Privacy Policy: Data Protection & No-Log VPN
1. Core Privacy Commitment
At ClashVPN, we understand that privacy is a fundamental right. This policy outlines how we handle your personal information across our website, clients, and services.
Our core principle is Data Minimization. We only collect the minimum data necessary to operate the service and distribute data quotas. We never sell user data.
2. Information We Collect
To provide stable, high-speed connections, we only collect the following limited information where necessary:
2.1 Account & Registration Info
As promised, new users get free trial data upon registration. To create an account and issue this quota, we only require a valid email address. We do not ask for your name, phone number, or other identifying information.
2.2 Payment Information (Not Collected)
Our system does not include auto-renewal mechanisms; all premium plans are billed manually in USD. Therefore, we do not collect, store, or process your full credit card number or billing address on our servers. The payment process is handled securely by compliant third-party payment gateways.
2.3 Necessary Operational Data
To ensure network quality across our global nodes and enforce data quotas, we only log total bandwidth consumption and connection duration during a session. This data is purged after your plan cycle ends.
3. Strict No-Log Policy
When you connect to ClashVPN servers for cross-region access or public Wi-Fi protection, we strictly adhere to a 'No-Log' policy.
We absolutely do not log, monitor, or store any of the following:
- The specific websites, services, or application content you access.
- Your web browsing history.
- Your DNS query requests.
- Your original real IP address after a session ends.
This means even in extreme legal situations, we cannot provide VPN activity data that we simply do not have.
4. Data Storage & Protection
We use industry-standard modern encryption to protect your account data and traffic in transit. Communication between clients and servers is encrypted with high-strength protocols to prevent eavesdropping by third parties or ISPs.
Our core infrastructure uses advanced RAM-only mode. All transient connection state data is physically erased whenever a server restarts or loses power, ensuring your digital footprint is untraceable.
5. Your Data Rights
Regardless of your country or region, we respect and grant you full control over your personal account data:
- Access & Correction: You can log in to the client or website anytime to view and update your email and password.
- Data Portability: You have the right to request a copy of the basic operational data associated with your account.
- Right to Erasure: You can apply to delete your account via a support ticket. Once deleted, your email and all associated quota data will be permanently and irreversibly destroyed.
6. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, please contact our data protection team through the following official channels:
- In-App Ticket: Registered users should prioritize submitting tickets via the support center in the client.
- Contact Email: Visitors can send inquiries to the secure contact email listed on our website.
Beyond these channels, we do not handle account or privacy requests via private chat apps, nor will we ask you to provide passwords or full card numbers in emails.