Data Retention
1. Overview
SecureWave retains the minimum data necessary to operate the Service, prevent abuse, and meet legal obligations. We do not keep VPN traffic logs, browsing history, DNS query logs, or content logs.
This page summarizes retention periods. For broader privacy commitments and data categories, see our Privacy Policy.
2. Account Data
- Email address is retained while your account is active.
- Password is stored as a one-way hash and retained while your account is active.
- Account security events (for example, sign-in attempts) may be retained for a limited time to detect abuse and protect users.
When you close your account, we delete account data within 30 days, subject to Section 4.
3. Connection and Device Metadata
To operate a subscription VPN service, we retain limited operational metadata:
- Device enrollment records (registered devices) while your account is active, and for a short period after closure to prevent fraud and support recovery.
- Session timestamps (connect/disconnect times) may be retained for limited periods for abuse prevention, service reliability, and support.
- Aggregate usage totals may be retained longer in anonymized form for capacity planning and performance monitoring.
We do not retain traffic content.
4. Billing and Tax Records
Billing records are retained for the minimum period required by applicable financial and tax regulations. This may include transaction identifiers, invoice records, and subscription status history.
Payment card details are processed by payment providers. SecureWave does not store full card numbers.
5. Support Communications
If you contact support, we retain the contents of your support request and our responses for up to 2 years after resolution, unless a shorter retention period is required or you request deletion (subject to Section 4).
6. Deletion Requests
You can request deletion of eligible personal data by contacting us via the Contact page. We may require verification of your identity to protect your account.