Privacybeleid

We do not log your VPN activity. Specifically, we do NOT collect, store, or monitor: • Websites you visit or URLs you access • DNS queries made through our VPN tunnel • Content of your internet traffic • Your originating IP address when connected to VPN • Connection timestamps tied to your identity • Browsing history, search queries, or downloads Our VPN servers are configured to process traffic in real-time without writing activity logs to disk.

We collect the minimum information necessary to provide and improve our service: Account Information • Email address: Used for account creation, authentication, and essential service communications. • User ID: A unique identifier assigned to your account for session management. Device Information • Hashed Device ID: A one-way hashed identifier used solely for fraud prevention and enforcing simultaneous device limits. Subscription & Payment Data • Purchase and subscription records processed through Google Play, Apple App Store, or Stripe. • We do not store full payment card numbers on X2VPN servers. Usage Data (Non-Browsing) • Bandwidth consumption: Aggregate data transferred per billing cycle for quota enforcement. • Connection events: Connect/disconnect timestamps and selected server region for reliability monitoring. • Session metadata: Active session count for enforcing your plan's device limit.

To be explicitly clear, we never collect: • Your browsing history or search queries • The content of your communications (emails, messages, etc.) • Your real IP address in connection with your online activities • DNS requests made while connected to our VPN • Any data that could be used to identify what you do online while using X2VPN

We use your information for the following purposes: • Account management & authentication — Email, User ID • Subscription delivery — Purchase history, User ID • Bandwidth quota enforcement — Aggregate bandwidth data • Device limit enforcement — Hashed Device ID, Session count • Fraud prevention — Hashed Device ID • App improvement & analytics — App interactions, Performance data • Crash resolution & stability — Crash logs

We implement industry-standard security measures to protect your data: • Encryption in Transit: All communications between the App and our servers use TLS 1.3. • Encryption at Rest: Sensitive data stored on your device is encrypted using AES-256-GCM. • Server Security: Our relay servers are hardened and configured to process VPN traffic without persistent logging. • Access Controls: Access to user account data is restricted to authorized systems only.

X2VPN integrates the following third-party services: Firebase Analytics & Crashlytics (Google) — App analytics and crash reporting. Google AdMob — Optional Android rewarded advertisements. Google Play Billing — Android subscription purchase processing. Apple App Store / StoreKit — iOS subscription purchase processing. Stripe — Web checkout and subscription billing where offered.

• Account data: Retained while your account is active. Deleted or anonymized when you delete your account. • Session data: Automatically purged after 30 days of inactivity. • Bandwidth usage: Reset each billing cycle. • Crash logs & analytics: Retained under provider defaults.

You have the following rights regarding your data: • Access: Request a copy of the personal data we hold about you. • Deletion: Delete your account in the app from the Account screen. • Correction: Update your account information through the App. • Ad preferences: Choose not to view reward advertisements. To exercise any of these rights, contact us at [email protected].

X2VPN is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy in the App and updating the "Last Updated" date.

If you have any questions or concerns about this Privacy Policy, please contact us: Email: [email protected] Website: https://x2vpn.com