Privacy Policy

Effective Date:

At VPNLY, privacy is prioritized as a fundamental aspect of all services and operations. This Privacy Policy delineates the procedures employed by VPNLY in regard to the management of information when users access the VPNLY websites (vpnly.com and affiliated domains), VPNLY applications, and associated services (collectively, the “Services”).

The guiding principle that underpins this approach is straightforward: the collection of data is limited to the bare minimum necessary to ensure the secure and effective functioning of VPNLY. The dissemination of personal information to external entities is not a practice engaged in by this institution. Furthermore, the utilization of such information is exclusively constrained to the provision of services as delineated herein.

By utilizing VPNLY, you affirm that you have read and comprehended this Privacy Policy. Should there be a divergence of opinion, it is respectfully requested that the utilization of our services be discontinued.

1. What Information We Collect

VPNLY is constructed on the principle of zero-logging, which is a term used to describe a system that does not maintain records of its users’ activity. Consequently, the tracking and storage of activity logs related to browsing, traffic, content, or DNS queries is not conducted. However, in order to maintain the operational integrity of the Services, there may be instances where we collect limited categories of information.

a) Technical and Usage Data (Anonymous)

VPN connection status (successful or failed).

The VPN server location you connect to.

General location (country only) and your Internet Service Provider.

Device details such as model, OS version, app version.

Diagnostic and performance data (e.g., speed tests, crash/error reports).

Important: This data is anonymized immediately upon collection. It cannot be tied back to you personally or to any specific VPN session.

b) Account Data (Optional)

Creating an account is not required to use VPNLY, but if you do, we may ask for an email address. This is used for:

Account login and recovery.

Subscription management.

Customer support.

Service notifications or optional marketing updates (you can opt out at any time).

c) Subscription and Payment Data

When you subscribe to a paid VPNLY plan, we may collect limited details such as:

Your email address, subscription plan, and payment status.

Transaction-related information (e.g., currency, renewal status, invoice ID).

It is important to note that VPNLY does not process or store payment card details. All financial transactions are managed securely by trusted third-party providers such as Stripe, Airwallex, Payssion, or v5pay.

d) Cookies and Similar Technologies

Our websites may use cookies to:

Remember your settings and preferences.

Improve performance and navigation.

Support analytics and essential functionality.

For more details, see our [Cookie Policy].

e) Communication Data

In the event that the aforementioned party contacts us, we may receive the name, email address, and content of the message. This information is utilized exclusively for the purpose of providing a response and offering assistance.

2. How We Use Collected Data

We process limited information strictly for the following purposes:

Security & Authentication – verify subscription status, prevent fraud, block misuse.

Customer Support – answer inquiries, resolve issues, and provide relevant updates.

Research & Development – analyze anonymized trends to create better features and new services.

Legal Compliance – meet regulatory requirements, prevent abuse, and ensure lawful use.

The utilization of collected data for the purpose of user profiling or tracking browsing behavior is unequivocally not engaged in by our company.

3. Sharing and Transfer of Data

VPNLY does not engage in the sale or rental of personal data. However, in certain circumstances, the sharing of limited information may be permissible.

Service Providers: To ensure the seamless delivery and ongoing maintenance of our services, we collaborate with trusted partners, including payment processors, analytics providers, and support platforms.

Aggregated or Anonymous Reports: Anonymous statistical data may be disseminated, ensuring the complete anonymity of the recipient.

Business Transfers: In the event of a merger, acquisition, or restructuring, relevant data may be transferred under strict privacy safeguards.

Legal Requests:In the event that the disclosure of limited data is required by law or to protect the safety of users, such disclosure may be made.

It is important to note that data may be processed outside of the individual’s home country. In such cases, VPNLY implements appropriate safeguards to ensure the confidentiality, integrity, and availability of users’ information.

4. Data Protection

A rigorous protocol is implemented to ensure the security of all collected data, encompassing the following measures:

Encryption and access controls.

Isolated storage systems with restricted access.

Regular audits and monitoring.

Access to data is strictly limited to authorized personnel on a “need-to-know” basis.

In the event of a security breach, affected users and regulators will be notified promptly, in accordance with applicable law.

5. Data Retention & Deletion

The data of the user is stored for a duration solely corresponding to the provision of the aforementioned Services. Subsequent to this, the information is securely deleted or anonymized.

In the event that an account is deleted, the associated data will also be eradicated, unless its retention is required by law (e.g., for tax or compliance reasons).

In instances where immediate deletion is not feasible, such as during backup procedures, the data will be isolated until a secure removal method can be employed.

6. Third-Party Services We Use

To keep VPNLY safe and reliable, we rely on carefully selected third-party providers, such as:

Google Firebase – crash reports and diagnostics.

Adjust – app analytics and performance tracking.

Zendesk – customer support system.

Stripe, Airwallex, Payssion, v5pay – payment processing.

Forter, Rebilly – fraud detection and risk management.

Admob, Liftoff, InMobi, Unity, Bigo Ads – advertising partners (for free VPN version).

These partners may use cookies or similar technologies. They do not receive VPNLY traffic logs or sensitive personal identifiers.

7. User Rights

Depending on your region, you may have specific rights regarding your personal data:

Access – request a copy of the data we hold about you.

Correction – update or correct inaccurate information.

Deletion – request permanent deletion of your account and related data.

Restriction/Objection – limit or object to certain processing.

Withdraw Consent – stop receiving marketing or revoke optional data uses.

For users in the EEA/UK (GDPR): You can exercise your rights at any time. Proof of identity may be required.

For users in California (CCPA): You can request details about the personal information we collect or disclose. VPNLY does not sell personal data.

8. Children’s Privacy

VPNLY is not intended for users under the age of 13 (or the legal minimum age in the user’s country of residence). We do not intentionally collect children’s personal data.

In the event that a parent or guardian believes that their child has disclosed personal information to us, they are requested to contact us at their earliest possible convenience. The information in question will be deleted promptly upon receipt of the request.

9. Changes to This Privacy Policy

This policy may be updated periodically to reflect changes in law, technology, or the services offered. The “Effective Date” will invariably display the most recent version.

Notifications of significant updates will be disseminated to users via the company’s applications, websites, or email communications.

10. Contact Us

Should inquiries, concerns, or requests regarding this Privacy Policy arise, interested parties may contact the relevant department via the following means: [email protected]

Inquiries regarding privacy-related matters should be directed to the institution’s Data Protection Officer (DPO): [email protected]