Privacy Policy

Effective: May 2, 2026. Last updated: May 2, 2026.

Template notice: Starter template. Have an attorney review for GDPR/CCPA compliance, or use Termly.io / GetTerms. Not legal advice.

1. What we collect

GearsVPN collects only the minimum information needed to operate the service:

Email address. To deliver your account credentials, send refund and renewal communications, and provide support.
Payment metadata. Stripe and NowPayments handle payment data; we receive transaction IDs, amounts, and (for cards) the last four digits and country. We never see or store full card numbers.
Subscription period. We track the start and end of your subscription period for billing purposes only. We do not log the websites you visit, when you connect, the IP addresses you use, or your DNS queries.

2. What we do NOT collect

Traffic logs (we cannot tell you what you did)
Connection logs (we cannot tell you when you used the service)
DNS query logs
Your browsing history
Real name, postal address, or phone number

3. How we use your data

The information we collect is used solely to deliver the service, process payments, and respond to support requests. We do not sell, rent, or share your data with advertisers.

4. Third parties we use

Stripe — card payment processing (privacy policy)
NowPayments — crypto payment processing (privacy policy)
Resend — transactional email delivery (privacy policy)
Netlify — server hosting

5. Cookies

Our marketing site does not use tracking cookies. Stripe and NowPayments may set cookies on their hosted checkout pages — see their privacy policies above.

6. Your rights (GDPR / CCPA)

If you are in the EU, UK, or California, you have the right to:

Request a copy of the personal data we hold about you
Request correction or deletion
Withdraw consent
Lodge a complaint with your local data protection authority

Email [email protected] to exercise these rights.

7. Data retention

We retain your email and payment metadata for as long as you have an active subscription, and for 7 years afterward for accounting and tax compliance. Crypto-paid accounts may be deleted entirely upon expiration if no email was provided.

8. Security

We use industry-standard security measures: HTTPS for all connections, signed webhooks, encrypted storage. No system is 100% secure, but we deliberately limit data collection so a breach exposes as little as possible.

9. Changes to this policy

Material changes will be communicated via email and a notice on our site.

10. Contact

Email [email protected].