Privacy Policy

Last Updated: February 23, 2026 This Privacy Policy is issued by 'LOKKA TEAM' LLC (the 'Company', 'we', 'us', or 'our'), operating the LOKKA service (the 'Services'). We are committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Services. Please read this document carefully. If you have any questions or concerns, contact us at support@lokkavpn.com. 1. Scope of This Privacy Policy This Privacy Policy applies to all information collected through: - Our website: lokkavpn.com - Our mobile applications - Any other services or platforms owned or operated by us (collectively, the 'Services'). By accessing or using our Services, you agree to this Privacy Policy. If you do not agree with the terms, please discontinue use of our Services immediately. 2. Information We Collect 2.1 Information You Provide to Us We may collect personal data that you provide when you create an account, use our Services, or contact us, such as: - Contact details: name and email address (and other details you choose to provide) - Account information: user ID, username, and password (stored only as a cryptographic hash, not in plain text) - Communications: information you include in messages to us (for example, support inquiries or feedback) - Payment and transaction information (direct payments): limited information needed to confirm and support your purchase (for example, payment status, transaction identifiers, amount, currency, purchased plan) 2.2 Information Collected Automatically We may automatically collect certain technical information when you use our Services, which may include personal data, such as: - Device and technical information: IP address, device identifiers (for example, device ID), device type, operating system, app version, language, and similar technical identifiers - Approximate location: derived from your IP address (for example, to provide and secure the service) This data is used for troubleshooting, security, abuse prevention, and improving the reliability of our Services. 2.3 VPN / Network Data (Service Operation) To provide the VPN service, we process and store limited connection-related technical data ('connection logs'), such as: - Connection status and timestamps (connect/disconnect) - Server/node used and protocol/transport identifiers - Basic performance and diagnostic information (for example, error codes) - Account/user identifier (if applicable) - Aggregated bandwidth/traffic volume We do not intentionally collect or log the contents of your internet traffic (such as visited websites, DNS queries, or the content of communications). If you contact support, you may choose to share diagnostic logs or screenshots. 3. How We Use Your Information We use the collected information for the following purposes: - Providing and managing our Services: to create and maintain your account, provide requested features, and operate the service - Communication: to respond to support requests and send service-related notices - Security and fraud prevention: to protect our Services and users, detect abuse, and enforce our terms - Service reliability and improvement: to monitor service performance, troubleshoot issues, and improve stability and security based on technical and connection data - Legal compliance: to comply with legal obligations, resolve disputes, and enforce our agreements Payments: If you purchase a subscription through the Apple App Store or Google Play, the payment is processed by the respective store. We do not collect or store your full payment card details. We may receive limited information from the store, such as subscription status and purchase/transaction identifiers, as provided by the store. If you purchase a subscription via our website or other direct payment methods outside the app (for example, card payments, instant bank payments, or cryptocurrency), the payment may be processed by third-party payment providers or banking partners. We may receive limited payment-related information needed to confirm and support your purchase, such as payment status, transaction identifiers, amount, currency, and the purchased plan. We do not intentionally store your full payment card details. 4. Legal Bases for Processing (If applicable under GDPR) If you reside in the European Economic Area (EEA) or the United Kingdom, our legal bases for collecting and using your personal data include: - Consent: you have given consent to process your personal data for a specific purpose - Contract: processing is necessary to perform our contract with you - Legal obligations: processing is necessary to comply with legal requirements - Legitimate interests: processing is necessary for our legitimate interests, provided those interests are not overridden by your fundamental rights and freedoms 5. Disclosure of Your Information We share personal data only as necessary to operate and secure the Services, and only with the following categories of recipients: - Infrastructure and service providers: vendors that help us host, operate, and secure the Services (for example, hosting/data center providers and other technical service providers). These providers process data on our behalf under contractual confidentiality and security obligations. - App stores and payments: if you purchase a subscription through the Apple App Store or Google Play, the purchase is processed by the respective store. We may receive limited information from the store (such as subscription status and purchase/transaction identifiers). - Payment providers (direct payments): third-party payment providers or banking partners that process payments made via our website or other direct payment methods outside the app. - Legal requirements: where necessary to comply with applicable law, respond to lawful requests, protect our rights, or investigate security issues and abuse. - Business transfers: if we merge, sell, or transfer part or all of our business or assets, user information may be transferred as part of that transaction. We do not sell or rent your personal data to third parties for their direct marketing purposes. 6. Data Retention We retain personal data only for as long as necessary to provide and improve the Services, comply with legal obligations, and resolve disputes. Account information is retained for as long as your account remains active. If you delete your account, we delete or anonymize your account data within a reasonable period, unless retention is required by law. Connection logs are retained for up to 90 days for troubleshooting, security, and abuse prevention purposes, and are then deleted or anonymized, unless a longer retention period is required by law. Payment and transaction records (where applicable) may be retained for longer periods as required by accounting, tax, and other applicable legal obligations. 7. International Data Transfers If you access our Services from outside the country where we are established, or where our servers and service providers are located, your information may be transferred across international borders. We take reasonable measures to ensure your personal data is handled in accordance with this Privacy Policy and applicable data protection laws, including using appropriate safeguards where required. 8. Your Rights and Choices Depending on your jurisdiction, you may have the following rights regarding your personal data: - Access: request a copy of the personal data we hold about you - Rectification: request corrections to inaccurate or incomplete personal data - Erasure: request deletion of your personal data, subject to certain legal exceptions - Restriction: request restrictions on processing in certain circumstances - Portability: receive your personal data in a structured, commonly used, and machine-readable format - Objection: object to processing for direct marketing or other specific reasons - Withdrawal of consent: if processing is based on consent, you may withdraw it at any time To exercise these rights, contact us at support@lokkavpn.com. If you are in the EEA or the UK, you also have the right to lodge a complaint with a supervisory authority. 9. Security of Your Information We use commercially reasonable security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. Despite our efforts, no security measures are perfect or impenetrable. Please protect your account login credentials and notify us immediately of any unauthorized use of your account. 10. Third-Party Websites Our Services may include links to third-party websites or services. This Privacy Policy does not apply to data collected by third parties. We encourage you to review the privacy policies of any third-party websites or services you visit. 11. Children’s Privacy Our Services are not directed to children under the age of 13 (or under 16 in the EEA/UK where applicable), and we do not knowingly collect personal data from children. If you believe we have collected data from a child in violation of applicable law, please contact us immediately, and we will take steps to remove such information from our systems. 12. Updates to This Privacy Policy We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be indicated by an updated 'Last Updated' date, and the changes will be effective as soon as they are accessible. We encourage you to review this Privacy Policy periodically. 13. Contact Us If you have any questions or comments about this Privacy Policy or our data processing practices, please contact us at: Legal entity: 'LOKKA TEAM' LLC Registered address: Nar Dos 2, Yerevan, Armenia Email (support): support@lokkavpn.com