Zorro VPN – Privacy Policy

June 20, 2019

Our Zorro VPN mobile application (“App”). This privacy policy (“Policy”) applies to persons anywhere in the world who use our App or otherwise interact or communicate with us (each such person, a “User” or “you”). If at any time you disagree with this Policy, you must refrain from installing our App, or, if you have already installed our App, refrain from using it and delete it.

The primary function of our App is providing VPN services to users.

All User payments for the pay version of our App are handled through the iOS App Store and we do not receive, process or store Users’ credit card information or other User payment information.

The iOS platform will alert you the first time our App wants permission to access certain types of data and will let you consent (or not consent) to that request. BY INSTALLING OR USING OUR APP, YOU REPRESENT AND WARRANT TO US THAT YOU ARE 13 YEARS OF AGE OR OLDER.

By installing or using our App you consent to our collection and use of information in accordance with this Policy.

When You Use Our VPN Service
We only keep the following data associated with your account:

• Total amount of bytes transferred in a 30 day period.
• Timestamp of your last activity on our VPN network.

This data is used to enforce free tier limitations, prevent abuse and weed out inactive accounts.

The following data is NOT stored:

• Source IP
• Sites you visited
• Historical record of VPN sessions

When You Are Actively Connected to a Server
For the duration of your connection the following is stored in server’s memory. This data is immediately discarded when you disconnect:

• OpenVPN/IKEv2 username
• Time of connection
• Amount of data transferred

The following data is stored in a central location

• Number of parallel connections at any given time to prevent rampant abuse and account sharing.
• A counter is incremented that stores total number of bytes downloaded/uploaded in a 30 day period.

Anything that is not mentioned above is not stored.

Our bespoke system eliminates the need to store data entirely. This data resides only in server’s memory while you’re connected, and is immediately discarded by the VPN server when you disconnect. Since it doesn’t get logged into a permanent database, there is nothing to delete.

When You Sign Up
We only require a username and password when you sign up to our service. Email can be provided if you wish to be able to recover your password in case you forget it, as well as receive periodic service updates.

User Data Requests
Since we store the bare minimum for a customer to actually use our service, any request for user data would yield nothing of value. As we do not store any historical logs on who used which IP address, and since IPs are shared by dozens/hundreds of people at any given moment, so we cannot tie any activity to a specific account.

We may change this Policy from time to time by posting an updated version of this Policy on our website or through our App. Your continued use of our App after any such update will constitute your consent to the changes. We encourage you to periodically review this Policy for the latest information on our privacy practices.