Legal

Privacy policy

Last updated: April 2026

Data collection

SecureWave collects only the data needed to run the service. This includes your email address, account state, subscription and invoice records, and basic device details such as platform type and last-seen time.

SecureWave does not collect browsing history, connection destination logs, or VPN traffic content.

Account email and authentication state
Subscription and invoice records (via Stripe)
Device registration metadata and operational timestamps
Support conversation content you provide voluntarily

How we use data

We use this data to sign you in, show your account state, process billing, and help troubleshoot problems. SecureWave does not sell account data or use it for ad targeting.

SecureWave shares data only with service providers necessary to operate the product:

Stripe receives billing and subscription data to process payments
Hetzner Cloud hosts the server infrastructure that runs the VPN and API
No data is sold or shared with advertising networks

SecureWave will disclose account data if required by valid legal process. We will notify affected users when permitted by law.

Retention

Account and billing records are retained for as long as the account is active and for a reasonable period after deletion to satisfy legal, audit, and support obligations. Operational metadata is pruned on a rolling basis. See the data retention policy for specifics.

Your rights

You can request a copy of the data SecureWave holds about your account, request correction of inaccurate records, or request deletion of your account and associated data. Deletion requests are processed within 30 days, subject to legal retention requirements.

To exercise any of these rights, use the contact form or email us directly.

Contact