We do not collect or store any personal data, not even an email address. We do not use any cookies. We
do not use any analytics
services. We do not perform any tracking. We do not use any data to build models or profiles on you. We
do not run any data through classifiers or ML/AI
models. We do not sell or share any data with any
partners or third parties.
We do not analyze, categorize, or monitor any traffic. We do not add anything into your traffic, like
ads or anything else. We do not filter out, or
remove, or collect
anything from your traffic. We do not forward or route traffic anywhere other than the intended
destination.
We do not have any ability to decrypt the
underlying HTTPS/TLS encryption layer of any data
packets, nor do we have any interest. We do not have any systems in place that enable us to see which
domains you are visiting, or what you are using our VPN for, not even on an aggregate level, nor do we
have any interest. We do not generate any logs from your use of our VPN. We do not store any payment
info, or payment records, or anything that could facilitate future linkage
to such data.
We store your discord_id when you use the
/log-in command.
This is so we can send you a renewal message when your subscription is expiring, and so that you can use bot commands without having to provide your Cloak Engaged account number each time you use a command. If you use the/log-incommand from a different discord account, future renewal messages will be sent to that account instead, and any association with the previousdiscord_idis removed instantly and not retained anywhere else.
We keep a tally of your total monthly bandwidth usage in gigabytes.
This is so we can safeguard against any highly excessive usage deemed as abusive, because network bandwidth / throughput is a resource we have to purchase. We also use this to calculate an average across all users, which helps us optimize server capacity, and to anticipate future bandwidth requirements and allocate resources accordingly.
That's all.
When you make a payment using Stripe, their payment record will contain personal info from the payment method used (like cardholder name, bank name, and billing address). What we do is prevent this record from ever being linked to your Cloak Engaged account number or Discord ID. Simply put, if an entity had access to our database and Stripe's database, there's no way of linking Stripe payment records to Cloak Engaged accounts or Discord IDs.
When you use /top-up, a cryptographically
random token is generated, and a Stripe checkout session is created with only this token in the
metadata.
Stripe is never given your Discord ID or your Cloak Engaged account number. Internally, we keep a
short-lived mapping of this token and the account number.
When a payment is completed, Stripes sends the completed checkout session to our webhook, where we
extract the token and number of credits that were purchased.
We fulfill the order and delete the mapping atomically. All of this happens in a few milliseconds. This
prevents any Stripe payment record from ever being linked to a specific user account, thus gaining the
convenience of Stripe without sacrificing on privacy.