Privacy Policy

What We Don't Do

We do not collect or store any personal data, not even an email address. We do not use any cookies. We do not use any analytics services. We do not perform any tracking. We do not use any data to build models or profiles on you. We do not run any data through classifiers or ML/AI models. We do not sell or share any data with any partners or third parties.

We do not analyze, categorize, or monitor any traffic. We do not add anything into your traffic, like ads or anything else. We do not filter out, or remove, or collect anything from your traffic. We do not forward or route traffic anywhere other than the intended destination.

We do not have any ability to decrypt the underlying HTTPS/TLS encryption layer of any data packets, nor do we have any interest. We do not have any systems in place that enable us to see which domains you are visiting, or what you are using our VPN for, not even on an aggregate level, nor do we have any interest. We do not generate any logs from your use of our VPN. We do not store any payment info, or payment records, or anything that could facilitate future linkage to such data.

What We Do

We store your discord_id when you use the /log-in command.

This is so we can send you a renewal message when your subscription is expiring, and so that you can use bot commands without having to provide your Cloak Engaged account number each time you use a command. If you use the /log-in command from a different discord account, future renewal messages will be sent to that account instead, and any association with the previous discord_id is removed instantly and not retained anywhere else.

We keep a tally of your total monthly bandwidth usage in gigabytes.

This is so we can safeguard against any highly excessive usage deemed as abusive, because network bandwidth / throughput is a resource we have to purchase. We also use this to calculate an average across all users, which helps us optimize server capacity, and to anticipate future bandwidth requirements and allocate resources accordingly.

That's all.

Anonymized Payments

When you make a payment using Stripe, their payment record will contain personal info from the payment method used (like cardholder name, bank name, and billing address). What we do is prevent this record from ever being linked to your Cloak Engaged account number or Discord ID. Simply put, if an entity had access to our database and Stripe's database, there's no way of linking Stripe payment records to Cloak Engaged accounts or Discord IDs.

When you use /top-up, a cryptographically random token is generated, and a Stripe checkout session is created with only this token in the metadata. Stripe is never given your Discord ID or your Cloak Engaged account number. Internally, we keep a short-lived mapping of this token and the account number. When a payment is completed, Stripes sends the completed checkout session to our webhook, where we extract the token and number of credits that were purchased. We fulfill the order and delete the mapping atomically. All of this happens in a few milliseconds. This prevents any Stripe payment record from ever being linked to a specific user account, thus gaining the convenience of Stripe without sacrificing on privacy.