1. Who we are
FlyShield VPN Ltd. operates the FlyShield VPN VPN service. We are the data controller under Art. 4(7) GDPR. Contact: privacy@pn-v3-02.pages.dev.
2. Data we collect
Account email, subscription status, support messages. We do not collect connection logs, DNS queries, IP during a session, browsing history, or bandwidth-per-user.
3. How we use it
To operate the service, reply to support, comply with tax law, detect abuse. No advertising, profiling, automated decisions, or AI training.
4. VPN commitment
FlyShield VPN does not sell, use, or disclose user data to third parties for any purpose. We have no connection logs to disclose.
5. Processors
Apple, Google, Stripe, Cloudflare. Each signed a DPA and provides equal protection. No reselling of data.
6. Retention
Email: cancellation + 30d. Billing: 7 years (UK tax). Support: 180d. Aggregate load: 30d. Connection logs: not kept.
7. International transfers
SCCs (4 June 2021) apply to transfers outside the EEA, supplemented by encryption.
8. GDPR rights
Access, rectify, erase, port, object, restrict. Complaint to a supervisory authority. Email privacy@pn-v3-02.pages.dev.
9. California (CCPA)
Right to know, delete, opt out of sale (we don't sell), correct, non-discrimination.
10. Security & breach
AES-256, TLS 1.3, tmpfs logs, annual audit. Breach notification within 72 hours per Art. 33/34 GDPR.
11. Changes
Material changes announced by email 30 days before effect.
12. Contact
DPO — FlyShield VPN Ltd., 27 Old Gloucester Street, London WC1N 3AX, UK.