Privacy Policy

Our core principle

Torvad exists to protect your privacy. We collect the absolute minimum data required to operate our services — and nothing more. We do not know who you are, and we want to keep it that way.

What we collect

When you create an account, we generate a random 16-digit number. This is the only identifier associated with your account. We do not collect:

• Names, email addresses, or phone numbers
• Physical addresses or locations
• IP addresses (not stored beyond the active session)
• Browser fingerprints or device identifiers
• Usage patterns or behavioral data

Account data

Your account consists solely of:

• A 16-digit account number (randomly generated)
• Account expiration date
• Active service subscriptions

We cannot link this information to any individual person.

Payment data

We record the payment method type (e.g., "card", "crypto") and the amount. For card and PayPal payments, the transaction is processed by third-party providers (Stripe, PayPal) who handle payment details directly. We never see or store your full card number, bank account, or PayPal credentials.

Cash and cryptocurrency payments are inherently anonymous.

Email service

Emails are stored encrypted at rest. We do not scan, index, or analyze the content of your messages. We do not log sender/receiver metadata, subject lines, or timestamps beyond what is required for mail delivery. Stored emails are permanently deleted 30 days after account expiration.

VPN service

We operate a strict no-log VPN. We do not record:

• Traffic logs or packet contents
• DNS queries
• Connection timestamps
• Session durations
• Source or destination IP addresses
• Bandwidth usage per user

Our VPN servers run in RAM-only mode. No data persists after a server reboot.

DNS service

We do not log DNS queries. We do not filter, redirect, or manipulate DNS responses. Query processing happens in memory only and is not written to disk.

Website

This website does not use cookies for tracking, analytics, or advertising. A session cookie is used solely to maintain your login state and is deleted when you close your browser.

We do not use any third-party analytics, tracking pixels, or advertising networks.

Data sharing

We do not sell, trade, or otherwise transfer your data to third parties. Because we collect virtually no data, we have virtually nothing to share.

In the event of a legal request, we can only provide what we have: an account number and its expiration date. We cannot identify the person behind an account.

Data retention

Account data is retained for 30 days after expiration, then permanently deleted. Payment records are retained for the minimum period required by applicable financial regulations, after which they are deleted.

Your rights

You may request deletion of your account at any time. Since we hold no personal data, there is effectively nothing to export under data access requests — but you are welcome to ask.

Contact

For privacy-related questions: privacy@torvad.eu