Privacy Policy

Privacy Policy – Instabridge

EFFECTIVE DATE: 2025-11-08

About this Privacy Policy

We value your privacy and want to be accountable and fair to you, as well as transparent with you with regard to our processing of your personal data.

General Information

Instabridge, a Swedish company, provides intermediary services primarily consisting of transmission of access to a communication network (as defined in the EU’s Digital Services Act (“DSA”). The regulatory framework for the Services (defined below) consists principally of the DSA and the General Data Protection Regulation (“GDPR”) as well as various legal acts ancillary to DSA and GDPR as well as local laws and regulations that are applicable in jurisdictions where the Services are provided. The Privacy Policy reflects our commitments and undertakings as further outlined below.

If you reside within or outside the European Union, European Economic Area and Switzerland (“Europe”), you are entering into the Terms of Service with Degoo Backup AB and the terms of this Privacy Policy apply to you.

For information on our processing of personal information that is subject to the California Consumer Privacy Act (“CCPA”), please see Annex A – Supplemental CCPA Privacy Notice.

This Privacy Policy (“Privacy Policy”) describes how and when we may collect, use, secure, and share personal information collected in connection with our mobile applications, websites, content, products, and any related services (collectively, the “Services”), and your choices regarding our processing of that information. For the purposes of this Privacy Policy, “Instabridge”, “we”, “us”, or “our” refers to Instabridge Sweden AB, company reg. no. 559246-0538, and its subsidiaries, representatives, and affiliates including, our websites, applications, and other offerings that link to this Privacy Policy or otherwise make it available to you. We are the data controller of the personal data that we collect from you when using the Services.

If you provide us with personal information about someone else, you hereby confirm that they are aware that you have provided their personal information to us, and that they consent to our use of their personal information according to this Privacy Policy.

Please read this Privacy Policy carefully. This document contains a policy statement regarding our collection, use and processing of personal data, with whom we may share your personal data and your rights in relation to your personal data. It also tells you what to expect when we collect and use personal data about you that you share with us when using our Services.

Please note that this notice does not apply to third party products or services or the practices of companies that we do not own or control, including other companies you may interact with, in or through Instabridge. We will not be responsible or liable for: (i) the availability or accuracy of such third-party apps or sites (ii) the content, products or services on or availability of such third party apps or sites; or (iii) your use of any such third party apps or sites.

We may update the Privacy Policy from time to time by posting a new version on instabridge.com with an updated date (the “Effective Date”). Your continued use of the Services after the Effective Date will be an acknowledgement of your acceptance of the amended Private Policy and our updated practices. If we make material changes to our privacy policy, we will notify you and ask you to confirm your consent.

If there is any difference between the English version and any other language version of this Privacy Policy, the English version will apply (to the extent permitted by applicable law or regulation).

Information We May Collect and How We Collect It

We may collect various types of personal information, including information you provide or make available to us directly, information collected from your devices (including on web and mobile), and information collected from other sources, such as social networking sites. Some of this information may be considered “personal information” or “personal data” under applicable laws or regulations. We collect this information for various purposes including to provide and improve our Services to you.

Types of Data Collected

Personal Information you provide:

If you decide to create a user account on Instabridge, we will request certain personal information from you, which may include

your name, username, password, and email address.
In the event that you choose to log in using your credentials from a third-party app (such as Facebook or Google), you give us permission to obtain your authentication information, such as your username, email address, and encrypted access credentials. Additionally, we may gather other personal information that is accessible through your third-party app account, such as your country and hometown, date of birth, and networks.

You also provide us with personal information directly when you:

Communicate with or contact others using our Services, “invite a friend,” “share this page,” or use other similar features;
Contact us, including for customer or technical support;
Participate in Instabridge offers, contests, or special events;
Subscribe to newsletters or sign up to hear about current or upcoming products; and/or
Complete surveys offered by us or on our behalf.

Depending on how you choose to use the Services, you may provide us with the following types of personal information:

Contact information such as your first and last name, username or handle, third-party service ID, email address, phone number, home address, billing address or shipping address, and other contact information;
Biographic and demographic information such as your date of birth, gender, and time zone.
Transaction information such as purchase or payment information; and/or
Other information such as profile information you choose to share (for example, when you connect with our Services through social features).

Personal Information Collected or Generated When You Use our Services:

When you access or use our Services, we collect personal information from and about you and the device(s) you use. This may include the following personal information:

IP address, unique device identifiers, advertising identifiers, device serial numbers, and similar direct and indirect identifiers;
Device information such as hardware model, device software platform/OS and firmware, mobile carrier, preferred languages, device motion information, mobile network information, browser type and version, Internet service provider, applications installed on your device, default communication and browsing applications;
Internet activity such as referring/exit pages and URLs, or clickstream information, eSIM usage;
BSSID and SSID (Wi-Fi network name), SIM card identifiers (IMEI), MAC address of access point, signal level, captive portal login steps and other technology on the devices you use to access the Service;
Approximate location inferred from IP address;
In-app purchase information;
Use and app settings, diagnostic data, and other information as reasonably required to offer and enhance our Services, including network and internet performance; and/or
Inferences, such as those drawn from any of the personal information we collect, to better understand your preferences.

If you have connected your user account with us to a third party application, we may receive similar information related to your interactions with the Service from such channels.

In the in-app browser, we use browsing history data to enhance your experience by providing you with tailored browsing recommendations. During your use of the browser, your browsing history is processed to generate recommended sites to visit. The browsing recommendations we show to you are stored in a secure database and are accessed only by our servers in an automated manner to make sure we show new and relevant recommendations. Access to the browsing recommendation data is strictly limited, and we keep the amount of data stored to the minimum required for feature function (data is anonymised, obfuscated, deleted or aggregated after 7 days). Browsing history is not stored. Anonymised, aggregated recommendation data may be processed and analysed to help us improve our product, resolve issues and provide a better user experience.

If you use the caller or caller id feature provided with our Services, we collect information from your device address book and about your calls to provide call logs. The information collected includes, such as phone number, name if it exists in your contacts, and call duration, call time and date, call duration and number of calls. This information is stored and processed locally on your device. In addition, we also collect the number of calls as well as call time and duration for the purposes of monitoring fair use, product development, resolving issues and providing a better user experience.

When you use our VPN service, we only keep the following usage data associated with your account:

Total amount of bytes transferred in a 30-day period; and
Timestamp of your last activity on our VPN network.

This data is used to enforce free tier limitations, prevent abuse and remove inactive accounts.

The following data is not stored by our VPN service:

Source IP;
Sites you visited; and
Historical record of VPN sessions.

When you are actively connected to a Instabridge server through our VPN service, the following is stored in our server’s memory for the duration of your connection:

Data discarded when you disconnect from our VPN service:

OpenVPN/IKEv2 username;
Time of connection; and
Amount of data transferred.

Data is stored in a central location:

Number of parallel connections at any given time to prevent rampant abuse and account sharing; and
A counter is incremented that stores the total number of bytes downloaded/uploaded in a 30 day period.

Anything that is not mentioned above is not stored by our VPN service.

Our bespoke system eliminates the need to store session data about your use of the VPN service in a permanent database entirely. This data resides only in the server’s memory while you’re connected, and is immediately discarded by the VPN server when you disconnect. Since it doesn’t get logged into a permanent database, there is nothing to delete.

Opt-Out Option Browsing Data

You have the option to opt out of having your search and browser history stored and processed. If you choose to opt out:

Your account will not be synced across devices.
Your account cannot be restored if you remove and later reinstall the app.

If you have any questions or wish to change your data preferences, please contact us at privacy@instabridge.com.

How we store your personal information

We store your personal information on industry standard servers, including through the use of the following third parties:

Google Cloud and Heroku, who are Service Providers. The data we store and otherwise process about you will be stored on servers hosted by Google Cloud and Heroku.
Amplitude, who is a Service Provider, and their service provider Amazon Web Service. Data that we process for product development purposes is hosted by Amplitude Inc. and their service provider Amazon Web Services.
Adjust and Singular. Adjust is a Service Provider who owns their own servers, and they store data that they process on our behalf within the EU. Singular is a Service Provider, and data that they process on our behalf is hosted by theory service providers Amazon Web Services, Inc. and Snowflake, Inc.

Personal Information Collected Using Cookies and Similar Technologies

We and our partners use various tools to collect personal information when you visit our sites and Services, including cookies, pixels, software development kits, advertising identifiers, and other similar technologies. Some of these technologies store information in the browser or on your device. Other technologies may use network-related or other information to recognize your device (e.g., IP address). Our Services use these technologies, for example, when you first request a web page, and information is then stored on your computer or other device so the website or app can access information when you make subsequent requests for pages from that Service.

Examples of Cookies we use and their purposes:

Functional cookies: We use functional cookies to operate certain functions of the website in accordance with your choices, meaning that when you continue to use or come back to the website, the site will be provided as you have previously requested, e.g. remembering your username and customization of the website.
Analytics cookies: We use analytics cookies to analyse how the website is accessed, used or is performing. We use the information to maintain, operate and improve the website.
Third party cookies: We may allow our partners to use cookies on the website for the same purposes identified above. We may also use service providers acting on our behalf to use cookies for the purposes identified above.
Security Cookies: We use security cookies for security purposes.
Advertising Cookies: advertising cookies are used to serve you with advertisements that may be relevant to you and your interests.

If you have any questions or comments about our use of cookies, please contact privacy@instabridge.com.

At any time, you can control the use of cookies by adjusting the settings on your browser. However, if you choose to disable some or all cookies, please note that by blocking any or all cookies, you may not have access to certain features, content, or personalization available through our Services.

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

Other personal information collected using tracking technologies

Depending on the Services you use, we and our partners may also use these technologies to gather information about how you view and use our Services and content, and to connect your activity with other personal information we store about you. Some of these partners include:

Google Analytics. For more information about how Google uses your personal information (including for its own purposes, e.g., for profiling or linking it to other information), please visit Google Analytics’ Privacy Policy. To learn more about how to opt-out of Google Analytics’ use of your information, please click here.

Legal Basis for Processing Personal Information

Our legal basis for collecting and using your personal information will depend on the type of information and the context in which we collect it. In general, we collect personal information from you only:

Where we have your consent to do so, such as before we use or share your information for advertising that is targeted based on your browsing history, online behaviour, or other personal information that we or third parties may have collected about you. If you consent to our use of your personal information for any purpose, you have the right to withdraw consent at any time by contacting us, as explained above;
Where we need it to perform a contract with you;
Where it is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. We have a legitimate interest in processing your personal information, for example, for the following purposes:
Product and Service development, management, delivery, and enhancement;
Fraud detection and prevention;
Network and system security and performance;
General corporate operations;
Compliance with applicable foreign laws;
Communications regarding your purchases; and
Non-targeted marketing and advertising.
Where we have a legal obligation to collect personal information from you or may otherwise need it to protect your vital interests or those of another person.

If you have questions about the legal basis on which we collect and use your personal information, please contact us at privacy@Instabridge.com.

How We Use Personal Information

To manage our relationship and provide the Services in a satisfactory and error free manner, we need to process your data, including personal data. For example, we process your data when you create an account, if you contact our customer support team, for maintenance of the app, and for marketing purposes. If you do not provide us with certain personal information, we will not be able to provide you with the Services. Please find more detailed information on how we process your data when we manage our relationship, below.

We may use the personal information we collect for a number of business and commercial purposes, including to:

Perform internal operations necessary to develop, provide, maintain, and improve our Services, including troubleshooting, providing customer and technical support, and conducting data analysis, testing, and research;
Understand how you interact with our Services and personalise the product experience and content (including advertising and messaging campaigns), as well as offer discounts or personalised pricing in accordance with applicable law;
Show caller contact information (phone number, name) during calls using the call feature or the caller id functionality. This is only to the extent of showing eg contact name and number on the screen, in addition to call information (number of calls, ingoing/outgoing call, duration).
Managing your incoming and outgoing calls when you use the call logs or caller id functionality.
To show you personalised ads when you use our Services. Depending on your consent choices, we may use identifiers and cookies to provide you with tailored ads. We work with third-party advertising networks/service providers to provide personalised ads, including but not limited to Google, Meta, and Unity. These third-parties collect and use personal information about your use of the Service, and depending on your consent settings, the use of other websites and services, in order to serve you with ads and content tailored to meet your preferences and likely interests. This data is also used to understand the effectiveness of ads.
Maintain the safety, security, and integrity of our Services, for example by authenticating users and providing account security and fraud detection;
Send you news and/or marketing communications (by email, or in-app notification) subject to your marketing preferences and choices, including information about Instabridge or third-party offerings we think may be of interest to you;
Administer contests, surveys, and sweepstakes you enter, notify contest winners, and award prizes;
Fulfil a purchase or send you order confirmations or other requested product or Service information;
Facilitate your communication with friends and other users, and enable features that allow you to share information with other people (for example, if you choose to use friend invite features); and/or
Comply with legal requirements and/or investigate or address claims or disputes relating to your use of the Services.

Further information with regard to ads personalisation

You can disable personalised advertising in your device settings. Additionally, you may have the option to opt out of personalised ads from advertisers and ad networks that participate in the Network Advertising Initiative, or adhere to the DAA Self-Regulatory Principles for Online Behavioral Advertising, by using their provided opt-out tools.

Please keep in mind that opting out of personalised advertising will not stop all ads from being displayed to you (i.e. opting out does not provide an ad-free experience).

Use of aggregated or anonymised data

We may use your non-personal information data in an aggregated and/or anonymised form to share publicly and to third parties, for example, in reports on internet use trends, to partners under agreement with us, or as part of community benchmarking. Data shared in this manner cannot reasonably be used to identify you as an individual. If we create or receive de-identified information, we will not attempt to reidentify such information, unless permitted by, or required to comply with, applicable laws.

How We Disclose Personal Information

Subject to your legal rights, we may disclose the information we collect about you, and/or may enable you to share this information, with a third parties in various ways, including:

With vendors, consultants, business partners, payment processors, and other third-party service providers as necessary to carry out work on our behalf and otherwise provide the Services. This includes IT infrastructure companies that facilitate our provision of the Services to you; and other third party service providers, such as hosting providers or other IT service providers for the purpose of providing the Service or tracking your use of the Service and advertising and survey service providers to help us in our communication with you and to better understand your use of the Service.
With third-party applications if you choose to connect your Instabridge account or use a third-party application to login to Instabridge. You understand and agree that such information may be attributed to your account on the third party application, and that a third party application’s use of personal information collected from you is governed by the third party application’s privacy policies and your settings on the relevant service. Instabridge’s use of such personal information is governed by this Privacy Policy and your Instabridge account settings.
With third-party advertising partners for the purposes of cross-behavioral advertising, where we have your consent to do so. This means that data collected from your activities within the Services may be combined with information from other sources to build a broader profile of your interests. We typically use pseudonymized or aggregated data for these purposes, which does not directly identify you. You may opt out of cross-behavioral advertising by adjusting your account settings. Please note that opting out will not reduce the total number of ads you see, but will result in less personalised advertising content.
With others who share your device, if you make your Account available to them through that device;
With law enforcement officials, government authorities, or other third parties if we believe your actions are inconsistent with our Terms of Service or other policies, and/or are fraudulent or in violation of applicable law, or as we determine necessary to protect the rights, property, or safety of Instabridge or others;
When we respond to court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims;
With specific third parties if we believe disclosure is required by applicable law, regulation, or legal process. This includes, but is not limited to, when we believe, at our sole discretion, that it is necessary to share personal information in order to investigate, prevent or take actions against illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law. We may use your personal information without your knowledge or consent where we are permitted or required by applicable law or regulatory requirements to do so;
In some cases, we may enable you to access third-party products or services through our Services. Please note that those products or services are offered by people or companies not affiliated with or controlled by us, and we are not responsible for their actions, their terms, their use of personal information, or their products or services. If you submit your personal information to a third party, that third party’s treatment of your personal information is governed by their privacy policy, which may differ from this Privacy Policy and which we encourage you to review;
We also share personal information with your consent or at your direction. For example, we may share your personal information if you opt in to receiving communications from Instabridge’s business partners.
We may share your personal information with our corporate affiliates.
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, purchase or sale of assets, transition of service to another provider, or other similar corporate transaction, your personal information may be disclosed, sold, or transferred as part of such a transaction.

Your Rights and Choices

GDPR applies to collection and processing of personal information in the EU and EEA. In accordance with GDPR and other applicable privacy laws and regulations (including those in the United States) you may have the following rights:

Access: to obtain confirmation regarding whether we process your personal information, and to obtain a copy of the personal information we have collected about you. (Note that this right only applies to personal information relating to you, and not to any other user or person.)
Rectification or Correction: to correct your personal information where it is inaccurate, incomplete, or outdated.
Erasure (deletion): to request that Instabridge deletes your personal information, for example when it is no longer necessary to fulfil the purposes for which Instabridge collected it. This right may be limited to the extent that Instabridge is permitted or required by applicable law to retain your personal information. (Note that if you request deletion of your personal information, you may no longer be able to use or access the Services. If you share devices with someone else who uses the Services, that person may also lose related Account information and access. If you decide to use or access the Services again, Instabridge may consider this a new Account and may collect personal information associated with that Account in accordance with this Privacy Policy.)
Restriction or objection to processing: to object to Instabridge’s processing of your personal information, or request that Instabridge restricts that processing. Because the personal information that Instabridge collects is generally required to provide the Services to you, if you object to the processing of your personal information, this may have the same effect as requesting deletion of this information. This right may be limited to the extent that Instabridge is permitted or required by applicable law to continue processing the information. (Note that if you object to the processing of your personal information, you and others who use your devices to access the Services may no longer be able to use or access the Services.)
Portability: to receive a copy of your personal information in a structured, commonly used, and machine-readable format so that you can transmit it elsewhere.
Request to be informed: to request information about third parties with which your personal information has been shared.
Request to review: to review decisions taken exclusively based on automated processing if these decisions could affect your data subject rights.
Request to opt-out of certain processing activities: if applicable, to request to opt out if we process your personal information for “targeted advertising” (as “targeted advertising” is defined by applicable privacy laws), if we “sell” your personal information (as “sell” is defined by applicable privacy laws), or if we engage in “profiling” in furtherance of certain “decisions that produce legal or similarly significant effects” concerning you (as such terms are defined by applicable privacy laws).

Please note that these rights are not absolute. We may decline requests to exercise your data subject rights if there is a valid reason—such as being unable to verify your identity, the request potentially infringing on a third party’s rights or applicable law, or if fulfilling the request could disrupt our Services or prevent us from providing a requested service

In addition to the rights described above, if we have collected and processed certain types of personal information with your consent, you may withdraw that consent at any time in the manner described when you provided consent. Withdrawing your consent will not affect the lawfulness of any processing conducted prior to then, nor will it affect any processing based on lawful grounds other than consent.

If you are unhappy with our processing of your personal data and/or consider it to be in contrary to applicable legislation you may have the right to lodge a complaint with a competent supervisory data protection authority (“DPA”) (such as with the DPA in your country of residence, the DPA in the country of your place of work or the DPA in the country where the alleged infringement has occurred). In Sweden, the supervisory authority is the Swedish Supervisory Authority for Privacy Protection (“Integritetsskyddsmyndigheten”).

We will cooperate with the appropriate governmental authorities to resolve any privacy-related complaints that cannot be amicably resolved.

To exercise the aforementioned rights please contact us at the following address: privacy@instabridge.com or Instabridge Sweden AB, Vasagatan 16, 111 20 Stockholm. In order to ensure that you receive a swift response, please state in your letter your full name and, if applicable, your address, user name and the email address used for registration, and the user id associated with your account.

We may request you provide us with information necessary to confirm your identity before responding to any request you make. Examples of our verification process may include asking you to confirm the email address and account ID we have associated with you.

Only you, or someone legally authorized to act on your behalf in certain jurisdictions, may make a request to exercise the rights listed above regarding your personal information. If your personal information is subject to a law that allows an authorized agent to act on your behalf in exercising your privacy rights and you wish to designate an authorized agent, please provide written authorization signed by you and your designated agent using the information found in “How to Contact Us” below and ask us for additional instructions.

Some laws may allow you to appeal our decision if we decline to process your request. If applicable laws grant you an appeal right, and you would like to appeal our decision with respect to your request, you may do so by informing us of this and providing us with information supporting your appeal.

Data Retention

We will keep your personal data for as long as you have an account in the Services or for as long as we need to keep any personal data to comply with our legal obligations, resolve disputes, or enforce our agreements. After this your personal data will be deleted.

Data deletion requests

You can request deletion of your data directly through the Instabridge app or by contacting us via email. To request data deletion in the app, go to Account Settings, where you can select the option to delete your account and associated data. Alternatively, you may send an email to privacy@instabridge.com with your deletion request clearly stated, and our team will process your request in accordance with applicable privacy laws. See specific instructions at https://instabridge.com/account-deletion/

Use By Minors

Our Services are designed for a general audience and require all users to be above the minimum age to consent for data processing as a condition of access. By installing or using our Services you represent and warrant to us that you are above the minimum age to consent for data processing in your domicile.

If you are a parent or guardian of a minor, and believe that minor has uploaded personal information in connection with our Services without your consent, or if you wish to review personal information collected from your minor child, or have that information modified or deleted, you may contact us as described in “Contact Us” below. If we become aware that a minor has provided us with personal information in violation of applicable law, we will use reasonable efforts to delete any personal information we have collected, unless we have a legal obligation to keep it.

International Transfers of Your Personal Data

If you are located in the European Union (“EU”), United Kingdom (“UK”) or Switzerland then we may transfer personal data that we collect from you to third party suppliers and trusted partners located in countries that are outside of the EU and the European Economic Area (“EEA”) (including, but not limited to the USA) or to our partners/related third parties in connection with the above purposes. The same rule applies for users outside the EU/EAA, that is your data may be transferred outside of the country from which it was originally collected. Please be aware that the countries to which we may transfer data may have data protection laws that are different from the laws where you live.

When transferring personal data outside the EU/EEA, we will ensure that the country in which your personal data will be handled has been deemed “adequate” by the EU Commission under Article 45 of the General Data Protection Regulation (“GDPR”) or if your personal data will be transferred to a country which the EU Commission does not consider to have an adequate level of protection for personal data, we will take all necessary steps required under applicable law in order for such transfer of personal information across borders to be compliant with applicable law. We will only transfer your personal data to a country outside the EU/EEA that does not have adequate data protection laws where; (i) the transfer is being safeguarded by the use of Standard Contractual Clauses (SCCs), which have been approved by the European Commission as appropriate safeguards for international transfers under Article 46(2) of the GDPR; or (ii) where applicable, by an adequacy decision adopted by the European Commission under Article 45 of the GDPR.

By installing or using the App or Services, you consent to those transfers of personal information to other countries and to service providers.

You can find further information about the rules on data transfers outside the EU/EEA, including the mechanisms that we rely upon, on the European Commission website (https://ec.europa.eu/info/law/law-topic/data-protection_en).

How to Contact Us

Data controller

Name:	Instabridge Sweden AB
Registration number:	559246-0538
Postal address:	Vasagatan 16 111 20 Stockholm SWEDEN
E-mail address:	support@instabridge.com

Data Protection Officer

Postal address:

Instabridge Sweden AB

Att. Data Protection Officer

Vasagatan 16

111 20 Stockholm

SWEDEN

E-mail address:

privacy@instabridge.com

ANNEX A – SUPPLEMENTAL CCPA PRIVACY NOTICE

This Supplemental CCPA Privacy Notice supplements our Privacy Policy and only applies to our processing of personal information that is subject to the CCPA.

NOTICE AT COLLECTION

At or before the time of collection, California residents have a right to receive notice of our privacy practices. California residents can find this information below.

Personal Information Collected. See the section of this Supplemental CCPA Privacy Notice titled “Overview of Personal Information Collected, Disclosed, Sold and/or Shared” for a list of personal information which may be collected. If we have previously collected personal information in the past 12 months, we may collect that personal information from you.
Uses of Personal Information. See the section of this Supplemental CCPA Privacy Notice titled “Uses of Personal Information” for a list of the purposes for which we use personal information.
Is Personal Information “Sold” or “Shared” for “Cross-Context Behavioral Advertising”? Yes..
How Long is Personal Information Retained For? We will retain your personal information for as long as you have an account in the Services or for as long as we need to keep any personal information to comply with our legal obligations, resolve disputes, or enforce our agreements. After this your personal information will be deleted.
Additional Information. For more information on our privacy practices, please review this Supplemental CCPA Privacy Notice and our Privacy Policy. Importantly, the section of our Privacy Policy titled “Your Rights and Choices” includes important details about how you can exercise some of the rights which you have under the CCPA.

CATEGORIES OF SOURCES FROM WHICH PERSONAL INFORMATION IS COLLECTED

We collect personal information that you provide to us, personal information we collect automatically when you use the Services, and personal information from third-party sources.

OVERVIEW OF PERSONAL INFORMATION COLLECTED, DISCLOSED, SOLD, AND/OR SHARED

The CCPA provides California residents with the right to know what categories of personal information Instabridge has collected about them, whether Instabridge disclosed that personal information for a business purpose (e.g., to a service provider), whether Instabridge “sold” that personal information, and whether Instabridge “shared” that personal information for “cross-context behavioral advertising” in the preceding twelve months. California residents can find this information below:

Category of Personal Information Collected by Instabridge	Category of Third Parties To Whom Personal Information is Disclosed to for a Business Purpose	Category of Third Parties To Whom Personal Information is Sold and/or Shared
Identifiers	Service providers Third-party services you share or interact with	Others, upon the instruction of a user using a profile sharing functionality Our affiliates (in particular to prevent, detect and fight fraud or other illegal or unauthorized activities under our Terms) Our payment service providers and fraud vendors (e.g., for anti-fraud purposes and to fight against other illegal activities) Joint marketing partners Other vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))	Service providers Third-party services you share or interact with	Not applicable
Protected classification characteristics under California or federal law	Not applicable	Not applicable
Commercial information	Service providers Third-party services you share or interact with	Our payment service providers and fraud vendors (e.g., for anti-fraud purposes and to fight against other illegal activities) Other vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein
Biometric information	Not applicable	Not applicable
Internet or other electronic network activity	Service providers Third-party services you share or interact with	Vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein
Geolocation data	Service providers Third-party services you share or interact with	Vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein
Sensory data	Not applicable	Not applicable
Professional or employment-related information	Not applicable	Not applicable
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g, 34 C.F.R. Part 99))	Not applicable	Not applicable
Inferences drawn from other personal information to create a profile about a consumer	Service providers	Vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein
Personal information that reveals a consumer’s social security, driver’s license, state identification card, or passport number	Not applicable	Not applicable
Personal information that reveals a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account	Service providers	Not applicable
Personal information that reveals a consumer’s precise geolocation	Service providers Third-party services you share or interact with	Not applicable
Personal information that reveals a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership	Not applicable	Not applicable
Personal information that reveals the contents of a consumer’s mail, email, and text messages unless Instabridge is the intended recipient of the communication	Not applicable	Not applicable
Personal information that reveals consumer’s genetic data	Not applicable	Not applicable
Biometric information that is processed for the purpose of uniquely identifying a consumer	Not applicable	Not applicable
Personal information collected and analyzed concerning a consumer’s health	Not applicable	Not applicable
Personal information collected and analyzed concerning a consumer’s sex life or sexual orientation	Not applicable	Not applicable

USES OF PERSONAL INFORMATION

We may use and disclose the personal information that we collect for the following business and commercial purposes:

Processing for purposes described in the “How We Use Information” section of our Privacy Policy;
Processing related to delivering personalized, cross-context behavioral advertising, as well as marketing communications;
Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards;
Helping to ensure security and integrity to the extent the use of personal information is reasonably necessary and proportionate for these purposes;
Debugging to identify and repair errors that impair existing intended functionality;
Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of your current interaction with Instabridge;
Maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar Services;
Providing advertising and marketing services;
Undertaking internal research for technological development and demonstration;
Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by Instabridge, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by Instabridge.

DISCLOSURE REGARDING “SALES” OF PERSONAL INFORMATION AND/OR “SHARING” FOR “CROSS-CONTEXT BEHAVIORAL ADVERTISING”

In the preceding twelve months, Instabridge has “sold” and/or “shared” personal information for cross‑context behavioral advertising purposes. Such activities may involve providing your personal information to trusted third‑party advertising partners, who may use it to deliver targeted advertising across various digital contexts. We make these disclosures in accordance with applicable law.

DISCLOSURE REGARDING OPT-OUT PREFERENCE SIGNALS

Instabridge does “sell” and “share” personal information for cross‑context behavioral advertising. If you do not wish for your personal information to be used for these purposes, you may exercise your right to opt out. To do so, please click on the “Ad setting” link available in the app and opt out of all processing, or contact us at privacy@instabridge.com. We will process your opt‑out request in accordance with the CCPA and other applicable laws.

DISCLOSURE REGARDING INDIVIDUALS UNDER THE AGE OF 16

Instabridge does not have actual knowledge of any “sale” of personal information of minors under 16 years of age. Instabridge does not have actual knowledge of any “sharing” of personal information of minors under 16 years of age for “cross-context behavioural advertising.”

DISCLOSURE REGARDING SENSITIVE PERSONAL INFORMATION

Instabridge only uses and discloses sensitive personal information for the purposes set forth in Section 7027(m) of the CCPA regulations.

NON-DISCRIMINATION

California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.

NOTICE OF FINANCIAL INCENTIVE

This Notice of Financial Incentives aims to inform you about any programs, benefits, and other financial incentive offerings, including price or service differences (collectively, “Incentive Offerings”), that we may provide in connection with the collection of your personal information so that you may make an informed decision on whether to participate in our Incentive Offerings. Such Incentive Offerings may be deemed “financial incentives” under the CCPA.

The material aspects of any Incentive Offering, along with the personal information collected in connection with an Incentive Offering, will be described at the time you are presented with the Incentive Offering.

Examples of our Incentive Offerings may include:

One-Time Discount. We may offer you a discount on your data purchase or an amount of free data if you provide us your email address and agree to receive marketing communications.
Refer-a-Friend Program. We may offer a discount on your future purchase when you provide your personal information along with your friends’ or colleagues’ personal information, and they make a purchase. The referred party may also receive a reward in the form of a discount on the first order and/or a free service for making a purchase through your referral.

You can opt-in to an Incentive Offering by following the instructions that accompany the presentation of the Incentive Offering. If you subsequently wish to withdraw from the Incentive Offering, you may request such withdrawal by contacting us as set forth in “Contact Us” above.

Each Incentive Offering may be based upon our reasonable and good-faith determination of the estimated value of such an offer to our business, taking into consideration the value of the offer itself and the anticipated revenue generation that may be realized.