Privacy Policy

Your privacy is our priority. Learn how we protect and handle your data.

Last updated: May 14, 2026

Introduction

Welcome to Ciphra VPN, operated by CIPHRA SOFTWARE from Vancouver, Canada. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how Ciphra VPN ("we," "us," or "our") collects, uses, processes, and protects your information when you use our VPN service.

Ciphra VPN is a VPN service that allows users to register, manage subscriptions and access VPN servers securely. We believe in transparency and want you to understand exactly what data we collect and how we use it to provide you with the best possible service.

Information We Collect

To provide our VPN service effectively and manage your account, we collect the following limited information:

Account Information

  • User Token: A unique identifier assigned to your account for authentication purposes

Subscription Information

  • Subscription Status: Whether you have a free or paid subscription
  • Subscription Expiry Date: When your current subscription period ends

Limited Operational Information

  • Server Access Logs: Basic service logs used to ensure service quality, troubleshoot reliability issues, and prevent abuse
  • Connection Timestamps: When you connect and disconnect from our servers
  • Bandwidth Usage: Amount of data transferred to manage capacity, reliability, and subscription limits

Activity Data We Do Not Collect:

  • Payment Information
  • Your browsing history or website visits
  • Content of your internet traffic
  • DNS queries or requests
  • Your real IP address once connected to our VPN

How We Use Your Information

We use the collected information solely for the following purposes:

Service Provision

  • Providing secure VPN access to our servers
  • Authenticating your account and managing login sessions

Subscription Management

  • Processing subscription upgrades, downgrades, and renewals
  • Enforcing subscription limits and features
  • Sending important account and billing notifications

Security and Compliance

  • Preventing fraud and unauthorized access
  • Monitoring for abuse and ensuring fair usage
  • Complying with legal obligations where required

Service Improvement

  • Analyzing usage patterns to improve performance
  • Troubleshooting technical issues
  • Optimizing server capacity and locations

Data Retention

We retain your information only as long as necessary to provide our services and comply with legal obligations:

Account Data

  • Active Accounts: Retained while your account remains active
  • Inactive Accounts: Automatically deleted after 2 years of inactivity
  • Deleted Accounts: Immediately removed upon user request

Connection Logs

  • Server Access Logs: Automatically deleted after 30 days
  • Aggregated Statistics: Anonymized data may be retained for service improvement

Data Sharing and Disclosure

Your privacy is paramount to us. We do not sell or rent your personal information. We share information only when needed to operate the service, process payments through providers you choose, respond to support requests, prevent abuse, or comply with applicable legal obligations.

Browsing Activity:

We do not log your browsing history, DNS queries, traffic content, or the sites you visit. Limited operational metadata is handled according to the retention periods described above.

Encryption

At Ciphra VPN, we use industry-leading encryption standards to protect your data at every stage. All user data, including authentication tokens, device IDs, and connection logs, is encrypted both in transit and at rest using strong cryptographic protocols.

Encryption in Transit

  • All communications between your device and our servers are protected using TLS 1.3, ensuring that your data cannot be intercepted or tampered with during transmission.
  • VPN traffic is secured using strong, industry-standard encryption, which is recognized as one of the most secure encryption standards available.

Encryption at Rest

  • User data stored on our servers is encrypted using strong, industry-standard encryption, making it inaccessible to unauthorized parties.
  • Access to encrypted data is strictly limited to authorized administrators and is monitored through audit logs.

Key Management

  • Encryption keys are managed securely and rotated regularly to minimize risk.
  • We follow best practices for key storage and access control.

Your Security:

We continually review and update our encryption practices to ensure your data remains protected against evolving threats.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You

  • In-App Notification: Important changes will be highlighted in the application
  • Website Notice: Updates will be posted on our website

Your Choices

  • Continued use of our service after changes indicates acceptance
  • If you disagree with changes, you may delete your account
  • We'll provide at least 30 days notice for material changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, we're here to help.

CIPHRA SOFTWARE

Business Location: Vancouver, Canada

Email: [email protected]

Response Time: We aim to respond within 24 hours