Privacy Policy
We built ShieldVPN to protect your privacy — and our policy is no different. No hidden clauses. No data selling. Ever.
Overview
The short version of what you need to know.
ShieldVPN is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our services.
We operate a strict no-log policy — we do not monitor, record, store, or share your browsing activity, connection timestamps, IP addresses, or DNS queries.
ShieldVPN will never sell, rent, or trade your personal information to third parties. Your data is yours.
Information We Collect
We collect only what's strictly necessary.
To provide our service, we collect a minimal set of account and payment-related information.
- Email address (account creation & communication)
- Hashed password (never stored in plaintext)
- Payment token from processor (not raw card data)
- Subscription plan & billing period
Account Information
When you register, we collect your email address and a hashed password. We do not require your real name, phone number, or address.
Payment Information
Payments are processed by PCI-compliant third-party processors (Stripe). We never store your full card number or CVV on our servers.
Aggregated Analytics
We may collect anonymised, aggregated metrics (e.g., total bandwidth used across all users) to improve server performance. This data cannot be linked back to any individual.
No-Logs Policy
We technically cannot see what you do online.
ShieldVPN does not log any of the following, ever:
- Your originating IP address
- Your VPN-assigned IP address
- Websites or services you visit
- DNS queries you make
- Connection timestamps or session durations
- Bandwidth or data transferred per user
- Any traffic, metadata, or payload content
Our no-log policy has been independently audited by a third-party security firm. The audit report is available on request.
Data Sharing
We don't sell or share your data.
We do not sell, rent, or trade your personal information. We may share limited data only in the following circumstances:
- Service providers: trusted vendors (e.g., payment processor, email delivery) who are contractually bound to handle data securely.
- Legal obligations: if compelled by a valid court order — but because we don't log activity, we have nothing meaningful to hand over.
- Business transfers: in the event of a merger or acquisition, user data would transfer under the same privacy commitments.
Your Rights
You are in control of your data.
Depending on your jurisdiction (GDPR, CCPA, etc.) you have the following rights:
- Access: request a copy of the personal data we hold about you.
- Rectification: correct inaccurate data (e.g., update your email).
- Erasure: request deletion of your account and all associated data.
- Portability: receive your data in a machine-readable format.
- Objection: opt out of any processing based on legitimate interests.
To exercise any of these rights, email us at [email protected] and we'll respond within 30 days.
Security
Industry-standard protection for your data.
We implement technical and organisational measures to protect your data from unauthorised access, alteration, or destruction:
- AES-256 encryption for all data at rest
- TLS 1.3 for all data in transit
- WireGuard & OpenVPN protocols for VPN tunnels
- Regular third-party penetration testing
- Strict internal access controls — least-privilege principle
Changes to This Policy
We'll notify you of any material changes.
We may update this Privacy Policy from time to time. When we do, we'll revise the 'Last updated' date at the top of this page.
For material changes that affect your rights, we'll notify you via email or a prominent notice in the app at least 30 days before the change takes effect.
Contact Us
Privacy questions? We're here.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out:
- Email: [email protected]
- Support portal: shieldvpn.com/contact-us
- Response time: within 30 days (usually much faster)