Privacy Policy

Last updated: March 19, 2026

1. Introduction

GuardianSoc Pro ("we," "our," or "us") operates VPN services and related applications. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our VPN service, website, and mobile/desktop applications (collectively, the "Service"). We are committed to protecting your privacy and ensuring the security of your personal data in compliance with applicable data protection laws.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address — for account identification, communication, and password recovery
  • Username / display name — for account personalization
  • Password — stored in bcrypt-hashed form; we never store plain-text passwords
  • Google account ID — if you choose to sign in with Google

2.2 Connection Data (Minimal)

To maintain service quality and prevent abuse, we collect limited connection metadata:

  • Timestamp of connection and disconnection
  • VPN server location selected (country)
  • Platform used (Android, iOS, Windows, macOS)
  • Connection duration
  • App version

2.3 What We Do NOT Collect

We are committed to a strict no-logs policy for browsing activity:

  • We do NOT log your browsing history or websites visited
  • We do NOT monitor your traffic content or data transfers
  • We do NOT store your originating IP address on our VPN servers
  • We do NOT log DNS queries made through our service
  • We do NOT sell, rent, or trade your personal information to third parties

2.4 Payment Information

Payment processing is handled by third-party payment processors. We do not store your credit card numbers, bank account details, or other financial information on our servers. We only retain transaction IDs and subscription status for order fulfillment.

2.5 Device Information

We may collect basic device identifiers to manage multi-device access and prevent unauthorized account sharing. This includes a device token for push notifications (FCM) and a device identifier for session management.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery — to provide, maintain, and improve our VPN service
  • Account management — to authenticate users, manage subscriptions, and process payments
  • Communication — to send important service updates, security alerts, and support responses
  • Analytics — to monitor aggregate service usage patterns (not individual browsing) for infrastructure planning
  • Security — to detect and prevent fraud, abuse, and unauthorized access
  • Legal compliance — to comply with applicable laws and regulations

4. Data Security

We implement industry-standard security measures to protect your data:

  • AES-256 encryption for all VPN tunnel traffic
  • Bcrypt hashing (12 rounds) for password storage
  • TLS/SSL encryption for all API and website communications
  • Token-based authentication (Sanctum) for API access
  • Regular security audits and vulnerability assessments
  • Role-based access controls for internal systems

5. Data Retention

We retain your account information for as long as your account is active. Connection metadata is retained for a limited period for analytics and service improvement, after which it is automatically purged. If you delete your account, we will remove your personal information within 30 days, except where retention is required by law.

6. Third-Party Services

Our service may integrate with the following third-party services:

  • Google Sign-In — for OAuth-based authentication (subject to Google's Privacy Policy)
  • Payment processors — for subscription billing and payment handling
  • Firebase Cloud Messaging — for push notifications on mobile devices

We do not share your VPN activity or browsing data with any third party.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate or incomplete data
  • Deletion — request deletion of your personal data and account
  • Portability — request your data in a portable, machine-readable format
  • Objection — object to processing of your personal data
  • Withdrawal of consent — withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at the email address listed below.

8. Children's Privacy

Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

9. International Data Transfers

Your information may be transferred to and processed on servers located in various countries where our VPN infrastructure operates. We ensure appropriate safeguards are in place for any international data transfers in accordance with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@guardian360.pro

Company: UESE ITALIA SPA