Privacy Policy

This Privacy Policy explains how NordShieldVPN ("we," "us," "our," or "the Company") collects, uses, discloses, retains, and protects your personal information when you visit our website at aggree.digital, use our VPN services, or interact with us in any other way. We are committed to protecting your privacy and handling your data with transparency, integrity, and respect.

Please read this Privacy Policy carefully. By using our website or services, you acknowledge that you have read, understood, and agree to the practices described in this document. If you do not agree with any part of this policy, please discontinue use of our services immediately.

NordShieldVPN operates in the United States and complies with all applicable federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other relevant state and federal regulations governing the collection and processing of personal information.

1. Who We Are

NordShieldVPN is a technology company providing virtual private network (VPN) services, cybersecurity tools, and related digital privacy solutions to individuals and businesses. Our services are designed to protect your online identity, encrypt your internet traffic, and help you browse the internet securely and privately.

• Company Name: NordShieldVPN
• Website: aggree.digital
• Email: [email protected]
• Country of Operation: United States

For any privacy-related inquiries, questions, or requests, you may contact us directly at [email protected]. We aim to respond to all inquiries within a reasonable timeframe, typically within 30 days.

2. Scope of This Privacy Policy

This Privacy Policy applies to:

• All visitors to our website at aggree.digital
• All registered users of the NordShieldVPN service
• All individuals who contact us via email, phone, or any other communication channel
• All individuals who participate in surveys, promotions, contests, or marketing campaigns organized by NordShieldVPN
• All individuals whose personal information we may receive through third-party partners, service providers, or affiliates

This policy does not apply to third-party websites, applications, or services that may be linked to or from our website. We encourage you to review the privacy policies of any third-party services you access through our platform.

3. Information We Collect

We collect various types of information in connection with the services we provide. The categories of information we may collect include personal information you provide to us directly, information we collect automatically when you use our services, and information we receive from third parties.

3.1 Information You Provide Directly

When you register for an account, subscribe to our services, contact our support team, or otherwise interact with NordShieldVPN, you may provide us with the following personal information:

• Account Registration Data: Full name, email address, username, and password when you create an account.
• Payment Information: Billing name, billing address, credit or debit card details, PayPal account information, or other payment method details. Note that full payment card information is processed by our third-party payment processors and is not stored on our servers in unencrypted form.
• Contact Information: Email address, phone number, and any other contact details you provide when reaching out to us.
• Communication Data: The content of your messages, support tickets, survey responses, or any other communications you send us.
• Profile Information: Any additional information you choose to add to your user profile or account settings.

3.2 Information Collected Automatically

When you access our website or use our VPN application, we may automatically collect certain technical and usage information. This data helps us maintain the quality, security, and performance of our services. Automatically collected data includes:

• Device Information: Device type (desktop, mobile, tablet), operating system and version, browser type and version, device identifiers, and hardware configuration.
• Log Data: IP address (at the time of connection to our website or account portal, not your browsing IP while connected to VPN), timestamps of access, pages or features accessed, and error logs.
• Usage Data: Information about how you interact with our website and applications, including features used, buttons clicked, session duration, and navigation paths.
• Connection Metadata: Date and time of VPN connections, amount of data transferred (aggregate only), VPN server location selected, and connection duration. We maintain a strict no-logs policy regarding the content of your internet traffic, websites you visit, or applications you use while connected to our VPN service.
• Cookies and Tracking Technologies: Information collected through cookies, web beacons, pixel tags, local storage, and similar technologies. See Section 8 for more details on our cookie practices.

3.3 Information from Third Parties

We may also receive information about you from third-party sources, including:

• Payment Processors: Transaction confirmation data, fraud detection signals, and billing status updates.
• Analytics Providers: Aggregated behavioral and demographic data about users of our services.
• Marketing Partners and Affiliates: Information about users who accessed our services through affiliate links or marketing campaigns.
• Social Media Platforms: If you choose to connect or log in using a social media account (e.g., Google or Facebook), we may receive profile information such as your name and email address from that platform, subject to your privacy settings on that platform.
• Security and Fraud Prevention Services: Risk scores and fraud indicators used to protect our platform and users from malicious activity.

4. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes. The specific ways in which we use your information include:

4.1 Service Provision and Account Management

• To create and manage your NordShieldVPN account
• To provide, operate, and maintain our VPN and cybersecurity services
• To process your subscription, payments, and billing
• To authenticate your identity and prevent unauthorized account access
• To provide customer support, respond to inquiries, and resolve disputes
• To send you important service-related communications, including account confirmations, subscription renewals, password resets, and policy updates

4.2 Service Improvement and Analytics

• To analyze how users interact with our website and applications in order to improve our services
• To diagnose and troubleshoot technical issues, bugs, and performance problems
• To conduct internal research, testing, and development of new features and services
• To monitor the overall health, performance, and security of our infrastructure
• To generate aggregated, anonymized reports and statistics about usage trends

4.3 Marketing and Communications

• To send you promotional emails, newsletters, and marketing communications about our products, services, and special offers, where you have given us your consent or where we have a legitimate interest in doing so
• To personalize the content and advertisements you see on our website and in partner platforms
• To conduct surveys, contests, and promotional events
• To measure the effectiveness of our marketing campaigns and advertising efforts

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email, or by contacting us at [email protected]. Opting out of marketing communications will not affect your receipt of essential service-related messages.

4.4 Legal Compliance and Security

• To comply with applicable laws, regulations, court orders, and legal processes
• To enforce our Terms of Service and other applicable agreements
• To detect, investigate, and prevent fraud, abuse, security threats, and other harmful activity
• To protect the rights, property, and safety of NordShieldVPN, our users, and the public
• To respond to lawful requests from law enforcement and governmental authorities

5. Legal Basis for Processing Personal Information

NordShieldVPN processes personal information based on the following legal grounds, consistent with applicable U.S. federal and state privacy laws, including the FTC Act and California's CCPA/CPRA:

• Contractual Necessity: Processing is necessary to perform the contract we have with you (i.e., providing the VPN service you have subscribed to).
• Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our services, preventing fraud, and conducting marketing, provided these interests do not override your rights.
• Legal Obligation: Processing is necessary to comply with a legal obligation applicable to us under federal or state law.
• Consent: Where required by law, we process your personal information based on your freely given, specific, and informed consent. You may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

6. Sharing Your Information with Third Parties

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

6.1 Service Providers and Business Partners

We engage trusted third-party vendors and service providers who assist us in delivering our services. These parties may access your personal information only to the extent necessary to perform their functions and are contractually obligated to protect your data. Categories of service providers include:

• Payment Processors: Companies such as Stripe, PayPal, or similar providers that handle payment transactions on our behalf.
• Cloud Infrastructure Providers: Companies that provide server hosting, data storage, and computing infrastructure.
• Analytics Providers: Companies such as Google Analytics that help us understand how users interact with our website and services.
• Email Service Providers: Platforms used to send transactional and marketing emails.
• Customer Support Tools: Software platforms used to manage customer support tickets and communications.
• Security and Fraud Prevention Vendors: Companies that help us detect and prevent fraudulent activity and security threats.

6.2 Legal Requirements

We may disclose your personal information to law enforcement agencies, courts, regulatory authorities, or other governmental bodies if required to do so by applicable law, regulation, legal process, or enforceable governmental request. This includes, but is not limited to, situations where disclosure is necessary to:

• Comply with a subpoena, court order, or other legal obligation
• Respond to a lawful request by public authorities, including for national security or law enforcement purposes
• Protect the legal rights of NordShieldVPN
• Detect, prevent, or address illegal activity, fraud, or security issues

We are committed to notifying affected users of legal requests for their data to the extent permitted by law.

6.3 Business Transfers

In the event that NordShieldVPN is involved in a merger, acquisition, asset sale, corporate reorganization, or other business transfer, your personal information may be transferred to the acquiring entity as part of that transaction. We will notify you before your personal information becomes subject to a different privacy policy.

6.4 With Your Consent

We may share your personal information with third parties not described above when we have your explicit consent to do so.

7. Data Security

The security of your personal information is a top priority at NordShieldVPN. We implement a comprehensive set of technical, organizational, and administrative security measures designed to protect your data from unauthorized access, disclosure, alteration, and destruction. These measures include:

• Encryption: All data transmitted between your device and our servers is encrypted using industry-standard TLS (Transport Layer Security) protocols. Our VPN service uses AES-256 bit encryption, one of the strongest encryption standards available.
• Access Controls: Access to personal data is strictly limited to authorized personnel who need it to perform their job functions. We use role-based access controls and multi-factor authentication for internal systems.
• Secure Infrastructure: Our servers and infrastructure are hosted in secure data centers with physical security controls, redundant systems, and continuous monitoring.
• Regular Security Audits: We conduct regular security assessments, penetration testing, and vulnerability scans to identify and remediate potential security weaknesses.
• Incident Response: We maintain an incident response plan to promptly detect, investigate, and respond to data breaches or security incidents, and to notify affected users as required by applicable law.
• Employee Training: All employees who handle personal information receive regular training on data protection best practices and our internal security policies.

While we take significant steps to protect your personal information, no security system is completely impenetrable. We cannot guarantee the absolute security of your data. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant authorities as required by law.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our website at aggree.digital to enhance your browsing experience, analyze site traffic, and support our marketing efforts. Cookies are small text files stored on your device when you visit a website.

The types of cookies we use include:

• Essential Cookies: Necessary for the functioning of our website, including maintaining your session and keeping you logged in to your account.
• Performance and Analytics Cookies: Used to collect information about how visitors use our website, such as which pages are most frequently visited and whether visitors receive error messages.
• Functional Cookies: Used to remember your preferences and settings, such as language selection or region.
• Marketing and Advertising Cookies: Used to deliver advertisements relevant to your interests and to measure the effectiveness of our marketing campaigns.

You can control and manage cookie settings through your browser settings or through our cookie consent banner. Please note that disabling certain cookies may affect the functionality of our website.

For more detailed information about the cookies we use, please refer to our Cookie Policy.

9. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights with respect to your personal information. As a company operating in the United States, we recognize and honor the following rights, particularly as required by the CCPA/CPRA for California residents and applicable federal consumer protection law:

9.1 Right to Know and Access

You have the right to request that we disclose what personal information we have collected about you over the past 12 months, including the categories of personal information collected, the sources from which it was collected, the purposes for which it was used, and any third parties with whom it was shared.

9.2 Right to Correct

You have the right to request that we correct inaccurate personal information we hold about you. We will take reasonable steps to verify your identity and update your information accordingly.

9.3 Right to Delete

You have the right to request that we delete personal information we have collected from you, subject to certain exceptions (e.g., where we are required to retain data for legal compliance, fraud prevention, or other legitimate purposes).

9.4 Right to Data Portability

You have the right to request a copy of your personal information in a structured, commonly used, machine-readable format, and to transmit that data to another service provider where technically feasible.

9.5 Right to Opt Out of Sale or Sharing

We do not sell your personal information. However, if you believe your data is being used for cross-context behavioral advertising, you have the right to opt out. California residents may submit a "Do Not Sell or Share My Personal Information" request through our website or by contacting us at [email protected].

9.6 Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. We will not deny you services, charge you different prices, or provide a different level of service because you exercised your rights under applicable privacy law.

9.7 How to Submit a Request

To exercise any of the rights described above, please submit a verifiable consumer request by:

• Email: [email protected]
• Website: aggree.digital

We will verify your identity before processing your request. You may also designate an authorized agent to submit requests on your behalf, provided we can verify the agent's authority. We will respond to verifiable requests within 45 days, with a possible extension of an additional 45 days when reasonably necessary, as permitted under applicable law.

10. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, or as required by applicable law. The specific retention periods we apply are as follows:

After the applicable retention period has expired, we will securely delete or anonymize your personal information in accordance with our data disposal procedures.

11. Children's Privacy

NordShieldVPN's services are designed for adult users. We do not knowingly market to, solicit, or collect personal information from children under the age of 18. Our Terms of Service explicitly prohibit use of our services by anyone under 18 years of age.

If we become aware that we have inadvertently collected personal information from a child under 18, we will take immediate steps to delete such information from our records. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected] so that we can take the necessary action.

Our practices are consistent with the requirements of the Children's Online Privacy Protection Act (COPPA) and other applicable child protection laws in the United States.

12. International Data Transfers

NordShieldVPN is headquartered in the United States. If you are accessing our services from outside the United States, please be aware that your personal information may be transferred to, stored, and processed in the United States and in other countries where our service providers maintain facilities.

Data protection laws in the United States and other countries where your information may be processed may differ from those in your home country. By using our services, you consent to the transfer of your personal information to these countries.

Where we transfer personal data internationally, we take steps to ensure that appropriate safeguards are in place to protect your personal information, including:

• Entering into data processing agreements with our service providers that include standard contractual clauses or equivalent protections
• Ensuring that international transfers comply with applicable privacy laws and regulations
• Implementing technical and organizational security measures appropriate to the risks involved in such transfers

If you have questions about international transfers of your personal data, please contact us at [email protected].

13. California Residents — Additional Rights Under CCPA/CPRA

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). In addition to the general rights described in Section 9, California residents are entitled to:

• Right to Know Specific Pieces of Information: You may request a list of the specific pieces of personal information we have collected about you.
• Right to Limit Use of Sensitive Personal Information: You may request that we limit the use and disclosure of sensitive personal information (such as precise geolocation, financial information, or health-related data) to what is necessary to perform the requested services.
• Shine the Light Law: California Civil Code Section 1798.83 allows California customers to request information about whether we have disclosed personal information to third parties for their direct marketing purposes. We do not sell personal information to third parties for direct marketing.

To submit a CCPA/CPRA request, contact us at [email protected]. We will respond to verified requests within 45 days as required by law.

14. How to File a Complaint

If you have concerns about how we handle your personal information and are not satisfied with our response, you have the right to file a complaint with the relevant data protection authority.

14.1 For United States Residents

In the United States, privacy complaints may be directed to the following authorities depending on the nature of your concern:

• Federal Trade Commission (FTC): The FTC is the primary federal agency responsible for consumer protection and has authority to take action against unfair or deceptive privacy practices under the FTC Act. You may file a complaint at www.ftc.gov/complaint or by calling 1-877-382-4357.
• California Privacy Protection Agency (CPPA): California residents may also file complaints with the California Privacy Protection Agency at cppa.ca.gov.
• State Attorney General: Residents of various states may file privacy complaints with their state Attorney General's office.

14.2 Before Filing a Complaint

We encourage you to contact us first at [email protected] so that we have the opportunity to address your concerns directly. We take all privacy complaints seriously and will work with you to find a resolution.

15. Third-Party Links and Services

Our website and applications may contain links to third-party websites, applications, or services that are not owned or controlled by NordShieldVPN. This Privacy Policy applies only to our own website and services. We have no control over and assume no responsibility for the privacy practices, content, or security of any third-party sites or services.

We strongly recommend that you review the privacy policy of every third-party website or service you visit or use. The inclusion of a link on our website does not imply our endorsement of that third-party's privacy practices.

16. Updates to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will notify you by:

• Posting the updated Privacy Policy on our website at aggree.digital with a revised "Last Updated" date
• Sending you an email notification to the address associated with your account, where required by law
• Displaying a prominent notice on our website or within our application

Your continued use of our services after any changes to this Privacy Policy constitute your acceptance of the updated terms. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal information.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our privacy team using the information below:

We are committed to resolving any privacy concerns you may have. Upon receiving your inquiry, we will acknowledge your request promptly and provide a substantive response within the timeframes required by applicable law.