EventVPN

This Privacy Policy ("Policy") sets forth the manner in which Netshield Limited ("EventVPN," "we," "us," or "our") collects, uses, discloses, and protects personal data obtained from users ("User," "you," or "your") in connection with the use of the EventVPN application and related services ("the Service").

By accessing or using the Service, you agree to the terms of this Policy and consent to the data practices described herein.

1. Data Collection and Use

EventVPN is designed as a decentralized, serverless VPN solution operating via the WireGuard protocol. As a result:

EventVPN does not collect, monitor, store, or retain any information relating to your VPN tunnel activity, including:

Browsing history,
Connection timestamps,
Source or destination IP addresses,
Bandwidth consumption, or
DNS queries.

However, to enhance functionality, improve user experience, subscribe to premium features, and support limited marketing operations, we may collect certain categories of data as described in the table below.

Table: Categories of Data Collected and Purpose

Category of Data	Purpose of Collection	Legal Basis	Collected Through
Crash & Usage Analytics	Diagnose app crashes, monitor performance, improve stability	Legitimate Interests / Consent (EEA/UK)	Firebase (Google LLC)
Advertising ID (IDFA/GAID)	Serve ads, track ad performance, manage rewards for free VPN access	User Consent (ATT/iOS prompt or Android)	AdMob, Appsflyer
General Location Data	Regional feature access, localized promotions	User Consent	Device settings, Braze, AdMob
Push Notification Token	Deliver feature updates and important in-app messages	Legitimate Interests / Consent	Braze, Firebase
Subscription Status	Determine access to premium VPN regions and show relevant offers	Performance of Contract / Legitimate Interests	Internal App Logic / Braze
User Engagement Data	Improve marketing campaigns	User Consent	Braze

2. Third-Party Services

The Service incorporates third-party technologies for analytics, advertising, and feature enablement. These include:

Firebase (Google LLC) – For crash diagnostics and performance analytics.
AdMob (Google Mobile Ads) – To display interstitial and rewarded ads.
Braze – For user engagement tracking, personalized content, and optional data processing.
Appsflyer – For ad attribution and performance measurement.

Data shared with these services is limited to the minimum required for the specified purpose and is subject to appropriate technical and contractual safeguards.

3. Legal Basis for Processing

We process personal data under the following legal bases:

Consent – For optional data and advertising tracking.
Legitimate Interests – To ensure Service security, analytics, and core functionality.
Performance of a Contract – Where necessary to provide access to paid or premium features.
Legal Obligations – To comply with applicable laws.

3.a Legal Basis for Marketing

If you are located in the European Economic Area (EEA), the United Kingdom (UK), or another jurisdiction where the General Data Protection Regulation (GDPR) applies, the following provisions govern our use of your data for advertising:

3a.1 Consent-Based Advertising

We rely on your explicit consent (pursuant to Article 6(1)(a) GDPR) before:

Accessing or collecting your advertising identifier (e.g., IDFA or GAID);
Delivering personalized advertisements or sponsored content;
Sharing advertising identifiers with third-party advertising and attribution partners.

Consent is collected via in-app mechanisms or platform-specific prompts (e.g., App Tracking Transparency for iOS), and you may withdraw your consent at any time without affecting the lawfulness of prior processing.

3a.2 Types of Advertising

We may serve the following:

Personalized Ads: Based on optional demographic and behavioral data (e.g., engagement, region), subject to your prior consent.
Non-Personalized Ads: Displayed based on general context (e.g., device type or location) and not reliant on tracking technologies.

3a.3 Advertising Partners

We may share limited, consent-based data with the following third-party partners:

Partner	Purpose	Privacy Policy
Google AdMob	Ad delivery and performance analytics	https://policies.google.com/privacy
Appsflyer	Ad attribution and optimization	https://www.appsflyer.com/privacy-policy/
Braze	In-app engagement and promotions	https://www.braze.com/company/legal/privacy

These partners may act as independent data controllers or processors, as applicable.

3a.4 User Controls for Ads

You may manage or revoke advertising-related consent at any time through:

In-app privacy settings (where available);
Resetting your device's advertising identifier;
iOS: Settings > Privacy > Tracking
Android: Settings > Privacy > Ads > Reset Advertising ID
Visiting opt-out tools such as YourOnlineChoices.eu

Withdrawal of consent will not affect your access to core VPN services but may limit access to ad-supported features.

4. Data Retention

We retain personal data only for as long as is strictly necessary for the purposes outlined in this Policy, or as required by applicable law. VPN traffic-related data is never retained, as it is never collected.

5. User Rights

Depending on your jurisdiction, you may have the right to:

Request access to or deletion of your personal data;
Withdraw consent at any time (with effect for the future);
Object to or restrict certain types of processing;
Lodge a complaint with a data protection authority.

Requests can be submitted via the contact information provided in Section 10.

6. Children's Privacy

The Service is not directed to, and we do not knowingly collect data from, individuals under the age of 16 (or equivalent minimum age in your jurisdiction). If you believe we have inadvertently collected such data, please contact us to request deletion.

7. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect personal data from loss, misuse, or unauthorized access. However, no method of transmission or storage is fully secure, and you acknowledge this inherent risk.

8. International Data Transfers

Your personal data may be transferred to and processed in countries other than your country of residence, including the United States. Where applicable, we use legally recognized safeguards, such as Standard Contractual Clauses, to ensure lawful data transfer.

9. Governing Law and Jurisdiction

This Privacy Policy shall be governed by, and construed in accordance with, the laws of the Republic of Cyprus, without regard to conflict of law principles. You agree that any disputes arising in connection with this Policy shall be subject to the exclusive jurisdiction of the courts of Cyprus.

10. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy, you may contact us at:

EventVPN DPO: dpo@eventvpn.com

11. Modifications to this Policy

We reserve the right to amend this Privacy Policy at our sole discretion. Any material changes will be communicated via in-app notice or other prominent means. Continued use of the Service after such changes constitutes acceptance of the revised Policy.