Last updated on April 1, 2022
ngrok, Inc. (referred to here as “we” or “ngrok") created this Privacy Policy (this “Policy”) to inform users of the services ngrok provides (collectively referred to in this Policy as “customers” or “you”), including the ngrok.com website (the "Site"), the ngrok tunneling service (the “Proxy Service”), the downloadable ngrok agent software (the “Agent”), and any other software or services offered by ngrok in connection with any of the above services, such as the ngrok Account Management Dashboard and the ngrok API (collectively, the "ngrok Services" or the "Services") and to inform you of our practices regarding how we collect, use, and share your personal information and how you can exercise your privacy rights.
This Policy is incorporated into our Terms of Use located at https://ngrok.com/tos (the “Terms of Use”). We may update this Policy from time to time, as specified in the “Changes to This Policy” section below.
This Policy covers personal information we process when you visit our Site, when you register for or otherwise access or use the other ngrok Services, and in the usual course of business, such as in connection with our sales and marketing activities.
This Privacy Policy does not apply to sites, products, or services that display or link to different privacy policies.
The information we collect depends on the way in which you interact with ngrok, the choices you make (including your privacy settings), the Services and features you use, your location, and applicable law.
When you are asked to provide personal information, you may decline. But if you choose not to provide information that is necessary to provide certain Services, those Services may not be available or may not function completely or correctly.
When you visit the Site or otherwise engage with us outside of the Services
When you visit the Site we gather certain technical information from your browser or device automatically and may store it internally or with various third-party analytics providers. To the extent that this automatically-collected data is personal information as defined in your jurisdiction, we will treat the data as personal information in accordance with this Policy.
This information we collect includes:
When you use the Agent and the Proxy Service
When you use the ngrok Agent to establish network access via the ngrok Proxy Service, we collect certain information from the environment where the Agent is running and from connections through the Proxy Service. This information includes:
When you use the ngrok Services other than the ngrok Agent and the Proxy Service
When you use the ngrok Services other than the ngrok Agent and the Proxy Service, we collect certain information from your browser or device automatically including:
When you visit the Site or otherwise engage with us outside of the Services
Certain parts of our Site may ask you to provide personal information voluntarily. We collect and store personal information that you directly provide us through our Site, including when establishing an account, through interactions on social media, application for a job, when downloading information from our Site, and at events and via other sales and marketing activities. We will collect certain personal information so that we may fulfill your request or contact you in connection with our sales and marketing activities in accordance with your stated marketing preferences. Information we collect includes:
When you use the Agent and the Proxy Service
When we receive connections to the Proxy Service we transmit all data received by the Proxy Service (the “Proxied Data”) to the destination you’ve configured. Such Proxied Data may include personal information should you choose to include it.
We are not able to view the Proxied Data if it is encrypted before it reaches the Proxy Service and decrypted after it passes through the Proxy Service. When the Proxy Service receives unencrypted information, or when you configure the Proxy Service or the Agent to handle encryption and decryption on your behalf, we only process the Proxied Data in compliance with your configuration.
When you use the ngrok Account Management Dashboard or the ngrok API
You may provide us with information such as:
When you use the ngrok Services
You may provide certain personal information to us through the use of the ngrok Services, for example, when you register for a ngrok account to access and use the Services, interact with customer support, or send us an email or communicate with us in any way. Personal information we collect may include:
Information we receive from affiliates or partners We may occasionally receive your personal information from third parties including our affiliates, marketing, and research partners. The types of information we collect from third parties may include contact information, demographic data, content, and employment affiliation. These third parties may enrich our data concerning you with additional personal information, based on personal information in our possession which we provided to them for this purpose.
Information we receive when you add a third-party integration
Also, if you integrate or link a third party service with our Services, we may receive personal information about you from that third party based on the permissions you established with such third party service, and that third party's privacy practices.
The types of information we collect from third parties may include contact information, demographic data, and content. For example, we may obtain information from a third party in response to a request for user authentication. We use this information to maintain and improve the accuracy of the records we hold about you, identify new customers, and provide a more tailored advertising experience. We may combine this information with other information we collect about you through our Site and other Services.
ngrok uses personal information for the following business purposes identified below.
We may disclose your personal information to the following categories of recipients:
To the extent that processing of your personal information may also take place outside the EU or EEA in third countries without an adequacy decision, there is a risk that authorities in those third countries may access the personal information for security and monitoring purposes without you being informed or being able to seek redress. To ensure an adequate level of data protection when transferring your data to such recipients, ngrok ensures to conclude standard contractual clauses of the European Commission pursuant to Art. 46 (2) (c) of the GDPR in connection with further technical measures with these recipients. We will be happy to provide you with more specific information on this via the contact details below.
ngrok uses practices intended to protect personal information from loss, misuse and unauthorized access, disclosure, alteration, or destruction, whether in transmission or storage. Please keep in mind, however, that we do not and cannot guarantee security, and no Internet transmission is ever completely secure or error-free. You are responsible for maintaining the confidentiality of your account information, including any user name and password you use.
For additional information regarding our security practices please see https://ngrok.com/security.
We would like to keep in contact with you in ways that you find helpful. If you do not want us to use your contact information to communicate with you for promotional purposes, please tell us that when you provide your contact information. You can also let us know your preference later by clicking on this link https://dashboard.ngrok.com/user and following the instructions on that page, by contacting us as specified in the “Contacting Us” section below, by accessing your account, or by following the instructions in various communications that we may send you. Keep in mind that if you opt out of receiving promotional communications, we may still send you transactional communications (for example, non-promotional emails such as technical or security notices). The preceding rights may depend on your location and your jurisdiction. We will respond to your requests within the appropriate time frames required by applicable law.
The California Consumer Privacy Act (“CCPA”), provides California residents with the following rights:
If you are a California resident seeking to exercise your CCPA rights, or if you are an authorized agent wishing to exercise CCPA rights on behalf of someone else, please email us at support@ngrok.com. Please note that to protect your personal information, we may verify your identity by a method appropriate to the type of request you are making.
California law requires us to provide California consumers with certain additional information regarding how we collect, use, and share your "personal information" (as defined in the CCPA). Throughout this Policy, we discuss in detail the specific pieces of information we collect from you or your device and discuss how we use and share such information.
The categories and sources of personal information we may collect are described in the “Personal Information We Collect” section of this Policy. The business and commercial purposes for which we collect this information are described in the “Use of Personal Information” section of this Privacy Policy. The categories of third parties to whom we disclose this information for a business purpose are described in the “Sharing Personal Information” section of this Policy.
We use cookies, web beacons, mobile analytics, and similar technologies to operate our Site and other Services and to help collect data, including other identifiers and device information and usage data.
A cookie is a small bit of text that we and others return to your browser in response to requests made to our Services. The text is stored and returned to our Services automatically within subsequent requests. The text in a cookie may consist of a random string of numbers and letters that uniquely identifies your device or your logged-in account, but it may contain other information as well. Our Site and other Services may use both session cookies and persistent cookies. A session cookie enables certain features of the Services and is usually deleted from your computer when you close and restart your browser. A persistent cookie remains after you close your browser and may be returned to our servers on subsequent visits to the Site or use of the Services.
We and others may collect information using Web beacons. Web beacons are electronic images that may be used on our Site or other Services or in our emails. When your web browser loads a page that contains a web beacon, it automatically connects to the web server that hosts the image (typically controlled by a third party). This connection allows that web server to log information about your device and to set and read that web server’s own cookies. In the same way, accessing third party content on our Site (such as embedded videos, plug-ins, or ads) may result in your browser connecting to the third party’s web server hosting the content. We may include web beacons in our email messages or newsletters to tell us if you open and act on them.
We, and our analytics and advertising partners, use these and other technologies on our Site and other Services to collect personal information (such as the information in cookies we and our partners store in your browser or the IP address of your device) when you use our Site or other Services. When your browser or application connects to a third party analytics or advertising partner, that third party may collect information about your online activities over time and across different websites or online services via the use of persistent cookies. They can also create inferences about you from this information.
The third party analytics, support partners, and marketing providers we use with respect to our Site and other Services include:
Some of these companies are also members of associations that provide a simple way to opt out of analytics and ad targeting, which you can access at:
Most web browsers are configured to accept cookies by default. If you prefer, you can adjust your browser settings to instruct your web browser not to accept cookies. You may also be able to use your browser’s settings to delete specific cookies. If your browser is set to refuse all cookies, this could affect certain features of our Site or other Services. Similarly, if you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted.
You can disable web beacons in email messages by changing the settings in your email application to prevent the automatic downloading of images.
Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our Site and other Services do not currently respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described above.
Note that if you make the choices described above, some personal information may still be collected by our partners to help us perform analytics and advertising-related functions. If you access the opt out page (or settings) from other devices or browsers, you will need to revisit those pages or settings to opt out from those other devices or browsers. Additionally, making these choices will not opt you out of the use of previously collected personal information or all interest-based advertising.
This Policy may be revised from time to time. If this Policy changes, the revised policy will include a new effective date, and we will notify you of such changes by posting the revised policy on this page. Please be sure to check the Policy whenever you submit personal information or use our website. If we make any material changes to this Policy, we will provide you with additional notice or obtain consent to the extent required by applicable law.
If you have any questions, complaints, or concerns about how your information is handled, please email us at support@ngrok.com. You can also contact us at our physical address which is 548 Market St, PMB 26741, San Francisco, California 94104-5401 USA.
To view the previous version of ngrok’s Privacy Policy, click the link below.