Privacy Policy

Effective date: May 21, 2026 · Last updated: May 21, 2026

1. Introduction

This Privacy Policy explains how Secure VPN Proxy & WiFi Shield (the “App”, “we”, “us”) collects, uses, and protects information when you use our Android application distributed via Google Play. By installing and using the App you agree to the practices described below.

2. Plain-language summary

• We operate a strict no-VPN-log policy — we don’t record the websites you visit, the DNS queries you make, or the originating IP addresses while your traffic is inside our tunnel.
• We never sell or rent your personal data.
• Subscription payments are processed by Google Play Billing; we only receive an entitlement confirmation.
• The App embeds Firebase, Google AdMob, Adjust, and the Facebook (Meta) SDK to power analytics, crash reporting, attribution, and ads. These run on your device and may collect device identifiers and event data, as detailed in section 4.
• You can opt out of personalized ads via the in-app consent prompt and via Android Settings → Privacy → Ads. You can ask us to delete data we hold about you at any time.

3. Information we process directly

3.1 VPN traffic

When you connect to a server, your encrypted traffic passes through our VPN infrastructure. We do not retain browsing logs, DNS query logs, or connection-source IP addresses tied to your account. Servers operate in RAM-based or stateless configurations wherever possible.

3.2 Local app data

The App stores the following on your device only — never transmitted to our servers:

• Your selected server / region preference
• Connection statistics (last session duration, throughput)
• App settings and toggles

3.3 Subscription and purchase data

If you purchase a subscription or unlock premium features, the transaction is processed by Google Play Billing under your Google Account. We receive a signed purchase token confirming your entitlement (active / expired / refunded). We do not receive your name, billing address, card number, or other payment details.

3.4 Permissions requested by the App

To deliver the service, the App may request:

• VPN service permission — required by Android to establish the encrypted tunnel.
• Internet access & network state — to connect to VPN servers and detect WiFi vs. mobile data.
• Foreground service / notifications — so Android can keep the tunnel alive in the background.
• Billing — only used when you make an in-app purchase.
• AD_ID (com.google.android.gms.permission.AD_ID) — required on Android 13+ for our advertising and attribution SDKs to use the Google Advertising ID (a resettable identifier you control in Settings → Privacy → Ads).

We do not request access to your contacts, calendar, camera, microphone, precise location, photos, files, or SMS.

3.5 Support communications

If you contact us by email, we receive the address you write from and the contents of your message. We keep these only as long as needed to help you and to maintain a history of resolved tickets.

4. Third-party SDKs we use

To deliver, measure, and monetize the App, we embed the following SDKs. These run on your device and may collect data independently of our VPN servers. Our no-VPN-log policy applies to traffic routed through the tunnel; the SDKs below operate at the app layer on your device before any traffic enters the tunnel. We disclose each SDK below so you can review and exercise your choices.

4.1 Google Firebase

• Operator: Google LLC.
• Modules used: Firebase Analytics, Firebase Crashlytics, Firebase Cloud Messaging (push notifications), and Firebase Remote Config (feature flags).
• Purpose: understand anonymous, aggregated app usage; diagnose crashes; deliver service notifications; toggle features remotely without a new app version.
• Data processed: Firebase app instance ID, device model, manufacturer, Android OS version, app version, language and country, screen views, anonymized in-app event counts, crash stack traces, network type, and a coarse IP-derived country (the IP itself is dropped by Firebase after geo-resolution).
• Privacy policy: firebase.google.com/support/privacy.

4.2 Google AdMob

• Operator: Google LLC.
• Purpose: to serve advertising in the free tier of the App.
• Data processed: Google Advertising ID (resettable), coarse IP-derived location, device model, OS version, app version, ad-interaction events (impression, click), and frequency-capping signals.
• Personalization & consent: personalized ads are only shown if you grant consent via the in-app consent prompt powered by Google’s User Messaging Platform (UMP), in line with GDPR and CCPA. If you decline or opt out, AdMob serves only non-personalized (contextual) ads.
• Privacy policy: policies.google.com/technologies/ads.

4.3 Adjust

• Operator: Adjust GmbH (an AppLovin company), Berlin, Germany.
• Purpose: mobile install attribution and fraud prevention — i.e. understanding which marketing channel brought you to the App so we can measure campaign performance and detect install fraud.
• Data processed: Google Advertising ID, anonymized device fingerprint (model, OS, language, IP at install time used only for attribution then hashed), install timestamp, referrer click signals, and aggregated in-app conversion events (e.g. “trial started”).
• Privacy policy: adjust.com/terms/privacy-policy.

4.4 Facebook (Meta) SDK

• Operator: Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
• Purpose: measure the effectiveness of advertising campaigns we run on Meta platforms (Facebook, Instagram, Audience Network) and aggregate analytics.
• Data processed: Google Advertising ID, app install and open events, anonymized in-app conversion events, device model, OS version, and country. We do not request access to your Facebook profile, friends, or contacts — the SDK is used only for attribution, not for social features or login.
• Privacy policy: facebook.com/about/privacy.

4.5 Your choices regarding these SDKs

• Opt out of personalized ads: in the in-app consent prompt, or system-wide via Android Settings → Privacy → Ads → Delete advertising ID.
• Reset your Advertising ID: Settings → Privacy → Ads → Reset advertising ID. New impressions are tied to the new ID.
• Upgrade to the paid tier: subscribed users do not see ads, which removes AdMob impression data collection (Firebase, Adjust, and Facebook attribution may still run for analytics and attribution unless you also opt out below).
• Withdraw analytics consent: contact us at developer.kyguiuyquyenhdss@gmail.com and we will disable Firebase Analytics and Adjust events for your installation on request.

5. What we do not collect

• We do not log the websites you visit, your DNS queries, or your originating IP address while your traffic is inside the VPN tunnel.
• We do not access your contacts, calendar, camera, microphone, precise location, photos, files, or SMS.
• We do not collect or store your Google Account credentials, payment information, or any card data.
• We do not sell or rent your personal data to data brokers.

6. In-app purchases & subscriptions

If the App offers a paid subscription via Google Play Billing:

• Payment will be charged to your Google Play account at confirmation of purchase.
• Subscriptions automatically renew unless auto-renew is turned off at least 24 hours before the end of the current period.
• Your account will be charged for renewal within 24 hours prior to the end of the current period, at the price of the selected plan.
• You can manage and cancel your subscriptions in the Google Play Store app: Profile → Payments & subscriptions → Subscriptions.
• Refunds are handled by Google Play. To request one, visit support.google.com/googleplay/answer/2479637.

7. How we use information

• To operate the VPN service and route encrypted traffic.
• To verify your subscription entitlement with Google Play.
• To diagnose and fix bugs and crashes (Firebase Crashlytics).
• To understand anonymous, aggregated product usage (Firebase Analytics).
• To measure ad-campaign performance and detect install fraud (Adjust, Meta SDK).
• To serve ads in the free tier (Google AdMob).
• To respond to support requests.
• To comply with legal obligations where applicable.

8. Sharing & third parties

We share data only with the parties strictly necessary to provide the App:

• Google LLC — Google Play (distribution, billing), Firebase (analytics, crash, push, remote config), AdMob (advertising).
• Adjust GmbH (AppLovin) — install attribution and fraud prevention.
• Meta Platforms, Inc. — Meta Ads attribution and measurement.
• VPN infrastructure providers — our VPN servers run in vetted data centers. They cannot decrypt the traffic flowing through the tunnel.
• Legal compliance — where required by valid legal process. Since we don’t retain VPN activity logs, there is typically nothing to disclose about your browsing.

We do not sell your personal data and we do not “share” it for cross-context behavioral advertising as those terms are defined under the CCPA.

9. Data retention

• VPN session metadata is held only for the duration of the active tunnel and discarded immediately on disconnect.
• Firebase Analytics events: up to 14 months (Google default; configurable).
• Firebase Crashlytics crash reports: up to 90 days for individual records; aggregated stats kept longer.
• Adjust attribution data: up to 24 months per Adjust’s retention defaults.
• Meta SDK event data: per Meta’s retention policy (typically 2 years for ad measurement).
• AdMob impression and click logs: per Google’s ad-platform retention defaults.
• Support emails: up to 24 months for follow-up context.
• Subscription entitlement records: kept while your subscription is active and for the period required by tax / accounting law thereafter.

10. Your rights & choices

Depending on where you live, you may have the right to:

• Access the personal data we hold about you.
• Request correction or deletion of that data.
• Object to or restrict certain processing (including profiling for advertising).
• Receive a portable copy of your data.
• Opt out of the “sale” or “sharing” of personal data for cross-context behavioral advertising (we do not sell personal data; we do disclose limited data to ad-attribution partners as listed in section 8).
• Withdraw consent where processing is based on consent, including consent given through the in-app ads consent prompt.

To exercise any of these rights, email us at developer.kyguiuyquyenhdss@gmail.com. We aim to respond within 30 days. For ad-personalization specifically, you can also use Android’s system controls in Settings → Privacy → Ads.

11. Children’s privacy

The App is not directed at children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. None of the third-party SDKs listed in section 4 are configured for child-directed treatment. If you believe a child has provided us with personal information, please contact us so we can remove it.

12. International users

The App is available globally. Data processed by the SDKs in section 4 may be transferred to and processed in the United States, the European Economic Area, and other regions where the SDK operators maintain infrastructure. The operators (Google, Adjust, Meta) provide their own safeguards for international transfers, including the EU Standard Contractual Clauses where applicable.

13. Security

We protect your data with the security primitives that ship with Android: app sandboxing, scoped storage, Android Keystore for credentials, and modern transport encryption. SDK traffic from your device to its provider is also encrypted over HTTPS. No method of electronic storage is 100% secure, but we use industry-standard measures and apply security updates promptly.

14. Changes to this policy

We may update this Privacy Policy from time to time — for example, if we add or replace a third-party SDK. When we do, we will revise the “Last updated” date at the top. Material changes will be highlighted in-app or via the Google Play release notes.

15. Contact

Questions about this Privacy Policy? Email developer.kyguiuyquyenhdss@gmail.com or visit our support page.