Privacy Policy
Part 2. Privacy Policy
8. What Information We Collect
8.1. Information We DO NOT Collect (Strict No-Logs)
We never collect or store:
- Your browsing history, websites visited, downloaded files
- Destination IP addresses, DNS queries
- Content of your internet traffic
- Any data that could link Your identity to Your online activity
8.2. Information We Collect (Minimally Necessary)
We collect only the following information required to operate the Service:
| Data Type | Examples | Retention Period |
|---|---|---|
| Account data | [Example: email address, username (if required)] | [Insert period, e.g., "Until account deletion"] |
| Payment information | [Example: last 4 digits of card, transaction ID] | [Insert period, e.g., "7 years (for tax compliance)"] |
| Technical metadata | [Example: app version, device type, approximate connection timestamp (not exact)] | [Insert period, e.g., "30 days, then aggregated"] |
| Support communications | [Example: your messages, email] | [Insert period, e.g., "90 days after ticket closure"] |
8.3. What Our Payment Processors Collect
Payments are processed by: [Insert names, e.g., Stripe, PayPal] They may collect their own data (e.g., full card number). Please review their privacy policies separately.
9. How We Use Your Information
- To provide and maintain VPN connections
- To process payments and prevent fraud
- To improve app performance and security
- To respond to your inquiries
We never sell, rent, or trade Your data to advertisers or marketers.
10. Data Sharing with Subprocessors
We share data only with strictly limited subcontractors:
| Subprocessor | Purpose | Data Shared | Privacy Policy Link |
|---|---|---|---|
| [Company name 1] | [Hosting / servers] | [Technical metadata] | [Link to their policy] |
| [Company name 2] | [Email service] | [Email, name] | [Link to their policy] |
11. Data Retention & Security
- All servers run RAM-only – data is permanently deleted when a server is shut down or rebooted.
- Data in transit is encrypted with TLS 1.3 / WireGuard®.
- We do not store persistent logs on hard drives.
- Security audits are conducted [Insert frequency, e.g., "annually"] by [Insert auditor name, or "No third-party auditor yet"].
12. Your Rights (GDPR / CPRA / other applicable laws)
Depending on Your location, You may have the right to:
- Access, rectify, or erase Your data
- Data portability
- Object to or restrict processing
- Withdraw consent
- Lodge a complaint with a supervisory authority
To exercise Your rights, email: [Insert privacy request email]
13. International Data Transfers
Our servers are located in: [Insert server countries] Your data may be processed outside Your country of residence. We ensure protection via [Insert mechanism, e.g., Standard Contractual Clauses (SCCs) / EU adequacy decision].
14. Children's Privacy
The Service is not intended for persons under the age of [Insert age, e.g., 18 or 16]. We do not knowingly collect personal data from minors.
Contact Information
For all inquiries, including legal requests and data subject requests:
Email: [Insert main contact email]
Contact form: [Insert URL of your contact form, if any]
Postal address: [Insert full postal address]
Data Protection Officer (DPO): [Insert DPO name and email, if required]