ChitaVPN Privacy Policy

Introduction

ChitaVPN is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our services or interact with our website and applications.

Definitions

  • Personal Data: Any information that relates to an identified or identifiable individual.

  • Data Processing: Any operation performed on personal data, such as collection, storage, use, or disclosure.

  • Third-Party Service Providers: Companies we engage to perform specific tasks on our behalf, such as payment processing or analytics.

  • GDPR: The General Data Protection Regulation, a European Union regulation that governs data privacy and protection for individuals within the EU.

What Information Do We Collect and How Do We Use It?

We prioritize your online privacy and do not collect or store logs of your online activity, including IP address, browsing history, used bandwidth, or session information.

Payment Information:

To process payments securely, we use third-party providers. The information they collect includes:

  • IP address

  • Purchase time

  • Zip code

  • Country (for tax purposes)

  • Credit card owner name

  • Card details (for processing orders, refunds, tracking payments, and automatic billing)

We also collect some additional information for processing payments and assisting customers:

  • Email address

  • Device information (user agent) for troubleshooting

  • Customer country

  • Payment order numbers

Data Retention:

We retain payment information for as long as necessary to process transactions, comply with legal and regulatory requirements, and resolve disputes.

In general, we apply the following retention practices:

  • Account and contact information (e.g., email, basic profile data): kept for as long as your account is active and up to two years after your account or subscription is closed or deactivated, unless a longer retention period is required by law.

  • Payment and billing information: retained for the period required by applicable tax, accounting, and financial regulations (which may be longer than two years in some jurisdictions) in order to comply with legal obligations and to resolve potential disputes.

  • Technical data related to service use (e.g., device information, IP used for Smart DNS, active session data): kept for as long as necessary to operate, secure, and improve the service and, in general, no longer than two years after your subscription is deactivated, unless we are legally required to keep it for longer.

  • Online chat information: as described below, is deleted after 6 months.

Once the applicable retention periods expire, we either delete your personal data or irreversibly anonymize it.

Data Required to Provide Our Service

Email Address:

Email Address: Used for account verification, sending payment and service-related emails, and acting as your unique user ID. After purchase, you'll receive unique login credentials for the app and user area. You can also change your password.

Device Information/IP Address:

Device Information/IP Address: Device ID, platform type/version, and IP address are used to provide trial accounts and manage active sessions within the apps (Active session). We retain this data for as long as your account is active. Your IP address is also required to activate the Smart DNS service, and we store it for the duration of your service use.

Online Chat:

Online Chat: We offer online chat for support. During a chat session, we collect information like IP address, country, platform type/version to assist you better. This data is deleted after 6 months.

International Data Transfers:

ChitaVPN does not currently transfer user data internationally. However, if this changes in the future, we will notify users and obtain their consent before transferring any data.

If we ever transfer your personal data to other countries, including countries outside your home jurisdiction or outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place to protect your privacy. These safeguards may include:

  • Using countries that have been formally recognized as providing an adequate level of data protection; and/or

  • Implementing standard contractual clauses or other lawful transfer mechanisms approved under applicable data protection laws (such as the GDPR).

We will also clearly identify any such third countries and explain the applicable safeguards in an updated version of this Privacy Policy.

Cookies and Tracking Technologies:

ChitaVPN does not currently use cookies or other tracking technologies. However, we reserve the right to do so in the future. If we implement such technologies, we will update this policy to explain what data is collected, how it is used, and how users can control them.

If and when cookies or similar technologies are introduced, you will typically be able to control them through:

  • Your browser or device settings (e.g., blocking or deleting cookies), and

  • Any in-app or on-site cookie preferences tools that we may provide.

We will clearly describe available choices and how you can opt in or out of optional cookies where required by law.

Your Rights and Choices

You have control over your personal data. You can contact us at [email protected] to:

  • Access or request a copy of your personal information.

  • Object to or restrict processing of your data.

  • Request correction or completion of inaccurate data.

  • Request deletion of your data (subject to legal restrictions).

  • Withdraw consent for data processing (doesn't erase past actions or processing based on other legal grounds).

  • File a complaint with a data protection authority if you believe we haven't respected your rights.

In addition to contacting us, you may also be able to:

  • Update certain account details (such as your email address or password) directly through the account or app settings; and

  • Manage communication preferences (e.g., unsubscribe from marketing emails) via the links provided in our messages.

We will handle your requests in accordance with applicable data protection laws and may need to verify your identity before acting on your request.

How We Keep Your Data Safe

We use industry-standard security measures to protect your data, but complete online security is impossible. Here's what we do:

Encryption:

Encryption: We use SSL/TLS encryption to safeguard data transfers.

Password Protection:

Password Protection: Passwords are stored securely using hashing algorithms.

Firewall Defense:

Firewall Defense: We employ firewalls to filter incoming traffic and prevent unauthorized access.

Regular Reviews:

Regular Reviews: We conduct ongoing security audits to identify and address potential vulnerabilities.

Limitations of Online Security:

  • Third-Party Interception: There's always a risk of someone intercepting information online.

  • Shared Responsibility: While we take significant measures, we cannot guarantee the absolute security of any information you share online. By using our services, you acknowledge these limitations and agree to be responsible for the information you share.

Sharing Your Personal Information

We share your data only with authorized third parties for specific purposes, such as payment processing, email automation, website/app diagnostics, and analytics. These providers may have access to your data in the course of their work. We require these third parties to implement appropriate security measures to protect your personal data.

Our Main Service Providers:

  1. Crisp (online chat)

  2. Stripe (payment processing)

  3. MailChimp (email marketing) (if applicable)

We do not sell your personal data. We only allow third-party service providers to process your personal data when they have agreed to protect it and to use it solely for the purposes we specify.

Legal

About This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or our data practices.

  • Notification of Changes: When we make material changes, we will notify you by updating the “Effective Date” at the top of this page and, where appropriate, by additional means such as email, in-app notifications, or a notice on our website.

  • Review of Changes: We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

  • Continued Use: Your continued use of our services after any changes to this Privacy Policy will be deemed acceptance of the updated policy. If you do not agree with the changes, you should stop using our services and may contact us with any questions.

If you have any questions about this Privacy Policy or how we handle your personal data, you can always reach us at [email protected].