Privacy Policy
Your privacy is our mission. This policy explains what data we collect (minimal) and what we never collect.
Last updated: June 30, 2026
What We Collect
Email address
Account creation and support communication
Payment information
Subscription billing (processed by Stripe)
What We Never Collect
Browsing history or website visits
The sites or apps you use
Traffic data or content
DNS queries
Original IP addresses paired with your activity
Connection logs linking your identity to your browsing
1. Privacy Overview
OrbVPN is committed to protecting your privacy. We operate under a strict no-logs policy: we do not monitor, record, log, store, or share your VPN activity. Our infrastructure is designed from the ground up to be unable to identify users or their activities.
2. Our No-Logs Policy
We do NOT log your browsing activity, the sites or apps you use, your original or assigned IP address paired with your activity, DNS queries, or the content of your traffic. Our servers run entirely in RAM. When a server is rebooted, all data is permanently erased. (To keep the service working under censorship, we do retain anonymized connection-performance metrics — see section 3 — which record which connection method succeeded on which network, never what you browse.)
3. Connection Performance Telemetry (Anti-Censorship)
Because OrbVPN must keep working inside networks that actively block VPNs (e.g. China, Iran, Russia), the app records anonymized, aggregate metrics about each connection attempt: which protocol, traffic-disguise (mimicry) profile, transport, CDN front, and bridge mode were tried; whether it succeeded, how long it took, and a coarse error category; and coarse network context (your country, your network operator/ASN, a non-reversible network fingerprint that cannot be turned back into your identity, and the approximate time of day). This is used only in aggregate to learn which connection method gets through the firewall on each network, so users connect faster and more reliably. It never includes your browsing content, destinations, DNS queries, or which sites or apps you use — it measures whether the tunnel connected, not what flows through it, and is never used to identify or track individuals.
4. Information We Collect
To provide our service, we collect minimal personal information: Email address (for account access), hashed password (we cannot see your actual password), and payment transaction references (not full card details).
5. How We Use Your Information
We use the limited information we collect for service provision, communication, payment processing, service improvement through anonymous aggregate data, and keeping the service reachable under censorship via the anonymized connection telemetry in section 3. We never sell, rent, or share your personal information with third parties for marketing purposes.
6. Jurisdiction & Legal
OrbVPN operates under jurisdiction with strong privacy protections and no mandatory data retention laws. If we receive a valid legal request, we can only provide the minimal account information we store. We cannot provide your browsing activity or traffic content because they do not exist.
7. Security Measures
We implement RAM-only servers, AES-256-GCM encryption, Perfect Forward Secrecy, private DNS servers, bcrypt password hashing, and optional two-factor authentication.
8. Your Rights
You have the right to access, correct, delete, and port your data. You can delete your account at any time through the app or by contacting support. Contact privacy@orbvpn.com to exercise these rights.
9. Contact Us
For privacy-related questions: privacy@orbvpn.com. For support: support@orbvpn.com. Response time: Within 48 hours for general inquiries, within 30 days for data access requests.