Privacy Policy

Last Updated: January 29, 2025.

Ghosty VPN S.L. is committed to protecting your privacy. This Privacy Policy explains:

  • What personal data we collect and under what conditions.
  • How we use and protect your data.
  • Your rights regarding your personal data.
  • Our commitment to not storing activity logs within the VPN service.

By using Ghosty’s services, you agree to the collection and use of your data as described in this Privacy Policy. If you do not agree, please do not use our services.

INTERPRETATION AND DEFINITIONS

INTERPRETATION

Capitalized words have meanings defined under the following conditions. These definitions shall apply whether they appear in singular or plural form.

DEFINITIONS

For the purposes of this Privacy Policy:

  • Account: A unique account created to access our services.
  • Affiliate: Any entity that controls, is controlled by, or is under common control with another party. “Control” means ownership of at least 50% of the shares, equity interest, or voting rights.
  • Company: Ghosty VPN S.L., also referred to as “we,” “us,” or “our.”
  • Cookies: Small text files stored on your device to save browsing activity, preferences, or session identifiers.
  • Country: Refers to Spain, where Ghosty VPN S.L. is headquartered.
  • Device: Any electronic device capable of accessing our services, such as a computer, smartphone, or tablet.
  • Personal Data: Any information related to an identified or identifiable person, including name, email address, and IP address.
  • Service: Refers to Ghosty VPN software, including the website, application, and any associated services.
  • Service Provider: Third-party companies or individuals that process data on our behalf to facilitate the service, improve its functionality, or analyze usage.
  • Usage Data: Data automatically collected through the service, such as IP addresses, browser types, pages visited, time spent on each page, device identifiers, and diagnostic data.
  • Website: The Ghosty VPN website accessible at www.ghosty.com.
  • You: The individual using our service, or the legal entity on behalf of which such individual is using the service.

COLLECTING AND USING YOUR PERSONAL DATA

TYPES OF DATA COLLECTED

Personal Data 

While using our service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:

  • Name and surname.
  • Email address.
  • Billing and payment information. When purchasing the Pro subscription, payment data such as billing address and transaction details may be collected. Payment processing is managed securely by third-party providers like Stripe, which adheres to industry-leading PCI-DSS standards. Ghosty VPN does not store complete payment details (e.g., credit card numbers).
  • Connection IP address (retained for 14 days for security and troubleshooting purposes).
  • Browser user agent.
  • Session information (retained for 14 days).
  • Device data, such as model, operating system, and browser type.

Usage Data 

Usage Data may include information such as:

  • Your device’s Internet Protocol address (e.g., IP address).
  • Browser type and version.
  • The pages that you visit, the time and date of your visit, and the time spent on those pages.
  • Unique device identifiers and other diagnostic data.
  • Information about software and downloads on your device in order to provide our services.
  • Data temporarily stored by VPN servers:
    • Active connection IP addresses (stored in memory and erased upon server restart).
    • Incoming and outgoing data volume and rates (without logging destinations or visited websites).
    • System usage statistics, including CPU load and network utilization (retained for 30 days).

What We Do Not Collect:

  • We do not store or log data transmitted within the VPN connection.
  • We do not log or provide information about visited websites.
  • We do not associate an IP address with a specific identity.
  • We do not store session duration statistics or interaction logs.
  • No personal user activity logs are stored on VPN servers.

Cookies and Tracking Technologies:

We use Cookies and similar tracking technologies to track activity on our service and store certain information. Tracking technologies used include beacons, tags, and scripts to collect and track information and to improve and analyze our service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some parts of our service.

Cookies can be “Persistent” or “Session” Cookies:

  • Persistent Cookies remain on your personal computer or mobile device when you go offline.
  • Session Cookies are deleted as soon as you close your web browser.

We use both session and persistent Cookies for the purposes set out below:

Necessary / Essential Cookies

Type: Session Cookies

Administered by: Us

Purpose: These cookies are essential to provide you with services available through the Website and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these cookies, the services that you have requested cannot be provided.

Cookies Policy / Notice Acceptance Cookies

Type: Persistent Cookies

Administered by: Us

Purpose: These Cookies identify if users have accepted the use of cookies on the Website.

Functionality Cookies

Type: Persistent Cookies

Administered by: Us

Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.

You can manage your cookie preferences through your browser settings. Disabling cookies may affect functionality.

USE OF YOUR PERSONAL DATA

Ghosty VPN S.L. may use personal data for the following purposes:

  • To provide and maintain our Service: Including monitoring the usage of our Service and ensuring its functionality and security.
  • For contract performance: Developing, complying with, and executing the purchase contract for products, services, or any other agreement with us.
  • To manage your requests: To attend to and manage your requests to us.
  • With Service Providers: We may share personal data with third-party service providers who assist in analyzing service usage, maintaining functionality, and providing support.
  • For business transfers: We may share or transfer personal data in connection with or during negotiations of any merger, sale of company assets, financing, or acquisition of all or part of our business.
  • With affiliates: We may share information with affiliates, including parent and subsidiary companies, under the same privacy obligations.
  • With business partners: We may share personal data with business partners to provide certain products, services, or promotions.

RETENTION OF YOUR PERSONAL DATA

Ghosty VPN S.L. retains personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Retention periods include:

  • Operational logs (IP addresses, user agents, session data in the web application): Retained for 14 days to ensure security and troubleshooting.
  • System logs (CPU usage, network utilization): Stored for 30 days to maintain operational integrity.
  • VPN servers: Do not store activity logs, browsing history, or session interactions. Only temporary connection data (such as active IPs) is stored in memory and deleted upon server restart.

TRANSFER OF YOUR PERSONAL DATA

Your information, including personal data, may be processed at the company’s operating locations or other locations where processing parties are located. This means personal data may be transferred to and maintained on computers outside your jurisdiction where data protection laws may differ.

Ghosty VPN S.L. ensures that all necessary steps are taken to process personal data securely and in accordance with this Privacy Policy. We do not transfer personal data to countries without adequate security measures in place.

DISCLOSURE OF YOUR PERSONAL DATA

Ghosty VPN S.L. is committed to protecting user privacy and only discloses personal data under strictly necessary conditions as outlined below.

BUSINESS TRANSACTIONS

If Ghosty VPN S.L. is involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. In such cases, we will notify you in advance, and any new privacy policy governing your data will be clearly communicated.

LEGAL COMPLIANCE

Under exceptional circumstances, we may be required to disclose your personal data to comply with legal obligations. However, due to our strict no-logs policy , Ghosty VPN S.L. does not store any VPN traffic logs, connection history, or user activity data, meaning we cannot provide information on websites visited, user identities, or VPN session details.

We may disclose limited operational data if legally required, but only under the following conditions:

  • To comply with applicable legal obligations (such as responding to lawful governmental requests where we hold relevant information).
  • To protect our rights or property from fraudulent activities, service abuse, or security threats.
  • To investigate and prevent malicious behavior such as cyberattacks or unauthorized access.
  • To cooperate with law enforcement when legally compelled, but only where such disclosure is legally enforceable and relevant to the data we collect.

If we receive a request for user data that we do not retain (e.g., browsing history or VPN session logs), we cannot provide such information.

SECURITY OF YOUR PERSONAL DATA

Ghosty VPN S.L. implements industry-standard security measures to protect your personal data. However, no transmission or storage system can be guaranteed 100% secure. While we strive to ensure the highest level of security, we encourage users to take precautions, such as enabling two-factor authentication and using strong passwords.

As a user of Ghosty VPN, you have the following rights concerning your personal data

  • Access – You can request a copy of the personal data we hold about you.
  • Correction – You can ask us to correct inaccurate or incomplete information.
  • Deletion – You can request the deletion of your personal data, subject to legal and operational requirements.
  • Restriction – You can ask us to limit the processing of your data under certain circumstances.
  • Objection – You can object to certain types of processing, such as direct marketing.
  • Data Portability – You can request to receive your personal data in a commonly used, structured, and machine-readable format or ask us to transfer it to another provider, where technically feasible.
  • Withdraw Consent – If processing is based on your consent, you can withdraw it at any time.
  • Lodge a Complaint – If you believe your rights have been violated, you may contact us directly or file a complaint with a data protection authority.

THIRD-PRATY LINKS

Our service may contain links to third-party websites or services that are not operated by us. If you click on a third-party link, you will be redirected to that party’s site, which operates under its own privacy policy. We strongly recommend reviewing their privacy policies, as Ghosty VPN S.L. assumes no responsibility for third-party content, policies, or practices.

CHANGES TO THIS PRIVACY POLICY

Ghosty VPN S.L. may update this Privacy Policy from time to time. Any significant changes will be communicated via email and/or a notice on our website. We encourage you to periodically review this Privacy Policy to stay informed about how we protect your personal data.

CONTACT US

If you have any questions about our privacy policy, please feel free to contact us by email: [email protected]

arrow-back-home Back
Imprint Privacy Policy EULA

© Ghosty VPN. All rights reserved.

Scroll to Top