As a data protection company, we always adhere to these three principles when developing our products and operating our services:
A basic design principle of the eBlocker is not to record any usage data during operation of the eBlocker and in particular not to send any usage data whatsoever to the manufacturer (eBlocker GmbH) or any third party that goes beyond the unavoidable data that is generated as part of normal Internet communication. Even for the unavoidable data, eBlocker may provide the user with options to control the scope, recipient or time of transmission. The development of the eBlocker was guided by the following principles:
The following sections explain some important aspects in more detail.
The pattern recognition and filtering functions of the eBlocker are completely self-sufficient and do not use any cloud services. These include tracker and ad blocking filters, malware filters and parental control filters. Therefore, no information about the accessed websites is sent to eBlocker GmbH or a third party.
The eBlocker also does not store any connection data on the device itself. There are the following exceptions:
One of the unavoidable connection data that occurs when establishing Internet connections is the DNS query for the resolution of Internet domains. Here the eBlocker offers the user the possibility of specifying several external DNS servers and selecting them accordingly so that the queries are distributed evenly over all DNS servers, so that none of these servers can create a complete profile of the queries. The user is free to choose the DNS servers, the number is not limited. In addition, DNS requests can optionally be sent over the Tor network (even if the rest of the traffic is not routed over Tor).
To prevent the user’s Internet provider from receiving detailed connection data via the routing of Internet requests, the eBlocker offers the user the option of encrypting the entire Internet communication of individual devices or the entire home network via Tor or an OpenVPN-enabled VPN provider. The eBlocker GmbH is not involved in the communication at any time. The user has the free choice of any VPN provider. When routing via Tor, the countries of the exit nodes can be freely defined by the user.
The core of the eBlocker works with a technology in which the data packets are examined for patterns of data collecting services. This pattern analysis can only be performed if the data traffic is decrypted in the eBlocker. If the user also wants eBlocker protection for SSL connections (via https), the SSL function must be explicitly activated on the eBlocker. When activated, a Root-CA certificate unique to each eBlocker is generated in the respective eBlocker. In order to decrypt encrypted connections, the eBlocker then forms the end of the end-to-end encryption of an SSL connection. It validates the website certificate and the revocation lists instead of the browser. The eBlocker Root-CA certificate has to be integrated into the browser or the operating system of the end device once in order to encrypt it again to the end device of the user. The eBlocker then uses its Root-CA certificate to sign the website certificate to secure the encryption to the end device. The Root-CA certificate has a validity period of three years. The user can generate a new Root-CA certificate at any time, in which the validity period (12/24/36 months) can be freely determined.
If an eBlocker is purchased from a retailer, the user only contacts eBlocker GmbH when the eBlocker is activated. Accordingly, the e-mail address used for activation is the only date known to eBlocker GmbH for this user.
If the eBlocker or an update license was purchased via the eBlocker online shop, the online shop system will additionally record and store the delivery address (only for device shipping), billing address and e-mail address.
In addition, data may be collected for payment processing purposes, but is never stored in the online shop system: All online payment transactions are processed via standard interfaces of online payment systems (Paypal, Stripe), so that eBlocker GmbH is at no time in possession of data such as credit card number or account number of the customer. In particular, such data is not stored in databases or on servers of eBlocker GmbH.
The reversal of a purchase also takes place via the systems of the above-mentioned online payment systems, whereby anonymous tokens are used for this, which are used by the respective payment provider for payment in the case of reversal. The only exception is the purchase by prepayment with manual transfer to the account of eBlocker GmbH: Here the customer must be asked for his bank details in order to be able to refund the purchase amount. These bank account details are only used for manual returns and are not stored in a database of eBlocker GmbH.
Further details on data processing on the website (in particular on tracking) can be found in the data protection declaration of the website: https://www.eblocker.com/de/datenschutz/
The e-mail address entered during activation is used exclusively to check the applicant’s authorization in the event of a license reset (i.e. release of a license for transfer/sale). In particular, the e-mail address provided during activation will not be passed on to third parties and will not be used for other purposes such as sending advertising.
In order to act autonomously (see above), the eBlocker must be regularly supplied with updated patterns, filter lists and other data. For this purpose, the eBlocker has a function for automatic or manual updating. The user can decide for himself whether the eBlocker automatically checks for updates once a day at freely selectable times via a retrieval from an eBlocker cloud server, or whether he wants to carry out this check manually.
To receive updates, the eBlocker must have a valid license and an associated X.509 certificate with associated private key. This certificate is uniquely assigned to the activated eBlocker, but does not contain any user data. In particular, neither the e-mail address, nor an IP or MAC address of the user.
When checking for updates, only this certificate is transferred to validate the update authorization. The update server stores a reference to this certificate and the corresponding activated license as well as the time of the request.
These update requests are the only data that eBlocker GmbH collects and stores centrally during the operation of an eBlocker.
The IP address used for the update request is written to the server log files for technical reasons. However, it is not systematically evaluated and, in particular, is not stored in a database or otherwise linked to the above-mentioned update data or other user data.
Customers can contact eBlocker Email Support with any questions they may have. All information provided by a customer in the context of a support request is voluntary. The support data are stored in the support system of a corresponding provider (Zendesk, GDPR-compliant), additionally in the e-mail archive of eBlocker GmbH with corresponding legal obligations for storage. The support requests are not systematically linked with the data of the online shop, the activation data or the update requests.
To support the analysis of technical problems, the eBlocker support will ask the user to create an eBlocker diagnostic report and to send it by e-mail or to add it to the support system.
This diagnostic report contains a specially created diagnostic file with information about the local network of the user: number and type of network devices, their local IP address and MAC address, the external IP address of the user as well as further data about the current configuration of the eBlocker.
In addition, the diagnostic report contains some additional log files that can provide information about the use of the eBlocker.
All files are simple text files that are packed into a compressed tar archive. The user can view these files at any time before sending them to eBlocker Support.
eBlocker GmbH is happy to grant security experts access to the source code of the eBlocker at any time if an NDA (Non Disclosure Agreement) has been agreed.Back to Category Overview