FastLink VPN Privacy Policy

1. Preface and Scope of Application

1. This Privacy Policy applies to all products and services provided by FastLink VPN (hereinafter referred to as "we"), including but not limited to the FastLink VPN official website, Windows/macOS/Android/iOS/TV clients, router firmware, API interfaces, paid subscriptions, customer service systems, and related technical support services.

2. This policy aims to clearly, transparently, and completely explain: what information we collect, how we use it, how we store it, how we protect it, how we share it, and what rights users have.

3. We adhere to the four core principles of minimal necessity, default privacy, zero-log core, and compliance transparency. All data processing complies with the Cybersecurity Law of the People's Republic of China, the Personal Information Protection Law, the Data Security Law, and global mainstream privacy protection standards.

4. Your use of FastLink VPN indicates that you have fully read, understood, and agreed to all provisions of this Privacy Policy.

2. Core Commitment: FastLink VPN Zero-Logs Policy

We absolutely do not collect, record, or store any of the following information:

User's real IP address, exit IP address, connection timestamp

Accessed website domains, apps, services, browsing history

DNS query records, traffic content, transmitted data

Session duration, bandwidth usage, device location information

Any network behavior data that can be linked to user identity

Zero-Log Technical Safeguards:

Global nodes adopt RAM-only architecture with no hard disk storage; all data is cleared upon restart

No log systems, no traffic auditing, no session traces saved

Third-party security institutions regularly audit the zero-log architecture and publish audit summaries

Data retention is eliminated at the architectural level, making user behavior physically untraceable

3. "Absolutely Minimal Necessary Information" We Collect Only

To ensure account security, service availability, payment processing, and troubleshooting, we only collect minimal non-identifiable data:

1. Account Registration and Identity Information

Registration email (used for login, password recovery, order notifications, service updates)

Anonymous email registration is supported; real name, phone number, or ID card are not required

No unnecessary real-name authentication; no biometric information collected

2. Payment and Order Information

Order number, payment channel, package type, validity period, payment status

Payments are processed by licensed third-party institutions; we do not store bank card/payment passwords

Data is only used for order verification, invoicing, refunds, and risk control

3. Device and Client Information (Fully Anonymous)

Device type, system version, client version number

Unique device identifier (hashed, irreversible)

Crash logs, connection error codes (excluding any personal data)

Only used to optimize stability, fix bugs, and not linked to user identity

4. Website and Marketing Data (Anonymous Statistics)

Official website visit source, page dwell time, click behavior (aggregated statistics)

Cookies are only used to maintain login status and prevent attacks, not to track individuals

No cross-site tracking, no linking to user network behavior

4. Information Usage Rules (Only for the Following Legitimate Scenarios)

Provide, verify, and maintain FastLink VPN services and account status

Process orders, payments, invoices, subscription management, and refunds

Client updates, troubleshooting, performance optimization, and security protection

Prevent fraud, abuse, attacks, malicious use, and violations

Fulfill legal obligations and respond to legally effective legal documents

Send service notifications to users (non-marketing emails, unsubscribe at any time)

Prohibited Uses:

Never used for advertising tracking, user profiling, or commercial monetization

Never analyze, monitor, or disclose user access content and network behavior

Never use data for any purpose not specified in this policy

5. Rules for Data Sharing, Transfer, and Disclosure

1. Absolute Prohibition

Never sell, rent, trade, or indirectly transfer any user data

Never share user behavior, connection logs, or traffic content with third parties

2. Minimal Permissible Sharing Scope

Third-party payment institutions (only order and payment status)

Customer service systems (only consultation content actively submitted by users)

Security service providers (only anonymous crash logs and attack protection data)

All partners must sign strict confidentiality agreements and follow equivalent protection standards

3. Legally Compelled Circumstances

Only respond to formally legally effective documents (search warrants, court judgments, etc.)

Only provide the minimal scope of information explicitly required by law

Due to the zero-log architecture, there is usually no user behavior data available to provide

To the extent permitted by law, we will notify users of relevant requests (unless prohibited by confidentiality injunctions)

6. Data Security Protection System (Comprehensive Technical and Administrative Measures)

1. Transmission Security

AES-256-GCM military-grade encryption

High-strength protocols such as WireGuard / OpenVPN

Perfect Forward Secrecy (PFS) with per-session keys; compromise does not affect historical data

DNS leak protection, IP leak protection, automatic kill switch

2. Storage Security

Zero-log + RAM-only architecture with no persistent data storage

Full disk encryption on servers, multi-factor authentication, strict access control

24/7 intrusion detection, DDoS protection, abnormal behavior monitoring

Regular security penetration testing, vulnerability fixes, and architecture upgrades

3. Administrative Security

Principle of least privilege for employees, hierarchical management, and operation auditing

All employees sign confidentiality agreements that expire immediately upon resignation

Data access requires approval; no individual can access user information at will

Regular privacy and security training; disclosure of any user data is strictly prohibited

7. Data Storage Location and Retention Period

Account and order data are stored in compliant regions that meet national laws and regulations

Session data: Not stored; destroyed immediately upon disconnection

Crash logs: Automatic deletion cycle ≤ 7 days

Order and financial data: Destroyed after retention period required by tax and legal regulations

After user account cancellation: All relevant data is irreversibly deleted immediately

8. User Privacy Rights (Full Support)

Users may exercise the following rights at any time, free of charge, and independently:

Access/Inquiry: View account information, subscription status, usage records

Correction/Modification: Update email, password, personal information

Deletion/Cancellation: One-click account cancellation with permanent data erasure

Withdrawal of Consent: Disable non-essential permissions, stop non-essential data collection

Restriction of Use: Turn off push notifications, restrict data synchronization

Data Export: Request export of non-behavioral data related to the user's account

Complaints and Feedback: Contact customer service at any time with questions about this privacy policy

Exercise Methods:

Client: 「Settings」-「Account & Privacy」

Official website customer service channel

Dedicated privacy email: [email protected]

9. Third-Party Services and External Link Statement

FastLink VPN may contain links to third-party websites/services; we cannot control their privacy policies

Data generated by users accessing third parties is not protected by this policy

We are not responsible for the privacy practices of third parties

We recommend users read the privacy terms of third-party services before use

10. Protection of Minors

FastLink VPN is not intended for use by minors under the age of 18

If we discover a minor using the service without guardian consent, we will immediately suspend service and delete data

Guardians may contact us at any time to handle relevant accounts and information

11. Updates and Notifications to Privacy Policy

This policy may be updated due to legal and regulatory changes, service upgrades, or business adjustments

Major updates will be notified in advance via official website announcements, client pop-ups, and emails

Continued use of the service constitutes acceptance of the updated policy

Archived historical versions are available for inquiry on the official website

12. Compliance and Legal Statement

FastLink VPN is only for legal, compliant, and legitimate network acceleration and privacy protection scenarios

Users shall not use this service for acts that endanger national security, violate laws and crimes, infringe rights, or harass others

We will cooperate with regulators in accordance with the law to combat improper use

Users shall bear sole responsibility for any liability arising from illegal use of the service