GuruVPN Privacy Policy

1. Introduction

We are GuruVPN, a multiplatform VPN service created to protect freedom and privacy on the internet. Our servers are located in a country with neutral data retention legislation. This Privacy Policy describes what data we collect, how we use it, and what rights users have.

2. Core Principles

No Log Storage:

• We do not collect or store identifying data, connection logs, browsing history, traffic volume, or timestamps. We do not identify users within the service—this means we cannot identify who used our service and when.

Anonymity and Freedom:

• We support a free and private internet. Access to the service does not require providing a real name; an email address is sufficient for account creation.

Transparency:

• Independent audits can verify our no-logging claims, as they do. We are open to inspections and will publish audit reports on our website.

3. Data We Do Not Collect

• IP addresses, geolocation, browsing history, and DNS queries.
• VPN connection logs: connection/disconnection times, session duration, data transfer volume.
• Devices from which connections are made (we do not maintain unique device binding).

4. Data We Do Collect

• Payment information: minimal necessary information for payment processing (transaction ID, amount, status). We do not store or process card numbers and your payment details.
• Diagnostic data: aggregated information about application usage (client version, device type, errors). This data is anonymized and does not allow us to identify you. It is used to improve service quality.
• Support data: if you contact support, we may receive your email and the content of your request to resolve the issue. This data is stored until the request is completed and then deleted.

5. Technical Privacy Measures

Modern Protocols:

• We support WireGuard, IKEv2, and GuruShadow™, providing reliable encryption.

Security Features:

• Automatic disconnect (Kill Switch), private DNS, and split tunneling.

These features help hide your real IP address, change virtual IP addresses to enhance anonymity, and choose which applications go through VPN.

In Implementation:

• RAM-only servers: All servers operate without hard drives; data is erased upon reboot.
• Independent audits: We plan to regularly invite independent auditors to verify our no-logging claims.

6. Website Operation and Cookie Files

Optional Analytics: The website guruvpn.com may use cookies for anonymous statistics (e.g., visited pages, visit duration). Such data is not linked to VPN accounts and helps us analyze the performance of the guruvpn.com website. Marketing Pixels: If we conduct advertising campaigns, third-party services may use pixels to measure effectiveness. This data is anonymized. Forms and CAPTCHA: To protect against spam, we may use reCAPTCHA or similar services. They collect data according to their own privacy policies.

7. API Integration and Third-Party Services

For service operation, we use third-party APIs:

• Payment gateways: (e.g., Stripe, PayPal, or crypto processors) for payment processing. These services receive payment data and operate according to their own policies.
• Support services: (e.g., Zendesk) for processing user requests.
• Analytics tools: (e.g., Plausible, Amplitude, Sentry) for improving application ui/ux
• Core functionality: Vercel - main website, Cloudflare - user dashboard, Google services, AdGuard DNS

If you use other APIs (e.g., maps, push notifications), please let us know; we need to ensure they don't collect unnecessary information.

8. Data Storage

Account and payment data is stored as long as you have an active subscription and tax reporting is required. After the account service period expires, data is deleted within one year. Diagnostic data is anonymized and may be stored longer for performance analysis. VPN connection logs do not exist, so there is nothing to delete.

9. User Rights

If you are in a GDPR or similar law jurisdiction, you have the right to:

• Receive a copy of your data.
• Correct inaccurate data.
• Request its deletion.
• Restrict or object to processing.
• Transfer data to another provider.

Requests can be sent to support@guruvpn.com.

10. Data Sharing with Third Parties

We do not sell or transfer personal data to third parties for marketing purposes. Sharing is only possible:

• To payment providers—for payment processing.
• To contractors who help maintain the service (required to maintain confidentiality).
• To government agencies—only with a court order and only the data we have (VPN logs are absent).
• Marketing service providers, for example: Firebase Analytics (by Google), AppsFlyer, Revenue Cat—we use them for managing automated marketing processes. These providers analyze and segment the general user cohort without identification for more flexible personalization.

11. Jurisdiction and Legislation

GuruVPN is registered in the United Kingdom and is subject to local and European legislation (GDPR). We specifically choose countries that lack mandatory data retention laws and support no-logging policies. For working with users from other countries, we comply with their local regulations.

12. Policy Changes

We may update this policy from time to time. We will notify users in advance of significant changes (e.g., by email or through the application). The current version is always available on our website.

13. Contact Information

For questions about the privacy policy or data deletion requests, contact us:

Email: support@guruvpn.com

Address (legal): Suite 4180, Mitchell House, 5 Mitchell Street Edinburgh EH6 7BD, Scotland.