Privacy Policy – Stellar VPN

Last updated: October 14, 2025

Stellar Technology AG · Switzerland

1. General Principles

At Stellar VPN, privacy is the foundation of our product design. We build systems that minimize data creation, collection, and retention. We comply with Swiss data protection law (FADP) and, where applicable, the EU GDPR.

  • We do not log your online activity.
  • We do not sell or share personal data with advertisers.
  • We use modern encryption to protect connections and infrastructure.

2. Information We Do Not Collect

We deliberately avoid collecting data that could identify what you do online. Specifically, we do not record:

  • Traffic content, browsing history, or destination URLs
  • Source IP address assigned by your ISP
  • DNS queries resolved through our network
  • Connection timestamps, session durations, or bandwidth usage per user
  • Any activity logs or identifiers linking a user to specific network actions

Our VPN gateways operate without persistent disks. Operational data in memory is ephemeral and cleared during routine processes and reboots.

3. Information We May Process (Minimal)

To run the service and fulfill our contract with you, we may process limited information:

  • Account data: email address (if you register with Stellar ID), subscription tier, and license status.
  • Payment data: handled by PCI-compliant processors. We do not store full card details.
  • Diagnostics (opt-in): anonymous crash logs and performance metrics used solely to fix bugs and improve reliability.

4. How We Use Data

  • Authenticate users and maintain subscriptions
  • Operate and secure VPN infrastructure
  • Provide customer support upon your request

We do not build behavioral profiles or attempt to link network activity to identities.

5. Data Storage & Security

  • Minimal account data is stored in secure environments under Swiss jurisdiction.
  • We employ strong cryptography for data in transit and at rest (e.g., AES-256 or ChaCha20-Poly1305, TLS 1.3).
  • Access controls follow least-privilege and are protected by multi-factor authentication.

6. No-Logs Policy

We are a zero-logs VPN. We cannot disclose what we never collect. If we receive a lawful request, we can only confirm whether an account exists and its subscription status. We plan periodic independent audits to verify our claims.

7. Your Rights

Under the Swiss FADP and, where applicable, the GDPR, you may:

  • Request access to your personal data
  • Request correction or deletion
  • Object to or restrict processing
  • Request data portability

Requests can be made via the contact details below. We will verify and respond within applicable legal timeframes.

8. Third-Party Processors

We minimize external dependencies. Where we use vetted service providers (e.g., payment processors, optional analytics), they act under data-processing agreements and do not receive VPN traffic content or activity logs.

9. International Data Transfers

Account-level data may be processed outside Switzerland by our processors under appropriate safeguards (e.g., SCCs under GDPR). VPN traffic itself is not linked to identities and is not shared with processors.

10. Children’s Privacy

Stellar VPN is not intended for individuals under 16. We do not knowingly collect personal data from minors.

11. Changes to This Policy

We may update this Privacy Policy to reflect legal, technical, or operational changes. We will update the “Last updated” date and, where required, notify you via the app or website.

12. Contact & Controller

Data Controller: Stellar Technology AG, Switzerland.

For requests or questions, contact us at: privacy@stellarvpn.com