All Systems Operational61 Datacenter Locations40 ISP Locations62 Countries
VirtProxy
Get started

// legal

Privacy Policy

Last updated: June 2, 2026

This policy explains what data VirtProxy collects, how we use it, and what choices you have. We aim to collect as little as possible.

If you have questions: [email protected].

1. The short version

  • We collect what we need to run the service: your email, your activity on your account, and metadata about proxy connections (for billing and abuse handling).
  • We don't use Google Analytics or any third-party analytics service.
  • We don't set tracking cookies. The only cookies we set are functional (auth session, theme preference).
  • We don't ask for your real name, phone number, address, or government ID. VirtProxy works with just an email address.
  • We accept crypto only. We don't have your card number because we don't take cards.

2. What we collect

Account data. Email address. A hashed password (we never store passwords in plain text). Optional display name if you set one. Account creation date.

Activity data. Logins, deposits, orders, support tickets, and other events that happen on your account. We need this to run the service and resolve issues.

Connection metadata. When you connect to a proxy: timestamp, which proxy was used, total bandwidth. We do not log the URLs you visit, the content of your requests, or anything that would let us reconstruct your traffic.

Payment data. When you deposit crypto, we receive the deposit amount, the chain, the transaction ID, and the wallet address that paid us. This comes from NOWPayments (our crypto payment processor). We do not handle the deposit on-chain ourselves.

Cookies. Only functional cookies. Authentication tokens (so you stay logged in) and a theme preference. No analytics cookies. No tracking pixels. No third-party ad networks.

Server logs. Standard request logs (IP address, user-agent, timestamp, status code) for the duration needed to investigate abuse and bugs. These are not joined to your account data.

3. What we use it for

  • Operating the service (running your orders, processing deposits, delivering proxies)
  • Authenticating you (logging in, password reset)
  • Sending account-related emails (verification, order confirmations)
  • Investigating abuse, security incidents, and billing disputes
  • Complying with legal obligations when we receive valid legal process

We do not sell your data. We do not share it with advertisers. We do not build profiles for marketing.

4. Who we share data with

Upstream proxy provider (currently IPRoyal). We pass through provisioning requests when you order a proxy. We share what's necessary to fulfill the order; we don't share your email or account-level data.

NOWPayments. Our crypto payment processor. They handle deposit transactions and send us the result. Their privacy policy governs how they handle the data you share with them on their hosted deposit page.

Resend. Email delivery provider for transactional emails (verification, order confirmations). They handle email delivery and bounce tracking.

Cloudflare. CDN and security layer. They process network-level data about your visit (IP address, timing, security signals) per their own privacy policy.

Law enforcement and legal process. We comply with valid legal requests from authorities with jurisdiction. We may also disclose data to protect VirtProxy, our customers, or third parties from harm.

We do not share your data with anyone else.

5. How long we keep data

  • Account data: kept while your account is active, then 90 days after account closure to handle disputes and chargeback windows
  • Connection metadata and server logs: 30 days, then auto-deleted
  • Financial records (deposits, orders, refunds): 7 years, per accounting and tax-record requirements
  • Email logs (delivery, bounce): handled by Resend per their retention policy

If you close your account, we delete account data per the schedule above. Financial records are retained for legal compliance.

6. Your rights

You can:

  • Access the data we hold about you — email [email protected]
  • Correct data that's wrong (most fields you can edit yourself in Settings)
  • Delete your account and the data we hold (subject to the financial-record retention above)
  • Export your data — email [email protected] and we'll send what we have
  • Object to specific processing — email us and we'll discuss

These rights apply globally, not just to EU/CA users. We don't think privacy rights should depend on which country you live in.

If you have a complaint about how we handle your data and we can't resolve it between us, you can contact your local data protection authority.

7. Security

  • Passwords are hashed with bcrypt; we never store them in plain text
  • All connections to VirtProxy are over TLS/HTTPS
  • Authentication tokens are httpOnly cookies (not accessible to JavaScript)
  • API tokens for upstream providers are encrypted at rest in our database
  • Database backups are stored encrypted, off-site

No system is 100% secure. If we discover a security incident that affects you, we'll notify you promptly with the relevant details.

8. Children

VirtProxy is not for anyone under 18. We don't knowingly collect data from minors. If you believe a minor has created an account, email [email protected] and we'll delete the account.

9. International data

VirtProxy is operated from Tbilisi, Georgia. Our servers and data are also hosted outside the EU/EEA. When you use VirtProxy from anywhere in the world, your data is processed in Georgia and adjacent infrastructure regions. By using the service, you consent to this processing.

We don't offer EU-only or US-only data residency at this time.

10. Changes to this policy

We may update this policy. Material changes will be announced via email or a notice on the site. The "Last updated" date at the top reflects the most recent revision.

11. Contact

Privacy questions: [email protected]
Operator: VirtProxy, Tbilisi, Georgia