PRIVACY POLICY

Last updated: April 15, 2025

1. INTRODUCTION

Welcome to the Privacy Policy of ZeroVPN.io (“we”, “our”, “ZeroVPN”), a service provided by INNOVATIVITY SRL. We respect your privacy and are committed to protecting your personal data. This Privacy Policy aims to inform you about how we collect, use, disclose, and protect your information when you use our VPN services, visit our website (zerovpn.io), or interact with us in any other way.

2. WHO WE ARE

ZeroVPN.io is a service provided by INNOVATIVITY SRL, offering a Virtual Private Network (VPN) management solution through a cloud interface. Our platform allows users to configure, manage, and control their own VPN gateways securely and in a customized manner.

Data Controller:
INNOVATIVITY SRL
Corso Manusardi 3
20136, Milan, Italy

VAT: 11352270968
Email: [email protected]
PEC: [email protected]

3. INFORMATION WE COLLECT

3.1 Information You Provide to Us

  • Account Information: When you register to use our services, we collect your email address and payment information necessary to activate the service.
  • Configuration Information: We collect the information you provide to configure your VPN gateways, including cloud provider preferences, regions, and server settings.
  • Communications: When you communicate with us via email, contact forms, or other channels, we collect the information you provide in these communications.

3.2 Information Collected Automatically

  • Device Information: We may collect information about the device you use to access our cloud interface, including device type, operating system, unique device identifiers, and network information.
  • Interface Usage Information: We record basic information about the use of our management interface, such as configuration actions performed, control panel access, and changes made to settings.
  • Website Information: When you visit our website, we may automatically collect certain information, including details about your visits such as the URLs from which you arrive, the pages you visit, the date and time of your visit, and certain cookies that are installed on your device.

3.3 Information We DO NOT Collect

ZeroVPN.io operates with a model that inherently respects privacy. We do not collect or have access to:

  • Data traffic within your VPN
  • The content of data transferred through your VPN gateways
  • Specific activities performed through your VPN
  • Resources accessed through your VPN

This is because our service only provides the management interface, while the VPN gateways are dedicated to the individual customer and operate on servers chosen by the user themselves.

4. HOW WE USE YOUR INFORMATION

We use the collected information to:

  • Provide Our Services: Manage your account, provide access to our VPN management cloud interface, and offer customer support.
  • Facilitate Gateway Configuration: Implement your choices of provider, region, and configuration for VPN gateways.
  • Improve Our Services: Analyze interface usage to identify technical issues, optimize performance, and develop new features.
  • Communicate With You: Respond to your requests, send you service-related notifications, and, with your consent, send you informational material.
  • Ensure Security: Prevent fraudulent, abusive, or illegal activities on our services.
  • Comply With Legal Obligations: Fulfill our legal obligations and respond to legitimate requests from authorities.

5. LEGAL BASIS FOR PROCESSING

We process your personal data based on the following legal grounds:

  • Performance of a Contract: When necessary to fulfill our contractual obligations to you regarding the provision of the ZeroVPN service.
  • Legitimate Interest: When it is in our legitimate business interest, such as improving and developing our services, provided it does not override your rights and freedoms.
  • Consent: When you have expressly consented to the processing of your data for specific purposes.
  • Legal Obligation: When necessary to comply with a legal obligation to which we are subject under Italian and European regulations.

6. SHARING YOUR INFORMATION

We do not sell, rent, or exchange your personal information with third parties. However, we may share your information in the following circumstances:

  • Cloud and Hosting Providers: Based on your configuration choices, we share the necessary information with the cloud/hosting providers you have selected to host your VPN gateways. This sharing is limited to the data strictly necessary to configure and manage your VPN gateways.
  • Service Providers: We may share your information with third-party service providers that help us provide and improve our services (e.g., payment processors, hosting providers for our cloud interface, analytics services).
  • Legal Compliance: We may disclose your information if required by Italian or European law, legal proceedings, or a competent governmental authority.
  • Protection of Rights: We may disclose information to protect our rights, property, or the safety of our users or others.
  • Business Reorganization: In the event of a merger, acquisition, or sale of INNOVATIVITY SRL assets, your information may be transferred as part of such transaction.

7. INTERNATIONAL DATA TRANSFERS

Since ZeroVPN.io allows users to choose cloud providers and regions worldwide to host their VPN gateways, your configuration data may be transferred and processed in countries outside Italy and the European Union. We take appropriate measures to ensure that your data remains protected in accordance with this Privacy Policy and the General Data Protection Regulation (GDPR), regardless of where it is processed.

For data transfers from the European Economic Area (EEA) to countries that do not offer an adequate level of protection according to the European Commission, we implement appropriate safeguards, such as the standard contractual clauses approved by the European Commission.

8. DATA SECURITY

INNOVATIVITY SRL implements appropriate technical and organizational measures to protect your personal information against loss, unauthorized access, disclosure, alteration, or destruction. These measures include, but are not limited to:

  • Encryption of data in transit and at rest
  • Firewalls and intrusion detection systems
  • Limited access to personal data
  • Regular monitoring and auditing of our systems
  • Privacy and security training for our staff

However, no system is completely secure, and we cannot guarantee the absolute security of your data.

9. DATA RETENTION

We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including compliance with any legal, accounting, or reporting obligations required by Italian and European regulations.

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your data, and whether we can achieve those purposes through other means.

In general:

  • Account data is retained for the duration of your subscription and for a subsequent period of 12 months.
  • Payment information is retained in accordance with applicable Italian tax and accounting laws (typically 10 years).
  • Configuration data is retained for the duration of the service and up to 30 days after service termination.

10. YOUR PRIVACY RIGHTS

In accordance with the GDPR and Italian data protection regulations, you have the following rights regarding your personal data:

  • Right of Access: You can request a copy of your personal information that we hold.
  • Right to Rectification: You can request the correction of inaccurate or incomplete information.
  • Right to Erasure: You can request the deletion of your personal information in certain circumstances.
  • Right to Restriction of Processing: You can request the limitation of processing of your personal information in certain circumstances.
  • Right to Data Portability: You can request the transfer of your personal information in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to the processing of your personal information in certain circumstances.
  • Right Not to Be Subject to Automated Decision-making: You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affect you.
  • Right to Withdraw Consent: When processing is based on consent, you have the right to withdraw consent at any time.

To exercise these rights, contact [email protected]. We will respond to your request within 30 days as required by the GDPR.

11. COOKIES AND SIMILAR TECHNOLOGIES

Our website uses only essential and functional cookies to ensure the proper functioning of the site and improve your browsing experience. Cookies are small text files that websites can place on your device when you visit them.

We use the following types of cookies:

  • Strictly Necessary Cookies: Essential to allow you to navigate our website and use its features, such as accessing secure areas.
  • Functional Cookies: Used to recognize you when you return to our website and to personalize content according to your preferences.

We do not use profiling, marketing, or third-party cookies for tracking.

You can set your browser to refuse all or some cookies, or to alert you when websites set or access cookies. If you disable or refuse essential cookies, please note that some parts of our website may become inaccessible or not function properly.

12. MARKETING

We may send you communications regarding our services and technical updates relevant to your use of ZeroVPN.io. You can choose not to receive these communications at any time by clicking the unsubscribe link in our emails or by contacting us directly.

We do not share your personal information with third parties for marketing purposes.

13. MINORS

Our services are not intended for individuals under the age of 18, and we do not knowingly collect personal data from minors. If we become aware that we have collected personal data from a minor, we take steps to remove such information from our servers.

14. CHANGES TO THE PRIVACY POLICY

INNOVATIVITY SRL may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will inform you of any substantial changes by posting the new Privacy Policy on our website and, if required by law, we will inform you via email.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

15. CONTACT US

For any questions or concerns regarding this Privacy Policy or our privacy practices, you can contact us at:

Email: [email protected]
PEC: [email protected]
Postal address: Corso Manusardi 3, 20136, Milan, Italy

16. COMPLAINTS

If you are not satisfied with our response to your privacy concerns, you have the right to file a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) at https://www.garanteprivacy.it/.

17. APPLICABLE LAW AND JURISDICTION

This Privacy Policy is governed by and construed in accordance with Italian law, without regard to its conflict of legal principles. All disputes arising from or related to this Privacy Policy will be subject to the exclusive jurisdiction of the courts of Milan, Italy.

Note: This Privacy Policy is a dynamic document that may require periodic updates to reflect changes in legal requirements or our practices. The last update date is indicated at the beginning of the document.