Privacy Policy
Last Updated: June 23, 2025
1. Introduction
This Privacy Policy outlines how Expo VPN (“we,” “us,” or “our”) collects, uses, and safeguards your data when you use our free VPN service. We are dedicated to upholding your privacy rights and adhering to global data protection standards, including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and equivalent laws in other jurisdictions.
2. Data We Collect
We prioritize minimizing data collection and only gather non-personal information necessary to operate and improve our service:
- We do not collect personal information such as names, email addresses, phone numbers, payment details, or any other details that could identify you personally (PII).
- We maintain a strict no-logs policy and do not record, store, or analyze usage data like browsing history, IP addresses, connection timestamps, online activity, or the specific websites or apps you access.
- We may collect device type, operating system (e.g., iOS, Android), app version, and technical specifications (excluding unique device identifiers).
- Aggregated app performance data (e.g., crash reports, connection success rates) to identify and resolve issues — this data cannot be linked to your identity.
3. Legal Basis for Data Processing
We process data only where legally permissible and necessary for service delivery:
- Legitimate Interests: Optimizing service performance, enhancing security, and detecting abuse (e.g., preventing fraud).
- Contractual Necessity: Fulfilling our obligations to provide the VPN service you requested.
- Legal Compliance: Responding to valid legal requests (e.g., court orders) in accordance with applicable laws, after verifying their lawfulness.
4. Data Security
We employ industry-leading measures to protect your data:
- Encryption: All data transmitted via Expo VPN uses advanced encryption protocols to secure connections in transit and at rest.
- Access Controls: Data access is restricted to authorized personnel only, using multi-factor authentication (MFA) and the principle of least privilege.
- Security Audits: Regular independent security assessments and penetration testing to identify and remediate vulnerabilities.
5. Third-Party Services
We may use trusted third-party providers (e.g., analytics, cloud hosting) to support service operations. These partners are prohibited from collecting or accessing personal data, must comply with our strict data protection standards, and do not use your data for advertising or profiling.
6. Your Rights Under Data Protection Laws
Under regulations like the GDPR and CCPA, you have the right to access, correct, delete, or port your data, and to withdraw consent at any time. To exercise these rights, contact us at ganeshglive@gmail.com within 30 days.
7. Children's Privacy
Expo VPN is not intended for users under the age of 13 (or the minimum age required by your jurisdiction). We do not knowingly collect data from children. If you believe we have inadvertently collected data from a child, please contact us immediately for deletion.
8. Data Retention & Storage
Temporary technical and diagnostic data is automatically deleted within 30 days of collection, unless retention is required by law. We do not store any user data beyond the minimum period necessary to provide and improve our service.
9. Cross-Border Data Transfers
Your data may be processed in countries outside your region as part of our global infrastructure. We rely on GDPR-approved mechanisms (e.g., Standard Contractual Clauses) or equivalent safeguards for cross-border transfers.
10. Cookies & Tracking Technologies
We use cookies only for essential purposes such as session management and anonymized service performance analytics. You can disable non-essential cookies via your browser settings.
11. Changes to This Policy
We may update this policy to reflect legal changes or service improvements. Revisions will be posted with the “Last Updated” date. Continued use of our service after changes constitutes your acceptance of the updated policy.
12. Contact Us
For any questions regarding this Privacy Policy, please contact us at: ganeshglive@gmail.com