Privacy Policy

Account information. When you register, we collect your email address, chosen username, and a hashed password. We store a subscription status flag updated by Stripe webhooks.

Payment information. Billing is handled entirely by Stripe, Inc. We receive a Stripe customer ID and subscription status. We never see, store, or process your card number, CVV, or billing address.

Content you create. Posts, replies, community names and descriptions, profile bios, and uploaded avatars are stored to deliver the service to you and other members.

Session data. We store a hashed session token in a secure, HttpOnly cookie to keep you logged in. We log the timestamp of your last activity to enforce the inactivity policy.

Technical data. Cloudflare, our infrastructure provider, may log IP addresses and request metadata as part of normal network operation. This data is not used for advertising or sold to third parties.

• ·We do not run advertising. Ever.
• ·We do not use analytics platforms (no Google Analytics, Mixpanel, etc.).
• ·We do not sell, rent, or share your data with data brokers.
• ·We do not track you across other websites.
• ·We do not read your private messages — there are none; all posts are semi-public within the network.

We use the data we collect exclusively to:

• ·Authenticate you and maintain your session.
• ·Display your content to other members of the network.
• ·Process your subscription and communicate billing events.
• ·Send transactional notifications you have opted into (no promotional email).
• ·Enforce our Terms of Service and Community Guidelines.
• ·Detect and prevent abuse, spam, and security threats.

Posts and replies expire 13 hours and 37 minutes after creation and are removed from all feeds. Expired content may be permanently deleted from our database at any time after expiry.

Account data is retained while your account is active. If your account is inactive for more than 1,337 hours, it enters a staged deletion flow. You will be notified before final deletion.

On account deletion, your profile, posts, and personal data are permanently removed. Some metadata (e.g. vote records) may persist in anonymised or aggregated form for integrity purposes.

Backups. Database backups may retain your data for a short additional window after deletion for disaster-recovery purposes. These are not accessible for ordinary use.

Stripe processes all payments. Your billing data is governed by the Stripe Privacy Policy.

Cloudflare provides our hosting, CDN, and DDoS protection. Traffic to svpn.com passes through Cloudflare's network. Their data practices are described in the Cloudflare Privacy Policy.

We have no other significant third-party data processors.

We use a single HttpOnly, SameSite=Strict session cookie to authenticate you. No tracking cookies. No third-party cookies. No cookie consent banner needed.

Passwords are hashed before storage. Sessions are authenticated via hashed tokens. All traffic is encrypted in transit via TLS. We enforce rate limits on authentication and sensitive actions.

No system is perfectly secure. In the event of a breach that materially affects your data, we will notify you promptly.

You may update your account information and preferences at any time from the settings page. You may delete your account from settings — this is immediate and irreversible.

To request an export of your data or to raise a privacy concern, email support@svpn.com. We will respond within 30 days.

If we make material changes to this policy, we will notify you via the email address on your account before the changes take effect.

support@svpn.com