Port 25 Open — included on every VPS in our VPS 25 Port Open line.
VolkNode

Privacy Policy

Last updated: April 22, 2026

We keep only the data we need to run the service and bill you. This policy explains what we collect, why, and how to exercise your rights.

1. What we collect

  • Account data: email, hashed password, optional display name.
  • Billing data: payment-gateway transaction IDs, invoice records, wallet ledger. We never see or store your full card number — payments are handled by aamarPay, Plisio, or Stripe.
  • Service data: server metadata (hostname, IP, region, plan) needed to provision and manage your VPS.
  • Support data: ticket content, reply history, email logs.
  • Technical data: IP address and user-agent at login, for fraud prevention. Rotated out of active storage after 90 days.

2. What we don't collect

We don't track your VPS workload, inspect the content running on your server, or run third-party advertising trackers on the customer dashboard. Marketing pages use a single first-party analytics beacon that stores only aggregate page-view counts.

3. How we use your data

  • Deliver, maintain, and secure the service.
  • Bill you and send transactional emails (order, renewal, ticket replies).
  • Prevent abuse, fraud, and violations of our Terms.
  • Comply with legal obligations (tax records, law-enforcement requests where valid).

4. Who we share it with

Limited, vetted processors:

  • Payment gateways — aamarPay, Plisio, Stripe.
  • Email delivery — SMTP2GO.
  • Upstream VPS providers — only the server metadata required to deploy your instance.
  • Hosting — Railway for our application; Cloudflare for DDoS protection.

We never sell your data, and we don't share it with advertisers or data brokers.

5. Cookies

We use a strictly-necessary session cookie to keep you logged in and a CSRF cookie to protect form submissions. No advertising or tracking cookies.

6. International transfers

Our application is hosted in Southeast Asia. Your VPS is physically located in the datacenter you pick at order time. Payments and email processors may be in other jurisdictions.

7. Retention

  • Account & billing: kept while your account is active + 7 years for tax compliance after closure.
  • Server root passwords: encrypted at rest; shown to you once on delivery.
  • Support tickets: 3 years from last reply.
  • Login IPs: 90 days active, then purged.

8. Your rights

You can access, correct, export, or delete your personal data by emailing support@volknode.com. Account deletion is available from the admin panel; we'll honor requests within 30 days. If your account has active services, you must terminate those first.

9. Security

Passwords are hashed with bcrypt. Secrets (API tokens, root passwords) are encrypted at rest with AES-256-GCM. All transport is HTTPS/TLS 1.3. We apply strict Content-Security-Policy headers, and admin actions are rate-limited and audit-logged.

10. Children

Our services are not directed to children under 18. If you believe a minor has created an account, contact us and we'll remove it.

11. Contact

Questions or data-access requests: support@volknode.com.

Questions? Email support@volknode.com.