Privacy Policy

This Privacy Policy applies to DuckRoute, the DuckRoute website, the customer cabinet, trial and paid accounts, billing workflows, API access, traffic routing tools, event logs, AI White Page tools, cookie consent flows, analytics tags and support interactions.

DuckRoute is operated as a business software product for performance marketing and traffic operations teams. References to "DuckRoute", "we", "us" and "our" mean the operator of the DuckRoute product and its service providers acting on our behalf.

We collect account information that you provide when you register, log in, verify email, recover access, update profile settings, create API keys, configure routing flows, manage White Pages, request billing, use referrals or contact support.

This may include name, email address, password hash, referral code, profile information, account status, subscription state, selected plan, billing period, billing identifiers, support messages and operational settings entered in the cabinet.

When DuckRoute is used to route campaign traffic, we process technical and event data needed to make routing decisions, troubleshoot delivery and show analytics in the dashboard.

This may include IP address, country, region, city, browser, operating system, device type, language, timezone, referrer, URL path, query parameters, UTM tags, source labels, ASN, ISP, network reputation, VPN/proxy/Tor/datacenter indicators, user agent, headers, risk score, routing decision, timestamps and event identifiers.

We use necessary cookies to keep the site and cabinet functional, including authentication, locale preference, security state and cookie-consent state. These cookies are required for the service to work.

With consent, we may also use analytics and advertising cookies or tags to measure visits, understand demand, improve campaigns, build aggregated performance reports and support Google Analytics or Google Ads measurement.

• Necessary cookies: authentication, security, language, session and consent state.
• Analytics cookies: page views, traffic source, engagement, aggregated product usage and conversion measurement.
• Advertising cookies: ad measurement, conversion attribution and campaign performance signals where supported by the configured tags.

We use collected data to provide the product, authenticate users, prevent unauthorized access, route traffic, calculate risk scores, show dashboard analytics, generate White Pages, maintain API access, process subscriptions, apply referral balance and respond to support requests.

We also use data to improve reliability, debug incidents, detect abuse, prevent fraud, protect the service, measure product demand, evaluate feature usage, comply with legal obligations and enforce these Terms.

Depending on where you are located, we process data under one or more legal bases: performance of a contract, legitimate interests in operating and protecting the service, consent for optional analytics or advertising storage, and compliance with legal obligations.

Our legitimate interests include product security, fraud prevention, service reliability, billing integrity, traffic analytics, abuse prevention and product improvement.

We may share data with vendors that help us run DuckRoute, such as hosting providers, databases, email delivery providers, payment processors, analytics providers, advertising measurement providers, security tools, logging systems and customer support tools.

Service providers are allowed to process data only as needed to provide services to us, support the product, protect infrastructure or comply with applicable law.

Payments may be processed by third-party payment providers. DuckRoute may receive billing identifiers, subscription status, payment confirmation, invoice metadata and plan information, but we do not need to store full card numbers in the application database.

Payment providers process payment details under their own policies and security controls.

DuckRoute may be operated with infrastructure and vendors in different countries. When data is transferred internationally, we use contractual, technical and organizational safeguards appropriate for the nature of the data and the service.

We keep account, billing and security records for as long as needed to provide the service, meet legal obligations, resolve disputes and enforce agreements. Campaign event logs and traffic analytics may be retained for operational, security and reporting purposes according to product limits and internal retention controls.

We may delete, aggregate or de-identify data when it is no longer needed for the purposes described in this policy.

We use technical and organizational measures designed to protect data, including access controls, authentication controls, network protections, logging, encryption where appropriate, database isolation patterns and operational monitoring.

No online service can guarantee absolute security. Customers are responsible for protecting their passwords, API keys, account devices, email access and campaign configuration.

You can update profile data in the cabinet, manage optional cookie consent through the cookie banner, request access assistance, change password, revoke API keys and control which campaign data you send to DuckRoute.

Depending on your location, you may have rights to access, correct, delete, restrict or export personal data, or object to certain processing. Requests are reviewed according to applicable law and security requirements.

Customers are responsible for ensuring that they have a lawful basis to send traffic data, visitor data, campaign identifiers and any other data to DuckRoute. Customers must provide their own notices, consent flows and compliance controls where required for their campaigns, websites and target pages.

Customers must not use DuckRoute to collect sensitive personal data unless they have confirmed that such processing is lawful, necessary and covered by appropriate safeguards.

We may update this Privacy Policy when the product, legal requirements or operational practices change. The effective date shows when the current version became active. Continued use of DuckRoute after an update means the updated policy applies.

For privacy requests, account questions or legal notices, contact DuckRoute through the official support channel available in the product or through the current company contact published by the operator.