FASTGUARD PRIVACY POLICY
This Privacy Policy forms part of our Terms of Service, Cookie Policy, and Refund Policy, available at https://fastguard.co
This Privacy Policy explains what information (including personal data) we collect when you use Fastguard’s websites, apps, and Virtual Private Network (VPN) services (the “Services”); for what purposes we collect it; how we use, store, and protect it; with whom it may be shared; and how you can exercise your rights. It also explains what we do not collect.
This Policy does not apply to third-party websites or services you may access via links from our website or apps. Please review those providers’ privacy policies for their data practices.
1. Who we are (Controller)
FastDev LLC (doing business as “Fastguard”), reg. no.271.110.1492495, registered address: Davtashen 4th District, Building 11, Yerevan, Armenia, 0054 is the controller of your personal data for the purposes described here.
- Privacy contact: support@fastguard.co
- Data Protection Officer (DPO): legal@fastguard.co
We refer to applicable European data protection law to cover requirements under both the GDPR without separate references.
2. Key principles & what we do not collect (No-logs)
Fastguard is built on data minimisation. We engineer our systems so we do not possess sensitive data about users’ online activity.
While connected to the VPN, we do not log:
- Browsing history or traffic contents
- Traffic destinations
- DNS queries
- Your source IP address
- Your assigned/exit VPN IP address
- Connection timestamps or session duration
Because we do not have these logs, we cannot disclose them — to anyone.
Note: The above applies to VPN traffic. Limited website/app data (Section 4) may be processed separately for security, support and basic operations, and is never combined with VPN activity.
3. Personal data we collect
What we collect depends on how you interact with us and which features you use.
A) Account & Subscription Data
- Email address (required to create/manage your account; password reset/access emails).
- Payment data is processed by your chosen payment provider (e.g., card processor, PayPal, Apple/Google in-app). We receive limited payment metadata (e.g., success/failure, country, last 4 digits/expiry if provided by the processor) for reconciliation, VAT/tax, fraud prevention, and support.
- Optional name or other profile fields you choose to provide. Lawful bases: contract; legal obligation (tax/finance); legitimate interests (fraud prevention/support).
For purchases made via the Apple App Store or Google Play, these platforms act as independent controllers for billing and payment data under their own privacy policies. FastGuard receives only limited transaction metadata (e.g., success/failure status, country) for reconciliation, tax, and fraud-prevention purposes.
B) Support & Communications
When you contact us (email, forms, in-app, live chat), we process your message content and necessary metadata (e.g., email, timestamps). We keep a record to improve support and for compliance.
Lawful bases: contract; legitimate interests.
C) Minimal Service Telemetry (VPN)
To maintain service quality and troubleshoot, we may process minimal, decoupled telemetry, such as:
- That a connection succeeded on a particular day (not specific time),
- Which location was selected (not the exit IP), and
- Country/ISP level info (not your source IP).
We may also track aggregate data transferred (total MB per account) to manage abuse and capacity. Lawful basis: legitimate interests (service reliability/abuse mitigation).
Never includes: content, destinations, DNS queries, source/exit IPs, or per-site activity.
D) Optional Diagnostics (opt-in)
At present, we do not use third-party diagnostics SDKs (such as Sentry or Firebase) for crash reports or connection error reporting.If this changes, we will update this Policy and ensure appropriate safeguards and agreements (DPAs) are in place before any data is shared.
4. Website/App analytics, cookies & similar tech
We use cookies and similar technologies to ensure website functionality, improve performance, analyse traffic, and support our marketing activities. The table below explains each category of cookies we use, their purposes, providers, legal bases, and retention periods.
| Cookie / Tool | Provider | Purpose | Category | Legal Basis | Duration |
|---|---|---|---|---|---|
| auth_token | fastguard.co | Authentication, session management, security | Strictly necessary | Legitimate interest | Session |
| NEXT_LOCALE | fastguard.co | Stores selected language and region preferences | Functionality | Legitimate interest | Persistent |
| Google Analytics | Google LLC | Measures traffic, user behaviour, conversions; improves website performance | Analytics | Consent | Session / up to 2 years |
| Meta Pixel (Facebook Pixel) | Meta Platforms | Tracks actions, measures campaigns, builds audiences, retargeting | Analytics / Advertising | Consent | Up to 180 days |
| Meta Ads Manager | Meta Platforms | Runs and optimizes our advertising campaigns | Advertising | Consent | Depends on campaign |
| Google Ads (Search & Display) | Google LLC | Contextual advertising, traffic acquisition, campaign measurement | Advertising | Consent | Persistent, up to 90 days |
| Yandex Metrica | Yandex LLC | Anonymised website analytics (visits, performance) | Analytics | Consent | Persistent, varies |
How We Use Cookies
- Strictly necessary cookies are required for the website to function and do not require consent.
- Analytics and advertising cookies are placed only after you provide explicit consent via the cookie banner.
- You may withdraw your consent at any time through our “Cookie Settings” panel.
In-App Technologies
In our mobile apps, analytics SDKs and non-essential tracking tools are disabled by default and activated only if you consent through:
- Apple App Tracking Transparency (ATT)
- Android privacy permissions
Website cookies are distinct from VPN activity and never combined with VPN usage data.
International Transfers
Google, Meta, and Yandex may process cookie-derived data on servers outside the EEA.
Such transfers rely on:
- Standard Contractual Clauses (SCCs)
- Supplementary organisational and technical safeguards
Managing Your Cookie Preferences
You can:
- Accept all cookies
- Reject non-essential cookies
- Change preferences via the cookie banner or settings panel
- Disable cookies through your browser settings
- Disabling certain cookies may affect website functionality.
5. Purposes & lawful bases (summary)
We use your Personal data primarily for the following purposes on the following legal basis.
| Purpose | Data categories | Lawful basis |
|---|---|---|
| Create/manage account; authenticate | Email; password hash; limited payment metadata | Contract |
| Provide and operate VPN Services | Account data; minimal telemetry (3C) | Contract; Legitimate interests |
| Payments, tax, fraud prevention | Limited payment metadata; risk signals | Contract; Legal obligation; Legitimate interests |
| Process purchases via Apple App Store / Google Play | Limited payment metadata | Performance of contract,Legal obligation,Legitimate interests (reconciliation/fraud prevention) |
| Customer support | Contact details; ticket/chat records; minimal telemetry | Contract; Legitimate interests |
| Reliability, abuse prevention, capacity planning | Minimal telemetry; aggregate usage | Legitimate interests |
| Product improvement & analytics (web/app) | Pseudonymous analytics/attribution (no VPN activity); cookies/SDK data (e.g., Yandex Metrica) | Legitimate interests; Consent |
| Legal compliance & enforcement | Necessary records (never VPN activity logs) | Legal obligation; Legitimate interests |
| Marketing communications (email) | Email address (never VPN activity) | Consent (unsubscribe anytime) |
We may aggregate or de-identify data; such data is not subject to this Policy.
6. Sharing and recipients
We do not sell your personal data.
We only share as necessary with:
- Service providers/Processors (hosting, payments, support platforms, analytics/diagnostics if enabled, anti-fraud, CDNs). They act under our instructions, implement appropriate safeguards, and may not use data for their own purposes. For clarity, Apple Inc. and Google LLC act as independent controllers for transactions made through their platforms; they process billing data in accordance with their own privacy policies. For clarity, Apple Inc. and Google LLC act as independent controllers for transactions made through their platforms; they process billing data in accordance with their own privacy policies.
- Legal/compliance recipients to comply with law, respond to valid legal process, enforce our terms, or protect rights, property, or safety.
- Business changes (e.g., reorganisation/transaction). Any successor will continue to protect your data under this Policy or an equivalent policy.
We never share (and do not possess) VPN activity logs.
7. International transfers
We may process data globally. Where transfers are made from the EEA/UK to countries without an adequacy decision, we rely on Standard Contractual Clauses (and UK addendum where applicable) plus supplementary measures. Copies of relevant transfer mechanisms are available upon request (with redactions where necessary).
8. Retention
When you request to delete your account, we deactivate it immediately and stop processing your data for active service purposes. However, certain technical and support-related data (such as account identifiers, payment records required by law, and security logs) may be retained for a limited retention window before final erasure.
We retain such data for up to 30 days after the deletion request to ensure security, prevent fraud, handle potential chargebacks/refunds, and allow users to restore the account if the deletion was accidental.
After this period expires, the data is permanently deleted or irreversibly anonymised, except where a longer retention period is required by law (e.g., tax or accounting obligations).
9. Security
We implement administrative, technical, and organisational measures appropriate to the risk (access controls; encryption in transit and at rest where applicable; network segmentation; least-privilege; vulnerability management; staff confidentiality).
Server design. Our VPN servers are operated so they do not write activity or connection logs. If hardware were seized, there would be no logs tying any individual to specific online behaviour.
No system can be 100% secure; our strategy is to minimise what we hold.
All data in transit and at rest is encrypted; our VPN servers are configured to avoid writing activity or connection logs, ensuring privacy-by-design.
10. Your rights
Subject to applicable law and certain limits/exemptions, you may have the right to:
- Access your personal data and obtain a copy
- Rectify inaccurate data
- Erase (delete) data
- Restrict or object to processing (including direct marketing)
- Data portability
- Withdraw consent where processing relies on consent (without affecting prior processing)
- Lodge a complaint with a supervisory authority (EEA/UK)
To exercise rights, contact support@fastguard.co. We may need to verify your identity.
11. Children
Our Services are not offered to individuals under 18 (or the age of majority where you live). We do not knowingly collect personal data from such individuals. If you believe a child has provided personal data, contact us so we can delete it.
12. Personal data breaches
We assess and respond to incidents promptly. Where required under applicable European data protection law, we will notify the competent supervisory authority without undue delay and, where feasible, within 72 hours. Where the breach is likely to result in a high risk to individuals, we will also inform affected users without undue delay.
13. Communications
We may send service/transactional emails (e.g., receipts, renewal notices, important service announcements). These are necessary for your subscription and legal compliance. Marketing emails are sent only with your consent; you can unsubscribe at any time.
14. Changes to this Policy
We may update this Policy from time to time. The “Last updated” date shows the latest version. Material changes will be highlighted on our site and, where legally required, we will notify you.
15. Contact us
Questions about this Policy or our data practices: support@fastguard.co Postal: FastDev LLC (Fastguard), Davtashen 4th District, Building 11, Yerevan, Armenia, 0054