Privacy Policy
Last updated: May 18, 2026
GridlockOnline ("we", "our", or "us") operates the ExonVPN mobile application. This Privacy Policy explains how we collect, use, and protect your information when you use our Service.
1. Information We Collect
We adhere to the principle of data minimization. We collect only the information strictly necessary to provide the ExonVPN service:
- Device Identifier: Your Android ID is used for account creation and authentication. We do not collect your name, email, or phone number.
- Local Usage Data: Connection duration and data transfer volume (upload/download) are stored locally on your device only for display in the app's usage chart. This data is NOT transmitted to our servers.
- App Preferences: Settings such as your compliance agreement status and connection preferences are stored locally on your device in encrypted storage. These are never transmitted to our servers.
2. Information We Do NOT Collect
- We do NOT log your browsing history, DNS queries, or the content of your traffic.
- We do NOT track the websites you visit or the applications you use while connected.
- We do NOT store your originating IP address after the VPN session ends.
- We operate a strict no-logs policy regarding your online activities.
3. How We Use Your Information
- To authenticate your device and maintain your account.
- To provide, maintain, and improve the VPN service.
- To monitor aggregate service usage for capacity planning.
- To detect and prevent fraud, abuse, or violations of our Terms.
4. Data Sharing & Third Parties
We do NOT sell, trade, or rent your personal information to third parties. We may share data only in the following limited circumstances:
- When required by law or in response to valid legal process.
- To protect our rights, privacy, safety, or property.
5. Data Retention
Device identifiers are retained for the duration of your account's existence. Aggregated usage statistics are retained for up to 12 months for service improvement purposes. You may request account deletion at any time by contacting us.
6. Data Security
We employ industry-standard security measures including:
- AES-256-GCM encryption for all API communications.
- TLS 1.2+ for all network connections.
- Request signing (HMAC) to prevent tampering.
- Encrypted local storage using MMKV with per-app encryption keys.
7. Children's Privacy
Our Service is not directed to children under 13. We do not knowingly collect personal information from children. If we discover that a child under 13 has provided us with personal information, we will delete it promptly.
8. Your Rights
Under applicable data protection laws — including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) — you may have the right to:
- Access the personal data we hold about you.
- Request correction or deletion of your data.
- Object to or restrict processing of your data.
- Data portability.
To exercise any of these rights, please contact us at the email address below.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.
10. Contact Us
If you have any questions about this Privacy Policy, please contact us at:
support@gridlockonline.com