Privacy Policy

Last updated: 8/6/2025

LLC IDEA (VAT IE 6388047V), registered in Kyrgyzstan, d/b/a Private Net (https://privatenet.app)

1. Information We Collect

Account Information

  • Email address (from Google OAuth)
  • Name and profile picture (from Google OAuth)
  • Account creation and last login timestamps
  • Subscription status and payment history
  • User preferences and settings

Usage Data

  • Device information (type, operating system, browser)
  • General location (country/region)
  • Connection timestamps and duration
  • Server selection and usage patterns
  • App performance and error logs
  • Website interaction data (pages visited, clicks, time spent)

VPN Connection Data

  • Connection status and server location
  • Bandwidth usage (aggregated, not linked to specific activities)
  • Configuration keys and device identifiers
  • Connection quality metrics

2. How We Use Your Information

  • Provide and maintain our VPN service
  • Process payments and manage subscriptions
  • Send service-related communications
  • Improve our service quality and performance
  • Provide customer support
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

3. Data Storage and Security

  • Firebase/Google Cloud: Account data, preferences, and analytics
  • Encrypted databases: All sensitive data is encrypted at rest
  • Secure transmission: All data transfers use TLS encryption
  • Access controls: Strict access controls and authentication

4. No-Logs Policy

We do NOT log or store:

  • Websites you visit while connected to our VPN
  • Content of your internet traffic
  • DNS queries or search history
  • Files you download or upload
  • Your real IP address when connected

5. Third-Party Services

We use the following third-party services to provide and improve our service. Each of them processes limited data as described below. Data may be transferred outside the European Economic Area (EEA) or your country of residence. In such cases, processing is based on appropriate safeguards, including Standard Contractual Clauses where applicable.

Google Firebase

We use Google Firebase for authentication, real-time database, and analytics. Firebase processes data such as user identifiers, authentication credentials, device information, and app usage statistics.

Legal basis (GDPR): Performance of a contract (Art. 6(1)(b)), Legitimate interests (Art. 6(1)(f)).

CCPA: Data is processed as a "service provider" and not sold.

Privacy Policy: Google Privacy Policy.

Google OAuth

We use Google OAuth for secure account authentication. When you log in with Google, we receive your basic account information (such as email address and name) for the purpose of creating and managing your account. Your Google password is never shared with us.

Legal basis (GDPR): Performance of a contract (Art. 6(1)(b)).

CCPA: Data is processed as a "service provider" and not sold.

Privacy Policy: Google Privacy Policy.

Gumroad (Payment Processing)

We use Gumroad as our payment processor. Gumroad handles all payment transactions securely. We do not store your payment details (such as card or bank information). From Gumroad we only receive limited data necessary for account management, specifically your user identifier and email address for authorization purposes.

Legal basis (GDPR): Performance of a contract (Art. 6(1)(b)), Compliance with legal obligations (Art. 6(1)(c)).

CCPA: Data is processed as a "service provider" and not sold.

Privacy Policy: Gumroad Privacy Policy.

Cloud Infrastructure Providers

We use third-party cloud infrastructure providers to host our servers and deliver the service reliably. These providers may process standard technical data such as IP addresses, server logs, and device information strictly for hosting and security purposes.

Legal basis (GDPR): Legitimate interests (Art. 6(1)(f)).

CCPA: Data is processed as a "service provider" and not sold.

Microsoft Clarity

We use Microsoft Clarity to better understand how users interact with our website and to improve user experience. Clarity records anonymized usage patterns such as clicks, scrolls, and navigation behavior. Sensitive information (such as form inputs, personal identifiers, and payment details) is masked by default and not visible in session recordings.

Data collected by Clarity may be transmitted to and processed by Microsoft on servers located in the United States and other countries.

Legal basis (GDPR): Legitimate interests (Art. 6(1)(f)).

CCPA: Data is processed as a "service provider" and not sold.

Privacy Policy: Microsoft Privacy Statement.

You can manage or disable data collection through our cookie consent banner.

6. Data Retention

  • Account data: Retained while your account is active
  • Connection logs: Deleted within 24 hours
  • Payment records: Retained for 7 years for tax purposes
  • Analytics data: Aggregated and anonymized after 26 months

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data
  • Opt-out of marketing communications
  • Object to data processing

8. International Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this privacy policy and applicable laws.

9. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this privacy policy, you can contact our Data Privacy Officer:

  • Name: Oleg Krutko
  • Email: privacy@llc-idea.com
  • Address: Frunze Street, 282a, Bishkek 720011, Kyrgyzstan