HAProxy Technologies Privacy Policy
Our Privacy Policy is being updated. We are also providing a Cookies Policy. This Privacy Policy will be in effect as of March 20, 2026. See our current Privacy Policy here. See our new Cookies Policy here.
Latest update: February 27, 2026
At HAProxy Technologies (“HAProxy Technologies,” “we,” “us” or “our”), we believe that trust is built not only on performance and reliability, but also on respect for privacy. This Privacy Policy explains what personal information we collect, how we use it, and when it may be shared, so you can use our products and services with confidence.
1. What is this Privacy Policy and what does it cover?
This Privacy Policy applies when we process personal information in connection with your interactions with the services offered by HAProxy Technologies (together, the “Services”), including:
collected by us when you use the website located at www.haproxy.com/, which is owned and operated by HAProxy Technologies, and includes all subdomains and apps, present and future (the “Website”);
provided to us by our clients and their representatives when they use our software and other solutions owned and operated by HAProxy Technologies, including when using our application or cloud delivery services and when shared through our client portal located at www.haproxy.com/ and support system (together the “Software”); and
when you communicate with us by any means (e.g., website forms, videoconference, phone, etc.) or agree to receive communications (e.g., email, SMS/MMS, etc.) from us.
For clarity, this Privacy Policy does not apply to the processing of data by third parties who act on behalf of HAProxy Technologies or, clients using our Software to process data, or operators of third-party websites/services that you choose to access through our Services. HAProxy Technologies is not responsible for the content or privacy practices of such third-party websites/services, and we encourage you to review their privacy policies before using them.
Additional definitions may be made throughout this Privacy Policy, but they will be recognizable as they will be capitalized, bolded, and in quotation marks. Additional definitions may also be found in the Acceptable Use Policy (the “AUP”), and will have the same meaning in this Privacy Policy as they do there. The definitions found in this Privacy Policy shall also apply to the AUP. This Privacy Policy should be read in conjunction with the AUP, as both these documents govern your use of our Services.
2. What information do we collect and why?
We collect information in a number of ways and for a number of different purposes, depending on their different categories. Please see the table below for more details. Note that in consent-based jurisdictions such as France (Europe) and Canada, personal information may only be processed with your consent or where authorized by law.
Categories | Examples | Purposes | Legal Basis |
Client Contact information | First name, last name, email address, phone number, company name, country. | Processed to enable us to contract with the company you are representing and deliver any notice the company we contracted with in performing such contract. | Performing the contract with the company you are representing. |
Correspondence information | Information regarding correspondence with representatives of HAProxy Technologies, such as email content, customer channels, voice and video recordings and transcripts of meetings. | Processed for learning and development of HAProxy Technologies representatives as well as note-taking purposes. | Performing the contract with the company you are representing, or consent in the case of voice recording. |
Marketing information | Client or website visitor feedback, communication preferences and marketing preferences including first name, last name email address, phone numbers, company name, country. | Processed to enable us to contact you with marketing communications, including prospective clients. | Consent to receiving marketing communication from us or on our behalf. Otherwise, it is necessary for the purposes of the legitimate interests pursued by us in reaching out to people who may be interested in our Services subject to applicable laws. |
Usage & performance information | Date, time and duration of your visits on our Services, the pages viewed and links clicked on our Services, browsing history, etc. | Processed through cookies, including third-party cookies, on our Services to allow us to compile aggregate data about traffic and interactions in order to improve the experience and tools on our Services and to provide customized website experiences to our users. For more information about our usage of cookies, please refer to our Cookies Policy | In case of use of cookies that are not strictly necessary for the operation of our website, you gave us your consent to store cookies on your terminal equipment and collect information from your terminal equipment for the purposes of improving our services (functionality and analytics cookies) or for advertisement purposes. Otherwise, it is necessary for the purposes of the legitimate interests pursued by us in improving our services.
|
In addition to the foregoing, and depending on the context, we may process the following information in connection with your use of our Software:
Categories | Examples | Purposes | Legal Basis |
Client portal information | Information tied to a specific client ID, including license keys, account emails and names of account managers or technical contacts who have access to the customer portal. | Processed to provide our Services, communicate with the client, and for fraud prevention and quality assurance. | Performing the contract with the company you are representing. |
Connection information | Application Delivery Network (ADN) data and Content Delivery Network (CDN) data, such as TLS fingerprint, HTTP fingerprint, IP address, source port, destination port, SSL version, SNI requested, URI requested, timestamp, user agent, referrer, response code, request size, response size, HTTP version, IP connectiion_rate, IP concurrent sessions. | Processed to determine whether access to services in the form of applications/API is being done in a legitimate manner, including for bot detection and management purposes, and to apply rules to permit/block such access requests. | Performing the contract with the company you are representing. Otherwise, it is necessary for the purposes of the legitimate interests pursued by us in ensuring security or integrity purposes. |
Support information | Contact data, configuration data, log data as well as raw data / debug files attached to a support ticket generated from our debug scripts. Please note that we expect our clients to appropriately sanitize and remove any sensitive information from raw data / debug files. | Processed to provide manual or automated support and improve our support services generally in accordance with our internal policies and dedicated Support Terms. | Consent to obtain support services from us or on our behalf. |
Other technical information | ADN/CDN data, sample data, aggregated data, etc | Processed to ensure services are provided in a reliable, secure and fast environment. | Performing the contract with the company you are representing. Otherwise, it is necessary for the purposes of the legitimate interests pursued by us in providing our Services. |
We may aggregate and/or de-identify information and use it for any purpose, including product and service development and improvement activities. To the extent we de-identify any data originally based on personal information, we maintain and use such data only in de-identified form and will not attempt to re-identify the data.
Please note that we may also collect and use personal information for any other purpose permitted or required by law.
3. How do we disclose information?
We disclose personal information with third parties where necessary to fulfill the purposes identified above, and more specifically, as set forth in the table below:
Categories | Explanations |
Service providers | We may disclose personal information to third-party service providers (such as Google Amazon Web Services, Reflected Networks, Salesforce and HubSpot) to enable us to provide requested services, such as payment processing, marketing, maintenance, and website hosting. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information in compliance with applicable laws. |
Professional advisors | We may disclose personal information to our legal, financial, accounting or other consultants to the extent necessary to operate our business and comply with applicable laws. |
Law enforcement & other government agencies | We may disclose personal information to comply with legal obligations and respond to lawful requests. We verify that the request is legitimate before responding. For greater clarity, we may disclose personal information or other information if required to do so by law or in the good faith belief that such action is necessary to comply with applicable laws, in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies as set forth in our Subpoena Response Policy. |
Business transaction | We may disclose personal information if HAProxy Technologies merges with another entity, is subject to a corporate reorganization, sells or transfers all or part of its business, assets or shares (in which case we will require such entity to assume our obligations under this Privacy Policy, or inform you that you are covered by a new privacy policy). |
Affiliates | We may disclose personal information to affiliated entities, joint ventures, or other companies under common control with HAProxy Technologies such as HAProxy Technologies LLC and HAProxy Technologies SASU (in which case we will require such entities to honor this Privacy Policy and applicable laws). |
Except as provided in this Privacy Policy, or subject to applicable laws, HAProxy Technologies does not disclose any personal information to third parties.
4. Where do we transfer your information?
Personal information may be stored on our servers and systems, as well as on those of our third-party service providers and professional advisors, as described above. Some of these third parties may be based or share personal information outside of your region of residence (including in the United States, France, Netherlands and other countries). You consent to the transfer of information to countries outside your region of residence, which may have different data protection rules than in your region of residence. While such information is outside of your region of residence, it is subject to the laws of the region in which it is held, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other region, pursuant to the laws of such region.
However, our practices regarding personal information will at all times continue to be governed by this Privacy Policy and, if applicable, we will comply with, where applicable, the GDPR requirements providing adequate protection for the transfer of personal information from the EU/EEA to third region, notably by implementing appropriate safeguards such as standard contractual clauses in case of a region for which there is no decision of adequacy by the European Commission.
If you would like more information about how we transfer personal information, please contact us as set forth in the section below “How to contact us?”
5. How do we secure and keep information?
We implement physical, administrative and technical safeguards designed to preserve the confidentiality, integrity and security of information under our control. In addition, we use third-party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run our Services. However, information transmitted on the Internet and/or stored on systems attached to the Internet is not 100% secure, and no security can provide absolute protection. As a result, we do not ensure, warrant or guarantee the security or integrity of such information.
We retain personal information only for as long as is necessary for us to fulfil the relevant purposes specified in this Privacy Policy and to comply with our legal obligations.
We take steps to ensure that only those who need access to your information to perform their duties have access to it.
6. What are your rights regarding your information?
Under certain circumstances and subject to applicable data protection laws, supported by a written request and a proof of identification, you may consult the personal information that we have collected, used or disclosed, and/or ask that it be corrected, and/or withdraw your consent to our disclosure or use of personal information collected.
As required or permitted by law, you may be entitled to additional rights, including but not limited to : (i) the right to withdraw consent to processing where consent is the basis of processing; (ii) the right to object to unlawful data processing, under certain conditions; (iii) the right to erasure of personal information about you, under certain conditions; (iv) the right to demand that we restrict processing of your personal information, under certain conditions, if you believe that we have exceeded the legitimate basis for processing, that processing is no longer necessary, or that your personal information is inaccurate; (v) the right to data portability of personal information concerning you that you provided us in a structured, commonly used, and machine-readable format, under certain conditions; (vi) the right object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you, under certain conditions.
Finally, you also have a right to lodge a complaint with a competent data protection supervisory authority in the region where you reside, where we are based or where an alleged infringement of data protection law has taken place.
To exercise any of these rights, please contact us as set forth in the section below “How to contact us?”
7. Children’s privacy
We do not knowingly collect personal information from children under the age of majority in your region. If you are the parent or legal guardian of a child under 16 who has provided us with personal information, please contact us as set forth in the section below “How to contact us?” to ask us to stop using or to delete that information.
8. How to unsubscribe to marketing communications?
If at any time you wish to stop receiving marketing communications from us, we include an unsubscribe mechanism in all of our marketing communications or you can contact us as set forth in the section below “How to contact us?” Please keep in mind that, if you choose not to receive marketing communications, you will continue to receive essential emails related to your account and any business you have with us. These vital communciations include (but are not limited to) contract-related information, transactional details or account-related communications related to products and services.
9. How will you know this Privacy Policy has changed?
From time to time, we may update this Privacy Policy. Any changes will be effective when we post the revised Privacy Policy at this URL. This Privacy Policy was last updated as of the effective date listed at the top. Subject to applicable laws, we will notify you of any changes to this Privacy Policy.
10. How to contact us?
If you have any questions, requests or complaints regarding personal information or this Privacy Policy, please contact our Privacy Officer and/or Data Protection Officer appointed under applicable laws at privacy@haproxy.com.