To maintain the security and privacy of our users, the Courvix Network ("Us", “We”, Our", “The Network”, “The Organization”, “Courvix”) has a privacy policy which affords rights to our users ("You", “Your”, “User”, “Users”) in regards to their data.
At Courvix, we believe we can offer great free products without compromising user privacy. We go the extra mile to ensure we're only collecting what we need; and we try to be as transparent about it as possible. The personal data collected by Courvix is dependent on how you interact with our services. We've described our policies for each service below 👇
If you have any questions, please reach out!
Our VPN service maintains a minimum level of logging in order for our servers to function properly. Due to the way our VPN servers are configured, which includes the VPN daemon, the firewall, and other components of the Linux network stack, we cannot reliably operate without some information being stored temporarily.
Whilst connected, the information we have is as follows;
- IP address
- Time connected
The above information exists on our VPN servers only for the duration of the time you are connected to a particular server. This information is necessary in order to maintain a “connection state” for our firewall to determine bad packets from legitimate packets, and inside the routing/NAT table to transmit traffic between the correct client. This information under no circumstances is stored on the disk indefinitely. All VPN providers have this information somewhere, and we're honest about where it is, why we have it, and for how long it is retained.
Once you disconnect from our server, the information no longer exists.
Our email service maintains a level of logging necessary in order to ensure the functioning of our service, the debugging of issues, and to ensure security of our users and of the network.
At any point in time, we may have the following information about you and your account in relation to our email service:
- Email address
Necessary for user identification, logins, sending and receiving email, and email storage.
- Hashed password
Necessary for logins. Your hashed password is cleared or set to a random value when accounts are closed or banned.
- Date and time of registration
Used for measuring rate of user growth.
- Recovery email used at registration
Used in order to verify user identities and send new passwords in the event of a password reset.
- Date and time of logins
Used to prevent account bruteforcing and cases of abuse.
- IP addresses used for logins.
Used for verifying account ownership in cases where recovery emails were not set, and investigating cases of abuse.
- The IP address used to send emails
Used for investigating cases of abuse.
- The recipients of emails you have sent
Used for investigating cases of abuse.
- Emails that you have sent, received, or moved to drafts
Emails must be stored for obvious reasons (I.e. letting you access your emails)
Emails may be deleted by the user with our webmail or over IMAP.
- Web requests containing user agent, referrer, IP address, timestamps as logged by nginx.
Web requests are retained for 1 month to debug issues with our webserver and other software.
At absolutely no point will the Courvix Network share any data we have about you unless you are the subject of a law enforcement request that we have deemed legitimate and lawful.
The Courvix Network does not sell your data, and does not share your data with any non-law enforcement entities.
With the exception of cases involving a threat to life, all legal requests for information must utilize a signed subpoena/court order that compels us to turn over information on our users.
Our transparency page shows legal requests regarding the aforementioned services. We disclose such requests within 7 days, except when conflicting with our legal or moral obligations.
Any violation of our Terms of Service (https://wiki.courvix.com/terms) may waive your rights as afforded by this Privacy Policy.