UrMomsVPN
Home
Back to site

Privacy Policy

Last updated: 2026-07-09

This policy describes what UrMomsVPN collects, why, and what we don't do with your data. It's written to match what the running system actually does, not a generic template.

1. What we collect

Account information: email address, first and last name, a bcrypt hash of your password (never the password itself), your plan tier, your role, and — for pay-per-use — your prepaid balance.

Payment information: handled entirely by Stripe. We store a Stripe customer/subscription reference, never your card number.

Connection metadata: for each session, the connect/disconnect timestamp, which server you used, and the resulting billed duration. This is used for billing, for showing you your own usage, and for investigating fraud or abuse reports.

Support tickets: the content of any support ticket you file, so we can respond to it.

2. What we don't collect

We do not log or inspect the websites you visit, the content of your traffic, or your DNS queries, and we do not sell or share your data with advertisers or data brokers. The metadata described above is the extent of what we retain about your VPN usage.

3. Why we collect it

  • To operate the Service: authenticate you, provision your VPN tunnel, and enforce your plan's server access.
  • To bill accurately: pay-per-use minutes are computed from connection metadata.
  • To prevent fraud and abuse: connection metadata and account history let us investigate chargebacks, suspected account sharing, or abuse reports without inspecting traffic content.
  • To provide support: ticket contents are used only to respond to that ticket.

4. Retention

Connection metadata is retained for as long as your account is active plus a limited period afterward to handle billing disputes and fraud investigations. You can request deletion of your account and associated data by contacting support, subject to records we're legally required to retain (e.g., for tax or fraud-dispute purposes).

5. Disclosure

We disclose account or connection metadata to third parties only: (a) with your consent; (b) to our service providers strictly to operate the Service (e.g., Stripe for payments, our hosting provider); (c) when compelled by valid legal process (subpoena, court order, warrant) from a competent authority; or (d) to protect against fraud, security threats, or imminent harm. Because we don't log traffic content, there is no browsing history to disclose even if legally compelled.

6. Security

Passwords are hashed with bcrypt and never stored in plain text. Traffic between your device and our servers is encrypted via WireGuard; the website and API are served over HTTPS. Access to account-management tools is restricted by role, and every suspension, role change, and account deletion performed by staff is written to an append-only audit log.

7. Your rights

You can view your plan and balance from your account page at any time, and request a copy or deletion of your data through a support ticket. Depending on your location, you may have additional rights under laws like the GDPR or CCPA; we'll honor applicable requests once our legal structure and jurisdiction are finalized (see the note at the bottom of this page).

8. Children's privacy

The Service isn't directed at children, and isn't intended for use by anyone under 18 (see the Terms of Service).

9. Changes to this policy

We may update this policy as the Service changes. Material changes will be posted here with an updated effective date.

10. Contact

Questions about this policy can be sent through the in-app support ticket system.

This document is a general-purpose template and has not been reviewed by an attorney. Region-specific obligations (GDPR, CCPA, and similar) depend on where you incorporate and where your users are located, and should be confirmed with a lawyer before this is relied on as your actual, binding Privacy Policy.

© 2026 UrMomsVPN.