TuxlerVPN Mobile
Get App

User Data Governance

Privacy Policy

1. INTRODUCTION

This Privacy Policy explains the rules governing the collection, storage, processing, and use of personal data when you install or use the TuxlerVPN Mobile Android application and the related VPN service (collectively, the “Services”). It also covers our website at tuxlervpn.app.

The data controller is Tuxler Digital Services Corp. (“TuxlerVPN Mobile”, “we”, “us”, or “our”), headquartered in Panama, a jurisdiction with no mandatory data retention laws for VPN providers. Contact: [email protected]

By installing or using our Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree, please discontinue use of our Services.

Google Play Compliance:

Our VPN complies with Google Play’s Developer Program Policies, including the User Data and VPN Service policies. We do not redirect or manipulate user traffic for monetization, do not modify advertising shown by other apps, and do not collect, transmit, or use any data, device resources, or network connections for any purpose beyond providing the VPN service. The TuxlerVPN Mobile Android app contains no advertising SDKs, no analytics SDKs (other than the crash reporter described below), and no attribution SDKs.

2. PROCESSING OF YOUR PERSONAL DATA

TuxlerVPN Mobile does not require you to create an account, provide a name, email address, or phone number to use the Android app. No persistent identifier is stored on your device — the data we process during a VPN session is tied to that session only. The categories below describe everything the app collects, generates, or transmits.

2.1 Session Handle and Device Information

• Session handle: Tuxler does not store any persistent identifier on your device. A random session handle is generated fresh each time you tap Connect, retained in app memory only for the duration of that VPN session, and discarded the moment you disconnect (or the app process exits). The handle is sent to our backend in the connect and disconnect requests so the server can match them and immediately release server resources when you disconnect; the server retains nothing about the handle once the session ends. The handle is never written to disk on your device, is regenerated on every new VPN session, and is not linked to your name, email, Google account, advertising identifier, or any government identifier.

Free-tier connections are additionally authenticated via Google Play Integrity API, which attests that requests come from a genuine Tuxler installation from the Play Store. The verification token is validated by our backend and discarded immediately; we do not retain it.

• Device information: Alongside the session handle, the app sends the following technical information to our backend at apivpn.tuxlervpn.app so we can deliver compatible VPN configurations and diagnose connectivity issues:

  • Device manufacturer (e.g., Samsung, Google)
  • Device model
  • Android version
  • TuxlerVPN Mobile app version

These same device fields are also included in crash reports sent to Sentry (see §2.4) so we can correlate crashes with specific device and OS combinations.

2.2 Subscription and Payment Information

• Google Play Billing: Subscriptions are managed by Google Play Billing. Google handles your payment information directly. TuxlerVPN Mobile does not store or process your full payment details (card numbers, billing address, etc.). Payments made via the Google Play Store are governed by Google’s Privacy Policy and Terms of Service.

• Premium auth: When you connect to a premium VPN server, your Google Play subscription token is sent to our backend at apivpn.tuxlervpn.app for per-connect verification with Google. We use the token solely to confirm you are entitled to premium service for that session, and we do not retain it beyond the active session.

• Free users: Free-tier connections are authenticated by Google Play Integrity API attestation rather than by personal credentials. See §2.1 for details on the Integrity verification flow.

2.3 Communication Data

• Email correspondence: If you contact our support team at [email protected], we collect the email address you write from, the content of your message, and any information you choose to share. Customer support is delivered by a third-party customer-support provider (USA), acting as a data processor on our behalf, and is available 24 hours a day, 7 days a week via email. Premium subscribers who include their Google Play order ID with a support request are routed to a priority queue ahead of Standard-tier requests. The order ID is processed solely to verify the active Premium entitlement and is not retained beyond the support thread.

• In-app feedback and ratings: If you submit feedback or a rating from inside the app, only the message text is sent to our backend. We do not collect a name, email, or any device or installation identifier when you submit feedback.

2.4 Crash Reports and Diagnostics

• Sentry: The app uses Sentry (operated by Functional Software, Inc., a Delaware-incorporated company headquartered in San Francisco, California, USA) to collect crash reports and basic diagnostics. Crash reports include the type of crash, a stack trace, the version of the app, the Android version, and the device model. They do not include your name, email address, advertising identifier, IP address, HTTP headers, or the contents of your VPN traffic. Debug-level events are filtered out before transmission.

The Sentry SDK is configured so that nothing else is sent to Sentry between actual crash events. The following are all explicitly disabled in the app:

  • Session-tracking pings on app foreground and background (Sentry’s “Release Health” feature)
  • Breadcrumbs — short diagnostic trail markers Sentry would otherwise attach to a crash report — specifically:
    • UI-tap breadcrumbs
    • Network-connectivity breadcrumbs (wifi / cellular / offline transitions)
    • System-event breadcrumbs (battery, airplane mode, screen on/off)
    • App and Activity lifecycle breadcrumbs
    • Low-memory and configuration-change breadcrumbs
  • Screenshot attachments
  • View-hierarchy attachments

2.5 Approximate Location

When you choose a VPN server region (for example, “United States” or “Germany”), that selection is sent to our backend so we can route you to the appropriate VPN gateway. We do not request, collect, or have access to your precise location, GPS coordinates, or Android location services.

2.6 VPN Traffic

The TuxlerVPN Mobile Android app uses Android’s VpnService API and the WireGuard protocol to route your internet traffic through VPN servers we operate. While the VPN is active:

  • Your traffic is encrypted between your device and our VPN servers.
  • DNS queries are routed through the VPN tunnel to a Tuxler-operated resolver. If the primary resolver is unreachable, your device falls back to Quad9 (9.9.9.9), a Swiss non-profit public DNS resolver — see §4.
  • Your device is not used as a server, relay, peer, or exit node for any other user. TuxlerVPN Mobile is a client-only VPN.
  • The app does not modify or redirect traffic from other apps for advertising or monetization.

Traffic and metadata logging: We do not log the content of your VPN traffic (meaning the websites you visit, the data you upload or download, or DNS queries themselves), and the contents of the tunnel are not accessible to us. We also do not retain connection metadata (such as session timestamps, originating IP address, bandwidth used, or which gateway was selected) after a session closes. This information is held only for the duration of the active session and is discarded on disconnect.

2.7 Cookies (Website Only)

Our website at tuxlervpn.app currently sets only strictly-necessary cookies (required for basic site functionality and security). We do not currently use analytics, advertising, or social-media tracking cookies, and no third-party cookies are placed on your device. If we introduce non-essential cookies in the future, we will deploy a cookie consent banner and require your explicit consent before any such cookie is set. Cookies are not used by the Android app. See our Cookie Policy for full details.

2.8 What We Do Not Collect

The TuxlerVPN Mobile Android app does not collect:

  • Your name, address, phone number, or government identifiers
  • Your precise location (GPS coordinates)
  • Your contacts, calendar, photos, videos, or files
  • Your messages (SMS, email content, in-app chat content from other apps)
  • The content of your browsing while connected to the VPN (URLs visited, websites’ content, payloads)
  • Your Google Advertising ID or any advertising identifier
  • Data from other apps on your device

The app does not include any advertising SDK, attribution SDK, or general-purpose analytics SDK other than the Sentry crash reporter described in Section 2.4.

The only time TuxlerVPN Mobile sees your email address is if you write to [email protected] or reply to a support thread we have started with you. The app does not collect or transmit your email (including for in-app feedback or ratings), and never accesses your inbox or your existing emails.

3. LEGAL BASIS FOR PROCESSING PERSONAL DATA

TuxlerVPN Mobile processes personal data under the following legal bases:

• Performance of a Contract: Necessary to provide the VPN Service and to verify your subscription.

• Legal Obligations: Compliance with tax laws, fraud prevention, and other legal requirements.

• Consent: Where you have explicitly agreed, including by acknowledging the in-app prominent disclosure dialog at first launch. Consent can be withdrawn at any time.

• Legitimate Interests: Maintaining service stability, investigating bugs, and protecting our infrastructure from abuse. Our legitimate interests do not override your fundamental rights and freedoms.

4. SHARING YOUR PERSONAL DATA

TuxlerVPN Mobile does not sell or rent your personal data. We share data only with the following categories of processors, as needed to operate the Service:

• Google LLC (Google Play Billing): Subscription management and payment processing for Google Play purchases.

• Sentry (Functional Software, Inc., USA): Crash reports and diagnostics.

• Customer-support provider (USA): Email-based customer support delivered by a third-party processor.

• Quad9 (Quad9 Foundation, Switzerland): Fallback DNS resolution. When you connect to a TuxlerVPN gateway, your device is configured with a primary Tuxler-operated DNS resolver and a Quad9 fallback. DNS query metadata reaches Quad9 only when the primary resolver is unreachable. Quad9 is a Swiss-based non-profit foundation operating a global anycast resolver under a public no-logs policy.

• Cloud and hosting infrastructure providers: Hosting providers lease the servers behind apivpn.tuxlervpn.app, our VPN gateway servers, and our supporting infrastructure to us under data-processing agreements that meet the requirements of GDPR Article 28. Under those agreements, hosting providers act as sub-processors and do not operate the VPN service or process VPN traffic content on our behalf; in the ordinary course they see only the encrypted network traffic transiting their infrastructure (see §2.6).

• Legal Compliance: We may disclose data in response to valid legal requests under Panamanian law and applicable international regulations, after reviewing the validity of the request.

• Business Transfers: In the event of a merger, acquisition, or corporate restructuring.

5. INTERNATIONAL DATA TRANSFERS

TuxlerVPN Mobile is headquartered in Panama (the data controller). Personal data may also be processed in the following jurisdictions, depending on which processor is involved:

• United States. Sentry crash reporting (Functional Software, Inc.) and customer-support delivery.

• Switzerland. Fallback DNS resolution by Quad9 (Quad9 Foundation, Zurich). Quad9 operates a global anycast resolver; the specific node serving your queries depends on Quad9’s routing. Queries reach Quad9 only when the primary Tuxler-operated resolver is unreachable.

• Canada, the United States, and/or the Netherlands. The cloud infrastructure provider behind apivpn.tuxlervpn.app operates data centers in these countries. The specific data center serving your requests depends on the provider’s routing.

• Various countries worldwide. VPN gateway servers operated by Tuxler on infrastructure leased from hosting providers are deployed in multiple regions to provide the server-selection options shown in the app. Connection traffic is encrypted end-to-end and is not retained beyond the active session (see §2.6).

Where data is transferred outside the European Economic Area (EEA) or the United Kingdom, we rely on Standard Contractual Clauses approved by the European Commission and the UK Addendum where applicable, or on the recipient’s certification under a recognised adequacy framework. A copy of the relevant SCCs is available on request from [email protected].

6. USER RIGHTS UNDER GDPR, CCPA, AND OTHER REGULATIONS

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of your personal data.

• Rectification: Correct inaccurate or incomplete data.

• Deletion: Request deletion of your personal data (see Section 11 for the deletion procedure).

• Restriction: Limit how we process your data.

• Objection: Object to certain types of data processing.

• Data Portability: Obtain your data in a structured, machine-readable format.

• Withdraw Consent: Withdraw your consent (such as the in-app prominent disclosure acknowledgement) at any time.

• Lodge a Complaint: File a complaint with your data protection authority.

For California residents under the CCPA / CPRA, you also have the right to opt out of the sale or sharing of personal information. We do not sell or share your personal information for cross-context behavioral advertising.

Because the app does not require you to register an account and does not store any persistent identifier on your device, in most cases there is no record to retrieve in response to a Subject Access Request — connection-level data is discarded at the end of each session (see §8), and no installation-scoped identifier persists. If you have sent support correspondence or are a Premium subscriber, please provide the email address you wrote from (for support requests), the approximate dates and country from which you used the app, or — for Premium users — your Google Play order ID, which we can match against the customer-support thread.

To exercise any of these rights, contact [email protected].

7. DATA SECURITY

TuxlerVPN Mobile employs industry-standard security measures, including:

• Encryption in transit: All communication between the app and our servers uses HTTPS/TLS, and the VPN tunnel itself uses the WireGuard protocol.

• Network security: Cleartext traffic is disabled in the Android app, and certificate validation is enforced.

• Access controls: Access to systems holding user data is restricted to authorized personnel and is reviewed.

• Regular security reviews of our application code and infrastructure.

No system is 100% secure. If we become aware of a data breach affecting your personal data, we will notify you and the relevant authorities as required by applicable law.

8. DATA RETENTION POLICY

TuxlerVPN Mobile’s default position is no retention: the data we receive in connection with your VPN sessions is held only for the duration of the active session and is discarded when the session closes. Specifically:

Data categoryRetention
Session handle, device manufacturer, device model, Android version, app versionHeld only during the active session, discarded on disconnect
Server-region selectionHeld only during the active session, discarded on disconnect
Connection metadata (session timestamps, originating IP, bandwidth, gateway used)Not retained after the session closes (see §2.6)
VPN traffic content, DNS queries, browsing historyNever recorded
Sentry crash reports and diagnosticsRetained by Sentry on its standard schedule (typically 90 days) and then deleted
Google Play subscription token (Premium users)Verified per connect against Google Play and not retained beyond the active session. No email is held in this category.
Support communications (email correspondence with [email protected])Retained for as long as needed to handle the request and any follow-up, deleted on request
In-app feedback / rating submissionsMessage text only — no identifier attached. Retained until reviewed; deleted thereafter.

When a retention period expires, or when you request deletion under §11, the relevant data is securely deleted or irreversibly anonymized.

9. CHILDREN’S PRIVACY

TuxlerVPN Mobile does not knowingly collect data from individuals under 18 years of age. Our Services are intended for users aged 18 and above. If we learn that we have collected personal data from a minor, we will delete it promptly. If you believe a child has provided us with personal data, please contact [email protected].

10. GOVERNING LAW AND DISPUTE RESOLUTION

This Privacy Policy is governed by the laws of Panama. Disputes shall be resolved through binding arbitration under Panamanian law, unless otherwise required by applicable jurisdiction. This does not affect any non-waivable rights you have under your local consumer-protection laws.

11. HOW TO REQUEST DELETION OF YOUR DATA

Because TuxlerVPN Mobile does not have user accounts in the traditional sense, and because connection-level data is discarded at the end of each session (see §8), most of the data we ever process about you is already gone. The categories that may persist beyond a single session, and which we will purge on request, are:

  • Crash and diagnostic logs at Sentry — not tied to any per-install identifier on our side; we can attempt to locate matching records using the approximate device, Android version, and dates from which you used the app.
  • Support communications you have sent us, including any email correspondence with [email protected].

Premium subscriptions do not generate a separate persistent record on our side. Premium status is verified per connect against Google Play’s API and is not retained server-side beyond the active session.

To request deletion: email [email protected], or follow the dedicated walkthrough at Delete Your Account. Within 30 days we will action the request and confirm by reply.

Information that helps us locate your data:

  • The email address you used to contact [email protected] (for support correspondence)
  • Your Google Play order ID (Premium users), which we can match against the customer-support thread
  • The approximate dates and country from which you used the app

Self-service options:

  • Standard (free) users: uninstalling the app removes any local app state (no persistent identifier was stored to begin with — see §2.1) and prevents any further data collection. To also remove historical Sentry crash-log records, email us as above.
  • Premium users: cancel your subscription through Google Play to stop billing. Premium status is verified per connect and is not retained server-side, so no entitlement records persist beyond the active session — there is nothing on our side to purge separately. Uninstall the app to remove local app state. To request purge of any Sentry crash records, email us as above.

12. CHANGES TO THIS PRIVACY POLICY

TuxlerVPN Mobile may update this Privacy Policy periodically. When we make material changes, we will:

  • Update the “Last Updated” date below.
  • Re-display the in-app prominent disclosure dialog on next launch, requiring renewed acknowledgement.
  • Where required by law, obtain your renewed consent.

Continued use of our Services after updates indicates acceptance of the revised Privacy Policy.

Last Updated: 6 May 2026

13. CONTACT INFORMATION

For privacy-related inquiries, contact us at:

Tuxler Digital Services Corp.

World Trade Center 200-B, Suite 157, Calle 53 Este, Marbella, PA, Republica de Panama

Email: [email protected]

Data Protection Officer: Not appointed. Privacy and data-rights inquiries should be directed to the email address above.