PanicVPN — Privacy Policy

01

Preamble & definitions

This document (the "Policy") is both a public offer and a data-processing policy of the PanicVPN service (the "Service", "Operator", "we"). Account registration, payment of a subscription, or any actual use of the Service constitutes the User's unconditional acceptance of all provisions of this Policy in the version effective at the time of use.

Definitions. "Account" — a user record in the Service. "Subscription" — an active paid or trial plan. "Balance" — an internal accounting value of the Account used for paying Subscriptions and other in-Service operations. "Content" — any data transmitted by the User through the VPN tunnel.

02

Data we process

We adhere to the principle of data minimisation. Only the following limited dataset is processed:

2.1 Account identification data.

username (login);
Telegram identifier and public fields delivered by the Telegram Login widget;
cryptographic hash of the password (bcrypt) — the plain password is never stored;
interface preferences (language, theme, notification settings).

2.2 Billing data.

Subscription history (tariff, period, status);
Balance operations (top-ups, charges, adjustments);
internal transaction identifiers passed by payment providers. Card numbers and wallet credentials are never received or stored by the Operator.

2.3 DNS infrastructure telemetry. The Service operates its own DNS resolvers. At the DNS layer an aggregated, anonymised stream of domain requests is recorded — without linkage to any Account, IP address, session timestamp, or other direct or indirect identifier. Correlation of a DNS query with a specific User is architecturally impossible.

03

Zero-log commitments

The Service is built on a zero-log architecture. The Operator does not generate, collect, store, or have the technical ability to derive:

VPN connection logs;
User activity logs inside the VPN tunnel;
websites, URLs, or destination addresses linked to a specific Account;
individualised traffic volumes per User;
real IP addresses of Users during VPN use;
session metadata enabling User identification.

The multi-hop architecture additionally guarantees that no chain node holds the full route. The entry node does not know the final destination; the exit node does not know the User's real IP; intermediate nodes see only adjacent links.

04

Processing purposes

Data from section 2 is processed exclusively for:

Service access and authentication;
Subscription accounting and Balance management;
delivery of service notifications via Telegram;
protection from fraud and brute-force attempts;
ensuring availability and performance.

05

Disclosure to third parties

5.1 We do not sell, exchange, or transfer User data to third parties for commercial purposes.

5.2 We do not engage in profiling or behavioural advertising.

5.3 Due to the zero-log architecture (section 3), the Operator objectively does not possess data about User activity inside the VPN tunnel. Any request for such data cannot be satisfied because the relevant information does not exist.

5.4 The minimally necessary technical data listed in §2.1–2.2 is transmitted only to the following processors in the scope required for the corresponding function: Telegram (auth, notifications); SeverPay / CryptoBot / Telegram Stars (payments); PanicVPN-panel (VPN subscription provisioning).

06

Storage & security

6.1 Account data is stored in protected PostgreSQL databases. Sensitive fields (tokens, recovery phrases, integration secrets) are encrypted with AES-256-GCM. Passwords are stored as bcrypt hashes and cannot be reversed.

6.2 Infrastructure access is restricted and protected by multi-factor authentication, privilege separation, and admin audit. CSP, CSRF protection, rate-limiting, session isolation, and forced termination of compromised sessions are in place.

6.3 Storage periods are limited to production necessity. Expired Subscriptions and related anonymised technical telemetry are deleted automatically on schedule.

6.4 No Internet service can guarantee absolute protection. The Operator is not liable for incidents caused by compromise of the User's device, leakage of the User's credentials through the User's fault, or actions of third parties outside the Service infrastructure.

07

Acceptable use & User responsibility

7.1 The single technical restriction: transmission of torrent / P2P traffic is prohibited. The restriction is enforced by traffic-signature analysis, without inspecting payload or correlating with Accounts. Violations trigger access restriction or termination without refund.

7.2 Except for §7.1, the Service does not restrict the direction or content of transmitted traffic. The User independently determines the purpose and nature of their network activity.

7.3 The Service is a technical tool of encryption and traffic routing and is not a party to the User's communications. The User bears sole and full responsibility for the conformity of their actions with the law applicable to them. The Operator does not act as editor, moderator, or classifier of the User's traffic; has no knowledge of its nature in light of the zero-log architecture; does not evaluate the legality of the User's actions; and is not liable for any direct, indirect, incidental, punitive, or other damages of the User or third parties arising in connection with the use of the Service.

7.4 The Service does not impose a minimum age and is available to all persons without restrictions. Responsibility for the conformity of such use with the law applicable to the User rests solely with the User or their legal representative.

7.5 By registering, the User confirms having sufficient legal capacity to enter into this Agreement and that use of the Service does not violate the User's obligations to third parties.

08

Operator rights

By using the Service, the User acknowledges the Operator's full operational, technical, and commercial rights to manage the Service, Accounts, Subscriptions, and Balances. The Operator is entitled, at any time and without prior notice or the need to justify, to:

change, suspend, extend, restrict, reissue, or terminate any Subscription;
block, freeze, activate, deactivate, delete, merge, rename, or reassign Accounts;
change the composition, count, and characteristics of locations available under any tariff, including adding and removing locations without recalculation of the cost of paid periods;
change prices, durations, limits, and other tariff parameters; introduce, modify, or terminate promo codes, bonuses, referral programs, and other marketing mechanics;
fully manage Account Balance — credits, debits, corrections, recalculations, freezes, zero-outs — for billing, technical-error remediation, fraud prevention, and other production purposes. The internal Balance is a conditional accounting unit and not a monetary obligation of the Operator in the sense of civil turnover;
limit, suspend, or refuse refunds for an unused Subscription period;
change multi-hop routing, protocol versions, transfer load to backup nodes, and perform other technical work;
introduce scheduled and unscheduled maintenance;
refuse or terminate the Service for any User or category of Users at the Operator's discretion;
amend this Policy at any time by publishing a new version.

Exercising the Operator's rights under this section does not affect the publicly declared zero-log commitments (§3) and non-disclosure of User data (§5).

09

Disclaimer & limitation of liability

9.1 The Service is provided on an "AS IS" and "AS AVAILABLE" basis. The Operator does not guarantee uninterrupted, error-free operation; specific speed, latency, or availability metrics; fitness for the User's particular purposes; or compatibility with arbitrary software and third-party services.

9.2 To the maximum extent permitted by applicable law, the Operator's total aggregate liability does not exceed the amount actually paid by the User under the current Subscription for the month in which the ground for liability arose.

9.3 Under no circumstances is the Operator liable for loss of profit, reputational damage, loss of User data, or other indirect damages.

10

User rights

Request the composition of data stored about him (username, Telegram ID, Subscription history, Balance operation history);
Demand deletion of the Account; identification data is erased, active Subscriptions are terminated, the remaining Balance is forfeited without refund;
Withdraw consent for data processing by ceasing to use the Service and deleting the Account;
Opt out of Telegram service notifications through the personal cabinet settings.

Requests are sent through official support channels. The Operator may establish reasonable identity-verification procedures to protect the Account from unauthorised requests.

11

Cookies & local storage

The Service uses only strictly necessary cookies and localStorage to maintain a session, save user preferences (language, theme, font), and protect against CSRF attacks. Advertising, behavioural, and tracking cookies of third-party networks are not used.

12

Cross-border processing

The Service infrastructure is distributed across several jurisdictions. By using the Service, the User consents to the processing and storage of the minimally necessary data (section 2) on servers located outside their country of residence.

13

Dispute resolution

13.1 Before resorting to other procedures, the User shall send a claim to the Operator's support via the official channels. The Operator considers the claim within a reasonable period.

13.2 Disputes not resolved through negotiations are resolved at the Operator's location, unless otherwise expressly provided by mandatory provisions of applicable law.

14

Changes & contacts

The current version of this Policy is published on the Service's website with the date of last update. Material changes are additionally announced through the official Telegram channel. Continued use of the Service after publication of a new version means acceptance by the User.

Contacts. Official Telegram support — @lottman.