Privacy Policy

1.1 Murphy Proxies is operated by MURPHYHOLDING OÜ, a company registered in Estonia. We act as the data controller for the personal data processed through https://murphyproxies.com.

1.2 You can reach our team at contact@murphyproxies.com for any privacy-related question.

2.1 Account data: email address, hashed password (or OAuth identifier when you sign in via Google), display name, and account creation date.

2.2 Billing data: full name, company name, billing address, country, VAT number, and the payment-method metadata returned by our payment processor (last 4 digits, brand, expiry). We never store the full card number - it is handled exclusively by Stripe.

2.3 Service usage data: the proxy plans you purchase, bandwidth consumed, gateway access logs (timestamp, source IP, target host) retained for security and abuse prevention, and dashboard activity.

2.4 Technical data: device, browser, IP address, referrer, pages visited, and interactions, collected through Google Tag Manager / Google Analytics 4 to operate, secure and improve the website.

2.5 Marketing data: UTM parameters and click IDs (gclid, fbclid) used to attribute campaigns when you reach us from an ad or partner.

3.1 Provide and operate the service (Art. 6(1)(b) GDPR - contract performance): account, billing, delivery and support.

3.2 Ensure security, prevent fraud and abuse (Art. 6(1)(f) GDPR - legitimate interest): gateway logs, anti-abuse signals.

3.3 Comply with legal obligations (Art. 6(1)(c) GDPR): accounting records, tax invoicing, responses to lawful requests.

3.4 Improve the service and measure marketing (Art. 6(1)(a) GDPR - consent, via the cookie banner): analytics cookies, advertising cookies.

4.1 Strictly necessary cookies: session, authentication, CSRF protection. These cannot be disabled.

4.2 Analytics cookies (Google Analytics 4 via Google Tag Manager): only set after you accept the cookie banner.

4.3 Advertising cookies (Google Ads conversion tracking, Meta pixel if enabled): only set after consent.

4.4 You can change your choices at any time by clicking "Cookie settings" in the footer of the site.

5.1 Payment processing: Stripe Payments Europe Ltd. (Ireland).

5.2 Hosting and infrastructure: Vercel Inc. (United States), with Standard Contractual Clauses in place.

5.3 Email delivery and account communications: our transactional email provider.

5.4 Customer support: Crisp IM SARL (France) when chat is enabled.

5.5 Analytics and advertising: Google Ireland Limited (Google Analytics, Google Ads, Google Tag Manager).

5.6 We never sell your personal data to third parties.

6.1 Some of our service providers are based outside the European Economic Area (EEA). Transfers to such providers are governed by the European Commission Standard Contractual Clauses and any additional safeguards required by GDPR.

7.1 Account and billing data: kept for the duration of your account plus 10 years after the last invoice (tax law requirement).

7.2 Gateway access logs: retained for up to 30 days for security and abuse-prevention purposes, then deleted or anonymised.

7.3 Analytics data: up to 14 months in Google Analytics 4.

7.4 Marketing identifiers (click IDs, UTM): up to 90 days.

8.1 You have the right to access, rectify, delete, restrict, port your personal data, and to object to processing based on legitimate interest. You may also withdraw your consent at any time.

8.2 To exercise these rights, email us at contact@murphyproxies.com. We will reply within 30 days.

8.3 If you believe your rights have been violated, you may lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or with the supervisory authority of your country of residence.

9.1 We protect your data using TLS 1.2+ in transit, encryption at rest where applicable, hashed and salted passwords, role-based access control, and least-privilege principles. Payment data is handled exclusively by Stripe (PCI DSS Level 1).

10.1 We may update this Privacy Policy from time to time. The "Last updated" date below indicates the date of the most recent change. Material changes will be notified by email or via a banner on the site.