WonderProxy and Your Data
Using a Proxy Server
To understand the data you share when you use one of our proxy servers, let’s look at a user journey. Our user, Morgan, loads https://www.google.com/doodles through our proxy in London UK. Here’s what happens next.
- Morgan's browser makes a request to our London server to relay a request for a secure page hosted at www.google.com. Either the browser accepts Morgan's credentials, or Morgan is using IP Authentication.
The server passes the request to www.google.com, receives a response, and relays the response back to Morgan.
- At this point, our server records several pieces of information:
- The time
- The size of the request and response in bytes
- Morgan's IP address
- Morgan's username
- The port on the proxy server used
- The HTTP response code
- The domain
- The IP address of the server
- A couple of notes on the level of detail our server sees here. If the request is made to an HTTPS page, our server only ever sees the domain of the request. If the request is made to an HTTP page, our server sees and records the entire URL, MIME Type, and HTTP method (GET/POST/HEAD etc).
- Every hour our server in London uploads its logs to Amazon S3 via HTTPS, to the Canada Central Region for processing. Data in Amazon S3 is encrypted at rest using AES-256.
- Every hour our website uses Amazon Athena to summarize the number of bytes every user has transferred through every server that day. This summary data is pulled via HTTPS by our website infrastructure. Note this is just the username, server, and bytes transferred. E.g. 2020-03-03 01:00:00 UTC, Morgan, 53370 bytes, London Server.
- 43 hours after the request is made the London server deletes that access log.
- 183 days (6 months) after the request is made the access logs are deleted from Amazon S3.
- The summary usage information is retained indefinitely on our website infrastructure. To understand why, see the How We Use Your Data section below.
During a major server outage, processing and deletion may be delayed slightly.
The Legal Jurisdictions Involved
Several legal jurisdictions are in play when you use one of our proxy servers:
- The jurisdiction containing the proxy server (in our example, London, UK)
- The jurisdiction containing our our customer database and web infrastructure (Montreal, Quebec, Canada)
- The jurisdiction containing our data hosted by Amazon S3 (Montreal, Quebec, Canada)
WonderProxy is a Canadian corporation, incorporated Federally and registered provincially in Quebec and Ontario.
Note that this list is not necessarily complete. For all steps it’s possible the company providing a service (e.g. Amazon) maintains sufficient presence in other jurisdictions to have a vulnerability there too. For an example, see Microsoft vs United States
How We Use Your Data
We use the data we collect for three main purposes:
For billing purposes. We record how much traffic is used and through which servers to bill customers accurately.
To help users see their own usage, whether it’s in summary form for usage monitoring, or in detail so they can diagnose a problem.
We look at data in aggregate for two purposes. Reporting - for example, how many bytes were transferred by all users yesterday? Planning - for example, how much traffic do we need to buy in Peru next year?
Only staff with a specific need have access to full access logs. Aggregate data about accounts (e.g. Morgan used 525MB last month) is available to all staff.
Deleting Your Account
If after using WonderProxy you wish to delete your account completely, you may. You will need to wait 183 days after your last proxy usage or billing transaction (whichever is later) to complete this request, as we have a legitimate business interest in waiting out credit card chargeback periods and possible abuse complaints.
To delete your account please email email@example.com
At that point:
- Detailed access logs will have already been deleted.
- We replace all user specified account metadata with nonsense, including:
- Email address
- Contract name
- We delete website audit logs (that record adding/removing servers, sending us that support request, etc).
- We delete your records from our billing providers. The providers complete their deletion process after 14 days.