Privacy
Policy.

A.C BELNET DIGITAL LTD (“Vopon,” “Vopon VPN,” “we,” “our,” or “us”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains what information we collect, how we use it, how we share it, how long we retain it, and what rights you may have when you use the Vopon VPN application, website, and related services (collectively, the “Service”).

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Who We Are

Vopon VPN is operated by A.C BELNET DIGITAL LTD company.
Contact details:
Website: https://vopon.me/
Privacy Policy: https://vopon.me/privacy
Support / Privacy Requests: [email protected]

2. Scope of This Privacy Policy

This Privacy Policy applies to:

• the Vopon VPN mobile and desktop applications;
• the Vopon website;
• account registration, authentication, subscription management, and support services related to Vopon VPN.

This Privacy Policy does not apply to third-party services that may be linked from our Service or used as payment, sign-in, or infrastructure providers, except as described below.

3. Our Privacy Approach

Vopon VPN is built to protect user privacy. We do not store the content of your internet traffic, your browsing history, DNS queries, or the specific websites you visit through the VPN. However, Vopon does process and retain certain limited operational and account-related data necessary to:

• provide the VPN service;
• authenticate users;
• manage subscriptions;
• enforce device/session limits;
• prevent abuse and fraud;
• troubleshoot technical issues;
• maintain service security and reliability.

For transparency, this means Vopon is not a zero-data or no-data service. We apply a limited operational logging approach rather than storing browsing activity or traffic content.

4. Information We Collect

We collect the following categories of data.

4.1 Account Information

When you register for and use the Service, we may collect:

• email address;
• display name or profile name;
• avatar or profile image, where provided by the sign-in provider;
• preferred language;
• login provider used for authentication.

Supported login methods may include:

• Sign in with Apple;
• Sign in with Google;
• email with one-time password (OTP).

If additional login methods such as Telegram are added in the future, this Privacy Policy may be updated accordingly.

4.2 Authentication and Security Information

To protect accounts and operate the Service, we may collect and retain:

• authentication logs;
• sign-in events;
• device count and session count;
• temporary troubleshooting and security-related logs.

We use this information to authenticate access, detect misuse, enforce service limits, and investigate technical or security problems.

4.3 Subscription and Payment Information

We currently offer subscriptions through:

• Apple In-App Purchase;
• Google Play Billing.

We do not store full payment card details. We may receive and retain limited payment and subscription-related data, including:

• subscription status;
• transaction ID;
• purchase history;
• billing or subscription metadata received from the payment platform;
• cancellation, renewal, expiration, refund, and related subscription events.

We use this information to activate and manage paid access to the Service, validate subscription status, handle support requests, and comply with legal and accounting obligations.
A free trial period may be offered, such as a 3-day trial.
If additional payment methods such as Telegram Stars, cryptocurrency, or Stripe are added in the future, this Privacy Policy may be updated before those features are launched.

4.4 VPN Operational Data

To provide, secure, and operate the VPN service, we currently collect and retain limited VPN operational data, including:

• your IP address;
• connection creation time;
• bandwidth usage;
• device/session count.

We use this information for:

• establishing and maintaining the VPN service;
• enforcing account and device limits;
• abuse prevention and fraud detection;
• troubleshooting connectivity and technical issues;
• network operations, service quality, and internal analytics.

We do not use this data to record the content of your traffic, your browsing history, DNS queries, or the specific destinations you access through the VPN.

4.5 Technical and Diagnostic Information

We may collect and retain technical and diagnostic information such as:

• app version;
• operating system version;
• device type or model;
• language setting;
• country;
• crash stack traces;
• push token, when push notifications are enabled.

We use this data to:

• provide the Service;
• localize the app experience;
• suggest an appropriate server location;
• troubleshoot bugs and crashes;
• improve app stability and service performance.

4.6 Country-Level Location Information

We may infer your approximate country from your IP address. We do not collect precise GPS location for VPN functionality.
Country-level location may be used for:

• suggesting the nearest or most suitable server;
• localization;
• service optimization;
• compliance with legal, payment platform, or app store requirements.

4.7 Support Communications

If you contact us for support or privacy requests, we may collect:

• your email address;
• the contents of your message;
• account-related identifiers;
• any attachments or details you choose to provide.

We use this information to respond to your request, resolve issues, and maintain support records.

5. Information We Do Not Intentionally Collect as VPN Activity Logs

Vopon does not intentionally collect or store:

• browsing history;
• DNS query history;
• the content of your traffic;
• the specific websites or services you access through the VPN.

This statement applies to VPN traffic content and browsing activity. It does not mean that we collect no data at all, because limited account, subscription, operational, and technical data is processed as described in this Privacy Policy.

6. How We Use Information

We use personal data only where necessary for legitimate business and service purposes, including:

• creating and managing accounts;
• authenticating users;
• delivering and maintaining VPN connectivity;
• validating subscriptions and trials;
• enforcing account, session, and device limits;
• preventing fraud, abuse, unauthorized use, and security threats;
• diagnosing connectivity issues, service failures, and crashes;
• communicating with users;
• providing support;
• complying with legal, regulatory, accounting, tax, and contractual obligations;
• generating internal aggregated statistics and service analytics.

We do not sell your personal data.
We do not use your personal data for third-party behavioral advertising.
We do not share browsing activity or VPN traffic content with advertisers or data brokers.

7. Device Limits and Session Management

The Service may limit the number of devices or active sessions associated with an account. At present, Vopon allows up to 5 devices per account.
To enforce these limits, we process account, session, and device-related operational information.

8. How We Share Information

We do not sell or rent personal data.
We may share limited information only in the following circumstances.

8.1 Service Providers and Processors

We may share personal data with service providers that help us operate the Service, such as:

• cloud and hosting providers;
• infrastructure and backend service providers;
• payment and subscription platforms;
• email delivery providers;
• customer support or operational service providers.

Current providers may include:

• AWS for backend infrastructure;
• Postmark for email delivery;
• Apple and Google for subscription and payment processing.

These providers may process data only on our behalf or as independent controllers where their own platform rules apply.

8.2 Legal Requirements

We may disclose information where required by law, regulation, court order, legal process, or valid governmental request.
Because Vopon does not store browsing history, DNS history, or VPN traffic content, we generally do not have such data to provide.

8.3 Business Transfers

If Vopon is involved in a merger, acquisition, financing, corporate reorganization, or sale of assets, personal data may be transferred as part of that transaction, subject to applicable law.

9. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy.
In general:

• account information is retained while your account remains active;
• subscription and transaction-related records may be retained as needed for billing, accounting, fraud prevention, dispute handling, and legal compliance;
• raw operational and troubleshooting data may be retained until deletion or rotation according to our internal practices;
• our intended long-term approach is that raw data will generally not be retained for more than 3 months, after which it may be deleted, rotated, anonymized, or aggregated for internal statistics.

Aggregated or de-identified statistical data may be retained longer where it no longer identifies a specific user.

10. Account Deletion and Data Deletion

You may request deletion of your account by contacting us at [email protected]. At present, deletion requests are handled by email. When your deletion request is processed:

• personal data associated with your account will be deleted or anonymized;
• support and account records directly linked to you will be removed where reasonably possible;
• subscription and transactional information may be retained only to the extent required by law, platform rules, fraud prevention needs, or accounting obligations;
• aggregated or de-identified data that no longer identifies you may be retained.

We aim to process deletion requests within up to 14 business days.

11. Data Security

We use reasonable technical, administrative, and organizational measures designed to protect personal data from unauthorized access, misuse, loss, alteration, or disclosure.
These measures may include:

• encryption in transit;
• access controls;
• secured backend infrastructure;
• authentication protections;
• internal operational safeguards.

No system can be guaranteed to be completely secure, and we cannot guarantee absolute security.

12. International Data Transfers

Your data may be processed in countries other than the country where you reside.
Account and support-related data is currently primarily processed through infrastructure located in Frankfurt, Germany, while VPN traffic infrastructure may operate across multiple data centers in different jurisdictions for resilience, routing, and anti-blocking purposes.
Where required by applicable law, we take reasonable steps to ensure that international transfers are subject to appropriate safeguards.

13. Push Notifications

Push notifications are not currently a core part of the Service, but may be enabled in the future for purposes such as:

• connection status notifications;
• unexpected VPN disconnection alerts;
• subscription-related notices.

If push notifications are enabled, we may process your push token and related technical metadata for message delivery. We will update this Privacy Policy as needed before launching such features.

14. Children and Age Requirement

The Service is not intended for individuals under 18 years of age.
We do not knowingly collect personal data from children under 18. If we become aware that personal data of a person under 18 has been collected, we may take steps to delete it.

15. Your Privacy Rights

Depending on your location, you may have rights regarding your personal data, including the right to:

• request access to the personal data we hold about you;
• request correction of inaccurate or incomplete data;
• request deletion of your personal data;
• request restriction of processing;
• object to certain processing;
• request portability of your data where applicable;
• withdraw consent where processing is based on consent;
• lodge a complaint with a competent data protection authority.

To exercise any of these rights, contact us at [email protected].
We may request information necessary to verify your identity before responding.

16. GDPR and UK GDPR Notice

If you are located in the European Economic Area (“EEA”) or the United Kingdom, Vopon acts as a data controller for the personal data described in this Privacy Policy.
We process personal data on one or more of the following legal bases:

• performance of a contract — to provide the Service you requested;
• legitimate interests — to secure, maintain, analyze, and improve the Service, prevent abuse, and manage operations;
• legal obligation — where processing is required by law or regulation;
• consent — where applicable.

You also have the right to lodge a complaint with your local supervisory authority.

17. California Privacy Notice (CCPA/CPRA)

If you are a California resident, you may have rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act.
In the preceding 12 months, we may have collected the following categories of personal information:

• identifiers, such as email address and account information;
• commercial information, such as subscription status, trial status, purchase history, and transaction metadata;
• internet or electronic network activity information related to authentication, device/session count, bandwidth usage, and operational service logs;
• geolocation data at a coarse country level;
• technical and diagnostic information, such as device, OS version, app version, crash data, and push token.

We do not sell personal information.
We do not share personal information for cross-context behavioral advertising.
California residents may request access, correction, or deletion by contacting [email protected].
We will not discriminate against you for exercising your privacy rights.

18. UAE PDPL Notice

If you are located in the United Arab Emirates, your personal data may be processed in accordance with applicable data protection laws, including the UAE Personal Data Protection Law, where applicable.
Where required, we will process personal data on a lawful basis, provide appropriate transparency regarding our processing, and respect applicable rights relating to access, correction, deletion, and other protections under UAE law.
Requests relating to privacy may be sent to [email protected].

19. Third-Party Services

The Service may rely on or integrate with third-party providers, including authentication, payment, email, hosting, or infrastructure providers.
Such third parties may have their own privacy policies and terms. We encourage you to review them separately where relevant.

20. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
When we make material changes, we will revise the “Last Updated” date and may provide notice through the website, application, or other appropriate means.
Your continued use of the Service after the effective date of an updated Privacy Policy means the updated version applies to your use of the Service.

21. Contact Us

If you have any questions, support requests, or privacy-related requests, please contact:
A.C BELNET DIGITAL LTD
Website: https://vopon.me/
Privacy Policy: https://vopon.me/privacy
Email: [email protected]