Privacy Policy

_Last updated: 2026-05-14._

solotunnel is operated with a data-minimisation mindset: we store

exactly what we need to run your account and your VPN servers, and

nothing else.

What we store

In our control-plane database (Azure Table Storage, EU region):

Table	Per row, we store
`users`	Lowercased email, bcrypt hash of your password, plan tier, account creation timestamp, `emailVerified` flag, Stripe customer/subscription IDs, subscription status, current-period end.
`vpnInstances`	Account email, region, container name, FQDN, state (`provisioning`/`running`/`stopped`/`error`), state-change timestamp, the WireGuard admin password (random, ephemeral per instance).
`sessions`	Random session ID, account email, expiry timestamp.
`emailTokens`	Account email, SHA-256 hash of a single-use verification or password-reset token, purpose, expiry.

In Stripe (independent processor):

Whatever Stripe needs to take payment (card number, name, billing

address). We never see or store the card number. We only receive

the IDs above so we can look up your subscription.

What we do not store

Your VPN traffic.
DNS queries you make over the VPN.
Source or destination IP addresses of your traffic.
The peer IPs that your WireGuard handshakes come from.
Any per-device or per-peer telemetry.
Bandwidth or duration metering.

We can't show you a "traffic dashboard" because we deliberately do

not collect the data needed to build one. See the

No-logs policy for the technical detail.

What we log (operational logs)

Our control-plane logs contain operational events only:

HTTP method, path, status code, latency, response size (no query

string, no body).

Auth events (signup, login, logout, verify_email,

password_reset) — by email address.

Provisioning events (activate, delete) — by email and region.
Token-hash prefixes (12 hex chars of the SHA-256) for

verification/reset emails. Plaintext tokens are never logged.

Logs are kept by Azure Log Analytics for 30 days and then deleted.

Why we store the things we do

Email — to identify your account and to send verification /

password-reset / billing emails.

bcrypt password hash — so you can log back in. We can't recover

the original password (and neither can a stolen database backup).

Stripe IDs — to map your account to your Stripe subscription

so we can change your plan in real time.

vpnInstances rows — so the dashboard can list your active

servers and so the hourly reaper can delete idle servers.

emailTokens — so verification / reset links work exactly once

and expire after 30 minutes.

Cookies

One cookie, mv_sess, holds a signed session ID. It is

HttpOnly; Secure; SameSite=Lax, and it expires after 14 days.

We use no third-party analytics, no advertising trackers, and no

fingerprinting. See Cookies.

Data location

All control-plane data sits in the Sweden Central Azure region.

Tenant VPN servers run in the region you pick when activating them.

Your rights (GDPR)

You can:

Export your data — email support and we'll send a JSON dump of

every row we hold for your account.

Delete your data — delete every VPN, then email support to remove

the users row. Stripe retains its own billing history per its

retention policy.

Contact

For privacy questions or data requests, file an issue on the GitHub

repository or email the address on the deployment's landing page.