Privacy Policy

This data:

• is used solely to ensure service quality, infrastructure stability, and prevention of abuse;
• does not contain information about visited websites, DNS requests, or traffic content;
• is automatically deleted on a regular basis in accordance with internal data retention procedures.

2.1 Information Provided by the User

2.1.1 Account

If registration is required to access the Service, we may process:

• the user’s email address;
• username (if provided);
• a securely hashed password.

This data is used for access management, password recovery, and user support.

2.1.2 Payment Data

Payment information is fully processed by third-party payment providers. We do not store card numbers or banking details on our servers.

We may receive from payment partners:

• confirmation of purchase status;
• transaction identifier.

This data is used solely for subscription management.

To purchase the Service, you may be required to provide us and/or our payment processing partners with personal information such as your billing name, billing contact details (for example, address and/or email address), and payment instrument details.

This basic billing information is used to process payments and refund requests.

2.2 Data Collected Through Applications

Identifiers used in the application:

• are randomly generated on the device;
• are not linked to email addresses or other identifying data;
• are not used for advertising profiling;
• are not shared with third parties.

2.2.1 Device and System Information

Collection may include:

• device type, operating system, and application version;
• time zone;
• anonymous application identifier.

This information is used to ensure compatibility and troubleshoot errors.

2.2.2 Application Information

• successful/unsuccessful connections;
• selected settings.

2.2.3 Connection Information

We may process:

• network type (Wi-Fi/mobile data);
• VPN connection technical parameters (protocol, server).

2.2.4 Diagnostic Information

With explicit user consent, we may process minimal anonymous performance indicators (for example, statistics of successful connections). Such data does not allow identification of the user.

• application crash logs;
• error reports.

We do not use data for:

• advertising targeting;
• marketing analytics without the user’s consent;
• sale to third parties.

This is a fundamental element of our privacy approach.

Deletion effectively means:

• deletion of the email address;
• deletion of the account;
• deletion of a linked dedicated IP address (if applicable);
• deletion of other personal data that may have been provided by the user in the course of contacting technical support or during invoicing (if such data exists).

Personal data such as the email address, username, and other account-related data (if any) is deleted or anonymized within 30 calendar days from confirmation of the deletion request, unless otherwise required by applicable law.

We may retain a minimal amount of information where necessary:

• to comply with legal obligations;
• to resolve disputes;
• to prevent abuse.

Use of Network Interface

To provide the VPN service, the Application uses the user’s device network interface in order to establish an encrypted connection and route internet traffic through the Service servers.

During the operation of a VPN connection, technical connection parameters may be processed, including:

• connection start and end timestamps;
• volume of transmitted data;
• protocol and server used;
• technical connection status.

Such processing is necessary to ensure proper functioning of the Service, connection stability, and prevention of abuse.

7.1 Creation of Technical and Service Files

During operation, the Application may create and use:

• temporary files;
• cached data;
• configuration files;
• diagnostic logs;
• technical files necessary for the functioning of the VPN connection.

Such data is used exclusively to ensure proper operation of the Service, troubleshoot technical issues, and improve system stability.

Technical data may be stored for the period necessary to ensure the operation of the Service, after which it is automatically deleted in accordance with internal data retention procedures.

7.2 Application Updates

The Application may receive updates, including automatic updates. Updates may include critical security fixes, bug fixes, and technical improvements.

If the Application is installed via official application stores (such as the App Store or Google Play), updates are distributed and installed in accordance with the rules and mechanisms of the respective platform. Automatic installation of updates in such cases depends on the User’s device settings and the platform’s policies.

If the Application is used on other platforms, including but not limited to Windows or Linux, updates may be provided through the built-in update mechanism of the Application or via the official Service website. In such cases, updates may be installed automatically or may require User confirmation, depending on system settings and Application configuration.

We comply with the requirements of the General Data Protection Regulation (GDPR) with respect to lawfulness, transparency, and data minimization. Personal data is processed on lawful grounds such as consent, performance of a contract, or legitimate interests, where applicable.

• access their personal data;
• request correction;
• request deletion;
• withdraw consent;
• obtain information regarding the processing of their personal data;
• request transfer of personal data to another data controller, where applicable.

We do not disclose data to third-party advertising networks.

Security

All connections to Fast Tunnel servers are encrypted using modern cryptographic standards and VPN protocols.

Client authentication is performed through:

• mutual TLS (mTLS);
• validation of client and server certificates.

This ensures that access to the infrastructure is granted exclusively to authorized client applications.

Infrastructure edge nodes:

• operate with minimal state persistence;
• do not store user data on permanent storage media;
• retain active session data exclusively in volatile memory (RAM);
• delete session data upon termination of the connection.

After the subscription period ends, the IP address may be reassigned to another user.

Disclosure in Response to Legal Requests

In the event of receipt of an official legal request from competent authorities:

• we verify the legality and formal grounds of the request;
• our response is limited by the technical architecture of the Service;
• we may provide only the data that is actually stored in the system, namely the minimal operational metadata described above.

Legal Compliance and User Rights

Fast Tunnel complies with applicable personal data protection laws in all jurisdictions where the Service is provided, including, but not limited to:

• Regulation (EU) 2016/679 (GDPR);
• Federal Law of the Russian Federation No. 152-FZ “On Personal Data”;
• applicable U.S. state privacy laws (including CCPA/CPRA, where applicable).

We apply the principle of data minimization and ensure transparency of data processing practices in accordance with the requirements of the relevant jurisdiction.

16.1 Jurisdictional Access Limitations

In certain countries, access to specific internet resources may be restricted in accordance with the laws of the respective jurisdiction.

The Service does not guarantee the ability to bypass all local restrictions.

The user is solely responsible for compliance with the laws of their country of residence or location.

In the event of material changes:

• the updated version of the Policy will be published on our official website;
• users may additionally be notified through their personal account;
• notification may also be sent to the email address provided during registration.

The effective date of the new version will be indicated at the top of the document.