TIDE VPN — Privacy Policy

Effective Date: April 3, 2026 | Last Updated: April 6, 2026

Terms of Service Payment & Refund Policy Warrant Canary

1. Introduction

This Privacy Policy describes how TIDE VPN ("we," "us," or "our") collects, uses, and protects information when you use our virtual private network service ("Service"), accessible through the Telegram bot @tide_vpnbot and the website tide-vpn.com.

We built TIDE VPN on a foundational principle: your online activity is yours alone.

2. Strict No-Logs Policy

2.1. What We Do NOT Collect

Category	Data NOT Collected
Network identity	Source IP, assigned VPN IP
DNS activity	DNS queries, resolution logs
Browsing activity	Websites visited, URLs, history
Connection metadata	Timestamps, session duration
Traffic content	Bandwidth per-site, per-session transfer details
Traffic content	Packet contents, app-layer data
Protocol metadata	Protocols used, ports accessed

2.2. Technical Enforcement

• VPN server: All access logging disabled. Log targets set to /dev/null.
• Automated purge: Cron job every 6 hours purges any system logs.
• Relay servers: Stateless TCP proxies — zero user data stored.
• Exit servers: Same no-logs config. No user-attributable data on disk.

Even if a server were physically seized, no VPN traffic data, browsing history, or connection logs would be recoverable. Account and billing data stored in our database would be accessible.

3. Data We Do Collect

3.0. Legal Basis for Processing

We process your personal data under the following legal bases (GDPR Article 6):

Data Category	Legal Basis
Account data	Contract performance — necessary to provide the Service
Payment data	Legal obligation — financial record-keeping requirements
Credits data	Legitimate interest — loyalty program operation
Aggregate VPN usage	Legitimate interest — loyalty program credits calculation
AI support conversations	Contract performance — providing support service

3.1. Account Data

Data	Purpose	Retention
Telegram User ID	Authentication, unique account identifier	Active subscription + 30 days
Telegram username	Display name, support identification	Active subscription + 30 days
Telegram first name	Personalization	Active subscription + 30 days
Email (optional, user-provided)	Account recovery, notifications	Active subscription + 30 days
Account creation date	Account management	Active subscription + 30 days
Last updated date	Account management	Active subscription + 30 days
Trial used flag	Trial eligibility tracking	Active subscription + 30 days
Referral code	Referral program	Active subscription + 30 days
Referred-by ID	Referral attribution	Active subscription + 30 days

3.2. Subscription Data

Data	Purpose	Retention
Plan type	Service delivery	Active subscription + 30 days
Subscription status	Service delivery	Active subscription + 30 days
Start and end dates	Billing period tracking	Active subscription + 30 days
VPN credentials (xray_username, xray_uuid)	VPN access provisioning	Active subscription + 30 days
Auto-renew preference	Subscription management	Active subscription + 30 days

3.3. Payment Data

Data	Purpose	Retention
Payment amount	Billing records	1 year
Currency	Billing records	1 year
Payment provider (Stars / TON)	Transaction routing	1 year
Payment status	Transaction verification	1 year
Provider payment ID	Payment verification, dispute resolution	1 year
Provider metadata	Payment processing	1 year
Transaction timestamps	Financial records	1 year

We do NOT collect: wallet addresses, credit cards, bank accounts, billing addresses, or real names.

3.4. TIDE Credits Data

TIDE Credits is our loyalty program. We track the following data, linked to your Telegram User ID:

Data	Purpose	Retention
Credits balance	Loyalty program	Active subscription + 30 days
Total credits earned	Loyalty program, airdrop eligibility	Active subscription + 30 days
Transaction history (amount, reason, description, date)	Transparency, dispute resolution	Active subscription + 30 days

3.5. Aggregate VPN Usage Data

To power the TIDE Credits loyalty program, we track aggregate total bytes transferred (upload + download combined) per user, per day. This data is used solely to calculate credits rewards (1 credit per minute of active VPN usage).

Data	Purpose	Retention
Total bytes uploaded (aggregate)	Credits calculation, monthly usage reports	Active subscription + 30 days
Total bytes downloaded (aggregate)	Credits calculation, monthly usage reports	Active subscription + 30 days
Date of usage	Daily aggregation for credits	Active subscription + 30 days

Important: We track only the total volume of data, not which websites or services you accessed. We do not log destination IPs, domain names, URLs, or any content of your traffic. This aggregate data cannot reveal your browsing activity.

3.6. AI Support Conversations

When you use our in-bot AI support feature, your questions and the AI-generated answers are stored to provide conversation context and improve response quality.

Data	Purpose	Retention
Support questions	AI response generation, context continuity	30 days
AI responses	Conversation history	30 days
Conversation metadata	Session management	30 days

Support conversations are not used for advertising or shared with third parties. You can clear your conversation history at any time via the bot's support menu.

3.7. Operational Logging

Our Telegram bot logs interaction events (commands, button presses) with user IDs for operational monitoring. These logs are retained for 7 days and are used solely for debugging and service reliability. They do not contain VPN traffic data.

4. Server Architecture

• Relay servers: Stateless TCP proxies. No decryption, no storage.
• Core VPN servers (EU): All logging disabled. Auto-purge every 6h.
• Exit nodes: Traffic exits via Cloudflare WARP. No user data retained.

Encryption: VLESS + TLS 1.3 (X25519, AES-256-GCM / ChaCha20-Poly1305). Data at rest: AES-256.

5. Third-Party Services

Service	Purpose	Data Received
Cloudflare	CDN, WARP exit	IP (standard CDN), encrypted traffic
Telegram	Bot platform	Telegram User ID, bot interactions
TON Blockchain	Payments	Transaction data (public chain)

We do not sell, rent, or share your data with any third party for marketing.

We maintain data processing agreements with third-party service providers as required.

6. Data Retention & Deletion

• Account data: retained for active subscription period + 30 days after expiration or deletion request
• Subscription data: retained for active subscription period + 30 days after expiration or deletion request
• Payment records: 1 year after transaction (financial record-keeping obligation)
• Credits data: retained for active subscription period + 30 days after expiration or deletion request
• Aggregate VPN usage data: retained for active subscription period + 30 days after expiration or deletion request
• AI support conversations: 30 days
• Operational logs: 7 days
• VPN traffic data: not collected — nothing to retain

Request deletion via @tide_vpnbot.

7. Your Rights (GDPR)

• Right of Access — request a copy of your data
• Right to Erasure — request deletion ("right to be forgotten")
• Right to Portability — receive data in machine-readable format
• Right to Rectification — correct inaccurate data
• Right to Lodge a Complaint — you have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement

Contact: @tide_vpnbot (Help → AI Support). Response within 30 days.

8. Law Enforcement

Due to our no-logs architecture, we are technically unable to provide VPN usage data, browsing history, or connection records — this data does not exist.

Maximum data we could disclose if legally compelled: whether a Telegram User ID has an account, subscription status, and payment transaction IDs.

We maintain a Warrant Canary, updated quarterly. See tide-vpn.com/warrant-canary.

9. Security

• Encryption at rest (AES-256)
• Encryption in transit (TLS 1.3)
• Minimal attack surface, regular updates
• Our infrastructure is configured so that VPN traffic is not logged or monitored. Administrative access is limited to essential maintenance.

10. Children's Privacy

The Service is not intended for individuals under the age of 16, as stated in our Terms of Service (Section 3). We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete that information promptly.

11. Changes

Material changes will be notified through @tide_vpnbot. Continued use constitutes acceptance.

12. Contact

Bot: @tide_vpnbot (Help → AI Support)
Website: tide-vpn.com

Back to TIDE VPN