Privacy Policy

At RainVPN, your privacy is our top priority. This Privacy Policy explains how we collect, use, protect, and handle your information when you use our VPN service. We are committed to transparency and protecting your privacy rights.

By using RainVPN, you agree to the collection and use of information in accordance with this Privacy Policy. We may update this policy from time to time, and we will notify you of any material changes.

We collect only the minimum information necessary to provide and improve our Service. Here's what we collect and what we don't:

Minimal Data for Service Operation: The only data we may temporarily process during your active VPN session is necessary for routing your connection. This data is not logged, stored, or retained after your session ends. Our servers are configured to automatically discard all session data upon disconnection.

Independent Audits: Our no-logs policy is subject to independent security audits to verify our claims and ensure compliance with our privacy commitments.

We use the limited information we collect only for the following purposes:

• Service Provision: To provide, maintain, and improve our VPN service
• Account Management: To create and manage your account, process payments, and handle subscriptions
• Customer Support: To respond to your inquiries, provide technical support, and resolve issues
• Service Optimization: To analyze aggregate, anonymized usage patterns to improve server performance and network infrastructure
• Security: To detect and prevent fraud, abuse, and security threats
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Communications: To send you important service updates, security alerts, and account-related notifications

We are committed to protecting your privacy. We do not sell, rent, or trade your personal information to third parties.

Third-Party Service Providers: We may share limited information with trusted third-party service providers who help us operate our Service, such as:

• Payment processors (for processing subscription payments)
• Cloud hosting providers (for server infrastructure)
• Customer support platforms (for handling support requests)
• Email service providers (for sending account-related emails)

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

Business Transfers: In the event of a merger, acquisition, or sale of assets, your account information may be transferred. We will notify you of any such change and ensure the new entity continues to honor this Privacy Policy.

We implement industry-standard security measures to protect your information:

• Encryption: All data transmitted through our VPN is encrypted using 256-bit AES encryption, the same standard used by banks and government agencies
• Secure Infrastructure: Our servers are hosted on secure, enterprise-grade infrastructure with physical and digital security controls
• Account Security: Passwords are hashed using industry-standard algorithms and never stored in plain text
• Payment Security: Payment information is processed through PCI-DSS compliant payment processors. We never store full credit card numbers
• Regular Security Audits: We conduct regular security assessments and vulnerability testing
• Access Controls: Access to user data is restricted to authorized personnel only and is logged for security purposes

While we implement strong security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information to the best of our ability.

Account Information: We retain your account information (email, subscription status) for as long as your account is active and for a reasonable period thereafter to comply with legal obligations and resolve disputes.

No Usage Data Retention: Due to our no-logs policy, we don't collect usage data, so there's nothing to retain. Any temporary session data is automatically deleted when you disconnect from our VPN servers.

Account Deletion: You can request deletion of your account at any time. Upon account deletion, we will delete your account information within 30 days, except where we are required to retain it for legal compliance or dispute resolution.

Payment Records: We may retain payment transaction records as required by law or for accounting purposes, typically for 7 years.

You have the following rights regarding your personal information:

• Right to Access: You can request a copy of the personal information we hold about you
• Right to Correction: You can update or correct your account information through your account settings
• Right to Deletion: You can request deletion of your account and associated data
• Right to Data Portability: You can request your data in a machine-readable format
• Right to Object: You can object to certain processing of your information
• Right to Withdraw Consent: You can withdraw consent for data processing where consent is the legal basis

EU Users (GDPR): If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

Website Cookies: Our website may use cookies and similar tracking technologies to enhance your browsing experience. We use cookies for:

• Authentication (to keep you logged in)
• Session management
• Website functionality and preferences
• Analytics (aggregate, anonymized data about website usage)

VPN Application: Our VPN applications do not use cookies or tracking technologies. The VPN service itself does not track your online activities.

Third-Party Cookies: We may use third-party analytics services (such as Google Analytics) on our website. These services may use cookies to collect aggregate, anonymized information about website usage. You can opt out of analytics cookies through your browser settings.

RainVPN is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to delete such information from our systems.

If you are under 18, you may only use RainVPN with the consent and supervision of a parent or legal guardian. By using our Service, you represent that you are at least 18 years old or have parental consent.

Jurisdiction: RainVPN operates under British Virgin Islands (BVI) jurisdiction. Your account information is stored and processed in accordance with BVI data protection laws.

Server Locations: Our VPN servers are currently located in Reykjavik, Iceland, a strategically selected, privacy-friendly jurisdiction. Iceland is particularly notable for its strong privacy laws and data protection regulations, making it one of the world's most privacy-friendly jurisdictions. When you connect to a VPN server, your internet traffic is routed through that server's location. However, due to our no-logs policy, we don't store any data about your connections or activities on these servers.

Data Protection: We implement appropriate safeguards to protect your information regardless of where it is processed. We ensure that any third-party service providers we use maintain adequate data protection standards.

EU Users: If you are located in the European Union, your data is protected by GDPR. We comply with GDPR requirements for international data transfers and have implemented appropriate safeguards.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other reasons. We will notify you of any material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email notification to your registered email address
• Displaying a prominent notice on our website or in our applications

Continued Use: Your continued use of RainVPN after changes to this Privacy Policy constitutes acceptance of the updated policy. If you do not agree with the changes, you may cancel your subscription and delete your account.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your privacy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

We will respond to your privacy inquiries within 30 days. For urgent privacy concerns, please contact us immediately.

Data Protection Officer: For users in the European Union, you may contact our Data Protection Officer (if applicable) for GDPR-related inquiries.