🔒 PrismVPN Privacy Policy

Last updated: May 2026 · privacy@prismvpn.in

1. No-Logs Policy

PrismVPN does not record any VPN activity on our servers. We operate a strict no-server-logs policy: your browsing activity, DNS queries, traffic contents, originating IP address, and VPN session metadata are never stored on our infrastructure.

For your convenience, the app stores the following data locally on your device only — it is never transmitted to PrismVPN servers:

Last 10 connection sessions (server name, country, date, duration, data used) — visible in Connection History
Daily upload/download totals and session counts — visible in Usage Reports
App performance counters (retry counts, session duration totals) — used to calculate your Health Score

This on-device data is fully under your control. It is deleted when you uninstall the app or use Settings > App Info > Clear Data. Daily usage records are automatically deleted after 90 days.

Our servers maintain standard operating system logs (system event logs only — not VPN activity logs) for 7 days for operational security purposes.

2. Data We Collect

We only collect minimal data required to provide our service:

Email address (for account creation)
Payment information (processed by Google Play — we never see your card details)
App crash reports & analytics (via Firebase Crashlytics and Firebase Analytics — only if you opt in, disabled by default)

Additional data stored locally on your device only (never transmitted to our servers):

Server favourites, trusted WiFi networks (SSIDs/BSSIDs), port forwarding rules, split tunnel app list
Breach monitor email address (if used) — stored encrypted, available on request via privacy@prismvpn.in

Guest users: A randomised device identifier (one-way hash, cannot be reversed) is sent to our servers to prevent free-tier abuse. Automatically deleted after 30 days of inactivity.

3. PrismShield

PrismShield uses AdGuard DNS servers to block ads, trackers, and malware at the DNS level. No browsing data is stored. Blocked domain counts are stored locally on your device only and never sent to our servers.

4. Third-Party Services

Google Play Billing — processes subscription payments. See Google Privacy Policy
Firebase Crashlytics & Analytics — crash reports and usage statistics, opt-in only, disabled by default
Google AdMob — ads on the free tier. Google may collect Advertising ID and device info. Non-personalised ads served to users who decline personalised advertising
ipinfo.io — displays your VPN-assigned IP, city, and ISP after connecting. Your VPN exit IP is sent to ipinfo.io for this lookup
CARTO — map tiles for server location map. Your IP may be logged by CARTO for up to 30 days
AdGuard DNS — ad and tracker blocking via PrismShield
Crisp — live support chat. Name, email, device type, and conversation content shared with Crisp.im (EU-based). See Crisp Privacy Policy
Google Play Integrity API — app and device integrity verification for anti-abuse
HaveIBeenPwned — breach monitor feature (opt-in). Your email is transmitted to check against known breaches
Cloudflare DNS (1.1.1.1) & Google Public DNS (8.8.8.8) — used to resolve PrismVPN server address before tunnel is established

5. Your Rights

You have the right to access, correct, or delete your personal data. To exercise your rights, email privacy@prismvpn.in with subject line "Data Request". We respond within 30 days.

You can delete your account directly in the app via Settings > Delete Account — this immediately removes all server-side data.

Data portability (GDPR Art. 20): Export your data via Settings > Export My Data. JSON export includes connection history, server favourites, port forwarding rules, and session analytics.

6. Server Infrastructure & CERT-In 2022

PrismVPN does not own or physically operate any VPN servers. We use rented cloud infrastructure hosted exclusively outside India. Accordingly, PrismVPN is not subject to the CERT-In Directions on Information Security Practices for VPN Service Providers (April 2022), which apply to VPN service providers that own and operate VPN servers physically located within Indian territory. No user activity logs are stored on our infrastructure.

7. Contact & Grievance Officer

Email: privacy@prismvpn.in
Website: prismvpn.in
We acknowledge all emails within 48 hours.

Grievance Officer (India — DPDP Act 2023):
Name: Naren Singh
Location: Pilibhit, Uttar Pradesh, India
Email: privacy@prismvpn.in
We acknowledge grievances within 48 hours and resolve within 30 days as required under the Digital Personal Data Protection Act 2023.

For GDPR-related inquiries from EU residents, contact us at the above email and we will respond directly.

Warrant Canary

As of May 2026, PrismVPN has not received any government requests, court orders, or national security letters requiring disclosure of user data or installation of backdoors. This canary is updated with each privacy policy revision. If this statement is removed or not updated, treat it as a signal that a request may have been received.