Privacy Policy

Last updated April 14th, 2020

Surge takes your privacy seriously. We will not sell, lease, or exchange your personal data to, or otherwise share your personal data with, third parties in ways other than described in this Privacy Policy.

By using Surge including services available at the surge.sh domains, you are using a service provided by Surge (the “Service”) and you agree to be bound by the Terms of Service and this Privacy Policy.

Consent and Information Collection and Use

When you join us as a user of our Services, we ask for personal information that will be used to activate your account, provide the Services to you, communicate with you about the status of your account, and for other purposes set out in this Privacy Policy. Your name, company name, address, telephone number, email address, credit card information and certain other information about you may be required by us to provide the Services or disclosed by you during your use of the Services. You will also be asked to create a private password, which will become part of your account information.

By providing personal information to us and by retaining us to provide you with the Services, you voluntarily consent to the collection, use and disclosure of such personal information as specified in this Privacy Policy. Without limiting the foregoing, we may on occasion ask you to consent when we collect, use, or disclose your personal information in specific circumstances. Sometimes your consent will be implied through your conduct with us if the purpose of the collection, use or disclosure is obvious and you voluntarily provide the information.

We may use your personal or account information for the following purposes:

Age of Consent

We do not knowingly provide the Services to, and will not knowingly collect the personal information from anyone under the age of consent.

Rights to Your Information

You have the right to access, edit and delete your information at any time through the web interface provided as part of the Services.

Disclosure

We will only share your information with third parties in accordance with your instructions or as necessary to provide you with a specific service or otherwise in accordance with applicable privacy legislation. As a general rule, we do not and will not sell, rent, share or disclose your personal information without first receiving your permission or as permitted in this Privacy Policy.

Aggregated Data

We may also use your personal information to generate Aggregated Data for internal use and for sharing with others on a selective basis. “Aggregated Data” means records which have been stripped of information potentially identifying customers, landing pages or end-users, and which have been manipulated or combined to provide generalized, anonymous information. Your identity and personal information will be kept anonymous in Aggregated Data.

Links

The Site may contain links to other sites and we are not responsible for the privacy practices or the content of such sites. We encourage you to read the privacy policy of linked sites. Their privacy policies and practices differ from our policies and practices.

Logs

Usage logs are considered necisarry mechanism to effectively run a healthy cloud service. Usage logs are used to diagnose and mitgate errors, heath, and abuse of our Service. These logs may include any information that is available in HTTPs requests such as, but not limited to, IP Address, API endpoints, and User Agent. This information is used to mitigate malicious attacks and unreasonable burden or stress on our infrastructure. IP Addresses are used to lookup request location and usage rates of incoming traffic to determine the risk level of the attack.

IP Addresses are used to mitagate DDOS attacks or stress on our Sevice by blocking, throttle, rate limt, or selectively responding to http requests. This data can be detected and tracked up by our automated system and is usually short lived. In cases that IP Addresses are flagged for abusive activity they are kept anonymous and disasosiated with your user account. This data is emphemeral in most cases lasting only the lifecycle of a process. When that is not the case data is cleared from our system when the data is deemed no longer needed to effectively mitigate undue stress on our infrastrucutre or business operations.

Abuse Mitigation via Third-Party

If infrastructure of a third party service provider is being used to automate undue burden or stress our Service or business operations we may provide that third-party log data that shows use of their infrasturture in the interest of mitigating the stress or attack on our system. Contacting and sharing information to a third-party is a last resort being reachable and responsive to the email address provided on your Surge account is highly likely to avoid us from doing this.

In the event that Surge is used to host a phishing campaign that designed to decieve our fraud unsuspecting members of the public, usage logs may be shared with valid representatives of the company being impersonated if it is considered to be useful in protecting unsuspecting members of the public.

Cookies

We use cookies to store session information. Cookies are small amounts of data that are transferred to your web browser by a web server and are stored on your computer’s hard drive. We will use this information to authenticate and deliver relevant content and services to you.

Change of Ownership or Business Transition

In the event of a change of ownership or other business transition, such as a merger, acquisition or sale of our assets, your information may be transferred in accordance with applicable privacy laws.

Security

We will strive to prevent unauthorized access to your personal information, however, no data transmission over the Internet, by wireless device or over the air is guaranteed to be 100% secure. We will continue to enhance security procedures as new technologies and procedures become available.

We strongly recommend that you do not disclose your password to anyone. If you forget your password, we will send you an email containing a link that will allow you to reset your password.

Please remember that you control what personal information you provide while using the Services. Ultimately, you are responsible for maintaining the secrecy of your identification, passwords and/or any personal information in your possession for the use of the Services. Always be careful and responsible regarding your personal information. We are not responsible for, and cannot control, the use by others of any information which you provide to them and you should use caution in selecting the personal information you provide to others through the Services. Similarly, we cannot assume any responsibility for the content of any personal information or other information which you receive from other users through the Services, and you release us from any and all liability in connection with the contents of any personal information or other information which you may receive using the Services. We cannot guarantee, or assume any responsibility for verifying, the accuracy of the personal information or other information provided by any third party. You release us from any and all liability in connection with the use of such personal information or other information of others.

Contact Us

If you have any questions or suggestions regarding our Privacy Policy, please contact us at support@surge.sh