Privacy Policy — MeGa-TiK VPN

Last updated: 18 November 2025

This Privacy Policy explains how MeGa-TiK ("we", "us", "our") collects, uses, stores, and protects personal information when you use our mobile application (the "App"). We comply with GDPR, CCPA, LGPD, VCDPA, and Google Play user data and VPN permissions policies.

1. Information We Collect

1.0 WebView Account Registration Data

The App includes a built-in WebView that opens our official website to allow users to create an account. When registering through the WebView, the following personal information is collected:

• First Name
• Last Name
• Email Address
• Password (stored in hashed form)
• Phone Number
• Country

Registration data is collected only by our website backend and is not processed by the App outside the WebView environment.

1.1 Automatically Collected App Data

• Device Information: device model, OS version, network info, language, and a unique device_id.
• Firebase Analytics: anonymous usage metrics.
• Firebase Crashlytics: crash diagnostics.

1.2 User-Provided Data

Users must authenticate using a username and password. Passwords are hashed and never stored in readable form.

1.3 Data We Do Not Collect

We do NOT collect, store, or log VPN traffic, including:

• Browsing history
• App usage activity
• Destination IP addresses
• DNS queries
• Bandwidth usage
• VPN session timestamps
• Any activity logs

2. How We Use the Information

• To authenticate accounts
• To provide secure VPN connectivity
• To improve performance and diagnose issues
• To send essential notifications
• To manage device access via device_id

3. Permissions We Use

BIND_VPN_SERVICE

Required to establish a secure VPN tunnel. VPN traffic is never inspected, stored, or logged. The App activates VPN only after explicit user consent.

POST_NOTIFICATIONS

Used only for essential service notifications (no marketing).

AD_ID / ACCESS_ADSERVICES_AD_ID

Used automatically by Firebase for attribution. We do not use the Advertising ID for ads or tracking. Users can reset their Advertising ID from device settings at any time.

4. Third-Party Services & SDKs

• Firebase Analytics — anonymous app usage.
• Firebase Crashlytics — crash diagnostics.
• Firebase Cloud Messaging — essential notifications.

These services do not access VPN activity or browsing data.

4.1 Network Endpoints Used

• https://vpn.mega-tik.com — authentication, device verification, service operations.
• win.mega-tik.com — used by the VPN via SSTP protocol for secure tunneling.

5. Data Storage & Retention

We store only:

• device_id
• Account information (username + hashed password)

Retention: All stored data is deleted 5 days after subscription expiration. Users may request deletion at any time.

5.3 Account Deletion

To delete your account and all stored data (including device_id), email: it.ahmednour@gmail.com.

5.4 Legal Basis (GDPR)

• Contract performance
• Legitimate interest
• User consent (for VPN connection)

5.5 Cookies in WebView

Our website uses cookies only for authentication and security. Cookies are controlled by the website and are not accessible by the App.

6. Data Security

We use HTTPS, secure servers (OVH Germany), and strong password hashing.

7. Data Sharing

We do not sell or share user data with advertisers. Data is shared only when legally required or for Firebase operations.

8. International Transfers

Data is processed in Germany under GDPR-compliant infrastructure.

9. Your Rights

• Access your data
• Request deletion
• Request correction
• Know what data is shared
• Opt-out of any sharing or sale

Opt-out of Data Sale or Sharing

We do not sell personal data. However, users may opt-out of any data sharing or data sale at any time by contacting us at: it.ahmednour@gmail.com.

Right to Lodge a Complaint

If you believe your rights have been violated, you may file a complaint with your local Data Protection Authority (DPA).

10. Children's Privacy

The App is not intended for children under 13.

11. Changes to This Policy

We may update this policy periodically. Updated terms will be posted in the App.

12. Contact Information

Data Controller:
MeGa-TiK (Ahmed Nour)
Email: it.ahmednour@gmail.com
Phone: +201148740661

Data Protection Officer (DPO):
Ahmed Nour
Email: it.ahmednour@gmail.com
Phone: +201148740661

© 2025 MeGa-TiK — All rights reserved.