πŸ”’ Privacy Policy

Last updated: December 23, 2025

🏒 Data Controller

Your data is controlled by ATHENA AI LLP, a company registered in the Republic of Kazakhstan.

BIN: 250940001338

πŸ‡¬πŸ‡§ UK GDPR Compliance

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are committed to protecting your personal data and respecting your privacy rights.

πŸ›‘οΈ Strict No-Logs Policy

Holdem VPN operates under a strict no-logs policy. We do not collect, store, or monitor your browsing activity, connection logs, IP addresses, or any data that could identify you or your online behavior.

πŸ” No-Logs Policy

Holdem VPN does NOT collect, store, or have the ability to provide:

❌ We do NOT log

  • β€’ Your IP address
  • β€’ Connection timestamps
  • β€’ Websites visited
  • β€’ DNS queries
  • β€’ Session bandwidth
  • β€’ Traffic content

βœ… Technical Implementation

  • β€’ Xray-core with loglevel: warning
  • β€’ System error logs only
  • β€’ No access logs on VPN servers
  • β€’ Client UUID not linked to identity on server

πŸ’‘ What This Means

Even if a VPN server were seized by law enforcement or accessed by malicious actors, it would be impossible to find: connection history, websites visited, user IP addresses, or any data that could identify a specific person and their activity.

1. Data We Collect

1.1. Account Data

  • Email address β€” For authentication and communication
  • Account creation date β€” For service management
  • Referral code β€” If you joined via referral link

1.2. Usage Data (Aggregate Only)

  • Total traffic volume β€” To enforce fair usage limits (aggregate only, not per-session)
  • Device type β€” For compatibility optimization (optional)

1.3. What We DON'T Collect

  • ❌ Browsing history
  • ❌ DNS queries
  • ❌ Traffic content
  • ❌ Original IP addresses
  • ❌ Connection timestamps
  • ❌ Session logs linking you to specific websites

2. How We Use Your Data

  • Provide and maintain the VPN service
  • Send important service notifications
  • Prevent abuse and fraud
  • Improve service quality
  • Process referral rewards

3. Data Storage & Security

3.1. Your data is stored on secure servers in the European Union (Germany), complying with GDPR requirements.

3.2. We use industry-standard encryption for all data transfers.

3.3. VPN servers use VLESS + Reality protocol, providing strong encryption and traffic obfuscation.

4. Third-Party Services

We use the following third-party services:

  • TipTop Pay β€” Payment processing (tiptoppay.kz)
  • Hetzner Cloud β€” VPN server infrastructure (Germany)
  • Vercel β€” Web application hosting
  • Brevo β€” Email delivery service
  • Cloudflare β€” Security and CAPTCHA

5. Lawful Basis for Processing

Under UK GDPR, we process your data based on:

  • Contract β€” To provide the VPN service you requested (Article 6(1)(b))
  • Consent β€” For marketing emails, with your explicit opt-in (Article 6(1)(a))
  • Legitimate Interest β€” For fraud prevention and service improvement (Article 6(1)(f))
  • Legal Obligation β€” To comply with applicable laws (Article 6(1)(c))

6. Your Rights Under UK GDPR

You have the right to:

  • Access β€” Request a copy of your personal data (Article 15)
  • Rectification β€” Correct inaccurate data (Article 16)
  • Erasure β€” Request deletion of your data (Article 17)
  • Restrict Processing β€” Limit how we use your data (Article 18)
  • Data Portability β€” Receive your data in a portable format (Article 20)
  • Object β€” Object to processing based on legitimate interests (Article 21)
  • Withdraw Consent β€” Withdraw consent at any time for consent-based processing

Exercise your rights: Visit our Data Request page or email privacy@holdemvpn.app

We will respond within 30 days (extendable to 3 months for complex requests).

7. Cookies

We use essential cookies only for authentication purposes. No tracking or advertising cookies are used.

8. Data Retention

Account data is retained while your account is active. Upon account deletion, your personal data is removed within 30 days. Anonymous aggregate statistics may be retained indefinitely.

9. International Transfers

Your data may be transferred to and processed in the European Union (Germany) where our VPN servers are located. The EU provides adequate protection under UK GDPR adequacy regulations. For transfers to other countries, we use Standard Contractual Clauses approved by the ICO.

10. Marketing Communications

We only send marketing emails if you have explicitly opted in during registration. You can withdraw your consent at any time by:

  • Clicking "Unsubscribe" in any marketing email
  • Visiting your account settings
  • Contacting us at privacy@holdemvpn.app

πŸ“Š Transparency Report & Warrant Canary

Last updated: December 23, 2025

πŸ“ˆ 2025 Request Statistics:

0

Government requests

0

Data disclosed

0

Court orders

🐀 Warrant Canary

As of December 23, 2025:

  • βœ… Holdem VPN has NOT received any requests for user data from government authorities
  • βœ… Holdem VPN has NOT received any search warrants or server seizure orders
  • βœ… Holdem VPN has NOT received any gag orders
  • βœ… Holdem VPN has NOT received any National Security Letters (NSL)
  • βœ… Holdem VPN has NOT disclosed any data to third parties under compulsion

This statement is updated quarterly. If this statement is not updated for more than 90 days or disappears, it may indicate receipt of a legal request.

11. Complaints

If you're not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office (ICO)

Website: ico.org.uk

Phone: 0303 123 1113

12. Contact Us

For privacy-related inquiries:

ATHENA AI LLP

  • BIN: 250940001338
  • Privacy Email: privacy@holdemvpn.app
  • General Support: support@holdemvpn.app
  • Abuse Reports: abuse@holdemvpn.app
  • Data Requests: Submit online
πŸ“œ Terms of ServiceπŸ’° Refund PolicyπŸ’³ Pricing← Back to Home