TunnelGlide

Privacy Policy | TunnelGlide

Privacy Policy

Effective Date: June 27, 2025

Last Updated: June 27, 2025

1. Introduction

Welcome to TunnelGlide. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, process, and protect your information when you use our VPN services.

Our Commitment: We operate under a strict no-logs policy, meaning we do not monitor, record, log, or store any of your online activity or connection logs when using our VPN service.

Legal Basis: This policy complies with the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws.

Contact Information:

  • Company: SoftZium Solution LTD
  • Address: Office 12, Initial Business Centre, Wilson Business Park, Manchester, United Kingdom, M40 8WN
  • Email: [email protected]

2. Information We Collect

2.1 Account Information (Personal Data)

You do not need to create an account to use our services

Legal Basis (GDPR): Contract performance and legitimate interests

Purpose: Account management, service provision, and customer support

2.2 Technical Information (Non-Personal Data)

We collect minimal technical data necessary for service operation:

  • Technical information for service operation
  • Support communications
  • Minimal analytics data (aggregated and anonymized)

Legal Basis (GDPR): Legitimate interests

Purpose: Service improvement and technical support

2.3 Customer Support Data

When you contact support:

  • Support tickets and communications
  • Technical diagnostic information (only when voluntarily provided)

Legal Basis (GDPR): Contract performance and legitimate interests

Purpose: Providing customer support and resolving technical issues

3. What We DO NOT Collect (No-Logs Policy)

We explicitly DO NOT collect, log, or store:

  • ❌ Your IP address when connected to our VPN
  • ❌ Websites you visit or access through our VPN
  • ❌ Data content or traffic flowing through our VPN
  • ❌ DNS queries made through our VPN
  • ❌ Connection timestamps or session durations
  • ❌ Bandwidth usage per individual user
  • ❌ Any information that could identify your online activities

Technical Implementation: Our servers are configured to not write any connection logs to disk, and our infrastructure is designed with privacy-by-design principles.

4. How We Use Your Information

4.1 Service Provision

  • Processing payments and billing
  • Providing VPN services and technical support
  • Ensuring service security and preventing abuse

4.2 Communication

  • Sending service-related notice
  • Responding to customer support requests
  • Providing important updates about our service

4.3 Legal Compliance

  • Complying with applicable laws and regulations
  • Responding to valid legal requests (limited to account information only)
  • Protecting our rights and preventing fraud

5. Data Sharing and Disclosure

5.1 Third-Party Service Providers

We may share limited data with:

  • Payment processors (for billing and subscription management)
  • Customer support tools (support ticket data only)

Safeguards: All third-party providers are bound by strict data protection agreements and privacy standards.

5.2 Legal Requirements

We may disclose device information (not connection logs) only when:

  • Required by valid legal process (court orders, subpoenas)
  • Necessary to protect our rights or comply with law enforcement
  • Required to prevent fraud or abuse of our services

Limitations: Due to our no-logs policy, we cannot provide information about your online activities, websites visited, or connection details, as this information does not exist in our systems.

5.3 Business Transfers

In case of merger, acquisition, or sale, personal data may be transferred to the new entity, subject to the same privacy protections.

6. Your Rights and Choices

6.1 GDPR Rights (EU Residents)

You have the following rights:

  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: We do not offer any deletion as we do not collect any data
  • Right to Object: Object to processing based on legitimate interests

How to Exercise Rights: Contact us at [email protected] or through your account settings.

6.2 CCPA Rights (California Residents)

California residents have additional rights:

  • Right to Know: Information about personal data collection and use
  • Right to Delete: We do not offer any deletion as we do not collect any data
  • Right to Non-Discrimination: Equal service regardless of privacy choices

7. Data Security and Protection

7.1 Technical Safeguards

  • Encryption: All data is encrypted in transit and at rest using industry-standard encryption
  • Access Controls: Strict access controls and authentication for all systems
  • Regular Security Audits: Independent security assessments and penetration testing
  • Incident Response: Comprehensive data breach response procedures

7.2 Organizational Measures

  • Staff Training: Regular privacy and security training for all employees
  • Data Processing Agreements: Strict agreements with all third-party processors
  • Privacy by Design: Privacy considerations integrated into all system designs
  • Regular Reviews: Ongoing privacy impact assessments and policy reviews

7.3 Data Breach Notification

  • GDPR Compliance: Notification to supervisory authorities within 72 hours
  • User Notification: Direct notice via in-app-function to affected users when required
  • Remediation: Immediate steps to contain and remedy the breach
  • Transparency: Public disclosure of significant incidents

8. Data Retention and Deletion

8.1 Account Data

  • Payment Data: Retained as required by law for tax and accounting purposes (typically 7 years)

8.2 Support Data

  • Support Tickets: Retained for 2 years for quality assurance and legal purposes
  • Technical Logs: System logs (not connection logs) retained for 30 days maximum

8.3 Automatic Deletion

  • Connection Data: Not collected, therefore not retained
  • Temporary Data: Any temporary technical data automatically deleted within 24 hours

9. International Data Transfers

9.1 Transfer Mechanisms

When transferring data outside the EU:

  • Adequacy Decisions: Transfers to countries with adequate protection
  • Standard Contractual Clauses: EU-approved contract terms for data protection
  • Binding Corporate Rules: Internal policies ensuring consistent protection

9.2 Safeguards

  • All transfers include appropriate technical and organizational safeguards
  • Regular monitoring of data protection standards in destination countries
  • Immediate suspension of transfers if protection standards are compromised

10. Cookies and Tracking

10.1 Website Cookies

Our website uses minimal cookies:

  • Essential Cookies: Required for website functionality
  • Analytics Cookies: Anonymous usage statistics (with consent)
  • No Tracking Cookies: We do not use advertising or tracking cookies

10.2 Cookie Management

  • Clear information about all cookies used
  • Easy opt-out mechanisms for non-essential cookies
  • Regular review and minimization of cookie usage

11. Children's Privacy

We do not knowingly collect personal information from children under 16 years of age. If we learn that we have collected personal information from a child under 16, we will delete that information immediately.

Parental Rights: Parents can request information about their child's data and request deletion.

12. Third-Party Links and Services

Our service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

13. Changes to This Privacy Policy

13.1 Notification of Changes

We will notify you of any material changes to this Privacy Policy:

  • App Notice: In-app notice for mobile users

13.2 Continued Use

Continued use of our services after changes constitutes acceptance of the updated policy. If you disagree with changes, you may terminate your account.

14. Supervisory Authority and Complaints

14.1 EU Residents

You have the right to lodge a complaint with your local data protection authority:

14.2 California Residents

You may also contact the California Attorney General's office regarding privacy concerns.

15. Contact Information and Data Protection Officer

15.1 General Privacy Inquiries

  • Email: [email protected]
  • Address: Office 12, Initial Business Centre, Wilson Business Park, Manchester, United Kingdom, M40 8WN
  • Response Time: We respond to privacy inquiries within 48 hours

16. Transparency and Accountability

16.1 Transparency Reports

We publish annual transparency reports including:

  • Number and types of legal requests received
  • Our responses to legal requests
  • General statistics about data processing
  • Security incident summaries (when applicable)

16.2 Independent Audits

  • Annual privacy and security audits by independent third parties
  • Public disclosure of audit results and remediation actions
  • Continuous monitoring and improvement of privacy practices

17. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation performed on personal data, including collection, use, storage, and deletion.
  • Data Controller: The entity that determines the purposes and means of processing personal data (us).
  • Data Processor: A third party that processes personal data on behalf of the controller.
  • Supervisory Authority: An independent public authority responsible for monitoring GDPR compliance.

Independent Audit Reports

Performance Reports

Last Updated: June 27, 2025

This Privacy Policy is effective as of the date listed above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

For questions about this Privacy Policy, please contact us at [email protected].