1.1 “Astrill” is a brand by Veloxee Corp., with registered seat at Staedtle 36, 9460 Vaduz, Principality of Liechtenstein (referred to as “Astrill”, “Veloxee” or “us/we”). Astrill is committed to protecting your digital privacy. Our Privacy Notice applies when using our products, software, services and web sites (referred to collectively as the “Services”).
1.2 Responsible for processing your personal data under this Privacy Notice is:
Veloxee Corp.In case of any questions on Data Privacy with Astrill, please contact support@astrill.com.
1.3 Please read this Privacy Notice to understand what data is collected and how your personal information is treated. In addition to this Privacy Notice, we may provide you with additional information about the processing of your data (e.g. on our websites, in apps, in consent forms, other forms, notices or contract terms).
1.4 If you disclose data to us about other persons (e.g. family members, employees or other associated persons), we assume that you are authorized to do so and that you, to the extend necessary, have informed the respective persons accordingly (e.g. by bringing this Privacy Notice to their attention in advance). We further assume, that such data is accurate.
2.1 We mainly process personal data that we receive as part of offering and providing Astrill's Services to our customers and other business partners (e.g. resellers and distribution partners) or that we collect in the operation of our Services from their users. We try to keep as little personal information as possible. Some information is however necessary, e.g. for technical functioning of the services. What we keep and how long we store it is explained in detail below:
2.2 To use our services and log in to your account, you will need to provide an e-mail address. We will store and process this e-mail address in combination with the password set by you. You are responsible to keep your credentials confidential and secure.
2.3 Our system keeps track of active sessions - connection time, IP address, device type and Astrill VPN application version during the duration of your VPN session. Generally, once you disconnect from VPN this information is removed permanently from our system. This information is solely used to limit the number of devices connecting from single account simultaneously.
2.4 Astrill also counts amount of traffic used by accounts in order to plan network expansions. No personally identifiable information is kept - only the total number of transferred bytes. The very design of our VPN server software does not allow us to see which users accessed what websites even if we wanted to.
2.5 We keep the last 20 connection records for each account which include: connection time, connection duration, country, device type and Astrill client application version number. This information is only used by our customer support to identify potential issues with VPN connection and provide adequate support. This information contains no personally identifiable information other than the registered e-mail-address. You can also request manual deletion of all data by contacting our support at support@astrill.com anytime. In case of irregularities (e.g. suspicion of misuse, deceptive usages, usages against our Terms and Conditions, denied services or incomplete registrations) the information can be stored for as long as required to protect the interests of our company and to functioning of our Services, including the security of our infrastructure.
2.6 In case the EU General Data Protection Regulation (“GDPR”) is applicable to our data processing, we base the processing of your personal data in particular on the fact that it is necessary for the initiation, conclusion and performance of contracts (including customer support) and their administration and enforcement (article 6 para. 1 lit. b GDPR); as well as it is necessary for the protection of our legitimate interests, e.g. to operate our Services, to continuously analyse and improve the appropriate security of our IT, for prevention of incidents and investigation (article 6 para. 1 lit. f GDPR).
3.1 When you sign up for Astrill VPN we collect your provided e-mail address and name. Depending on your payment method, the reseller / distribution partner (your “seller”) may require your phone number and address. No credit card data is ever saved on Astrill servers, we use exclusively trusted 3rd party providers for payment processing. You can read their and your seller's privacy notice directly on their websites.
3.2 If the GDPR is applicable, we base the processing of your personal data in particular on the fact that it is necessary for the initiation, conclusion and performance of contracts and their administration and enforcement (article 6 para. 1 lit. b GDPR), as well as it is necessary for the protection of our legitimate interests, e.g. to operate our Services, to continuously analyse and improve the appropriate security of our IT, for prevention of incidents and investigation (article 6 para. 1 lit. f GDPR).
4.1 Astrill's primary goal in collecting personal information is to provide you, the user, with a customized experience on our website. The information we collect, e.g. browser type, language settings, subpage visited, (including information contained in your cookie) may be used to provide such capabilities as personalization services, interactive communications, online shopping, and personalized communication (e.g. contact data such as email address provided via a contact form to answer your queries).
4.2 We also use the information to estimate the size of our audience and measure certain traffic patterns, to track the progress and number of entries in our promotions and contests, to track visits to and business conducted at our online store, to notify our visitors about updates to our websites and system statuses.
4.3 If the GDPR is applicable, we base the processing of your personal data in particular on the fact that it is necessary for the performance of contracts (article 6 para. 1 lit. b GDPR), as well as it is necessary for the protection of our legitimate interests, e.g. to offer and operate our Services, to communicate with you, to continuously analyse and improve the appropriate security of our IT, for prevention of incidents and investigation (article 6 para. 1 lit. f GDPR).
5.1 Astrill will only send you e-mails that are crucial for proper functioning of our services. When you sign up, we will send you an e-mail to confirm your e-mail address. We will also send you an e-mail whenever any purchase is made on your Astrill account. We send no newsletter to our clients by default. You can manually enable receiving of newsletter and other membership-related e-mails in member zone account settings. You can unsubscribe by clicking the Unsubscribe link present in the footer of all our e-mails or by changing settings in member zone. We do not share your e-mail address with any 3rd party for their marketing purposes. If you choose to receive newsletters and other e-mails, any processing under the GDPR would be based on your consent, e.g. via a corresponding declaration on our websites (article 6 para. 1 lit. a and article 9 para. 2 lit. a GDPR).
6.1 Astrill uses “Cookies” and similar technologies (e.g. pixel tags or fingerprints) and Social Media plugins to recognize visitors and track and record your preferences and activity on our websites. Cookies are small bits of data that are sent to your browser and stored on your computer's hard drive. Your cookie may be set at various times during your interaction with our websites. It is updated from time to time as you access the many different portions of our website. Each time you access our websites, our server may deliver certain customized information to you based on the data stored in your cookie.
6.2 We may collect information about what pages on Astrill websites are visited by users, their IP addresses and activities performed while browsing our websites.
6.3 We use the following types of cookies:
Essential: This type of cookie is required to activate the core functions of the websites/Services and is therefore used and set by default.
Functional: This type of cookie enables us to analyse user behaviour in order to measure and improve performance.
Marketing: This type of cookie is used by advertisers to serve adverts that are relevant to your interests.
6.4 The data we collect generally do not contain any personal data. It may, however, be linked to personal data (e.g. if you have a user account with us or other providers) and may become personal identifiable data.
6.5 We use 3rd party services to collect and evaluate website statistics such as Google Analytics or Facebook pixel. This analysis does not include passwords or any billing or personal information such as address, phone number, card number or any other sensitive information. Whole member zone, sign up and payment process are excluded from this tracking. For information on the individual data processing, please review their respective privacy notice.
6.6 You can set your browser to automatically reject, accept or delete cookies. You can also disable or delete cookies on a case-by-case basis. You can find out how to manage cookies in your browser in the help menu of your browser. We respect Do Not Track header. If your browser sends us DNT header, we will not include any tracking java script snippets and no 3rd party analytic tools will be used anywhere on our websites. We encourage usage of tracker blockers such as AdBlock Plus or Ghostery.
6.7 If the GDPR is applicable, we base the processing of your personal data in particular on the fact that it is necessary for the performance of contracts and their administration and enforcement (article 6 para. 1 lit. b GDPR), as well as it is necessary for the protection of our legitimate interests, e.g. to offer and operate our Services, to continuously analyse and improve the appropriate security of our IT, for prevention of incidents and investigation (article 6 para. 1 lit. f GDPR).
7.1 You provide us with the data we process (e.g. when requesting our Services, your use of our websites, and your communication with us). You are not obliged or required to disclose your data, but we will need certain data to provide our Services, to offer the use of our websites and to communicate with you.
7.2 Certain data may come from public sources (e.g. commercial registers, the media, or the Internet including social media) or from other third parties (e.g. payment provider, credit agencies, address brokers, contractual partners including resellers / distribution partners, Internet analysis services). This includes, in particular, the data that we process in the course of initiating, concluding and performing contracts, as well as data from correspondence and other communication with third parties
8.1 Astrill does not sell, rent, or trade your personal information with anybody. Your information is protected and stays with us.
8.2 As part of our business activities and for the processing purposes, we also disclose personal data to third parties (e.g. resellers / distribution partners) to the extent permitted by applicable law and to the extent we deem it appropriate. Some of these third parties are service providers who process the personal data for us, on our behalf and on our instructions, while others process the personal data for their own purposes. Pleaser review their privacy notices for further information.
9.1 We process and store personal data mainly in the European Economic Area (EEA) but may disclose your data worldwide. Your personal data may be transferred to countries in which Astrill is represented by group companies, branches or otherwise (e.g. through resellers / distribution partners), and/or operates servers, as well as to other countries where the service providers we use are located (e.g. Microsoft, Google).
9.2 If we transfer personal data to a country without adequate statutory data protection, we ensure an adequate level of protection by using appropriate contracts (based on the revised standard contractual clauses of the European Commission, which can be accessed via https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj), unless the recipient is subject to a legally accepted set of rules to ensure data protection; or we rely on the statutory exceptions, such as your consent, the conclusion or performance of a contract, or the establishment, exercise or enforcement of legal claims. For further information on the measures implemented, please contact us (see Section 1.2).
10.1 We store and process personal data for as long as necessary for the purposes according to this Privacy Notice, to fulfil statutory retention periods and/or achieve our legitimate interests. Storage may be necessary for technical reasons if certain data cannot be separated from other data and we therefore have to store it with this data (e.g. in the case of backups or in a document management system).
10.2 If there are no legal or contractual obligations to the contrary, we destroy, delete or anonymize personal data after the storage or processing period has expired as part of our normal business processes.
11.1 You can request information about whether and which personal data we process about you. You may be able to request the deletion of your personal data. You can request the correction of your personal data. You may withdraw any consents at any time, although this only applies to future processing. If necessary, you can object to processing, which applies in particular to data processing for the purpose of direct marketing. You can also have the processing of your personal data restricted. You may also have the right to transfer the personal data concerning you (data portability). For more information or to assert your rights, , please contact us (see Section 1.2).
11.2 Every data subject has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. If and insofar as the GDPR is applicable, data subjects have the right to lodge a complaint with a competent European data protection supervisory authority. You can find a list here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
12.1 From time to time, we may change our Privacy Notice. We will post those changes and the respective current version on our websites so that our customers will always be aware of what information we collect, and how we use it.
Last Updated: January 2026
