Home  /  Privacy Statement

Privacy Statement

The short version: we do not log your browsing activity. We collect the minimum information needed to operate the service, and we explain what that is in plain language below.

Effective: 2026-04-01 Version: 1.0 Language: English
Data Type
Purpose
Collected?
Browsing activity
URLs, websites, traffic content, and DNS queries.
No
Connection logs
When you connected, for how long, and to which server.
No
Source IP address
The IP address you connect from.
Not stored
Account identifier
An anonymous identifier used to verify your subscription status.
Yes
Subscription status
Provided by Apple via In-App Purchase receipts. Used to grant service access.
Yes
Diagnostic data
Crash reports and aggregate performance metrics, only if you opt in.
Optional
Support correspondence
The content of any email you send to us, retained only as long as needed.
If you contact us

Scope

This Privacy Statement describes how Max VPN ("we", "us", "our") handles information in connection with the Max VPN mobile application and the related VPN service (together, the "Service").

It applies to all users of the Service. By installing or using the app, you confirm that you have read and understood this Statement.

Our Principles

Three principles guide every decision we make about user data:

  1. Don't collect what we don't need. The most reliable way to protect data is not to collect it in the first place.
  2. Don't link what we do collect. Where some collection is necessary (for example, to verify a subscription), we keep it separated from your activity on the Service.
  3. Be honest about the rest. We tell you, in plain language, exactly what we collect and why.

No Activity Logs

We do not log, monitor, or store any of the following:

  • The websites or apps you connect to through the VPN.
  • The content of your network traffic.
  • DNS queries made while connected to the Service.
  • Connection timestamps, session durations, or bandwidth usage tied to your account.
  • Your originating IP address, beyond the brief moment needed to establish a session.

This is enforced by the design of our infrastructure, not just by policy. Our servers are configured to not write session data to persistent storage, and the operational tooling we use does not provide a way to retrieve such data.

What this means in practice: if we are asked to identify what a specific user did while connected to the Service, we cannot do so, because we do not have the data and have no way to reconstruct it.

What We Actually Collect

Account identifier

When you first launch the app, we generate an anonymous account identifier on your device. This identifier is used solely to verify whether you have an active subscription. It is not linked to your name, email address, or Apple ID.

Subscription status

Subscriptions are processed by Apple through In-App Purchase. Apple provides us with a receipt that confirms whether your subscription is active. We do not receive your full Apple ID, payment method, billing address, or any personal payment details.

Billing, renewals, refunds, and cancellations for App Store subscriptions are handled by Apple under their terms. To manage your subscription, open Settings > [your name] > Subscriptions on your iOS device.

Diagnostic data (optional)

If you choose to share diagnostic data, the app may send anonymous crash reports and aggregate performance metrics (for example, connection success rates per region) to help us identify and fix bugs. This is opt-in and can be disabled at any time in the app's settings. We do not collect diagnostic data unless you have opted in.

Support correspondence

If you email our support address, we will store your message and our reply for as long as needed to resolve the issue. You can request that we delete this correspondence at any time.

What this website collects

This website does not use cookies, third-party trackers, or analytics services. We do not collect any personal information from visitors to this website.

Why We Collect It

The limited information we do collect serves the following purposes:

  • Providing the Service: verifying your subscription so you can use the VPN.
  • Improving stability: understanding crashes and aggregate performance issues, when you have opted in to share diagnostic data.
  • Responding to you: answering your support questions when you contact us.
  • Complying with the law: meeting binding legal obligations that apply to us.

We do not use any of the information described in this Statement for advertising, profiling, or sale to third parties.

Sharing With Third Parties

We do not sell your data. We do not share your data with advertisers or data brokers. The only third parties that may receive any data are:

  • Apple Inc. — handles all subscription payments and provides us with receipts. Apple's handling of your data is governed by Apple's own privacy policy.
  • Our infrastructure providers — operate the servers that run the VPN. They process traffic in transit but do not have access to its content because it is encrypted, and they do not retain logs on our behalf.

We may disclose information if required to do so by a valid legal order issued under the laws of a jurisdiction we operate in. In such cases we disclose only what we are legally required to disclose, and only what we actually have.

How Long We Keep Data

  • Account identifier and subscription status: for as long as your subscription is active, plus 90 days, after which it is deleted.
  • Diagnostic data (if opted in): retained in aggregate form only, with no per-user identifier, for up to 12 months.
  • Support correspondence: up to 24 months after resolution, or earlier on request.
  • VPN session data: not retained. See § 03.

Security

We take reasonable technical and organisational measures to protect the limited data we hold. These include encryption in transit, restricted access to production systems, and regular review of our security practices.

No system can be guaranteed perfectly secure. If we become aware of a security incident affecting your data, we will notify affected users without undue delay and in accordance with applicable law.

Your Rights

Depending on where you live, you may have some or all of the following rights with respect to information we hold about you:

  • Access — to request a copy of the data we hold about you.
  • Correction — to ask us to correct inaccurate data.
  • Deletion — to request that we delete your data, subject to retention requirements above.
  • Objection or restriction — to object to or restrict certain processing.
  • Withdraw consent — where processing is based on consent (such as diagnostic data).
  • Complain — to your local data protection authority.

To exercise any of these rights, email us at the address in § 12 with your account identifier.

If you are a California resident, you also have the right to know what categories of personal information we collect, the right to delete, and the right not to be discriminated against for exercising your rights. We do not "sell" or "share" personal information as those terms are defined under the CCPA/CPRA.

Children

The Service is not directed at children under 13, and we do not knowingly collect information from children under that age. If you believe a child has provided us with information, please contact us and we will delete it.

Changes to This Statement

We may update this Privacy Statement from time to time. The "Effective" date at the top of this page reflects the most recent change. If we make material changes, we will notify users through the app before the change takes effect. Continued use of the Service after the effective date means you accept the updated Statement.

Contact

For questions about this Privacy Statement, or to exercise any of your rights, please contact us at:

contact@aiappshub.xyz

We aim to respond to all enquiries within 30 days.