Privacy Policy

Last updated: March 10, 2026

This Privacy Policy ("Policy") describes how Browserling, Inc., a Delaware corporation with operations in California ("Browserling," "we," "us," or "our"), collects, uses, discloses, retains, and otherwise processes Personal Information in connection with Browserling's websites, applications, remotely hosted browser environments, testing infrastructure, security sandbox capabilities, and related tools, infrastructure, APIs, or functionality that Browserling may provide from time to time (collectively, the "Services").

Browserling provides ephemeral, isolated virtual environments that enable users to interact with websites, applications, files, and other digital content. Browserling is designed so that session content is transient and generally destroyed upon session termination or timeout. This Privacy Policy describes the limited Personal Information Browserling collects and processes in connection with operating the Services, and does not govern the content accessed, analyzed, or executed by users within sessions.

This Policy applies when Browserling processes Personal Information as a controller or business, including with respect to website visitors, account holders, billing contacts, trial and free plan users, and marketing contacts. Where Browserling processes Personal Data on behalf of a customer as a processor or service provider (for example, data submitted into sandbox sessions at a customer's direction), that processing is governed by the Data Processing Addendum ("DPA", available at browserling.com/dpa or as provided with this document package) and the applicable Terms of Service ("Terms", available at browserling.com/terms or as provided with this document package).

This Policy is incorporated into and subject to the Terms of Service. Capitalized terms not defined in this Policy have the meanings given to them in the Terms of Service.

By accessing or using the Services, creating an account, or otherwise providing Personal Information to Browserling, you acknowledge that your Personal Information will be processed as described in this Policy. If you do not agree with this Policy, do not access or use the Services.

1. Key Concepts and How Our Sandbox Works

Browserling provides remote, isolated, ephemeral environments (including virtual browsers, operating systems, and related sandbox capabilities) that enable users to test websites and applications, and to safely open and analyze untrusted or suspicious links, downloads, emails, attachments, and other content. The operational design of the Services, including session isolation, ephemeral destruction, and Browserling's role as an infrastructure provider, is described in detail in the Terms of Service.

The privacy-relevant characteristics of this design are: (a) session content is designed to be transient and generally destroyed upon session termination or timeout and is not persistently stored as part of normal service operation; (b) Browserling does not routinely monitor or review session content; and (c) Browserling may retain limited session-related metadata (such as timestamps, source IP address, and user agent) for security, abuse prevention, troubleshooting, legal compliance, and service operation, as further described in this Policy and the Terms of Service.

2. Personal Information We Collect

The Personal Information we collect depends on how you interact with the Services.

A. Information you provide to us

Account information: name, email address, username, password (stored in hashed/salted form), organization/company, and related account details.

Billing and transactional information: billing contact details and records of purchases; payment card information is typically processed by our payment processors (we receive limited payment-related details, such as payment status and partial identifiers).

Support and communications: information you provide when you contact us (e.g., support tickets, feedback, emails, chat messages, and other communications).

Sales/marketing information: preferences and information you provide when you request demos, sign up for newsletters, or interact with marketing content.

B. Information collected automatically

Device and usage data: IP address, device identifiers, browser type/version, operating system, user agent, pages viewed, timestamps, clickstream data, and similar usage information.

Cookies and similar technologies: we use cookies and similar technologies to operate the Services, remember preferences, help with security, and understand website usage.

Analytics data: we may use analytics providers (such as Google Analytics) to help us understand website usage and improve the Services.

C. Sandbox/session-related data (high-level)

When you use the sandbox features, the Services may process content you choose to submit (e.g., a URL, a file, or other inputs) in an isolated environment. As described in our materials:

Session content is designed to be transient/ephemeral and not persistently stored, and the environment is destroyed after the session ends or times out.

We may collect limited metadata (for example, timestamps, source IP address, and user agent) for security, abuse prevention, analytics, and service operation.

If you are using the Services through an organization (a customer), your organization may configure or administer accounts, and may have access to certain information associated with your use as described in the customer agreement.

3. How We Use Personal Information

We use Personal Information for the following purposes:

  • Provide and operate the Services, including account creation, authentication, session provisioning, and customer administration.
  • Process payments and transactions and manage billing and collections.
  • Security, integrity, and abuse prevention, including monitoring, detecting, and preventing fraud, misuse, and security incidents.
  • Customer support and responding to requests, questions, and feedback.
  • Improve and develop the Services, including debugging, analytics, and performance monitoring.
  • Marketing and communications, such as sending product updates, newsletters, and promotional communications (you can opt out as described below).
  • Legal compliance, including responding to lawful requests and enforcing our terms and policies.

4. How We Disclose Personal Information

We may disclose Personal Information in the following circumstances:

A. Service providers and subprocessors

We disclose Personal Information to vendors and service providers that perform services on our behalf, such as:

  • hosting and infrastructure,
  • customer support tools,
  • payment processing,
  • communications/email delivery,
  • analytics,
  • security monitoring and fraud prevention, and
  • professional advisors (legal, accounting, etc.).

Our DPA describes our use of subprocessors for customer personal data processed on a customer's behalf. A current list of subprocessors is available at browserling.com/dpa/subprocessors and is updated in accordance with the notification procedures set forth in the DPA.

These service providers are authorized to process Personal Information only as necessary to provide services to Browserling and are subject to contractual confidentiality and security obligations.

B. Compliance with law and protection of rights

We may disclose Personal Information as required by law or legal process, or where we believe disclosure is necessary to protect rights, safety, and security; to investigate fraud or misuse; or to enforce our agreements and policies.

C. Business transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of our business or assets, Personal Information may be disclosed or transferred as part of that transaction.

D. Aggregated or de-identified information

We may create and use aggregated or de-identified information for business purposes, such as analytics and service improvement, consistent with applicable law.

5. Cookies and Similar Technologies

We use cookies and similar technologies to operate the Services and to help with analytics and security. You can control cookies through your browser settings; however, disabling cookies may affect functionality.

Do Not Track: Some browsers offer a "Do Not Track" signal. We do not currently respond to "Do Not Track" signals.

Browserling does not engage in interest-based advertising or cross-context behavioral advertising.

6. Data Retention

We retain Personal Information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements.

Sandbox/session content: As described in our security materials and DPA, session content is designed to be transient and destroyed upon session termination or timeout, and is not persistently retained as part of normal service operation.

For customer personal data processed on behalf of customers, retention and deletion are governed by the applicable customer agreement and our DPA.

7. Security

Browserling implements and maintains reasonable administrative, technical, and organizational safeguards designed to protect Personal Information, including measures appropriate to the nature of the data processed and the risks presented by the Services. These safeguards include access controls, encryption of data in transit, credential hashing, session isolation, infrastructure monitoring, and incident response procedures. However, no security measure is perfect, and no method of transmission or storage is completely secure.

In the event of a Security Incident (as defined in the Terms of Service) involving Customer Data, Browserling will notify the affected customer and take commercially reasonable steps to contain, investigate, and remediate the incident, in accordance with the Terms of Service and, where applicable, the DPA. This Privacy Policy does not modify or expand Browserling's security incident notification or response obligations beyond what is set forth in those agreements.

8. International Data Transfers

Browserling is based in the United States and may process and store Personal Information in the United States and other jurisdictions where we and our service providers operate. Where required, we use appropriate safeguards for cross-border transfers (for example, standard contractual clauses, as described in our DPA for customer personal data processed on a customer's behalf).

9. Your Privacy Choices

A. Marketing communications

You can opt out of marketing emails at any time by using the unsubscribe link in the email or by contacting us via the "Contact Us" page.

B. Cookie choices

You can manage cookies through your browser settings (and, where applicable, through any cookie controls we provide).

10. California Privacy Rights

This section applies to California residents to the extent the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"), applies.

A. Categories of Personal Information we collect

Depending on how you interact with the Services, we may collect:

  • Identifiers (such as name, email address, IP address)
  • Internet or other electronic network activity information (such as usage data and user agent information)
  • Commercial information (e.g., transaction records)
  • Account and customer support communications

We do not collect sensitive personal information for the purpose of inferring characteristics about you. We do not use or disclose sensitive personal information except as permitted by the CPRA and its regulations.

Sources of Personal Information. We collect Personal Information directly from you (for example, when you create an account, contact us, or use the Services), automatically through your use of the Services (for example, via cookies and similar technologies), and from service providers that help us operate the Services (for example, payment processors and analytics providers).

B. Purposes for collection and use

We collect and use Personal Information for the business and commercial purposes described in Section 3 above.

C. Selling or sharing

We do not "sell" personal information, and we do not "share" personal information for cross-context behavioral advertising, as those terms are defined under the CPRA.

D. Your rights

Subject to certain exceptions, California residents have the right to:

  • request to know/access the Personal Information we collected about you,
  • request deletion,
  • request correction,
  • request information about disclosures for certain business purposes, and
  • not be discriminated against for exercising your rights.

E. How to Exercise Your Rights

You may exercise your California privacy rights by contacting us at: privacy@browserling.com.

You may designate an authorized agent to make a request on your behalf, subject to verification of the agent's authority and your identity, as required by law.

We may need to verify your identity before processing your request, and we will respond in accordance with applicable law.

11. Other U.S. State Privacy Rights

Depending on your state of residence, you may have additional rights under applicable state privacy laws, including the laws of Virginia, Colorado, Connecticut, Texas, Oregon, Montana, and other states. These rights may include the right to access, correct, or delete your Personal Information, the right to opt out of certain processing activities, and the right to appeal a denial of a privacy request. To exercise any applicable rights, contact us at privacy@browserling.com. We will respond in accordance with applicable law.

12. European/UK Privacy Rights

This section applies where the General Data Protection Regulation ("GDPR") or the UK GDPR applies to our processing of your Personal Information as a controller.

A. Legal Bases for Processing

Browserling relies on one or more of the following legal bases:

  • Performance of a contract, including to provide and administer the Services, manage accounts, process transactions, and fulfill our obligations under the applicable agreement.
  • Legitimate interests, such as operating, securing, maintaining, and improving the Services; preventing fraud, abuse, and security incidents; enforcing our agreements; conducting internal analytics relating to service performance and security; and protecting the rights, property, and safety of Browserling, our customers, and others. Where we rely on legitimate interests, we consider and balance any potential impact on individuals' rights and freedoms in accordance with applicable law.
  • Compliance with legal obligations, including responding to lawful requests, maintaining required records, and meeting regulatory requirements.
  • Consent, where required by applicable law (for example, for certain marketing communications).

B. Your Rights

Subject to applicable law, individuals located in the European Economic Area and the United Kingdom may have the right to access, correct, delete, restrict, or object to processing of their Personal Information, the right to data portability, and the right to lodge a complaint with a supervisory authority. To exercise these rights, contact us at privacy@browserling.com. We may need to verify your identity before responding, and we will respond in accordance with applicable law.

C. Processor Processing on Behalf of Customers

Where Browserling processes Personal Data as a processor or service provider on behalf of a customer, such processing is governed by the applicable agreement and DPA. In those circumstances, the relevant customer is the controller. Individuals seeking to exercise rights with respect to Personal Data contained within Customer Data should direct their requests to the applicable customer.

13. Children's Privacy

The Services are intended for users who are at least 18 years of age. Browserling does not knowingly collect Personal Information from individuals under 18. If we become aware that we have collected Personal Information from a user under 18, we will take appropriate steps to delete such information as required by applicable law and consistent with our Terms of Service. If you believe that a person under 18 has provided Personal Information to us, please contact us at privacy@browserling.com so that we can take appropriate action.

14. Links to Third-Party Sites

The Services may contain links to third-party sites or services. We are not responsible for the privacy practices of those third parties, and we encourage you to review their privacy policies.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top indicates when it was most recently revised. If we make material changes to this Privacy Policy, we will provide notice to account holders whose Personal Information is subject to the changes by email to the address associated with their account, by posting a prominent notice on our website, or by other means as required by applicable law. We will provide such notice at least thirty (30) days before the changes take effect, except where a shorter period is required by applicable law, in which case we will provide notice as promptly as practicable.

Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@browserling.com.

AltStyle によって変換されたページ (->オリジナル) /