Privacy Policy

This Privacy Notice is to be read and applies in conjunction with, and in addition to the NortonLifeLock’s Privacy Policy. It describes the categories of data collected by SurfEasy and the purposes for which those data categories are processed. It is designed to provide mandatory transparency information both to individual Norton users as data subjects and to Small and Medium Business Norton users as data controllers. Please note that data categories marked with an asterisk (*) are personal data transmitted to NortonLifeLock for the purpose of delivering the corresponding product features and service functionalities. All other data categories are collected by the Norton software for processing in a non-identifiable form.

All of Norton’s Products and Services are held to the high standards as set forth in the NortonLifeLock’s Privacy Policy. Furthermore, to inform you transparently about the unique characteristics and specific purposes of the SurfEasy product and service, in addition to a description of SurfEasy, this Notice describes the Personal Data we collect and the purposes for which the Personal Data is processed.

If any part or aspect of this Notice is unacceptable to you, then please do not download, install, or otherwise use SurfEasy.


Product/Service Description

SurfEasy provides private and security data transmission by routing browser Internet traffic through the SurfEasy network, which may mean your Internet traffic is routed through one or more countries. The software browser or client establishes and maintains an encrypted tunnel between the browser or device and the SurfEasy network. SurfEasy is a No Log network, which means that SurfEasy does not store originating IP address when connected to the SurfEasy service, and therefore SurfEasy cannot identify users when provided IP addresses of the servers. Because this information is not stored, this also means SurfEasy cannot disclose information about the applications, services or websites visited or used while connected to SurfEasy.

Data Access and Collection

  1. Aggregate bandwidth usage
  2. Temporary usage data
  3. Internet and data traffic, such as destination website or IP address and originating IP address
  4. In-app telemetry data

Data Processing

  1. Bandwidth usage is required for billing, network operations and support.
  2. Usage data provides assistance with debugging service problems and is not retained once resolved.
  3. Destination website and IP address data is processed to perform automated rules-based traffic management to maintain and improve the service. This is a real-time process, and no log data is maintained.
  4. Analytics technology, such as Google Analytics, is used to improve the service, design, and app experience.