Effective Date: 16 May 2026 | Last Updated: 13 June 2026
This Privacy Policy explains how ShieldFlow VPN ("we", "us", "our") collects, uses, stores, and protects your information when you use our application ("App") on any supported device or platform. Our official website is shieldflowvpn.co.uk. By downloading, installing, or using the App, you agree to the practices described in this Policy.
1. Supported Platforms
ShieldFlow VPN is currently available on the following platforms:
Android – via Google Play Store
iOS – coming soon, via Apple App Store
Other Android-based devices – including smart TVs and streaming devices, via direct installation
This Privacy Policy applies equally to all platforms and devices on which the App is available.
2. Information We Collect
Account Information: Email address on registration, Google account name/email/photo via Google Sign-In, or anonymous identifier for guest users.
Profile Photo: Optionally uploaded from your device gallery by registered email users. Stored securely, never shared with third parties. Available on mobile devices only.
Usage Data: VPN connection events, data consumed in megabytes (MB), session timestamps, and daily usage statistics to manage your data balance.
Device Information: Device type, operating system version, platform, and App version — used for troubleshooting and compatibility only.
IP Address: Processed transiently during VPN connection establishment. Not logged or permanently stored.
Server Location Votes: Selected country and timestamp if you participate in our server survey. One vote per account.
Advertising Data: Google AdMob may collect device identifiers where rewarded ads are shown. Availability varies by platform and device.
AI Assistant Data: Messages sent to ShieldBot are processed by the Google Gemini API. We do not permanently store your conversation history.
Purchase Data: Processed by the relevant platform store. We do not store your payment card or billing details.
3. Information We Do Not Collect
We do not log VPN traffic, browsing history, DNS queries, websites visited, or the content of any communications transmitted through our VPN — on any platform.
We do not sell your personal data to third parties.
We do not share your data with advertisers beyond what AdMob requires to function.
We do not store your originating IP address after your VPN session ends.
We do not store payment card or billing details.
4. How We Use Your Information
To create and manage your account across all supported platforms
To track and display your remaining data balance
To process in-app purchases and reward ad completions
To send push notifications where supported (low data warnings, VPN disconnection alerts, daily ad availability, welcome bonus confirmation)
To display your profile photo within the App
To collect server location votes and display aggregate results
To power the ShieldBot AI assistant
To improve App performance and fix technical issues
To comply with legal obligations
5. Push Notifications
With your permission, we may send push notifications for: VPN disconnection alerts, low data warnings (at 20% and 10% remaining), welcome bonus confirmation, daily ad availability reminders, and monthly data renewal notifications. You can manage notifications in the App's Settings or through your device settings. Availability varies by platform and device.
6. Photo Gallery Access
On Android 13+, we request the READ_MEDIA_IMAGES permission. On older Android versions, READ_EXTERNAL_STORAGE. On iOS, the NSPhotoLibraryUsageDescription permission. This access is used solely to allow you to select a profile photo. We do not access, scan, or upload any other images from your device. This feature is not available on TV or streaming devices.
7. Data Storage and Security
Your account data is stored securely using Google Firebase, which employs industry-standard encryption. Our Firestore database is protected by security rules that ensure each user can only access their own data — no user can read or modify another user's data. No transmission method is 100% secure. You use the App at your own risk and are responsible for maintaining the confidentiality of your credentials.
8. Third-Party Services
Our App integrates the following third-party services, each governed by their own privacy policies:
Google Firebase – Authentication and database storage
Google AdMob – Rewarded advertising (where available)
Google Sign-In – Optional OAuth authentication
Google Gemini API – ShieldBot AI assistant
Google Play Billing / RevenueCat – In-app purchases on Android
Apple In-App Purchases – In-app purchases on iOS (coming soon)
ipapi.co / ip-api.com – IP geolocation (displays approximate location when connected)
WireGuard – VPN tunnelling protocol
We are not responsible for the privacy practices of these third-party services.
9. Law Enforcement and Legal Disclosure
We are committed to user privacy and maintain a strict no-logging policy for VPN traffic. However, we comply with legitimate legal requests under UK law. We may disclose account information (such as email address, account ID, registration date, and usage metadata) to law enforcement agencies, courts, or regulatory bodies when:
Required by a valid court order, subpoena, or legal process under the laws of England and Wales
Necessary to prevent or investigate illegal activity
Required to protect the rights, property, or safety of ShieldFlow VPN, our users, or the public
Because we do not log VPN traffic, browsing history, or DNS queries, we cannot disclose information we do not possess. We will never voluntarily disclose user data without a valid legal obligation. Where permitted by law, we will notify affected users of any legal data request.
10. Children's Privacy
The App is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. Users must be at least 13 years old to create an account and at least 18 years old (or have parental consent) to make in-app purchases.
11. Your Rights (UK & EU Users)
Under UK GDPR / GDPR you have the right to: access your data, rectification of inaccurate data, erasure, restriction of processing, data portability, objection to processing, and withdrawal of consent. Contact us at shieldflowvpn@gmail.com to exercise these rights. We will respond within 30 days. You may also lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
12. Data Retention
Account data is retained until you delete your account
Usage statistics are retained for up to 12 months
Personal data is permanently deleted within 30 days of account deletion
Guest and anonymous session data is not retained after the session ends
13. Price Changes
We will provide at least 30 days' advance notice of any price changes via email and/or in-app notification. You have the right to cancel your subscription before any price change takes effect.
14. Changes to This Policy
We will notify you of significant changes by updating the "Last Updated" date and sending an in-app notification where appropriate. Continued use of the App after changes constitutes acceptance of the updated Policy.