Privacy Policy

Last updated: January 2025

Introduction

At SATA VPN, we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, disclose, and safeguard your information when you use our mobile VPN application ("App") and related services ("Service"). This policy complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws worldwide.

We operate under a strict no-logs policy, meaning we do not track, monitor, or store your online activities, browsing history, or connection data. Your privacy is our fundamental principle.

1. Information We Collect

We collect minimal information necessary to provide and improve our Service:

  • Account Information: Email address (for account creation and communication), username, and encrypted password. We do not require real names or personal identification.
  • Payment Information: Payments are processed through Apple App Store (iOS) or Google Play Store (Android). We do not directly process or store credit card information, billing addresses, or payment details.
  • Device Information: Device type (iOS/Android), operating system version, app version, device identifier (for authentication purposes only), and basic device specifications. This information is used for troubleshooting and service optimization.
  • Usage Statistics: Anonymous, aggregated usage statistics such as connection attempts, server selections, and app crashes. This data cannot be linked to your identity or online activities.
  • Support Communications: If you contact our support team, we collect the information you provide, including email address and support ticket content.

Information We DO NOT Collect:

  • Your real IP address (we do not log IP addresses)
  • Browsing history or websites you visit
  • DNS queries or domain names you access
  • Connection timestamps or session duration
  • Bandwidth usage or data transfer amounts
  • Traffic content, files downloaded, or communications
  • Location data (beyond country-level for server selection)
  • Personal information beyond what's necessary for account management

2. How We Use Your Information

We use the collected information solely for the following purposes:

  • Service Provision: To provide, maintain, and improve our VPN service, including server connectivity and app functionality
  • Account Management: To create and manage your account, authenticate your identity, and process subscription renewals
  • Customer Support: To respond to your inquiries, provide technical support, and resolve issues
  • Service Improvement: To analyze anonymous usage statistics to improve app performance, fix bugs, and optimize server infrastructure
  • Security: To detect, prevent, and address security issues, fraud, and unauthorized access
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Communication: To send important service-related notifications, updates, and security alerts

We do NOT use your information for:

  • Advertising or marketing to third parties
  • Selling or renting your data to anyone
  • Creating user profiles for commercial purposes
  • Tracking your online activities or behavior

3. No-Logs Policy

Our strict no-logs policy is the cornerstone of our privacy commitment. We do NOT collect, monitor, or store:

  • Your original IP address or the IP address assigned by our VPN servers
  • Browsing history, websites visited, or URLs accessed
  • DNS queries or domain name lookups
  • Connection timestamps, session start/end times, or connection duration
  • Bandwidth usage, data transfer amounts, or connection speed
  • Traffic content, files downloaded, emails sent, or any communication content
  • Application usage or which apps you use while connected to the VPN

This means we cannot provide any information about your online activities, even if requested by government authorities, because we simply do not have it. Our infrastructure is designed to route traffic without inspection, logging, or storage.

4. Geographic Restrictions and Data Processing

Service Availability: SATA VPN does not provide services in the following countries:

  • China (People's Republic of China): Our Service is not available in China. We do not process data from users located in China.
  • Russia (Russian Federation): Our Service is not available in Russia. We do not process data from users located in Russia.

Data Processing Locations: Your account data is processed and stored on secure servers located in jurisdictions with strong data protection laws. We do not transfer your personal data to countries with inadequate data protection standards.

Data Transfers: If you are located in the European Economic Area (EEA), we ensure that any transfers of your personal data outside the EEA are protected by appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission.

5. Data Storage and Retention

Storage: Your account information is stored on secure servers with industry-standard encryption (AES-256) for data at rest. We implement strict access controls and security measures to protect your data.

Retention: We retain your personal data only for as long as necessary to:

  • Provide the Service to you
  • Comply with legal obligations
  • Resolve disputes and enforce our agreements

Deletion: When you delete your account, we permanently delete all associated personal data within 30 days, except where we are required to retain it by law (e.g., for tax or legal compliance purposes). Anonymous, aggregated data that cannot identify you may be retained for analytical purposes.

6. Third-Party Services

We use trusted third-party services to operate our Service:

  • Payment Processors: Apple App Store and Google Play Store process payments. They collect payment information in accordance with their own privacy policies. We do not receive or store your payment card details.
  • Analytics Services: We may use anonymous analytics services to understand app usage patterns and improve performance. These services do not collect personally identifiable information.
  • Cloud Infrastructure: We use secure cloud service providers to host our servers and store data. All providers are contractually obligated to maintain strict security and privacy standards.
  • Customer Support: We may use third-party support platforms that maintain strict confidentiality and data protection standards.

All third-party services are carefully selected and contractually required to protect your information and use it only for specified purposes. We do not sell or share your personal data with third parties for their marketing purposes.

7. Cookies and Tracking Technologies

Our mobile App does not use cookies. Our website (if applicable) uses minimal, essential cookies for authentication and basic functionality. We do not use tracking cookies, advertising cookies, or any form of cross-site tracking. We do not use fingerprinting, device tracking, or other invasive tracking technologies.

8. Your Privacy Rights (GDPR, CCPA, and Universal Rights)

Depending on your location, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data we hold
  • Right to Rectification: Correct inaccurate or incomplete personal data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
  • Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format
  • Right to Object: Object to processing of your personal data for certain purposes
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent
  • Right to Non-Discrimination (CCPA): Exercise your privacy rights without discrimination
  • Right to Opt-Out (CCPA): Opt-out of the sale of personal information (we do not sell your data)

How to Exercise Your Rights: To exercise any of these rights, please contact us at support@satavpn.com. We will respond to your request within 30 days (or as required by applicable law).

Verification: For security purposes, we may need to verify your identity before processing certain requests. We will not charge you for exercising your rights unless your request is manifestly unfounded or excessive.

9. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: AES-256 encryption for data in transit (VPN connections) and at rest (stored data)
  • Secure Protocols: Use of secure VPN protocols (OpenVPN, WireGuard, IKEv2)
  • Authentication: Secure password hashing and authentication mechanisms
  • Access Controls: Strict access controls and employee training on data protection
  • Security Audits: Regular security audits, penetration testing, and vulnerability assessments
  • Incident Response: Established procedures for detecting, responding to, and reporting security incidents
  • Infrastructure Security: Secure server infrastructure with firewalls and intrusion detection systems

While we take all reasonable precautions, no method of transmission or storage is 100% secure. You should also take steps to protect your account, such as using a strong password and keeping your device secure.

10. Children's Privacy

Our Service is not intended for users under 18 years of age (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under the applicable age limit, we will take steps to delete such information immediately. If you believe we have collected information from a child, please contact us at support@satavpn.com.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated through:

  • Email notification to your registered email address
  • Prominent notice in the App
  • Update of the "Last updated" date at the top of this policy

Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you may terminate your account and stop using the Service.

12. Contact Information and Data Protection Officer

For privacy-related questions, concerns, or to exercise your rights, please contact us:

Email: support@satavpn.com
Website: https://satavpn.com

Supervisory Authority: If you are located in the EEA and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

Our Privacy Commitment

Your privacy is our top priority. We are committed to:

  • Transparency about how we collect and use your data
  • Minimizing data collection to only what's necessary
  • Maintaining a strict no-logs policy
  • Protecting your data with industry-standard security measures
  • Respecting your privacy rights and providing easy ways to exercise them
  • Compliance with GDPR, CCPA, and other applicable privacy laws

If you have any questions or concerns about this Privacy Policy or our data practices, please don't hesitate to contact us.