Legal
Privacy Policy
The short version: we collect as little as possible, keep it as briefly as possible, and never sell any of it. Here’s the long version.
1. Who we are
NightShield VPN AB (“NightShield”, “we”, “us”) is a privacy technology company registered in Stockholm, Sweden. We are the data controller for the personal data described in this policy. You can reach our data protection team at privacy@nightshieldvpn.example.
2. The data we do not collect
This is the most important section, so it comes first. When you use the NightShield VPN service, we do not collect, store, or share:
- Your browsing history or the websites you visit
- Traffic contents or DNS queries
- Your originating IP address or assigned VPN IP address
- Connection timestamps or session durations
- Per-user bandwidth usage
Our servers run entirely in volatile memory (RAM), making persistent logging technically impossible. This claim is independently verified twice a year — see our Transparency page.
3. The data we do collect
Account data
When you create an account, we collect your email address and a salted, hashed password. That’s all we need to run your subscription.
Payment data
Payments are processed by third-party providers. We receive only a confirmation of payment and the last four digits of your card (for your own reference). Cryptocurrency payments require no personal information at all.
Operational data
To keep the network healthy we measure aggregate, anonymised metrics: total server load, total bandwidth per server, and app crash reports you explicitly choose to send. None of this can be linked back to an individual user.
4. Cookies
Our website uses a small number of cookies and similar technologies:
- Essential cookies — required for sign-in sessions and security. These cannot be disabled.
- Preference cookies — remember settings like language and your cookie choice itself.
We do not use advertising or cross-site tracking cookies. You can change your consent at any time by clearing site data in your browser.
5. How long we keep data
- Account data — kept while your account is active; deleted within 30 days of account deletion.
- Payment records — kept as long as bookkeeping law requires (typically 7 years), held by our payment processors.
- Support conversations — kept for 2 years so we can help you with follow-ups, then deleted.
6. Your rights
Depending on where you live (including under the GDPR and CCPA), you have the right to:
- Access a copy of the personal data we hold about you
- Correct inaccurate data
- Delete your data (“right to be forgotten”)
- Export your data in a portable format
- Object to or restrict certain processing
To exercise any of these rights, email privacy@nightshieldvpn.example. We respond within 30 days.
7. Changes to this policy
If we make material changes, we’ll notify you by email and show a notice in the apps at least 30 days before the changes take effect. The latest version always lives at this page.
Questions? Our Help Center is open 24/7.