This Privacy Policy (hereinafter referred to as the “Policy”) aims to clarify the relevant rules for Scenar browser software (hereinafter referred to as the “Software”) for collecting, using, storing, transmitting, and disclosing users‘ personal information and data, safeguarding users‘ privacy rights and data security, strictly complying with international general data protection guidelines (including but not limited to EU GDPR, U.S. CCPA, Brazilian LGPD, W3C privacy principles, etc.), conforming to the “Privacy by Design” (PbD) principle, embedding privacy protection throughout the design and operating lifecycle of browser products, and adapting to core functionality scenar such as browser web browsing, search, downloads, collections, etc. This Policy applies to all users who use this Software (hereinafter referred to as “Users”), regardless of the device (computer, mobile terminal, etc.) through which users access or use this Software. The use of this Software is considered as if the user has fully read, understood and agreed to all the terms of this Policy; if the user does not agree to this Policy, they should immediately stop using this Software.
1. Definition and scope
1.1 Core Definitions
1.1.1 Personal Information: Means information that can identify a specific natural person individually or in combination with other information, including but not limited to name, email address, device identifier, IP address, browsing history, search history, download history, favorite content, cookies and similar technical data, browser fingerprint related information, etc., conforming to the standards that define personal information in the International General Data Protection Regulations, covering the core definitions of personal data in the EU GDPR, where browser fingerprint related information is typical personal information because it uniquely identifies the user‘s device and a natural person.
1.1.2 Non-Personal Information: Means information that cannot be identified as a specific natural person, including but not limited to software usage statistics, anonymized user interaction behavior data, system execution logs, web page decryption data, browser feature usage frequency data, etc. This type of data can be used for software optimization, feature iteration, and industry research, and will remain anonymized and not involve any personal identity associations.
1.1.3 Third-party services: Means services provided by third parties that are integrated into or linked to the Software (such as search engines, cloud storage, web plug-ins, advertising services, etc.), whose privacy policies are independent of this Policy, the user‘s use of third-party services is subject to third-party privacy regulations, the Software does not assume any privacy-related responsibility for third-party services, and third-party services must comply with the data protection laws and browser privacy protection relevant standards of their region.
1.2 Applicability Scope
1.2.1 This Policy applies to all functional modules, services and related extended services of this Software, including but not limited to all service scenar such as account registration, web browsing, search queries, content downloads, bookmark collection, history management, plugin use, privacy protection settings, covering privacy protection throughout the entire life cycle of the Software, and adapting to the core use scenar of the browser.
1.2.2 This Policy does not apply to third-party services. The third party is independently responsible for the privacy protection of third-party services. If users develop privacy-related issues due to the use of third-party services, they should communicate directly with the third party to resolve them. This Software provides only an access channel, does not participate in the operation of third-party services, and assumes no associated responsibility.
2. Information Collection
2.1 Collecting Principles
2.1.1 Legitimacy Principles: Collect user information only when obtaining the user‘s explicit consent, necessary for the fulfillment of the service agreement, or in compliance with relevant international laws, regulations, and treaty provisions, strictly following the core requirements of “informed consent,” adopting the “opt-in” (active consent) mode, preventing unauthorized collection of information, and complying with the requirements of Article 6 of the EU GDPR regarding the legitimacy of data processing, especially for sensitive data such as cookies and browser fingerprints, requiring the individual consent of the user.
2.1.2 Minimum Required Principle: Collect only the user information necessary to realize the core functions of this Software (web browsing, search, downloads, collections, etc.), do not collect information that is not related to the Service, control the scope of information collection to the minimum, implement the core requirements of “design as privacy”, avoid the privacy risks associated with redundant data collection, such as browser fingerprint data is collected only for parameters necessary to achieve security verification, feature adaptation, and do not overcollect device and system information.
2.1.3 Transparency Principles: Clearly inform the user of the purpose, scope, method, and use of the information collected, ensure that the user is aware and has the freedom to choose whether to provide it, do not conceal any matters related to the collection of information, ensure the user‘s right to be informed, comply with the transparency requirements of international data protection, all collection behaviors are clearly disclosed to the user, especially the collection and use of cookies and browser fingerprints, will be explained separately to the user and obtain consent.
2.2 Scope and method of collection
2.2.1 Account Related Information: When users register for this Software account, they are required to provide a real, valid, and legitimate email address as a login credential. We will collect the email address provided by users for core purposes such as account verification, password recovery, service notifications, security alerts, etc. No additional non-personal information will be collected to ensure the authenticity and security of the account registration.
2.2.2 Browser Usage Related Information: When users use this Software, data on user‘s browser behavior will be collected (including software startup time, feature usage records, device model, operating system version, IP address, log data, browsing history, search history, download history, favorite content, web form data, etc.), and with user consent, relevant data will be collected using cookies and similar technologies for implementing web page loading, login status maintenance, search suggestions, privacy protection, etc. All data collection complies with the minimum necessary principles; browser fingerprint data will only be collected with user consent for security verification, anti-fraud parameters, and cryptographic processing to avoid use for malicious tracking.
2.2.3 Voluntarily provided information: When users voluntarily provide additional information (such as synchronization preferences, plugin authorization information, etc.) when using specific features of this Software (such as plugin installation, cloud synchronization, personalization settings), we will only use it for the implementation of that specific feature, not for other purposes, and users can withdraw the voluntarily provided information at any time to exercise data control.
3. Information Use and Storage
3.1 Information Usage
3.1.1 Core Service Usage: Using the collected information to provide users with the core functions of this Software, including account login, web browsing, search queries, content downloads, bookmark collection, history management, privacy protection, etc., to ensure the service runs properly and reliably, meets users‘ browser usage needs, and all usage behaviors comply with the scope authorized by the user, such as cookie data is used only to maintain login status and optimize web page loading experience.
3.1.2 Optimizing Service Usage: Based on user usage behavior information, browsing and search history, analyzing user usage habits, optimizing browser loading speed, search accuracy, interface interaction and privacy protection features, improving service personalization and convenience, improving user experience, removing sensitivity from personal information during use, not revealing any personally identifiable content, browser fingerprint data is used only for security verification, not for user tracking or ad push.
3.1.3 Security Assurance Usage: Using user information to identify abnormal logins, malicious actions, web fraud, virus attacks, and other behaviors, prevent account theft, information leakage, and device security risks, protect user accounts and browsing data securely, comply with international data security protection requirements, implement data lifecycle security principles, such as identifying abnormal device logins through browser fingerprint data, and promptly send security alerts to users.
3.1.4 Use Restrictions: Use of information not beyond the scope of the user‘s consent, do not use the user‘s personal information and browsing data for other purposes unrelated to this Software Services, unless expressly authorized by the user or in compliance with relevant international laws, regulations and treaty provisions, strictly prohibit abuse of information and disclosure of browsing content, do not use the user‘s browsing history, search history for commercial advertising, strictly follow the privacy protection priority principles.
3.2 Information Storage
3.2.1 Storage locations: User information and browsing data collected by this Software will be stored on servers that comply with international data protection standards (such as requirements of Article 48 of the EU GDPR), all located outside of China. The specific locations will be dynamically adjusted according to service optimization needs, ensuring compliance with local data protection regulations and cross-border data flow rules, ensuring compliance with data storage, and cross-border transfer will strictly comply with the legal and regulatory requirements of the relevant countries and regions.
3.2.2 Storage period: The storage period for personal information and browsing data is the minimum time required to achieve the purposes of the service, where the storage period for cookie data will be set according to its type (session cookies automatically expire after the browser is closed, persistent cookies will be stored for the agreed period); if the user signs out of the account, we will delete or anonymize all personal information and browsing data processed by that user within 15 business days after the account sign-out completes, except as otherwise stipulated by law, regulations and treaties, in accordance with the data minimization and storage limitation principles.
3.2.3 Storage security: Encrypting storage of user information and browsing data using internationally leading encryption technologies (such as SSL/TLS, AES-256), establishing a well-established security management system, regularly conducting security testing, vulnerability remediation, and risk assessment, equipping professional security teams to ensure the security of data storage, implementing “privacy by design” security requirements throughout the lifecycle, preventing browsing history, personal information disclosure, tampering, and loss, while enabling users to manually delete browsing history, cookies, and related data.
4. Information Transfer and Disclosure
4.1 Information Transfer
4.1.1 Transfer Principles: User information and browsing data will be transferred only to achieve the purposes of this Software Services (such as web page loading, data synchronization), obtaining user consent, or in compliance with relevant international laws, regulations and treaty requirements. Encryption technologies will be employed during the transfer process to ensure the security and integrity of the information, prevent information from being intercepted, tampered with, or disclosed. The transfer will comply with the relevant requirements of the EU GDPR regarding cross-border data transfer, especially for cross-border transfer of personal sensitive data. User consent will be obtained in advance and compliance with local regulations.
4.1.2 Transfer scope: User information and browsing data will be transferred only between the entity operating this Software and its authorized service providers (such as compliant cloud storage providers, search engine providers), authorized service providers must strictly comply with this Policy and related confidentiality agreements, and may not use, disclose, or otherwise use user information and browsing content; cross-border transfers will comply with the data protection regulations of the relevant country or region, notify the user in advance and obtain their consent, ensure the free flow and security of data, adopt privacy-protecting technologies such as OHTTP, and conceal the user‘s IP address and other identifying information.
4.2 Information Disclosure
4.2.1 No Disclosure: Without the explicit consent of the user, no user‘s personal information and browsing data will be disclosed to any third party, except as otherwise stipulated by law, regulations and treaties. User information and browsing privacy will be strictly protected. Data confidentiality principles will be adhered to, in line with the core privacy protection needs of browser users. In particular, sensitive content such as user browsing history and search history will be prohibited from being disclosed to third parties.
4.2.2 Permitted Disclosure: Disclosure of relevant information and browsing content to third parties designated by the User after obtaining written consent from the User; Disclosure of User information necessary to comply with legal, regulatory and contractual obligations, and in response to legitimate requirements of judicial or regulatory authorities (excluding unauthorized browsing content); Disclosure of User information to authorized service providers for the implementation of this Software Service, and strictly limiting the scope of use, ensuring that service providers fulfill confidentiality obligations and cannot use User data for other purposes.
5. User Rights
5.1 Core Rights
5.1.1 Access rights: Users can log in to this Software account at any time to view their personal information (such as email, usage records, etc.) and browsing data (such as history, favorite content, download records, etc.), understand how information is collected, used, and stored, ensure that users have the right to be aware of their information and browsing data, and comply with the core rights granted to data subjects by the EU GDPR.
5.1.2 Correction Right: If you find that your personal information is incorrect or incomplete, you can request a correction through the relevant features of this Software or by contacting Customer Service at gjutgjevski@suna-star.com. We will review and process your information within 3 working days to ensure the sourcing circumstances of your information.
5.1.3 Right to delete: Users can request to delete some or all of their personal information and browsing data. They can manually delete content such as browsing history, cookies, download records, etc. If deleting information affects the normal provision of the service (such as the synchronization function), we will inform the user of the relevant impact. After the user confirms, we will proceed with the deletion operation. We ensure the user‘s right to delete their information and browsing data, in accordance with the requirements of international data protection regulations regarding the right to delete.
5.1.4 Right to sign out and right to withdraw consent: Users can apply to sign out their account, and after the account is signed out, the related data and browsing content will be processed according to regulations; Users can withdraw their consent to the collection, use, transmission, and disclosure of information at any time, can turn off features such as cookies, browser fingerprint collection, and so on at any time, upon withdrawal will stop the related information processing behavior, and does not affect the legality of information processing activities that were completed based on the user‘s consent before withdrawal.
5.2 Rights Relief
5.2.1 If users believe that their privacy rights have been infringed, or have objections to the processing of personal information and browsing data, they can submit a complaint or complaint through the contact email agreed in this Policy. We will process and provide feedback on the processing results within 5 working days to provide users with effective rights relief channels to ensure that their rights are realized.
6. Third-party services and policy updates
6.1 Third-party services
6.1.1 This Software may integrate or link to third-party services (such as search engines, cloud storage, web plug-ins, advertising services, etc.), third-party services may collect information related to users, and their information processing behavior must comply with their own privacy policies and international data protection rules, must not violate relevant laws and regulations and the core requirements of this policy, and must not obtain user browsing data, cookies, and browser fingerprint information without permission.
6.1.2 This Software only provides links to or access channels to third-party services, does not control the information collection and use behavior of third-party services, and does not assume any privacy-related responsibility arising from third-party services. Users should carefully read their privacy policies before using third-party services, make their own decision whether to use them, and avoid privacy risks caused by third-party services. This Software will clearly identify third-party services and remind users to pay attention to privacy protection.
6.2 Policy Update
6.2.1 As international laws, regulations, and treaties are updated, software functions are optimized, and operational requirements are changed, this Policy may be revised. After revisions, update notifications will be posted in prominent locations of this Software (such as the login page, settings page) to inform users of the changes to the Policy, ensure that users are aware of the changes to the Policy, and comply with the general standards of the international privacy policy updates. In particular, changes to relevant terms such as cookies and browser fingerprints will be highlighted to users.
6.2.2 After updating this Policy, the user‘s continued use of this Software, effective from the date of publication, is considered to agree to the updated Policy; if the user does not agree to the updated Policy, they should immediately stop using this Software, through which the user can view the historical version of the Policy, ensuring the user‘s right to be informed.
7. Contact information and disclaimer
7.1 Contact information
7.1.1 If users have any questions, complaints, complaints about this Policy, or need to exercise their rights, consult us on privacy protection related matters, please contact us via the following email address: gjutgjevski@suna-star.com, we will respond and process promptly, providing users with a convenient and efficient communication channel in accordance with the relevant requirements of international data subject rights relief.
7.2 Disclaimer
7.2.1 This Software assumes no responsibility for the leakage, loss, or tampering of user information and browsing data due to irresistible forces (such as natural disasters, network disruptions, hacking attacks, etc.). The irresistible forces must comply with standards defined by international common law, and this Software will promptly take remedial measures after the irresistible force occurs to minimize user losses as much as possible and restore normal operation of the service.
7.2.2 Users are solely responsible for information security risks and browsing data leaks resulting from their own improper actions (such as leaking account passwords, unlawfully sharing browsing content, using unofficial versions of the software, turning off privacy protection features, etc.). The Software assumes no responsibility in connection with any such risks.
7.2.3 This Software assumes only security security responsibility for user information and browsing data collected, processed, stored, and stored by itself, and is not responsible for the security of information provided by third-party services. It clearly divides responsibility and complies with the general principles of disclaimer for international software operations. Users are solely responsible for privacy risks arising from violations of the terms of this Policy. This Software has adopted reasonable security measures and is not responsible for privacy risks arising from non-Software intentional or serious negligence due to the technical characteristics of the browser industry itself.
This policy comes into effect from the day of publication. The final interpretation rights belong to the entity operating the Scenar browser software. It does not fulfill its duties. It is implemented according to international general data protection laws, regulations, and treaties. It strictly conforms to core international data protection standards such as the EU GDPR, W3C privacy principles, and others. It fully protects the privacy of users and the security of browsing data, and adheres to the privacy-first product philosophy.