Privacy Policy

Effective Date : January 03, 2023

At Atlas VPN, we believe everyone should be able to use the internet more privately and securely. Our Privacy Policy corresponds to this belief and describes how we handle your data. 

Our commitment to transparency resulted in a lengthy document. However, we tried to make it more readable by providing short summaries of each section of the Policy in plain language.

This document (“Privacy Policy”) explains the privacy rules applicable to personal data and other information collected or submitted when you access, install, or use Atlas VPN Services and Website regardless of the device (computer, mobile phone, tablet, etc.) you use.

The data controller of your personal data, as described in this Privacy Policy, is Peakstar Technologies Inc. (address: 16192 Coastal Highway, Lewes, Delaware 19958, County of Sussex, United States of America, email: [email protected] (“Atlas VPN”, “we”, “us”, or “our”).

This Privacy Policy forms part of our Terms of Service. By visiting our Website, by submitting your personal data to us, and by accessing, installing and/or using our Services, you confirm that you have read this Privacy Policy and agree to be bound by this Privacy Policy. Thus, please read it carefully. Please do not use our Website and Services if you do not agree with the Privacy Policy.

The capitalized words used in this Privacy Policy as definitions are defined here or in our Terms of Service.

Additional information on your personal data may also be indicated in contractual terms, supplemental privacy statements, or notices.

If you have any questions, comments,  or requests regarding this Privacy Policy, please address them to [email protected].

1. What information is collected and why?

Summary: We provide no-logs VPN, meaning we do not monitor, collect or log information about applications, services, or websites you visit while using Atlas VPN.

We do not log your browsing activity, browsing history, records of IPs assigned, original IP, sites visited, outgoing traffic, content, or data accessed. So, even if compelled, we cannot provide such data as we do not have it in the first place.

We try to minimize the collection of any data. However, we need to collect some information to provide our Service for you, improve and optimize it, deliver you relevant information, create new and better privacy services and comply with our legal obligations.

We may process the following categories of personal data: 

1.1. Information for creating your account 

Email address. As part of registration, we only ask for your email address. It is necessary to create your Atlas VPN account and to use our Service. We use passwordless authentication, which means that you do not need to provide us with a password to sign up and log in — your email address is enough. 

1.2. Data needed to receive our paid Services 

Payment data. Payments and refunds for our Service are processed by our third-party payment processing partners (see Section 4 for the list of our third-party providers). The type of information processed depends on your chosen payment method (e.g., date of purchase, payer’s IP address, postal (ZIP) code, credit card owner’s full name, and credit card information). To fully understand what personal data these processors collect, please refer to the respective processor’s terms and privacy policy.

We also process some of the payment data ourselves (e.g., date of purchase, credit card owner’s full name, part of your credit card number, and its expiration date) in case of recurring payments.

Information for payment fraud prevention. To prevent fraudulent payments for the Services, your personal data (such as email address) is verified by the fraud management tools of our payment processing partners. If a payment transaction is considered high risk, we may decline it.

1.3. Communication data 

Email address. We use your email address for communication purposes to i) respond to your requests or inquiries, ii) send you important updates related to your use of our Service, iii) we may also send you tips, offers, and other marketing content (you can unsubscribe to the marketing content by following instructions which are included in our emails).

Chatbot. If a user contacts us through a live chat on our Website, we are able to see the user’s IP address. This information is necessary to determine if the user is connected to our servers so that we can help solve related issues.

1.4. Social networks data 

Account data. When you interact with us on our social media channels (e.g., Facebook, Twitter, Reddit, LinkedIn, YouTube, Instagram, TikTok, etc.), we will process your social media profile information, post information, and other information you voluntarily provided.

1.5. Information collected on our Website

Access logs. For security reasons, on our Website, we collect access logs (e.g., IP address, browser type, operating system). We use them to ensure information security since they help protect us from cyber threats (such as DDoS attacks, scanning, and others).

Cookies. As standard on the Internet, we use different types of cookies, pixels, and other similar technologies (collectively referred to as “cookies”), including third-party cookies on our Website. Cookies are small blocks of data placed on your device when you visit our Website. They help us collect non-personally identifiable information about the use of our Website and provide you with basic functionality. You can check what cookies we use in our Cookie policy.

1.6. Data collected when using our applications

In-app event information. We collect basic application usage data to help ensure the smooth functioning of our Service and improve the applications. 

The in-app events contain the following information:

i. General event information: event, which application sent the event, event time, and limited routing information.

ii. Application information: name, version, and source of the application, enabled/disabled features at the time of the event, network type, public internet service provider’s information, current VPN connection status, and related information (protocol and technology in use, current server, etc.), information about A/B testing (if any), user preferences (e.g., notifications enabled/disabled, language, preferred connection settings).

iii. Account information: active/inactive Atlas VPN subscriptions, current, and past active/inactive plans, trial information.

Device information. We collect some device information on our application. Such information is logged automatically and may include the model of your device, operating system version, and similar non-identifying information. We may use this information to monitor, develop, and analyze the use of our Services.

Device identifiers. Sometimes we may record a mobile device’s identifiers for sales attribution purposes. Identifiers are assigned to your device by the OS manufacturer. They can be reset at any time from your device’s settings. For manufacturer’s instructions, see the following policies: Apple Advertising & Privacy for iOS devices and Manage your Google Settings for Android devices. 

1.7. Technical information

Statistical server load information. We monitor server performance (CPU, RAM, servers net usage) to recommend the most suitable servers to our users.

2. Data processed when using certain Atlas VPN features

Summary: As an optional part of the service, we provide advanced privacy and security features. If you use any of these features, we may process additional information as described below. 

Data Breach Monitor. To enable the Data Breach Monitor feature, you are asked to enter an email address you want to monitor for breaches. When using the feature, your hashed email address is shared with our third-party service provider to check for details associated with the email in known leaked credential databases. A third-party service provider does not use your email address for any other purposes than helping you monitor data breaches where your email address appeared.

Shield. When enabled, the Shield feature blocks third-party trackers, ads, and malicious websites by matching domain names against a database of already known items. We only process the domain name and its status.

3. Ground for processing of personal data 

Summary: If you have any questions about the processing of your data, please contact us at [email protected]. 

Your personal data is processed:

  • Where it is necessary to fulfill our contract with you at your request. Such cases include: i) to provide access to our Services; ii) to process your purchase transactions; iii) to ensure the secure, reliable, and robust performance of our Services and Website.
  • When we have a legal obligation to process certain personal data collected from you (e.g., to keep and process records for tax purposes and accounting).
  • Where you have provided your consent to us. Such cases may include: i) to send marketing communication (unless applicable law permits us to contact you without your prior consent); ii) to communicate with you and manage your participation in our contests, offers, referrals, or promotions. Please note that although Atlas VPN may also process your personal data for marketing purposes when applicable law permits us to contact you without your separate consent, if you choose not to receive marketing communication from us (i.e., if you opt-out), we will honor your request.
  • We sometimes may process your personal data under the legal basis of our or third parties’ legitimate interest. Such cases include: i) to properly administer business communication with you; ii) to detect, prevent, or otherwise address fraud, abuse, security, or technical issues with our Services and Website; iii) to protect against harm to the rights, property, and safety of Atlas VPN, our users, or third parties; iv) to improve or maintain our Services and provide new products and features; v) to receive knowledge of how our Website and application is being used.

4. How does our Service interact with third parties?

Summary: Sometimes, we need help with certain operations like payments and support, and for those, we use third-party services. 

We select our third-party providers with great care, and the disclosure of your data is limited to only what is needed so that they can perform their functions. Please note: we do not sell or trade your personal data.

Service providers. We use third-party service providers to help us manage our day-to-day operations, such as customer support, payment processing, marketing, diagnostics and analytics, and others. As a result, some of these service providers may process personal data. 

Here is the list of our main trusted third-party providers. The list is inclusive but not exhausting and is subject to change. We add third parties to the list only when we decide to have long-term relations with them:

  • Live chat and support service platform: Zendesk (provided by Zendesk Inc.)
  • Marketing, application analytics, and diagnostics: Google Analytics, Firebase Analytics (provided by Google), AppsFlyer (provided by AppsFlyer Ltd.), Iterable (provided by Iterable Inc.), Sendgrid (provided by Twilio Inc.)
  • Conversion attribution system: Hasoffers (provided by Tune Inc.)
  • Payments processing: RevenueCat (provided by RevenueCat, Inc.), PayPal (provided by PayPal, Inc.), Google Pay (provided by Google), CoinPayments (provided by CoinPayments Inc. and UAB Star Ventures), PaymentWall (provided by Paymentwall Inc.), and Apple Pay (provided by Apple Payments Inc.), Amazon Payments (provided by Amazon Payments, Inc.), Stripe (provided by Stripe, Inc.)

Protection of our rights. We may disclose personal data to establish or exercise our legal rights or defend against any legal claims or other complaints. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, and violations of our Terms of Service.

Business transfers. We may share your personal data (which are described in this Privacy Policy) in those cases where we sell or negotiate to sell our business or go through a corporate merger, acquisition, consolidation, asset sale, reorganization, or similar event. In these situations, Atlas VPN will continue to ensure the confidentiality of your personal data.

Requests for data. If Atlas VPN is ever served with valid data requests by law enforcement or courts and applicable law requires us to comply, we have very little data to share because of our no-logs policy (if we are ever asked to do so, the information will reflect in our Warrant Canary page.) We do not collect users’ browsing history or traffic data that could be linked back to a specific user.

Cross-border transfers of personal data. To facilitate our Services and Website, we may store, access, and transfer personal data from around the world, including in countries where Atlas VPN has operations. These locations may not guarantee the same level of protection of personal data as the one in which you reside. We assess the circumstances involving all cross-border data transfers and have suitable safeguards in place to require that your personal data will remain protected in accordance with this Privacy Policy. For example, in case your personal data is transferred to countries outside the EEA, we make sure there is an adequacy decision from the European Commission with regards to the recipient country or we use standard contractual clauses approved by the European Commission for such transfer of your personal data.

5. How do we secure your information?

Summary: Even though there are no guarantees in the ever-evolving security and privacy landscape, we put great efforts into safeguarding your data.

We take the privacy of your data very seriously. Therefore, we enforce various appropriate technical, physical, and organizational security measures for the protection of your personal data.

We use layered defense with firewalls, hashed passwords, and hardened servers. Data at rest and in transit are encrypted. Encryption protocols are used according to the newest security practices. Our infrastructure is regularly updated. We also completed several independent security audits conducted by VerSprite and MDSec

We adopted information security and data processing policies according to best practices. We adopted a constant development culture of security and data protection awareness among our employees (including organizing regular and ongoing training and other awareness activities). We analyze the threat landscape and attack surface and constantly update our security measures. Access to databases containing personal data is granted on a need-to-know basis.

If we detect something suspicious, we will notify you immediately and guide you through steps to stay better protected. Nonetheless, you should be aware that no security is 100% foolproof. By using our Website and Services, you expressly acknowledge and agree that we cannot guarantee the security of any data provided to or received by us through the Website and Services and that any general information, other data, or information received from you through our Website or our Services is provided at your own responsibility. 

6. Choices related to your personal data

Summary: If you would like to edit your information, delete it, or implement any other of your rights relating to the use of your personal information, email us at [email protected].

We respect different privacy laws across jurisdictions, such as GDPR, California Consumer Privacy Act, and others. Under the applicable laws, you may have the following rights:

  • Access your personal information;
  • Ask to receive a copy of your personal data in a structured, commonly used and machine-readable format or to transmit (if technically feasible) your personal data to another controller (only where our processing is based on your consent and carried out by automated means);
  • Rectify, correct, update, or complement inaccurate or incomplete personal information;
  • Object to the processing of your personal data which is done on the basis of our legitimate interests (e.g., for marketing purposes); or restrict the processing (when there is a legal basis for that);
  • Withdraw your consent for the processing of your personal information, where processing is based on a consent you have previously provided;
  • Request us to delete your personal data (see section 6.2. Data retention and deletion);
  • You also have the right to contact the applicable authorities regarding our processing of your personal data. However, we believe that together we could solve any issues that may arise, so we would be very grateful if you contact us at [email protected] first.

Opt-out. If you receive our communication and wish to unsubscribe from our communication, you can opt out at any time by clicking the “unsubscribe” link at the bottom of each email or contacting us at [email protected].

You can control the use of cookies at the individual browser level on your device. To disable cookies, follow your browser’s instructions on how to block or clear cookies.

If you do not agree with the processing of your personal data by Atlas VPN, please do not use our Services and Website. You can request us to discontinue processing your personal data, in which case your data will be processed only as much as it is necessary to effect the discontinuation of your use of the Services (e.g., final settlement or deleting all personal data based on your email address), or finalizing other Atlas VPN legal relationship with you (e.g., record keeping, accounting, processing refunds). Please note that we or our third-party service providers may be obliged to retain your certain personal data as required by law.

To raise any other questions, concerns, or complaints about our privacy practices or about our processing of your personal data, please contact us at [email protected].

6.1. Country-specific provisions

Information for users from the European Economic Area (EEA). We are based outside the EEA, and we may have third-party service providers that are based outside the EEA as well. These locations may have different data protection rules than your residence. Nonetheless, we use suitable safeguards to make sure that your personal data remains protected according to our Privacy Policy.

Notwithstanding, if you are a resident of EEA countries, you can exercise your rights as provided in the European Union’s General Data Protection Regulation (“GDPR”) and described under section 6. Choices related to your personal data of this Privacy Policy by contacting us at [email protected]

Information for users from California. If you are a California resident, you can exercise your rights as provided in the California Consumer Privacy Act (“CCPA”) by contacting us at [email protected]. As per definitions in the CCPA, please note that Atlas VPN does not sell, share, lease, or rent your personal information. According to that, you have an additional right to once per 12 months ask us to provide you with a copy of your data handled by us.

Do Not Track (DNT). DNT is the concept that has been promoted by regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing Internet users to control the tracking of their online activities across websites. Currently, we do not respond to DNT signals because no DNT standard has been adopted yet.

6.2. Data retention and deletion

Atlas VPN will keep your personal data only as long as necessary to provide you with the Services, or for as long as we have another legitimate ground to do so, but not longer than permitted or required by law. 

Should you wish to have your personal data deleted, please email us at [email protected], and we will, as far as legally possible, comply with your request.

7. Changes to Privacy Policy

Summary: As our Service evolves, our Privacy Policy may be updated. We will notify you about any material changes.

Our Privacy Policy may be updated from time to time. Changes to our Privacy Policy will be effective immediately upon its display unless indicated otherwise. Therefore, we recommend checking it regularly. If there are any substantive changes to this Privacy Policy, we will notify you about the changes (notification through the respective applications, our Website, or via email). The effective date will be visible at the top of the page.

8. Other terms

Summary: Some important final notes.

Limitation of Liability. To ensure the security of personal data, Atlas VPN employs various technical, physical, and organizational security measures; however, it is your responsibility to exercise caution and reason when using the Services and Website. You will be personally liable if your use of the Services and Website violates any third party privacy or any other rights or any applicable laws. Under no circumstances is Atlas VPN liable for the consequences of your unlawful, willful and negligent activities, and any circumstances that may not have been reasonably controlled or foreseen (please read the Terms of Service for more information).

The Privacy Policy is governed by and shall be construed in accordance with the laws stated in Atlas VPN Terms of Service.

Children’s data. Atlas VPN does not knowingly collect or solicit personal data from anyone under the age of 18. If you are under 18, please do not attempt to send any personal data about yourself to Atlas VPN. If we acknowledge that we have collected and processed personal data from a child under the age of 18, we will delete that data as quickly as possible.

Links to other websites. Our Website may include links to other websites (e.g., social media websites) whose privacy practices may be different from ours. If you access any of those websites via such links and/or submit your personal data to any of those websites, your personal data is processed by the procedures established by them and governed by their privacy policies. We encourage you to carefully read the privacy policy (or other respective privacy notice) of any website you visit.

You may not assign or transfer your rights or obligations under this Privacy Policy to any third party.

If you have any questions, comments, or requests regarding this Privacy Policy, please address them to [email protected].

© 2024 Atlas VPN. All rights reserved.