Privacy Policy

We want you to understand what information (including Personal Data) we collect in connection with your use of our Services and/or access to our Site; for what purpose such information is collected; how we collect, use, and store such information; to whom it may be disclosed; and how you can exercise your rights and access your information, verify its accuracy, correct and/or have it erased. Equally, we want you to know what information we do not collect under any circumstances.

Our guiding principle toward data collection is to collect only the minimal data required to operate world-class Services at scale. We cannot disclose, misuse, or abuse, even when compelled, data that we do not possess. We do not collect logs of your activity, including no logging of browsing history, traffic destination, data content, or DNS queries. We also never store connection logs, meaning no logs of your IP address, your outgoing VPN IP address, connection timestamp, or session duration.

This Privacy Policy must be read in conjunction with the Photon VPN Terms of Service (the “Terms”). Together, they form a legally binding agreement between you and Photon VPN, so please read them carefully. Unless otherwise stated, the capitalized terms in this Privacy Policy shall have the same meaning given to them in the Terms.

Table of Contents

General Information

Personal Data

How We Protect and Retain Your Personal Data

How We Safeguard Your Personal Data With Relation to Service Providers

Usage Statistics Data and App Diagnostic Data

Cookies and Third-Party Analytics

Interactions With Third-Party Products

Users in the European Union

Your Privacy Rights

Users in California

Use by Children

Changes to This Privacy Policy

How to Contact Photon VPN

General Information

Photon VPN may collect there (3) types of data depending on your use of the Services, as follows. You can find detailed information about each of them in the specific sections below. If you are just visiting our Site, please refer to Section 6.

(i) Personal data submitted in association with your Account (“Personal Data”)

Personal Data means any information that can be used, alone or combined with other data, to uniquely identify an individual. Personal Data is collected for the purpose of providing you with our Services and may include the name, email address, and payment information that you submit to us when you create or update your Account.

(ii) Aggregate Apps and VPN connection summary statistics (“Usage Statistics Data”)

A minimal amount of Usage Statistics Data is collected in order to maintain excellent customer support and quality of service. This type of data does not include information about users’ browsing and internet activity, including while connected to the VPN—we do not collect (and therefore do not use, disclose, or store) data about the content or destinations of VPN traffic, DNS queries, or user IP addresses.

(iii) Anonymous App diagnostics, including crash reports (“App Diagnostic Data”) (optional)

App Diagnostic Data, which includes crash reports, usability diagnostics, and VPN connection diagnostics, is anonymized data that cannot be tied back to individual users. This feature is similar to a “send bug report” option. App Diagnostic Data is not shared by default. You must opt in, such as through the settings menu of your Apps, to send App Diagnostic Data to us.

Personal Data

Photon VPN collects Personal Data that you provide by creating or updating an Account. We require Personal Data, such as an email address and payment information, so that we can provide you with our Services, email you, collect payments, respond to support queries, and share relevant information about your Account and/or the Services.

Specific Personal Data collected will depend on the payment method you choose and may include information such as name, billing country, billing address, and/or credit card number. For some forms of payment, you may be redirected to external websites operated by third-party payment processors (e.g., PayPal, BitPay, Paymentwall, Stripe, or other specific payment processors, depending on your location) to complete the transaction. To understand what personal data these processors collect and store, please refer to the respective processor's terms and privacy policy. Payment methods that help to minimize the amount of Personal Data you submit to us, are also available for you to use to subscribe to our Services.

How We Protect and Retain Your Personal Data

Security. We have implemented best-in-class physical, procedural, and technical security measures with respect to our offices and information storage facilities so as to prevent any loss, misuse, or unauthorized access, disclosure, or modification of your Personal Data. Although we believe these systems are robust, it is important to understand that no data security measures in the world can offer completely infallible protection. For this reason, our guiding principle is to collect minimal data.

Servers and data centers. Servers are housed in data centers with strong security practices. None of these data centers require us to collect or store any traffic data or Personal Data related to your use of the Services. If any data center were to ask us to log such data, we would immediately cease operations with said service provider and find alternative options. Even if a government were to physically seize one of our VPN servers, there would be no logs or information that would tie any individual user to a particular event, website, or behavior.

Retention of your Personal Data. Your Personal Data—which, to reiterate, never includes any sensitive data such as browsing history, DNS queries, or user-linked IP addresses—is retained for a limited period in accordance with applicable data protection law (for as long as we have your consent or a legitimate reason for holding such data). You may request to have your data deleted by sending a valid deletion request (please see Section 13). Please note that if you request the deletion of your Personal Data, you will as a result no longer be able to use the Services.

How We Safeguard Your Personal Data With Relation to Service Providers

Agents, contractors, and third-party service providers of Photon VPN (“Service Providers”) may have controlled access to relevant data to help us process payments, administer the Services, and otherwise assist us in operating our business. All Service Providers who may gain access to such data have confidentiality and data processing obligations to keep the data confidential and not use them for any other purpose than to carry out the services they are performing on behalf of Photon VPN. These obligations include contractual commitments to protect data as required by applicable laws, including those covering the transfer of Personal Data from the European Union / European Economic Area to a third country.

Service Providers only have access to the data necessary for the services they are performing on behalf of Photon VPN, which in any case will never include VPN activity or connection data as we do not collect such data.

In addition to Service Providers, we may share your Personal Data where you have provided your consent to us for sharing or transferring your Personal Data (e.g., marketing consents or opt-in to optional additional services or functionality).

Usage Statistics Data and App Diagnostic Data

In order to maintain excellent customer support and quality of service, Photon VPN collects certain information related to your VPN usage, as described below. This data is visible to our staff strictly on a need-to-know basis, and may be shared with Service Providers for the purposes above, but are kept confidential at all times.

We ensure that Usage Statistics Data and App Diagnostic Data never include any sensitive information, in line with our overall commitment to never logging browsing history, traffic destination, data content, IP addresses, or DNS queries.

Our principle of minimal data collection means that:

We do not know which user ever accessed a particular website or service.

We do not know which user was connected to the VPN at a specific time or which VPN server IP addresses they used.

We do not know the set of original IP addresses of any given user’s computer.

Should anyone try to compel Photon VPN to release user information based on any of the above, we cannot supply this information because the data does not exist.

Apps and Apps versions

We collect information related to which Apps and Apps version(s) you have activated in order to use our Services. Knowing your current version of the Apps allows our Support Team to troubleshoot technical issues you may encounter.

Successful connection

We collect information about whether you have successfully established a VPN connection on a particular day (but not a specific time of the day), to which VPN location (but not your assigned outgoing IP address), and from which country/ISP (but not your source IP address). This minimal information assists us in providing technical support, such as identifying connection problems, providing country-specific advice about how to best use our Services, and enabling Photon VPN engineers to identify and fix network issues.

Aggregate sum of data transferred (in MB)

We collect information regarding the total sum of data transferred by a given user. Although we provide unlimited data transfer, if we notice that a single user pushes more traffic than thousands of others combined, thereby affecting the quality of Services for other Photon VPN users, we may contact that user for an explanation.

Usage Statistics Data summary

In summary, we collect minimal usage statistics to maintain our quality of service. We may know, for example, that our customer Jerry had connected to our New York VPN location on Tuesday and transferred an aggregate of 756 MB of data across a 24-hour period. John can’t be uniquely identified as responsible for any specific online behavior because his usage pattern overlaps with thousands of other Photon VPN customers who also connected to the same location on the same day.

We’ve engineered our systems to categorically eliminate storage of sensitive data. We may know THAT a user has used Photon VPN, but we are unable to single out the user and we never know HOW they have utilized our Service. We stand by our firm commitment to our users’ privacy by not possessing any data related to a user’s online activities.

App Diagnostic Data

With your opt-in permission, we collect anonymized App Diagnostic Data, which includes crash reports, usability diagnostics, and VPN connection diagnostics. We use this data in our network operations tools to help optimize network speeds and to let us identify problems and areas for improvement related to specific apps, VPN servers, or internet service providers (ISPs). The information we receive is fully anonymized and cannot be tied back to individual users (i.e., we do not store which user sent which data, and we do not store user IP addresses).

If you opt in to share this information with Photon VPN (in the settings menu of your Account), we will collect the following anonymized App Diagnostics Data:

Diagnostic information about if and how a VPN connection attempt failed.

Speed test data.

App diagnostics, including crash reports and usability diagnostics, without any personally identifiable information. These are handled in an anonymized form by the following Service Providers bound by non-disclosure and other contractual obligations, dependent on the platform you are using Photon VPN on:

Windows: Sentry, owned by Functional Software, Inc. See Sentry’s Privacy Policy.

Mac: Firebase Crashlytics, owned by Google, and Sentry, owned by Functional Software, Inc. See Firebase’s Privacy and Security documentation and Sentry’s Privacy Policy.

Linux: Sentry, owned by Functional Software, Inc. See Sentry’s Privacy Policy.

iOS: Firebase Crashlytics, owned by Google, and Apple. See Apple’s Privacy Policy and Firebase’s Privacy and Security documentation. You can disable Apple’s crash reporting in iOS settings as described here.

Android: Firebase Crashlytics, owned by Google. See Firebase’s Privacy and Security documentation.

Browser extensions: Google Analytics, owned by Google. See Google’s Privacy Policy.

Upon activation of any of our Apps, you will be asked if you would like to share App Diagnostics Data with Photon VPN. You can start or stop sharing this data at any time in your App’s settings menu. On iOS, Apple’s crash reporting can be turned off in iOS settings.

Cookies and Third-Party Analytics

For user experience and analytics purposes, Photon VPN uses several analytics services, including from third-party Service Providers. These services may use cookies, mobile identifiers, and other data to generate reports and statistics, but have no access to information that directly identifies individuals nor any Personal Data that users provide to Photon VPN.

What is a Cookie?

Cookies and other similar technologies are small text files used to store information about your visit to the Site on your computer or mobile device (“Cookies”). Cookies allow websites to “remember” your actions or preferences over time, which allows us to optimize and improve the user experience of the Site by helping us deliver certain functionalities, such as website login and language settings. The Cookies we use may vary over time as we continuously update and improve our Site.

Disabling Cookies

You are free to change your Cookie preferences at any time. You can do this in the settings panel for your browser. Depending on which browser and device you use, you may be able to control which Cookies you allow, control which you want to block in the future, and delete Cookies. For more information about these settings, please refer to the “help” section of your browser. Note that our Site may not work as intended if you choose to disable Cookies.

Photon VPN’s Cookies

The Cookies set by Photon VPN enable us to set your language preference, attribute visitors to a marketing channel, and, once you log in, securely show you information that is specific to your Account. The Cookies contain a user identifier, but no directly personally identifying information such as your name or email address and do not track any activity outside of Photon VPN’s domains.

Third-party Cookies

Photon VPN uses third-party services such as Google Analytics and Adwords. Cookies from such services are used to collect data for statistical reports. For example, we may generate reports regarding the amount of time users spend on the Site and the number of users who visit a particular page.

Photon VPN uses Google Ads remarketing to show advertisements on third-party websites (including Google) to users who have visited our Site. We may show such users advertisements on a Google search results page or on a site in the Google Display Network.

Service Providers, including Google, use cookies to serve ads based on someone’s past visits to the Site. Any data collected will be used in accordance with our Privacy Policy and Google’s privacy policy. Users may opt out of Google’s use of cookies by visiting the Google Advertising Opt-out Page. Users may opt out of Google Analytics by visiting the Google Analytics Opt-out Page. Users may opt out of third-party use of cookies by visiting the Network Advertising Initiative Opt-out Page.

Device information

Photon VPN uses device information (including device type, operating system/language, or user agent, as well as mobile identifiers provided by Android or iOS devices) to generate statistics related to the marketing channels and advertising partners through which users learned about and signed up for Photon VPN Apps. This device information does not contain your name, email address, or other Personal Data.

Disabling or resetting mobile identifiers

Users may disable or reset the mobile identifiers associated with their devices at any time. For instructions, see Apple’s page on Advertising & Privacy on iOS devices and Google’s page on Managing your Google Settings on your Android device.

Interactions With Third-Party Products

The Site may contain links to external websites, mobile software applications, products, or services that are not owned or controlled by Photon VPN, and may be subject to specific terms and conditions. Please be aware that such third parties may collect personal information from you. Photon VPN is not responsible for the privacy practices or the content of such external websites. We encourage you to read the terms and conditions and privacy policies of each third-party service provider you engage in connection with the Site or the Services.

Users in the European Union

Photon VPN is committed to user privacy globally, and our existing practices reflect that through minimal collection of data and ensuring users have control over their Personal Data. The General Data Protection Regulation (“GDPR”) of the European Union (“EU”) requires us to outline those practices in a specific manner for users in the EU.

In line with the GDPR, we collect and process the Personal Data outlined in this Privacy Policy on one of the following bases, depending on the circumstances:

For the purposes of fulfilling our contractual obligations, including:

Providing Subscribers with the Services they have requested.

Managing subscriptions and processing payments in connection with our Services.

Providing customer support.

For a legitimate interest associated with the operation of our business, including:

Enhancing the quality, reliability, and effectiveness of our Services.

Communicating with customers to provide information and seek feedback related to our Services.

With the consent of users, which users can withdraw at any time.

Your Privacy Rights

Rights: In using our Services, you have the following rights (subject to certain exceptions or exemptions).

You have a right to access personal data held about you.

You have the right to request that we rectify any personal data we hold that is inaccurate or incomplete.

You have the right to request the deletion of your personal data. Please note that such deletion may result in us no longer being able to provide you with our Services.

You have the right to request restriction of or object to the processing of your personal data.

You have the right to request and receive your personal data in a commonly used format (data portability).

You have the right to withdraw your consent on which processing is based at any time.

You have a right to complain to your local data protection supervisory authority.

You can exercise your rights above by contacting us as described in Section 13.

You may have a third party submit a request on your behalf as an authorized agent. To confirm that the authorized agent is entitled to submit a request on your behalf, they must have written authorization signed by you, and you must provide us with a copy of the signed authorization. To ensure your privacy and security, we may take further steps to verify your identity.

We will address any requests in accordance with applicable laws and to the best of our ability in a timely manner.

Users in California

Under the “Shine the Light Act” (California Civil Code Section 1798.83), California residents may request information about any disclosure of personal data to third parties for their direct marketing purposes. We do not disclose any such data to third parties for direct marketing. Nonetheless, California residents who wish to make a request (once per user per year) may contact us as described in Section 13.

The following rights (which may be subject to certain exemptions or derogations) shall apply to individuals covered by the California Consumer Privacy Act (“CCPA”):

You have the right to know what personal data is being collected about you and how it is used and shared.

You have the right to request the deletion of your personal data. Please note that such deletion may result in us no longer being able to provide you with our Services.

You have the right to opt out of the sale of your personal data. However, there is no need to exercise this right as Photon VPN does not sell any data to third parties.

You have the right not to be discriminated against for exercising any of these rights or other rights under the CCPA.

You have the right to withdraw your consent on which processing is based at any time.

Use by Children

We do not offer our Services for use by children and, therefore, we do not knowingly collect Personal Data from, and/or about individuals under the age of eighteen (18) or under the age of majority in the jurisdiction of residency / from which the Services are used. If you are under the age of eighteen (18), or under the age of majority in the jurisdiction where you reside or from which you use the Services, do not provide any Personal Data to us without the involvement of a parent or a legal guardian. For the purposes of the GDPR, we do not intend to offer information society services directly to children. In the event that we become aware that you provide Personal Data in violation of applicable privacy laws, we reserve the right to delete it. If you believe that we might have any such information, please contact us as described in Section 13.

Changes to This Privacy Policy

We may change our Privacy Policy from time to time, with or without notice to you, consistent with applicable privacy laws and principles. Your continued use of the Services and/or access to the Site constitutes your acceptance of our Privacy Policy.

How to Contact Photon VPN

If you have any questions, concerns, or complaints regarding our Privacy Policy, our compliance with the applicable laws, or how we handle your information or if you wish to exercise your privacy rights, please feel free to contact us at the following email address:

Mail:photonvpn@outlook.com