Gridinsoft Logo
animation img

Our Privacy Principles

No Tracking. No Selling. No Hidden Tricks.

At Gridinsoft, we believe cybersecurity should protect your privacy — not compromise it. That’s why we’ve built our tools and services with strict privacy-by-design principles.

✓ Privacy Policy ✓ How we use your data ✓ Terms of Use ✓ GDPR
Minimal by Design
Minimal by Design
We Don’t Collect What We Don’t Need
Only the essentials: no extra data, no surprises. We minimize data collection at every level. Most of our free tools run entirely in your browser — no logins, no tracking scripts, and no telemetry sent.
Your Data Stays Yours
Your Data Stays Yours
No Profiling. No Ads. No Reselling
We don’t track, trade, or advertise based on you. We never use your behavior to build profiles or target you with ads. Your information is not shared, sold, or handed off to third-party marketers.
Your Choice, Always
Your Choice, Always
Optional Analytics with Full Consent
Anonymous stats only, and only if you agree. When we do collect analytics (like software version or system type), it’s for product improvement only — and only with your permission.
At Gridinsoft, we believe cybersecurity should respect your privacy from the ground up. That’s why we follow the privacy by design principle: we limit data collection to the minimum, offer offline functionality, and give you total control over what you share. This approach aligns with global best practices, including GDPR compliance, and ensures your digital tools don’t double as surveillance tools.
Privacy Means Control
You’re in the Driver’s Seat

Your data, your decisions — no backseat tracking.

Your privacy is always in your hands. You decide what data is used, when, and how. Our tools work without hidden trackers, ad profiles, or silent data collection. Whether you’re scanning your device, checking a suspicious link, or reviewing a risky email, you stay in control at every step.

Know Where You’re Going
Clarity at Every Turn
We show you exactly what data is collected, why it matters, and how it's used — no guesswork, no hidden routes. Transparency puts you firmly in control.
Decide What to Share
Full Control, No Pressure
Whether it’s diagnostic reports or usage data, nothing leaves your system without your say-so. You choose what’s shared, and when.
Stay on the Safe Road
Protected by Default
All communications are secured. Threat reports are encrypted. There are no ads, no surveillance, and no detours into shady data sharing.
privacy bg
How we protect your data and uphold global compliance since launching our cybersecurity line in 2008.
Security & Privacy at Gridinsoft
At a Glance Compliance Foundations Data Lifecycle Infrastructure & Hosting Sub-processors & Integrations Access Control & Authentication Customer Responsibilities Contact
At a Glance
  • 17 years defending against malware and protecting privacy (cybersecurity line launched 2008).
  • GDPR-aligned; the same protections apply to all users, regardless of location.
  • 100% cloud-hosted; no on-premises servers. Compute hosted in Rackspace & DigitalOcean, front-stopped by Cloudflare’s global edge network.
  • End-to-end encryption: TLS 1.2+ in transit, AES-256 at rest.
  • No card data stored; payments processed via PayPro Global & 2Checkout (both PCI-DSS Level 1 certified).
  • OPSWAT Silver-certified scanning engine, independently re-tested every year.
Compliance Foundations
Framework / Law Status Key Controls
EU GDPR Controller with EU representative Consent records, DSR workflow, 30-day deletion SLA
UK GDPR & PIPEDA Voluntarily adopted Single global privacy standard; opt-out of sale/marketing by default
OPSWAT Silver Active Annual binary & process audit
VirusTotal Partner Engine Approved Listed among 150+ industry engines; live reputation sharing & false-positive feedback loop
Data Lifecycle
Stage Data Points Legal Basis | Purpose Retention
Account sign-up Email, encrypted password, IP Contract performance Until account deletion
Product telemetry (opt-in) Hash-anonymised scan logs, feature usage Legitimate interest (product improvement) 12 months rolling
Support tickets License key, diagnostic files Legitimate interest (support) 24 months after last interaction
Payments Order ID Contract | Legal obligation 7 years (tax compliance)
Security logs IP, timestamps Legitimate interest (security) 30 days

Requests for data export or erasure can be sent to [email protected] and will be fulfilled within 30 days.

Infrastructure & Hosting
Layer Provider(s) Safeguards
Edge / DDoS Cloudflare CDN & WAF Anycast network, OWASP rules, bot mitigation, rate limiting
Compute & Storage Rackspace (US) | DigitalOcean (US/EU) ISO 27001, SOC 2 Type II facilities, disk-level encryption
CI & Back-office GitLab SaaS, Atlassian Cloud SSO, MFA, customer-managed data
Sub-processors & Integrations
Category Vendor Personal Data Shared
Edge / WAF Cloudflare, Inc. Transient IP
Hosting Rackspace US, DigitalOcean LLC Production databases & files
Analytics Google Analytics Pseudonymised visitor IDs (truncated IP)
Marketing Google Ads Conversion metadata
Payments PayPro Global, 2Checkout/Avangate Billing details
Support OSTicket (self-hosted) Email, ticket content

All vendors sign GDPR-compliant DPAs and undergo annual security reviews.

Access Control & Authentication
  • Company-wide SSO and MFA enforced.
  • Role-based access with automatic expiry; no shared accounts.
  • 90-day credential rotation policy for privileged secrets.
Customer Responsibilities
  • Keep Gridinsoft software updated to the latest release.
  • Enable real-time protection modules whenever possible.
  • Use unique, strong passwords and MFA for the Member Area.
Contact

Have questions or privacy concerns? We’re here to help.

  • Email (Legal & DPO): [email protected]
  • Support: [email protected]
  • Phone (UA): +38 044 405 82 32
  • Operational HQ: Lesya Kurbasa Ave 7B, 03194 Kyiv, Ukraine
  • Registered Office: Pervomayskaya 20A, 39600 Kremenchuk, Ukraine
Have additional
questions? Email us
at [email protected]