Privacy Policy

Overview

This policy describes what data Medusa VPN and the Medusa VPN apps process, why it is used, and what we do not collect as browsing or traffic-content logs.

VPN service and Android VpnService

Providing VPN connectivity is the primary function of Medusa VPN.

The Android app uses VpnService only to establish a secure VPN tunnel after an explicit user action (for example, tapping Connect).

We do not use VPN capability for advertising fraud.

We do not redirect or process other applications' traffic for monetization.

We do not sell the content of user traffic.

We may process limited technical data such as:

• ●Account identifiers and sign-in data needed to operate your account.
• ●Subscription or trial status and plan details.
• ●Device or install identifiers used for login, device limits, and abuse prevention.
• ●App version, platform, selected server, and connection status.
• ●Aggregated traffic counters for billing, fair use, and service stability.
• ●Limited diagnostic and security events for support and abuse prevention.

Data we process

• ●Account data: email address, Google account identifier, profile name and profile image when provided by a sign-in provider or uploaded by you.
• ●Subscription and payment data: selected plan, subscription period, payment status, and technical transaction identifiers. Card details are processed by the payment provider and are not stored by Medusa VPN.
• ●Technical identifiers: device ID, account ID, and linked devices for login, access recovery, device limits, and abuse prevention.
• ●Service usage data: traffic volume in bytes or aggregated units for subscription accounting, fair use, load analysis, and abuse detection.
• ●Security and diagnostic data: limited technical details such as request IP address, user-agent, sign-in events, one-time codes, and device pairing events for account protection and incident response.
• ●Optional profile image if you choose to upload it in the app.

Data we do not keep as VPN activity logs

• ●Browsing history or destination URLs.
• ●Contents of web traffic, messages, files, or other transmitted payloads.
• ●DNS queries as a log of user activity.
• ●Lists of apps opened through the VPN, except for split-tunneling choices stored locally on your device.
• ●Precise location, contacts, microphone, or camera data for VPN operation.

How we use data

• ●To authenticate you and manage your account.
• ●To provide subscription, trial, and device limits.
• ●To show your profile and settings.
• ●To measure aggregated traffic usage.
• ●To operate the service securely and reliably.
• ●To provide support and prevent abuse.

Google Sign-In

If you sign in with Google, we receive only the Google account data required for authentication. Email is used for login, subscription management, access recovery, account-related communication, and service notices. We do not sell this data or share it with advertising networks.

Third parties

We do not sell personal data. Limited processors may host infrastructure, operate Google sign-in, process payments, deliver service messages, or help secure the service.

Advertising

Medusa VPN apps do not include advertising SDKs or in-app ads.

Retention and your rights

Account and subscription data are kept as long as needed to provide the service, meet legal obligations, resolve disputes, and maintain security. Security logs are kept for a limited time and are not used to reconstruct browsing history.

You may request access, correction, deletion, or restriction of processing where applicable law allows and where security, billing, and abuse-prevention duties permit.

Contact

Privacy questions: support@medusanet.org.

By using Medusa VPN you confirm that you have read this Privacy Policy.