Privacy Policy
Stealthora VPN ("we", "us") is built around a simple promise: we keep as little data about you as possible. This Privacy Policy explains what we collect, why, and what we deliberately do not collect. It should be read alongside our No-Logs Policy.
What we collect
- Account data: your email address and a securely hashed password (Argon2id). Optionally a display name and country.
- Billing data: subscription status, plan, and invoices. Card details are handled by our payment processors (Stripe, PayPal, Apple, Google) — we never see or store full card numbers.
- Operational data: the minimum needed to run the service — device names you create, and aggregate connection counters required for live status and abuse handling.
What we do not collect
We do not log your browsing history, DNS queries, traffic contents, the websites or apps you use, or the IP addresses you connect to. Our network is engineered so this information is never written to disk. See the No-Logs Policy for specifics.
How we use data
To provide and secure the service, process payments, send essential account emails (verification, receipts, expiry notices), and respond to support requests. We do not sell your data, and we do not use it for advertising.
Retention
Account and billing records are kept for as long as your account is active and as required by tax/accounting law. Raw connection counters are aggregated and pruned automatically on a rolling basis (default 30 days).
Your rights (GDPR)
If you are in the EU/EEA, you have the right to access, correct, export, or delete your personal data. Because we operate a node in Amsterdam, EU data-subject requests are honoured. Email support@stealthora.com to exercise these rights.
Security
We use TLS everywhere, Argon2id password hashing, hashed node tokens, signed webhook verification, and least-privilege database access. WireGuard private keys are generated on your device and never transmitted to us.
Contact
Questions about this policy: support@stealthora.com.