Effective Date: November 2025

This Privacy Policy explains how NETVEXA Ltd ("NETVEXA", "we", "us") collects, uses, stores and protects information when you use our services. This Policy should be read alongside our Terms & Conditions.

1. Company & Data Protection

NETVEXA Ltd is registered in England & Wales and with the UK Information Commissioner's Office (ICO) as a data controller under UK GDPR and the Data Protection Act 2018.

2. No Activity Logging

NETVEXA operates a strict no-logs policy. We do not collect or store:

• browsing activity
• connection destinations
• DNS queries
• traffic contents
• historical IP logs

Because we do not retain this data, we cannot provide it to anyone.

3. Information We Collect

We collect only the minimum information required to operate your account and deliver secure connectivity.

3.1 Account Information

• Email address
• Name
• Username
• Subscription status
• VX credit balance

3.2 Operational Metadata

Minimal non-identifying telemetry may be processed for service stability:

• Session start/stop events
• Approximate bandwidth totals
• Server location used (not specific sites/IPs accessed)

3.3 Payment Information

NETVEXA does not store payment card or bank details. All payments are securely handled by GoCardless.

We only receive confirmation metadata (e.g., successful payment notifications).

4. Legal Basis for Processing

• Contractual necessity — to provide your service.
• Legitimate interests — security, fraud prevention, fair usage.
• Legal obligation — complying with UK law.

5. How We Use Your Information

• Account creation and authentication
• Secure service delivery and connectivity
• Managing billing and VX credits
• Detecting abuse, ensuring fair usage
• Meeting legal obligations

6. Law Enforcement Requests

We will comply with valid UK legal orders but can only provide limited account metadata. We cannot provide activity logs, connection histories or traffic data because we do not store them.

7. Cookies & Website Analytics

The public website may use cookies for functionality and analytics. These do not track VPN usage.

8. International Transfers

Where applicable, transfers outside the UK/EEA are protected by adequacy decisions or Standard Contractual Clauses.

9. Data Retention

We keep data only as long as necessary for service operation, legal compliance, or dispute resolution. Non-essential data is deleted when no longer required.

10. Security Measures

We use industry-standard security, encryption, restricted access and protected infrastructure. No system is 100% immune to compromise.

11. Your Responsibility

You are responsible for securing your devices, passwords, and account access. Activity originating from your account may be legally attributable to you.

12. Changes to This Policy

We may update this Policy periodically. Continued use of the Service indicates acceptance of the revised version.

13. Contact

For privacy enquiries, contact us via the NETVEXA portal.