If you use the PrivadoVPN client with Control Tower, your DNS rules may be applied without requiring separate public IP registration.
Combination and Further Use of Administrative Data
We may combine limited account, billing, support, feature-specific account data, and website interaction data for account administration, payment processing, fraud prevention, security, compliance, support, analytics relating to our public-facing websites, and, where permitted by applicable law and, where required, with your consent, marketing communications and promotions.
This section applies only to administrative, payment, support, feature-specific, and website data. It does not apply to encrypted VPN traffic or to VPN activity logs, which the PrivadoVPN service does not generate or retain. We do not use administrative data to reconstruct, monitor, or associate browsing activity within the PrivadoVPN connection with a particular account.
You may opt out from receiving any marketing or promotional emails by following the opt-out procedures that are explained in the email. Alternatively, you may email support@privadovpn.com to opt out of our internal marketing or promotional emails.
Legal Bases for Processing Your Personal Data
Under the General Data Protection Regulation (GDPR) and the Icelandic Act on Data Protection and the Processing of Personal Data (Lög um persónuvernd og vinnslu persónuupplýsinga, No. 90/2018), we are required to identify a lawful basis for each category of personal data we process. The table below sets out the legal basis for each processing activity described in this Policy.
Where we rely on legitimate interest as a legal basis, we have conducted a balancing assessment to ensure that our interests do not override your fundamental rights and freedoms. You have the right to object to processing based on legitimate interest at any time by contacting us at support@privadovpn.com.
| Processing Activity | Legal Basis |
|---|---|
| Account creation (email address, username, hashed password) | Performance of a contract (Article 6(1)(b)) — necessary to create and maintain your account and provide the Services. |
| Payment processing and subscription administration (transaction data processed by Privado Networks LLC and/or Privado Networks AG on behalf of Privado Networks ehf) | Performance of a contract (Article 6(1)(b)) — necessary to process your subscription payment and administer your subscription; Legal obligation (Article 6(1)(c)) — necessary to comply with applicable accounting, tax, bookkeeping, and record-retention obligations. |
| Support data and customer service communications (information you provide in support requests and follow-up communications) | Performance of a contract (Article 6(1)(b)) — necessary to respond to your requests and maintain the Services; Legitimate interest (Article 6(1)(f)) — to improve service quality, identify recurring issues, and prevent abuse of support channels. |
| Administrative and service communications (technical notices, billing notices, security notices, service messages, and account updates) | Performance of a contract (Article 6(1)(b)) — necessary to administer your account and provide the Services; Legitimate interest (Article 6(1)(f)) — to inform you about security, operational, and support matters affecting the Services. |
| Application version information, app diagnostics, and aggregate application statistics | Legitimate interest (Article 6(1)(f)) — to maintain, troubleshoot, secure, and improve the Services. To the extent statistics are truly anonymous and cannot be linked to an identifiable individual, they fall outside the scope of the GDPR. |
| Crash reports (self-hosted Sentry) | Legitimate interest (Article 6(1)(f)) — to identify, investigate, and resolve technical issues rapidly and improve application stability and security. |
| Mobile identifiers (iOS and Android advertising identifiers) | Consent (Article 6(1)(a)) — collected subject to your device-level privacy settings and used for attribution and marketing or channel partner measurement. You may reset or disable these identifiers at any time through your device settings. |
| Android device location data (WiFi SSID for TrustedNetwork, stored locally on device) | Consent (Article 6(1)(a)) — processed only if you enable the TrustedNetwork feature and grant location permissions. This data is stored locally on your device and is not transmitted to Privado. |
| Bandwidth measurement / account-level or plan-level bandwidth counters | Legitimate interest (Article 6(1)(f)) — to manage network capacity, maintain network integrity, prevent abuse, monitor performance, and, where applicable, enforce plan limits. These counters record only the total volume of data transferred associated with the relevant account or plan and do not record websites visited, traffic destinations, data content, VPN session IP logs, or DNS queries. |
| Control Tower DNS (registered IP address and selected configuration) | Performance of a contract (Article 6(1)(b)) — necessary to authenticate your use of the feature and apply your selected DNS rules or configuration; Legitimate interest (Article 6(1)(f)) — to operate, secure, and support the Control Tower feature as requested. Registered IP addresses are feature-specific account data and not VPN session logs. |
| Website cookies and similar technologies — essential | Legitimate interest (Article 6(1)(f)) — necessary for basic website functionality, security, and fraud prevention. |
| Website cookies and similar technologies — preferences, analytics, and advertising on public-facing websites (including processing that supports the free tier) | Consent (Article 6(1)(a)) — deployed subject to your selections in our cookie consent manager and used only for interactions with our public-facing websites, not within the encrypted PrivadoVPN connection. |
| Marketing and promotional communications | Consent (Article 6(1)(a)) — to send marketing and promotional emails or similar communications. You may withdraw consent or opt out at any time using the unsubscribe instructions or by contacting support@privadovpn.com. |
| Combination and further use of administrative, billing, support, feature-specific, and website interaction data for account administration, payment processing, security, fraud prevention, compliance, support, and website analytics | Performance of a contract (Article 6(1)(b)) — where necessary to administer your account and provide the Services; Legal obligation (Article 6(1)(c)) — where necessary to comply with applicable law; Legitimate interest (Article 6(1)(f)) — to administer the business, secure the Services, prevent fraud, support users, and analyze public-website performance. Where such combination is used for marketing or promotions, Privado relies on consent where required by applicable law. |
| Fraud prevention, legal compliance, and protection of rights | Legal obligation (Article 6(1)(c)) — to comply with applicable laws, lawful requests, accounting obligations, and enforcement requirements; Legitimate interest (Article 6(1)(f)) — to detect and prevent fraud, secure the Services, enforce the Terms, and protect the rights, property, and safety of Privado, its users, and others. |
No lawful basis is listed for browsing history, traffic destination, data content, VPN session IP logs, or DNS queries because the PrivadoVPN service does not generate or retain that data.
Disclosure of Data
We disclose personal data only as described in this Policy: to affiliated payment processors and service providers that help us operate the Services; to analytics and advertising partners for website interactions, subject to your privacy settings and applicable law; and when required by law or necessary to protect our rights.
If we receive valid and binding legal process that identifies a specific account holder or subscriber, we may disclose the limited personal data we maintain and are legally required to produce, such as account identifiers (i.e. username), subscription or payment transaction records, support communications, or feature-specific account data, if applicable.
For the PrivadoVPN service, we do not generate or retain VPN activity logs, browsing history, traffic destination, data content, VPN session IP logs, or DNS query logs.
Law Enforcement & Legal Requests
For the PrivadoVPN service, Privado acts as a mere conduit for the transmission of data under Icelandic law: it does not initiate transmissions, select recipients, or modify user content.
If we receive valid legal process, we can disclose only the limited account, billing, support, or feature-specific data we actually maintain. Because the PrivadoVPN service is designed not to generate or retain logs of browsing history, traffic destination, data content, VPN session IP logs, or DNS queries, we do not have that data to disclose.
Requests from foreign authorities are handled through the legal channels available under Icelandic law.
Cross-Border Data Transfer
Privado Networks ehf is established in Iceland, a member of the European Economic Area. Depending on the category of data and the service provider involved, personal data may be stored or processed in Iceland, Switzerland, elsewhere within the EEA, the United States, and, in limited cases, other jurisdictions where our service providers operate, subject to the safeguards described below.
In the course of providing the Services, personal data may be transferred to the following jurisdictions outside the EEA:
Switzerland (Privado Networks AG): Payment-related data may be transferred to Privado Networks AG in Zug, Switzerland, for payment processing purposes as described in this Policy. Switzerland has been recognized by the European Commission as providing an adequate level of data protection. No additional transfer mechanism is required.
United States (Privado Networks LLC): Payment-related data for users residing in the United States may be transferred to Privado Networks LLC in Wilmington, Delaware. This transfer is governed by a data processing agreement incorporating the European Commission’s Standard Contractual Clauses (Module Two: Controller to Processor), supplemented by additional technical and organizational safeguards where appropriate.
Third-party service providers: Where we engage third-party service providers that process personal data outside the EEA (such as payment gateways or, in limited circumstances, support tools), we ensure that appropriate safeguards are in place, including the European Commission’s Standard Contractual Clauses or reliance on an adequacy decision, as applicable.
For the PrivadoVPN service, we do not transfer any data relating to browsing history, traffic destination, data content, VPN session IP logs, or DNS queries because that data is not generated or stored as part of the service.
If you have questions about specific transfers or the safeguards in place, you may contact us at support@privadovpn.com.
Your Privacy Rights
Depending on your location and subject to applicable law, you may have the right to request access to, correction of, deletion of, restriction of, objection to, or portability of personal data we maintain about you. Some information may be available through your account settings. For all other requests, you may contact support@privadovpn.com.
We may take reasonable steps to verify your identity before fulfilling a request and may deny, limit, or defer a request to the extent permitted by applicable law, including where the request is manifestly unfounded or excessive, would adversely affect the rights of others, cannot reasonably be associated with you, or relates to data we are not required or not able to provide.
Because the PrivadoVPN service is designed not to generate or retain browsing history, traffic destination, data content, VPN session IP logs, or DNS query logs, we cannot provide, correct, export, or delete that data because it does not exist in our systems.
Requests relating to cookie preferences, marketing emails, or similar opt-out choices may also be managed through the settings or unsubscribe tools made available for those features.
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. The retention periods and criteria for each category of data are as follows:
Account data (email address, username & hashed password): Deleted within thirty (30) days following an account deletion request, except where the retention is required by law.
Payment and transaction data: Retained for the duration of your account and for a period of seven (7) years following the end of the relevant fiscal year, in accordance with Icelandic bookkeeping requirements (Lög um bókhald, No. 145/1994). Payment data processed by Privado Networks LLC and Privado Networks AG on behalf of Privado Networks ehf is subject to the same retention periods and deleted in accordance with the data processing agreements in place with each entity.
Support data: Retained for the duration of your account and for up to two (2) years following account deletion or ticket closure (whichever is later), to allow for resolution of follow-up issues and quality improvement.
Application analytics and crash reports: Anonymous, aggregate application statistics are retained indefinitely as they cannot be linked to any individual. Crash reports processed through our self-hosted Sentry instance are retained for up to one (1) year.
Mobile identifiers: Retained only for the period necessary to attribute the relevant marketing or channel partner activity. You may reset or disable mobile identifiers at any time through your device settings, which effectively terminates our retention of the prior identifier.
Bandwidth data: Account-level or plan-level bandwidth counters are retained for capacity planning, network integrity, abuse prevention, performance monitoring, and, where applicable, enforcement of plan limits. These counters record only the total volume of data transferred associated with the relevant account or plan. They do not record websites visited, traffic destinations, data content, VPN session IP logs, or DNS queries, and are not used to reconstruct browsing activity.
Website cookies and tracking technologies: Retention periods vary by cookie type and are detailed in our cookie consent manager. Essential cookies expire at the end of your browser session or within twelve (12) months. Non-essential cookies are retained subject to the duration specified in our cookie consent manager, which you may review and adjust at any time.
Android device location data (WiFi SSID for TrustedNetwork): Stored locally on your device only and never transmitted to Privado. Retention is controlled by you through the application settings or by uninstalling the application.
Control Tower DNS (registered IP address): Control Tower is an optional, feature-specific smart DNS service that operates differently from the core PrivadoVPN service. It may allow users to block ads and trackers, block IP-level threats, or apply other DNS-based preferences without using the VPN client.
If you use Control Tower outside the PrivadoVPN client, you may need to register an IP address so Control Tower can recognize the connection authorized to use your selected configuration. A registered Control Tower IP address is used only to authenticate your use of the feature and apply your chosen rules. It is not a VPN session log.
For the PrivadoVPN service, Privado does not generate or retain browsing history, traffic destination, data content, VPN session IP logs, or DNS query logs, and it does not maintain records that would enable activity on VPN servers to be linked to a specific account. A registered Control Tower IP address is feature-specific account data only. It is not used to monitor browsing activity, create activity profiles, or associate websites visited through the PrivadoVPN service with a specific account.
Privado does not retain DNS query logs attributable to a specific account in connection with Control Tower.
Control Tower registered IP addresses are retained only while the feature remains enabled and are deleted when you de-register the IP address or delete the associated account, unless retention is required by law. If you use the PrivadoVPN client with Control Tower, your DNS rules may be applied without requiring separate public IP registration.
Data Security
Data security is a core pillar of our business. We implement physical, technical, and organizational measures designed to protect personal data, including controlled facility access, monitoring, and encryption in transit and at rest where appropriate.
Because the PrivadoVPN service is designed not to generate or retain logs of browsing history, traffic destination, data content, VPN session IP logs, or DNS queries on VPN servers, the seizure of a PrivadoVPN server would not reveal VPN activity logs attributable to a specific account.
No method of transmission or storage is completely secure, but we work to protect personal data using measures appropriate to the risks involved.
Children’s Privacy
The Services are not directed to children. You must be at least eighteen (18) years of age to create an account, or at least sixteen (16) years of age with the verifiable consent and supervision of a parent or legal guardian, as set forth in our Terms of Service.
We do not knowingly collect personal data from anyone under the age of sixteen (16). If we become aware that we have collected personal data from a person under sixteen (16), we will promptly terminate the associated account and delete all personal data connected to that account, except to the extent retention is required by applicable law.
If you are a parent or legal guardian and believe that your child under sixteen (16) has provided personal data to us, please contact us at support@privadovpn.com so that we can take appropriate action.
Changes to this Policy
We may update this Policy from time to time. The “Last Updated” date at the top of this Policy indicates when changes were most recently published. Unless otherwise stated, revisions apply prospectively from the date they are published.
Where applicable law requires notice or consent for a change to our processing practices, or where a change materially affects your rights, we will provide notice or obtain consent as required by law. Continued use of the Services does not, by itself, create consent where applicable law requires a more specific form of consent.
