Privacy Policy
Last updated: December 01, 2025
Welcome
This Privacy Policy describes how RemoteBrowser collects, uses, stores, and shares information when you use our anonymous remote browser isolation and remote desktop streaming services ("Services").
We are committed to transparency about data collection and privacy.
1. Information We Collect
1.1 Automatically Collected Information (Anonymous Users)
When you use our Services without creating an account, we automatically collect:
| Data Type | What We Collect | Purpose |
|---|---|---|
| Public IP Address | Your originating IP address (including X-Forwarded-For headers) | Session identification, abuse detection, legal compliance |
| Session Metadata | Start time, end time, session duration, container ID | Service operation, abuse detection |
| Network Connections | Source IP, source port, destination IP, destination port, protocol (TCP/UDP) | Security monitoring, abuse detection, legal compliance |
| DNS Queries | Domain names requested, query timestamps | Security monitoring, abuse detection, legal compliance |
| Geographic Data | Country-level location derived from IP address | Service optimization, abuse detection |
1.2 What We Do NOT Collect (Anonymous Users)
- ✗ Names, email addresses, or contact information
- ✗ Account credentials or passwords
- ✗ Payment information (free service)
- ✗ Browsing content, screenshots, or page content
- ✗ Cookies for tracking purposes
- ✗ Device identifiers or fingerprints
- ✗ Keyboard input or mouse movements
1.3 Registered Users (Future Feature)
If you create an account, we will additionally collect:
- Email address (for account verification and communication)
- Username and password (encrypted)
- Account preferences and settings
- Billing information (if you purchase premium features)
2. How We Use Your Information
2.1 Service Operation
- Provide isolated browsing and remote desktop sessions
- Maintain service performance and reliability
- Troubleshoot technical issues
- Connect you to optimal server locations
2.2 Security and Abuse Prevention
- Detect and prevent malicious activity (port scanning, DDoS attacks, etc.)
- Identify and block abusive IP addresses
- Monitor for illegal content access
- Prevent fraud and unauthorized access
- Protect our infrastructure and other users
2.3 Legal Compliance
- Comply with legal obligations and valid legal requests
- Respond to subpoenas, court orders, and search warrants
- Cooperate with law enforcement investigations
- Report suspected illegal activity to authorities
- Defend against legal claims
2.4 Service Improvement
- Analyze aggregated usage patterns (not individual users)
- Optimize server infrastructure and performance
- Improve security and abuse detection systems
3. Who We Share Your Information With
3.1 We Do NOT Sell Your Data
We never sell, rent, or trade your personal information to third parties for marketing purposes.
3.2 Law Enforcement and Legal Authorities
We disclose information to law enforcement when:
- Required by valid legal process (subpoena, court order, search warrant)
- Emergency situations involving imminent danger to life or safety
- Investigating suspected illegal activity
- Complying with national security requests (where applicable)
What we provide: IP addresses, timestamps, network connection logs, DNS queries, session metadata
Legal basis: Legal obligation, vital interests protection
3.3 Service Providers
We share limited data with trusted service providers who help us operate the Service:
- Cloud hosting providers (AWS, Google Cloud, etc.) - Infrastructure operation
- CDN providers (Cloudflare, etc.) - DDoS protection and performance
- Analytics services - Aggregated usage statistics only
These providers are contractually obligated to protect your data and use it only for specified purposes.
3.4 Abuse Reports
If you report abuse to us, we may share relevant information with:
- The organization being targeted by abuse
- Security researchers (for cybersecurity research)
- Law enforcement (if illegal activity is suspected)
3.5 Business Transfers
If RemoteBrowser is acquired or merges with another company, your information may be transferred to the new owner. You will be notified of such changes.
4. Data Retention
| Data Type | Retention Period | Reason |
|---|---|---|
| Active session logs | 90 days | Service operation |
| Historical session logs | 90 days | Abuse detection, security analysis |
| Abuse incident logs | 1 year | Legal compliance, abuse prevention |
| Legal hold data | As required by law | Legal obligations, pending investigations |
| Blocked IP addresses | 1 year (or until unblocked) | Abuse prevention |
After retention periods expire, data is permanently deleted or anonymized beyond recovery.
5. Data Security
We implement industry-standard security measures:
- ✓ Encrypted data transmission (TLS 1.3)
- ✓ Encrypted data storage at rest
- ✓ Access controls and authentication
- ✓ Regular security audits
- ✓ DDoS protection
- ✓ Intrusion detection systems
- ✓ Secure log storage with restricted access
However, no system is 100% secure. We cannot guarantee absolute security.
6. Your Rights
6.1 For Anonymous Users
Because we do not collect identifying information about anonymous users, we cannot:
- Identify which specific logs belong to you
- Provide you with a copy of your data (we don't know which data is yours)
- Delete your specific data (we can't identify it)
However, you can:
- Stop using the Service at any time (your session data will be deleted per retention schedule)
- Contact us with questions about our practices
6.2 For Registered Users (Future Feature)
If you create an account, you will have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate information
- Erasure: Request deletion of your account and data (subject to legal retention requirements)
- Portability: Receive your data in a machine-readable format
- Objection: Object to certain data processing
- Withdrawal of consent: Opt out of marketing communications
To exercise these rights: privacy@remotebrowser.io
6.3 Data Protection Rights (GDPR, CCPA, UK DPA)
If you are in the EU, UK, California, or other jurisdictions with data protection laws:
- You have the right to lodge a complaint with a supervisory authority
- We will respond to your requests within legally required timeframes
- We may need to verify your identity before fulfilling requests
7. Cookies and Tracking
7.1 Essential Cookies Only
We use only essential cookies required for service operation:
- Session cookies: Maintain your active session (deleted when you close browser)
- Security cookies: CSRF protection, authentication
7.2 No Tracking Cookies
We do NOT use:
- ✗ Advertising cookies
- ✗ Analytics cookies (we use server-side analytics only)
- ✗ Social media tracking pixels
- ✗ Third-party tracking scripts
7.3 Your Choices
You can block or delete cookies through your browser settings. However, blocking essential cookies will prevent the Service from functioning properly.
8. International Data Transfers
RemoteBrowser operates globally. Your data may be transferred to and processed in:
- United Kingdom (primary location)
- European Union
- United States
- Other countries where our servers or service providers are located
Data protection measures:
- Standard Contractual Clauses (SCCs) for EU data transfers
- Adequate security safeguards
- Compliance with local data protection laws
9. Children's Privacy
Our Service is not intended for children under 13 years old (or 16 in the EU).
- We do not knowingly collect information from children
- If we learn we have collected a child's information, we will delete it
- Parents: contact us at privacy@remotebrowser.io if you believe your child provided information
10. Do Not Track Signals
We do not track users across websites. However, we do not respond to Do Not Track (DNT) browser signals because:
- We don't use tracking cookies
- Technical logging is necessary for service operation and legal compliance
11. Third-Party Websites
When you browse the internet through our Service, you may visit third-party websites. This Privacy Policy does NOT cover:
- Third-party website practices
- Content you access through our Service
- External links
We are not responsible for third-party privacy practices.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.
Material changes: We will provide prominent notice (e.g., banner on website) before material changes take effect.
Continued use: Your continued use of the Service after changes constitutes acceptance of the updated policy.
13. Contact Us
Data Controller: FerrumLabs Inc., United Kingdom
Contact Information:
- General privacy inquiries: privacy@remotebrowser.io
- Data subject requests: privacy@remotebrowser.io
- Abuse reports: abuse@remotebrowser.io
- Security issues: security@remotebrowser.io
EU/UK Representative: FerrumLabs Inc. (if required by GDPR)
14. Supervisory Authority
If you are in the EU or UK, you have the right to lodge a complaint with a data protection supervisory authority:
- UK: Information Commissioner's Office (ICO) - ico.org.uk
- EU: Your local Data Protection Authority
15. Transparency Commitment
We believe in transparency about data practices. If you have questions about:
- What data we collect
- How we use it
- Who we share it with
- How long we keep it
Please contact us: privacy@remotebrowser.io
We will respond to legitimate inquiries within 30 days.
All system normal