In the following policy, Vee Security refers to the service offered by Vee Security OÜ
(the "Company" or "We") through the veesecurity.com, my.veesecurity.com, account.veesecurity.com, connecto.veesecurity.com
use of our Service the use we make of such information; and the security level we provide for protecting such information.
The Company is domiciled in Estonia and all data storage infrastructure is also located solely within European Union (the "EU"), and thus governed by the laws and regulations of the EU.
In most cases, we don’t need your personal information to provide our services. However, you may disclose your email address, first & last names to Vee Security. This information is used for security purposes, customer support and notifications.
Visiting our website: We use specific analytics software (Google Analytics, Matomo & etc.) provided by third-parties only on Vee Security’s main website (veesecurity.com) to collect some information (device type, language and etc.) in order to improve our services. Other our websites (my.veesecurity.com, account.veesecurity.com, connecto.veesecurity.com, vee.gg) have no analytics software at all to ensure users’ privacy.
Account creation: It is not necessary to provide personal information in order to create an account, but you may provide an email address for notification or password recovery purposes. Should you choose to provide it, we do associate email address with your account (for password recovery, or notifications).
Connecto VPN: Our VPN nodes do not collect any traffic sent by your devices. We do not collect IP addresses, device information & etc. Our accounting server automatically collects information about the duration of the VPN-sessions and the number of connected devices. Such data is deleted automatically within 30 minutes after the end of the VPN-session.
IP Logging: By default, Vee Security does not keep permanent IP logs. We also don't record your login IP address unless this feature is specifically enabled by the user. However, IP logs are sometimes kept to combat abuse and fraud, and your IP address may be retained if you are engaged in activities that breach our terms and conditions (DDoS attacks against Vee Security’s infrastructure, brute force attacks, etc).
Payment Information: The Company relies on third parties to process credit card, PayPal, and Bitcoin transactions so the Company necessarily must share payment information with third parties. Anonymous Bitcoin and other cryptocurrencies payments are accepted however.
We do not have any advertising on our websites & applications. Any data that we do have will never be shared except under the circumstances described below in the Data Disclosure Section. We do NOT do any analysis on the limited data we do possess.
All servers used in connection with the provisioning of the Service are located in European Union. Only Vee Security’s employees have access to the servers. Data is ALWAYS transferred in encrypted format to our servers. All application specific data (e.g. Connecto VPN traffic) is ALWAYS encrypted and we do not possess the ability to access any user encrypted data on the production servers.
Right to Access, Rectification, Erasure and Portability
Through the Service, you can directly access, edit, delete or export personal data (according to the EU General Data Protection Regulation) processed by the Company in your use of the Service.
If your account has been suspended for a breach of our terms and conditions, and you would like to exercise the rights related to your personal data, you can make a request to our support via email — firstname.lastname@example.org.
When a Vee Security account is closed, data is immediately deleted from production servers. Active accounts will have data retained indefinitely.
Usually, we do not disclose your account information (except e-mail address) to third-party companies & government authorities. We will only disclose the limited user data we possess if we receive notice from the Interpol or Estonian Police and Border Guard Board regarding a court order that is coming from the two authorities we are legally obligated to recognize: the European Court of Justice or the Estonian Supreme Court. We do not provide any information unless we have received an original copy of the court order by registered post or in person. Your email address will be disclosed to our partner company in order to deliver messages concerning your account and our products.
If a request is made for user’s application-specific encrypted data, that Vee Security does not possess the ability to decrypt, the fully encrypted data may be turned over. However, Vee Security uses military-grade encryption algorithms & encrypted data cannot be decrypted be government authorities.
If permitted by law, Vee Security will always contact a user first before any data disclosure. Vee Security may contest court orders. In such situations, the Company will not comply with the court order until all legal or other remedies have been exhausted. Therefore, not all court orders will lead to data disclosure.
This Agreement shall be governed in all respects by the substantive laws of Estonia. Any controversy, claim, or dispute arising out of or relating to the Agreement shall be subject to the jurisdiction of the competent Estonian court being expressly reserved.
Vee Security has not produced any information in response to a secret subpoena and has not built "backdoors" for any government into our products. All government requests for user data need to come through the front door (i.e., by serving valid legal process upon Vee Security). Users may download warrant canary and signature files to make sure they are authentic.
Warrant Canary File: https://veesecurity.com/legal/warrantcanary/data.txt
Warrant Canary Signature: https://veesecurity.com/legal/warrantcanary/data.txt.sig
PGP Public Key: https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x6B5680C9B9B15692
Vee Security OÜ
Narva mnt. 5
10117 Tallinn, Harjumaa