Privacy Policy

Last updated: March 1, 2026

1. Introduction

GustVPN ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our VPN service and related applications (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not access or use the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we may collect the following information:

  • Email address (for account creation and communication)
  • Authentication credentials (securely hashed; we never store plain-text passwords)
  • Subscription and payment status (managed through third-party payment processors)

2.2 Device Information

To manage device limits and provide technical support, we may collect:

  • Device type and operating system
  • A non-identifying device fingerprint used solely for device limit enforcement
  • App version

2.3 Connection Metadata

We collect minimal connection metadata to maintain service quality:

  • Timestamp of connection and disconnection (retained for 30 days)
  • Server location selected
  • Aggregate bandwidth usage (not per-session)

2.4 What We Do NOT Collect

We want to be explicitly clear about what we never collect:

  • Browsing history — We do not monitor, log, or store the websites you visit.
  • Traffic content — We do not inspect, log, or store the content of your internet traffic.
  • DNS queries — We do not log your DNS requests.
  • Originating IP addresses — We do not log your real IP address in association with your VPN activity.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Manage your account and subscription
  • Enforce device connection limits per your subscription plan
  • Monitor aggregate server load and performance for capacity planning
  • Communicate with you about service updates, security alerts, and support
  • Detect and prevent abuse of the Service
  • Comply with applicable legal obligations

4. Data Storage and Security

Your account data is stored on secure, encrypted servers. VPN tunnel traffic is encrypted using state-of-the-art cryptographic protocols and is never stored or logged by our systems.

Connection metadata is retained for a maximum of 30 days before being automatically purged. We implement industry-standard security measures including encryption at rest and in transit, access controls, and regular security audits.

5. Third-Party Services

We use the following categories of third-party services:

  • Authentication providers — For secure account management
  • Payment processors — We do not store credit card information; all payment data is handled by PCI-compliant third-party processors
  • Infrastructure providers — Cloud hosting for our servers, subject to their own privacy policies

We do not sell, trade, or otherwise share your personal information with third parties for marketing purposes.

6. Data Disclosure

We may disclose your information only in the following limited circumstances:

  • Legal obligations — When required by law, court order, or governmental authority. Because we do not log browsing activity or traffic content, we are unable to provide information we do not possess.
  • Protection of rights — To protect our rights, privacy, safety, or property, or that of our users or the public.
  • Business transfers — In connection with a merger, acquisition, or sale of assets, in which case you will be notified.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability
  • Withdraw consent at any time

To exercise any of these rights, please contact us at the email address provided below. We will respond to your request within 30 days.

8. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

9. International Data Transfers

Our servers are located in multiple regions globally. By using the Service, you acknowledge that your information may be transferred to and processed in jurisdictions outside your country of residence. We ensure appropriate safeguards are in place for any such transfers.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at:

Email: privacy@gustvpn.com