3.9 KiB
Title: Privacy Policy
We believe transparency is one of the most important qualities a VPN service can have.
This page is meant to inform users about what informations CCrypto stores,
in what conditions, and the exact limits under which it is kept and transfered.
If you have any question that is not answered by this page, please contact us.
1. Informations stored
To run our VPN service, we collect and store the following informations:
- Username
- Hashed password (see our published source code for details)
- E-mail address, if provided
- Support tickets
- IP address used when browsing the site
For each payment or subscription, we store:
- PayPal: the PayPal transaction or subscription ID and paid amount
- Stripe: the Stripe charge or subscription ID and paid amount
- Bitcoin: the transaction id, receiving address and received amount at the time the payment was confirmed.
We also use Piwik to monitor visitors on our website; it may record anonymized IP addresses, pages viewed, referrer, and some informations about your browser.
All these informations are strictly kept by CCrypto and will not be shared to a third party, except as described in sections 2 and 4.
We use no external analytics or advertisement network on our website.
2. VPN Logging
Each connection from a VPN client to our VPN server is logged for security and billing purposes. For each connection or authentication, we store for up to a year:
- Username
- Server used and shared server IP address
- Client IP address and port
- Amount of data transferred per hour (used exclusively for usage statistics and against extreme service abuses)
As opposed to many VPN service providers, no data is stored or logged in the gateway servers. Those are too exposed and would be the easiest target to raid or steal, and depend on the law of many countries.
Instead, logs are stored separately on a secure server operated by LambdaVPN in France,
who is also managing the gateway servers.
LambdaVPN has no access to any other user information
and has agreed not to share or use any information they store except on request by CCrypto.
In case of abuse or data request from any authority, LambdaVPN does not have access to any payment information or email address directly and can only forward the request to CCrypto.
These conditions are stated in the contract between CCrypto and LambdaVPN.
CCrypto or LambdaVPN will never, in any event, monitor, record, or use without your consent the traffic you send and receive through the VPN, including but not limited to DNS queries and browsing history.
On some servers, we will however watch for known dangerous patterns to limit abuse, as explicitly described by a dedicated page: NO-P2P
3. DMCA handling
DMCA cease & desists are usually ignored as we have very little control over it. If one user generates too many abuse, we may investigate and block their access to a server without notice as a warning.
Since we cannot precisely identify users responsible from DMCA notices, we will ban from the server the user or users that match the most the report or reports received. If you think you have been banned unfairly, you can open a ticket and we will reinstate your access to the server as soon as possible.
Servers designated as "NO P2P" servers have a lower tolerance and
will result in a ban as fast as possible.
Please do not abuse the service, as it will only lower the quality for everyone.
We will never disclose user information as a result of a DMCA notice.
4. Data requests
The French government may request informations about VPN connections and payments as required by the French law. We will only comply to this kind of request if they are following the right legal procedure. If we are allowed to do so, we will attempt to contact you before or after doing so.
No third party can request information without going through the proper legal channels.