Privacy Policy

Your privacy is our priority. Learn how we protect and handle your data.

Last updated: September 1, 2025

Introduction

Welcome to Ciphra VPN. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how Ciphra VPN ("we," "us," or "our") collects, uses, processes, and protects your information when you use our VPN service.

Ciphra VPN is a VPN service that allows users to register, manage subscriptions and access VPN servers securely. We believe in transparency and want you to understand exactly what data we collect and how we use it to provide you with the best possible service.

Information We Collect

To provide our VPN service effectively and manage your account, we collect the following limited information:

Account Information

  • User Token: A unique identifier assigned to your account for authentication purposes

Subscription Information

  • Subscription Status: Whether you have a free or paid subscription
  • Subscription Expiry Date: When your current subscription period ends

Technical Information

  • Server Access Logs: Basic connection logs to ensure service quality and prevent abuse
  • Connection Timestamps: When you connect and disconnect from our servers
  • Bandwidth Usage: Amount of data transferred to manage subscription limits

What We DON'T Collect:

  • Payment Information
  • Your browsing history or website visits
  • Content of your internet traffic
  • DNS queries or requests
  • Your real IP address once connected to our VPN

How We Use Your Information

We use the collected information solely for the following purposes:

Service Provision

  • Providing secure VPN access to our servers
  • Authenticating your account and managing login sessions

Subscription Management

  • Processing subscription upgrades, downgrades, and renewals
  • Enforcing subscription limits and features
  • Sending important account and billing notifications

Security and Compliance

  • Preventing fraud and unauthorized access
  • Monitoring for abuse and ensuring fair usage
  • Complying with legal obligations where required

Service Improvement

  • Analyzing usage patterns to improve performance
  • Troubleshooting technical issues
  • Optimizing server capacity and locations

Data Retention

We retain your information only as long as necessary to provide our services and comply with legal obligations:

Account Data

  • Active Accounts: Retained while your account remains active
  • Inactive Accounts: Automatically deleted after 2 years of inactivity
  • Deleted Accounts: Immediately removed upon user request

Connection Logs

  • Server Access Logs: Automatically deleted after 30 days
  • Aggregated Statistics: Anonymized data may be retained for service improvement

Data Sharing and Disclosure

Your privacy is paramount to us. We do not sell, rent, or share your personal information with third parties, except in the following limited circumstances:

Zero-Logs Policy:

We maintain a strict zero-logs policy for your browsing activity, ensuring your online privacy is completely protected.

Encryption

At Ciphra VPN, we use industry-leading encryption standards to protect your data at every stage. All user data, including authentication tokens, device IDs, and connection logs, is encrypted both in transit and at rest using strong cryptographic protocols.

Encryption in Transit

  • All communications between your device and our servers are protected using TLS 1.3, ensuring that your data cannot be intercepted or tampered with during transmission.
  • VPN traffic is secured using AES-256 encryption, which is recognized as one of the most secure encryption standards available.

Encryption at Rest

  • User data stored on our servers is encrypted using AES-256, making it inaccessible to unauthorized parties.
  • Access to encrypted data is strictly limited to authorized administrators and is monitored through audit logs.

Key Management

  • Encryption keys are managed securely and rotated regularly to minimize risk.
  • We follow best practices for key storage and access control.

Your Security:

We continually review and update our encryption practices to ensure your data remains protected against evolving threats.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You

  • In-App Notification: Important changes will be highlighted in the application
  • Website Notice: Updates will be posted on our website

Your Choices

  • Continued use of our service after changes indicates acceptance
  • If you disagree with changes, you may delete your account
  • We'll provide at least 30 days notice for material changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, we're here to help.

Support Team

Email: [email protected]

Response Time: We aim to respond within 24 hours