We collect and use VPN Data for the operation of our business to:
- monitor the use of our network for technical purposes and to manage and improve our service;
- prevent and detect fraud against our service (e.g. credit card fraud);
- prevent and detect abuse of our network, such spamming, file sharing or other illicit activity.
Except in the limited circumstances described below, VPN Data is stored for between 2 and 3 months on our secure servers, after which time it is deleted, except in certain very limited circumstances (see below). We delete VPN Data on a monthly basis, so data is stored until the end of the 2nd month after the month during which it is created. For example, all data created in January will be deleted on 31 March.
The exceptions to our retention policies are:
- If we are notified or determine that your VPN account has been used in breach of our End User Agreement (including our Acceptable Use Policy), e.g. for spamming, file sharing or other illicit activity, then we may store your VPN Data for an extended period of time beyond the normal 3 month maximum.
- Where a user has, or has attempted to, defraud us (e.g. by using a stolen credit card to purchase our service), then that user is not covered by the protections in our terms of service and we reserve the right to use any data held on that user in any way we see fit to prevent further fraud against our service or third parties.
If your account is identified by us following a notification that it has been used in breach of our terms of service, we reserve the right to suspend your account to prevent further abuse, however, in such circumstances we will never voluntarily hand over your personal data to a third party unless we are legally compelled to do so in accordance with English law.