Introduction
Welcome to Kavach VPN ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Kavach VPN mobile application and related services (collectively, the "Service").
By using Kavach VPN, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Service.
Our Privacy Commitment
Kavach VPN operates on a strict no-logs policy.
We do not monitor, record, log, store, or share any of your online activities.
What we NEVER collect:
- ❌ Browsing history
- ❌ Traffic destination or content
- ❌ DNS queries
- ❌ IP addresses assigned to you
- ❌ Connection timestamps
- ❌ Session duration
- ❌ Bandwidth used
Your privacy is not just a feature—it's our core principle.
Information We Collect
1. Account Information
When you create an account, we collect:
| Data | Purpose | Retention |
|---|---|---|
| Email address | Account identification, password recovery, important notifications | Until account deletion |
| Password (hashed) | Account security | Until account deletion |
| Account creation date | Service administration | Until account deletion |
Note: We use industry-standard Argon2/bcrypt hashing for passwords. We cannot see or recover your actual password.
2. Payment Information
If you subscribe to a paid plan:
| Data | Purpose | Processor |
|---|---|---|
| Payment method details | Process subscription payments | Stripe |
| Billing address | Tax compliance, fraud prevention | Stripe |
| Transaction history | Provide receipts, handle refunds | Stripe |
Important: We do NOT store your full credit card number. All payment processing is handled by Stripe, a PCI-DSS Level 1 certified payment processor. Please review Stripe's Privacy Policy.
3. Technical Information
We collect minimal technical data necessary for the Service to function:
| Data | Purpose | Retention |
|---|---|---|
| Device type/OS version | App compatibility, troubleshooting | Aggregated, anonymized |
| App version | Update notifications, compatibility | Session only |
| Crash reports (optional) | Improve app stability | 90 days, anonymized |
4. Information We Do NOT Collect
We want to be absolutely clear about what we never collect:
- ❌ Your originating IP address
- ❌ VPN IP address assigned to you
- ❌ Browsing history or websites visited
- ❌ DNS queries or search history
- ❌ Traffic content or data transferred
- ❌ Connection timestamps or duration
- ❌ Bandwidth consumption per user
- ❌ Location data (GPS, network-based)
- ❌ Device identifiers (IMEI, MAC address)
- ❌ Contact lists or messages
- ❌ Photos, files, or other personal content
How We Use Your Information
We use the limited information we collect for the following purposes:
Service Operation
- Create and manage your account
- Provide VPN and NetShield services
- Process payments and subscriptions
- Send essential service notifications
Service Improvement
- Aggregate, anonymized analytics to improve performance
- Fix bugs and improve stability
- Develop new features
Legal Compliance
- Respond to lawful legal requests (see "Legal Requests" section)
- Comply with applicable laws and regulations
NetShield DNS Filtering
Kavach VPN includes NetShield, a DNS-based filtering feature that blocks advertisements, trackers, and malware/phishing domains.
How NetShield Works
- Your DNS queries are routed through our AdGuard-powered DNS servers
- Known ad/tracker/malware domains are blocked at the DNS level
- We do NOT log which domains you query or block
- All filtering happens in real-time with no data retention
NetShield Tiers
| Tier | Protection | Data Collected |
|---|---|---|
| Tier 1 | Ads only | None |
| Tier 2 | Ads + Trackers | None |
| Tier 3 | Ads + Trackers + Malware | None |
Data Security
We implement robust security measures to protect your information:
Encryption
- In Transit: All data is encrypted using TLS 1.3
- VPN Tunnel: WireGuard® protocol with modern cryptography (ChaCha20, Poly1305, Curve25519)
- At Rest: Sensitive data encrypted using AES-256
Infrastructure Security
- Servers located in secure data centers
- Regular security audits
- Automatic security updates
- No physical access to servers by third parties
Access Controls
- Strict employee access policies
- Multi-factor authentication for administrative access
- Principle of least privilege
Data Sharing and Disclosure
We Do NOT Sell Your Data
We will never sell, rent, or trade your personal information to third parties for marketing purposes.
Third-Party Service Providers
We use the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Payment info only |
| MongoDB Atlas | Database hosting | Encrypted account data |
| Sentry (optional) | Crash reporting | Anonymized crash data |
Legal Requests
We may disclose information if required by law. However:
- We cannot provide what we don't have. Since we don't log VPN activity, we have no browsing data to share.
- We will challenge overbroad requests. We carefully review all legal requests and challenge those that are overly broad or inappropriate.
- We will notify you when possible. Unless legally prohibited, we will notify you of requests for your data.
🐦 Warrant Canary
As of the date of this policy, Kavach VPN has not received any National Security Letters or FISA court orders, and has not been subject to any gag order.
Your Rights and Choices
Access and Portability
You can request a copy of the personal data we hold about you.
Correction
You can update your account information at any time through the app.
Deletion
You can delete your account at any time. Upon deletion:
- Your account data is permanently removed within 30 days
- Any active subscriptions are cancelled
- We retain no identifiable data about you
Opt-Out
- Marketing emails: Unsubscribe link in every email
- Crash reporting: Can be disabled in app settings
GDPR Rights (EU Users)
If you are in the European Economic Area, you have additional rights:
- Right to access
- Right to rectification
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object
- Rights related to automated decision-making
To exercise these rights, contact us at privacy@kavachvpn.com.
CCPA Rights (California Users)
California residents have additional rights under CCPA:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of sale (Note: we never sell your data)
- Right to delete personal information
- Right to non-discrimination
Data Retention
We retain different types of data for different periods:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Until account deletion | Account management |
| Payment Information | As required by law (typically 7 years) | Legal compliance, tax |
| Subscription Data | Until subscription ends + 1 year | Support and billing disputes |
| Support Emails | 2 years after last contact | Customer service, quality |
| Crash Reports | 90 days | Bug fixing |
VPN connection logs: We don't create them, so there's nothing to retain.
Account Deletion
When you delete your account:
- Your email and password are immediately deleted
- Active sessions are terminated
- Payment information is retained as legally required
- You can request complete data deletion by contacting support
Jurisdiction and Governing Law
Kavach VPN operates with privacy-first principles. We have strong privacy protection standards and operate outside of surveillance alliances like Five Eyes, Nine Eyes, and Fourteen Eyes.
Why Jurisdiction Matters for Privacy
Our operational principles ensure:
- ✅ No mandatory data retention requirements
- ✅ Strong privacy and data protection standards
- ✅ Respect for user privacy rights
- ✅ Not part of international surveillance agreements
- ✅ Valid court orders required for any data requests
Remember: Even if compelled by legal orders, we have no VPN activity logs to provide because we don't collect them in the first place.
Children's Privacy
Kavach VPN is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@kavachvpn.com.
International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:
- Standard Contractual Clauses (EU)
- Adequate security measures
- Compliance with applicable data protection laws
Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion + 30 days |
| Payment records | As required by tax law (typically 7 years) |
| Crash reports | 90 days |
| Support tickets | 2 years after resolution |
| VPN activity logs | Never stored |
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
- Email notification (if you have an account)
- In-app notification
- Updating the "Last Updated" date
We encourage you to review this policy periodically.
Open Source
Kavach VPN uses the open-source WireGuard® VPN protocol. WireGuard® is a registered trademark of Jason A. Donenfeld. The WireGuard protocol code is open source and publicly auditable.
Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us:
Email: privacy@kavachvpn.com
Data Protection Officer: dpo@kavachvpn.com
Summary
| Question | Answer |
|---|---|
| Do you log my browsing activity? | No, never |
| Do you log my IP address? | No |
| Do you log connection timestamps? | No |
| Do you sell my data? | No, never |
| Can you see my traffic? | No, it's encrypted |
| What do you store? | Only email, hashed password, and payment info |
| Can I delete my data? | Yes, anytime |
Your privacy matters. That's why we built Kavach VPN.
WireGuard® is a registered trademark of Jason A. Donenfeld.
Last updated: January 9, 2026