Privacy Policy
1. Introduction
This Privacy Policy explains how Ample Soft ("we," "us," or "our") collects, uses, and protects information in connection with the NexaVPN mobile application (the "App"). NexaVPN is a global application available worldwide on Google Play. This policy applies to all users of the App, wherever they are located. By using NexaVPN, you agree to the practices described here.
2. Information We Collect
NexaVPN is designed to collect as little information as possible. We collect:
- Anonymous Firebase UID — an anonymous identifier created through Firebase Anonymous Authentication. We do not collect your name, email address, or phone number.
- VPN session time balance — your remaining VPN time, stored in Firestore against your anonymous UID (anonymous UID and time balance only).
- Firebase Analytics — anonymized usage events such as screen views, connection events, and ad interactions.
- Firebase Crashlytics — crash reports including device model, operating system version, app version, and stack traces. These contain no personal content.
- Firebase Performance Monitoring — app performance traces.
- Google AdMob — advertising identifiers (AAID/GAID), approximate location, and device information, used to serve advertisements to free-tier users.
- Google Play Billing — purchase history, handled entirely by Google Play. We receive subscription status only.
What we do NOT collect: We do not collect or store VPN traffic logs, DNS query logs, browsing history, the websites you visit, the IP addresses of your destinations, or the content of your communications.
3. How We Use Your Information
- To provide and operate the VPN service.
- To manage your VPN time balance.
- To diagnose and debug crashes.
- To improve the App.
- To serve advertisements (free-tier users only).
- To manage subscriptions.
4. Third-Party Services
NexaVPN relies on the following third-party services. Each has its own privacy policy:
- Google Firebase (Analytics, Crashlytics, Performance Monitoring, Remote Config, Firestore, Authentication) — https://firebase.google.com/support/privacy
- Google AdMob — https://support.google.com/admob/answer/6128543
- Google Play Billing — https://play.google.com/about/play-terms/
5. Data Sharing
We do not sell your personal data. Data is shared only with the third-party service providers (SDKs) listed above, solely to operate the App. We do not share your data for any other purpose.
6. Data Retention
Your anonymous UID and VPN time balance are retained while you use the App. Crash and analytics data are retained according to Firebase's default retention periods. Because we do not create traffic or DNS logs, there are no such logs to retain.
7. Data Security
Your VPN traffic is encrypted using the WireGuard/AmneziaWG protocol. Data in transit is encrypted. Access to data stored in Firestore is restricted by Firestore security rules.
8. Children's Privacy (COPPA)
NexaVPN is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will delete it. If you believe a child has provided us with information, please contact us at adiqau1@gmail.com.
9. California Privacy Rights (CCPA)
If you are a California resident, you have the right to know what personal information is collected, the right to delete your personal information, and the right to opt out of the sale or sharing of your personal information. We do not sell personal information. The advertising identifiers used by Google AdMob to deliver personalized ads may constitute "sharing" for cross-context behavioral advertising under the CCPA. California residents may opt out by contacting us at adiqau1@gmail.com. Note that opting out of personalized ads means you will see non-personalized ads; the free tier remains supported.
10. EEA / UK Users — GDPR Rights
If you are located in the European Economic Area or the United Kingdom, the following applies. Our legal bases for processing are our legitimate interests (for crash reporting and analytics) and your consent (for personalized advertising via AdMob). You have the rights of access, rectification, erasure, restriction of processing, data portability, objection, and to withdraw consent at any time. To exercise these rights, contact us at adiqau1@gmail.com. You also have the right to lodge a complaint with your local data protection supervisory authority.
11. Saudi Arabia & UAE Users
If you are located in Saudi Arabia or the United Arab Emirates, we process your personal data in accordance with applicable local data protection laws, including the Saudi Personal Data Protection Law (PDPL) and the UAE Personal Data Protection Law (PDPL). You have the right to access, correct, and request deletion of your personal data. To exercise these rights, contact us at adiqau1@gmail.com.
12. Data Deletion
To request deletion of your data (your anonymous UID and VPN time balance stored in Firestore), email adiqau1@gmail.com with the subject line "Data Deletion Request." We will process your request within 30 days. Because we use anonymous authentication, we cannot identify you by name — please include your anonymous UID if known (this will be findable in the App's settings in a future update).
13. International Data Transfers
Your data may be processed on Google servers located in the United States and other countries. Google's data transfer mechanisms apply to such transfers.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of material changes. Your continued use of the App after changes take effect constitutes acceptance of the updated policy.
15. Contact Us
Ample Soft Email: adiqau1@gmail.com