SpeedTop VPN Privacy Policy

Last Updated on 18 April 2025

1. Introduction

This Privacy Policy outlines how SpeedTop VPN ("we," "us," or "our") collects, uses, and safeguards your data when you use our free VPN service. We are dedicated to upholding your privacy rights and adhering to global data protection standards, including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and equivalent laws in other jurisdictions.

2. Data We Collect

We prioritize minimizing data collection and only gather non-personal information necessary to operate and improve our service:

  • We do not collect personal information such as names, email addresses, phone numbers, payment details, or any other details that could identify you personally (PII).
  • We maintain a strict no-logs policy and do not record, store, or analyze usage data like browsing history, IP addresses, connection timestamps, online activity, or the specific websites/apps you access.
  • Device type, operating system (e.g., iOS, Android), app version, and technical specifications (excluding unique device identifiers).
  • Aggregated data on app performance (e.g., crash reports, connection success rates) to identify and resolve issues, which cannot be linked to your identity.

3. Legal Basis for Data Processing

We process data only where legally permissible and necessary for service delivery:

  • Legitimate Interests: Optimizing service performance, enhancing security, and detecting abuse (e.g., preventing fraud).
  • Contractual Necessity: Fulfilling our obligations to provide the VPN service you requested.
  • Legal Compliance: Responding to valid legal requests (e.g., court orders) in accordance with applicable laws, after verifying their lawfulness.

4. Data Security

We employ industry-leading measures to protect your data:

  • Encryption: All data transmitted via our VPN uses advanced encryption protocols to secure connections in transit and at rest.
  • Access Controls: Data access is restricted to authorized personnel only, using multi-factor authentication (MFA) and the principle of least privilege.
  • Security Audits: Regular independent security assessments and penetration testing to identify and remediate vulnerabilities.

5. Third-Party Services

We may use trusted third-party providers (e.g., analytics, cloud hosting) to support service operations. These partners:

  • Are prohibited from collecting or accessing personal data.
  • Must comply with our strict data protection standards via contractual agreements (including GDPR SCCs for cross-border transfers).
  • Do not use your data for advertising or profiling.

6. Your Rights Under Data Protection Laws

Under regulations like the GDPR and CCPA, you have the right to:

  • Access: Request a copy of the non-personal data we hold about you.
  • Correct: Update inaccurate technical data we have collected.
  • Delete: Ask us to delete your data when it is no longer necessary for service delivery (see Section 8).
  • Data Portability: Receive a copy of your technical data in a structured, machine-readable format.
  • Withdraw Consent: Where processing relies on your consent (e.g., optional features), you may revoke it at any time.

To exercise these rights, contact our Data Protection Team at [email protected] within 30 days.

7. Children's Privacy

SpeedTop VPN is not intended for users under the age of 13 (or the minimum age required by your jurisdiction, e.g., 16 in certain EU countries). We do not knowingly collect data from children. If you believe we have inadvertently collected data from a child, please contact us immediately for deletion.

8. Data Retention & Storage

Temporary Data: Technical and diagnostic data is automatically deleted within 30 days of collection, unless retention is required by law (e.g., for fraud detection).

No Long-Term Storage: We do not store any user data beyond the minimum period necessary to provide and improve our service.

9. Cross-Border Data Transfers

Your data may be processed in countries outside your region as part of our global infrastructure. To protect cross-border transfers:

We rely on GDPR-approved mechanisms (e.g., Standard Contractual Clauses) or equivalent safeguards to ensure recipient countries maintain adequate data protection levels.

10. Cookies & Tracking Technologies

We use cookies and similar technologies only for essential purposes:

Necessary Cookies: Used for session management (e.g., keeping you logged in) and service functionality. These cannot be disabled without affecting service use.

Analytics Cookies: Anonymized cookies to measure service performance (e.g., traffic patterns). You can disable these via your browser settings, though this may limit some features.

11. Changes to This Policy

We may update this policy to reflect legal changes or service improvements. Revisions will be posted on this page with the "Last Updated" date. Continued use of our service after changes constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions about these Terms of Service or Privacy Policy, please contact us at [email protected]

Fast, lightweight VPN that works on weak networks while keeping privacy safe.

Quick Links

Help

Copyright © 2025 SpeedTop. All Rights Reserved