Privacy Policy

This Privacy Policy explains how CloudLeopard VPN collects, uses, and protects your information when you use our VPN services.

Welcome to CloudLeopard VPN (hereinafter referred to as the “App”, “Service”, “we”, or “us”). We understand that VPN services involve highly sensitive network communication data, so we take your privacy and data protection very seriously. CloudLeopard is developed and operated by the App developer based in Malaysia. This Privacy Policy is intended to clearly explain:

• What data we collect or may collect;
• What data we do not collect or log;
• How we use and protect this data;
• Under what circumstances (if any) we share data with third parties;
• Your privacy rights and how you can exercise them.

Please read this Privacy Policy carefully before you download, install, register, connect to, or use the App and related services. If you do not agree with any part of this Policy, please stop using the App and the Services immediately.

1. Scope and Role Description

This Privacy Policy applies to:

• The CloudLeopard client on iOS;
• The VPN network services and related features we provide for CloudLeopard (collectively, the “Services”);
• Our customer support channels (such as email and in-app feedback forms).

“Personal information” or “personal data” in this Policy means information that can identify a specific natural person on its own or in combination with other information (such as an email address, IP address, etc.).

CloudLeopard is provided and maintained by the App developer (hereinafter referred to as “we”). We act as the data controller / personal information processor for the App and related Services, to the extent defined under applicable data protection laws in your jurisdiction.

2. VPN Usage Data We Do Not Collect or Log

To maximize protection of your anonymity and meet the privacy expectations for VPN apps, we make the following commitments when you use the VPN Service:

We do not record or store:

1. The specific website domains or URL contents you access through the VPN;
2. The detailed content of apps or services you use (including what you browse, watch, or download);
3. The content of the traffic inside the VPN tunnel itself (such as HTTP content, DNS query content, etc.);
4. Logs that associate any VPN usage data with your real identity, account information, or device identifiers;
5. Identifiers used for advertising, user profiling, or cross-app tracking (such as unique IDs used for third-party advertising).

In other words: we do not monitor, record, or store the content of your online activities; we do not use it for advertising or behavioral profiling; and we do not sell, rent, or share VPN-related usage data to any third party for their own purposes.

For the sole purpose of routing your network traffic, our systems inevitably process certain technical information (such as IP packets) in memory. However, this processing is transient and is not stored in a form that allows us to reconstruct your browsing history or content.

3. Types of Data We May Collect and How We Use It

Below are the types of data CloudLeopard may collect or process when providing the Services. In practice, we follow the principle of collecting only the minimum data necessary.

3.1 Account and Basic Information

If the App provides an account feature, when you create or log in to an account, we may collect:

• Nickname or display name (if any);
• Account creation time and status (such as whether you are a paid subscriber);
• Account security information (such as password hashes; we do not store plain-text passwords).

We use this information to:

• Create and manage your CloudLeopard account;
• Provide subscription status verification and synchronization;
• Send you important service-related notices (for example: service changes, security alerts, billing notifications);
• With your authorization, send non-mandatory information about product feature updates (you can unsubscribe at any time).

If you use the App in anonymous mode and do not create an account, the above account information will not be collected.

3.2 Subscription and Payment Information

When you purchase or subscribe to our Services via App Store in-app purchases:

• The payment process is handled by Apple or the relevant payment provider;
• We do not have access to your full payment card information (such as card numbers).

The only information we may obtain from Apple or the payment provider includes:

• Whether a payment was successful or failed;
• Order number, transaction time, and product type (for example, the type of subscription plan);
• Information necessary for reconciliation and after-sales service.

We use this information to:

• Confirm and manage your subscription status and validity period;
• Process billing inquiries and refund requests;
• Fulfill financial audit and compliance retention requirements.

3.3 Device and App Basic Information

To ensure basic operation of the Services and for troubleshooting, we may collect certain device and App-related information, such as:

• Device model and operating system version (for example, iPhone 15, iOS 18.x);
• App version number;
• System language and time zone settings;
• Persistent device identifier: We generate a unique identifier (UUID) that is stored securely in your device's Keychain. This identifier persists across app reinstalls and is used solely for fraud prevention, abuse detection, and account security. It is not linked to any advertising identifier or used for tracking purposes.
• Device-level data retention: To prevent abuse of promotional rewards (such as registration bonuses or trial subscriptions), certain device-related records are stored in the iOS Keychain, which persists even after the app is uninstalled. This includes:
  • First installation timestamp;
  • Reward claim records (e.g., whether registration bonus has been claimed);
  • App reinstall count.
  This data is stored locally on your device and is used solely to prevent users from repeatedly claiming one-time rewards by reinstalling the app. It is not transmitted to external servers for tracking purposes.

We use this information to:

• Adapt the App to different devices and system versions and improve compatibility;
• Analyze App performance and optimize user experience;
• Identify abnormal access patterns and protect the security and stability of the Services.

3.4 Minimal Technical Information Related to VPN Connections

To operate the VPN network, manage overall capacity, and prevent abuse, we may process the following information in anonymized aggregate form or short-term logs:

• The VPN server location or code you connect to (for example, “Singapore Node #3”);
• Connection start and end times (timestamps);
• Type of protocol used (for example, proprietary or system protocols);
• Aggregate statistics for bandwidth and total data usage (not including the specific content you access).

Important notes:

• This information does not include the specific websites or apps you access;
• We do not directly associate this connection information with your browsing activity or real-world identity;
• After fulfilling operational and security purposes, we retain only the necessary aggregate statistics and delete or anonymize the original records.

3.5 Diagnostics and Crash Logs

To fix issues and improve stability, and only with your authorization or when system settings permit, we may obtain from Apple or related platforms:

• Crash logs and error stack traces;
• Network connection error codes and brief environment information (such as connection failure reasons: authentication error / network unreachable, etc.);
• Usage statistics related to feature stability (for example, specific actions that frequently lead to crashes).

Characteristics of this data:

• It is mainly used for technical troubleshooting and improving the user experience;
• We will try to avoid collecting content that can directly identify you;
• If we use third-party crash analytics services, they are used only for App performance analysis, not for advertising or user profiling.

You can disable sharing of Apple crash logs in system settings, or turn off diagnostic data reporting within the App (if we provide this option).

3.6 Customer Support and Communications Information

When you contact us through email or in-App feedback, we may collect:

• Your contact email address;
• The problem description, screenshots, or log files you voluntarily provide (if you choose to attach them);
• Our communications and interaction records with you.

We use this information to:

• Provide customer support and track issue resolution;
• Improve CloudLeopard’s services and feature design;
• Retain records of complaints or dispute handling when required by law.

4. How We Use This Information

We only use the collected information for the following purposes:

1. Providing, maintaining, and improving CloudLeopard and its VPN Services;
2. Managing accounts and subscriptions, including verifying subscription status and service duration;
3. Optimizing performance, fixing issues, and improving stability and compatibility;
4. Identifying and preventing abuse or illegal activities (such as attacks or malicious traffic), and protecting the security of the Services and users;
5. Sending important service-related notifications to you (non-marketing);
6. With your consent, sending non-mandatory information about product updates and features (you can opt out at any time);
7. Complying with applicable laws, regulations, and regulatory requirements, and cooperating with authorities when necessary.

Where required by applicable law (for example, in some jurisdictions under data protection regulations), we rely on one or more of the following legal bases to process your personal information:

• Performance of a contract with you (for example, providing the VPN service you subscribed to);
• Compliance with legal obligations (for example, retaining certain billing records);
• Our legitimate interests (for example, ensuring service security and preventing abuse), provided that such interests do not override your fundamental rights and freedoms;
• Your consent, where applicable (for example, optional diagnostics or marketing communications).

We will not use your personal information for purposes unrelated to those described above without your consent.

5. Data Sharing and Third-Party Services

5.1 No Selling, No Third-Party Purposes, No Ad Tracking

We make the following commitments:

• We do not sell any personal data related to you;
• We do not use your data for third-party advertising, cross-app tracking, or user profiling;
• We do not disclose data related to your VPN usage for the marketing or advertising purposes of any third party.

5.2 Limited Third-Party Processing

In certain scenarios, we may provide necessary and limited data to service providers who process data solely on our behalf, for example:

• Cloud infrastructure and server hosting providers;
• Crash analytics and performance monitoring platforms (used only for technical diagnostics);
• Email delivery services (for sending registration confirmations, service notifications, etc.);
• Systems that support payments and billing (for example, reconciling transactions with our backend).

We enter into strict data protection agreements with these service providers, requiring them to:

• Process data only in accordance with our written instructions;
• Not use the data for their own purposes (for example, advertising or profiling);
• Implement reasonable security measures to protect the data.

5.3 Legal and Compliance Requirements

In the following limited circumstances, and only in accordance with legal procedures, we may disclose your information:

• To comply with applicable laws and regulations, court orders, or requests from competent authorities;
• To protect our legitimate rights and interests within a reasonable scope (for example, to combat fraud, attacks, or other illegal activities);
• In emergency situations, to protect your or others’ life, property, or other significant legal rights.

Even in such cases, we will attempt to limit the scope of disclosure as much as possible and, where permitted by law, inform you.

6. Data Storage and Retention Period

1. Storage Location. Your data may be stored in countries or regions where we or our entrusted service providers operate servers. Specific storage locations may change depending on service deployment, but we will make reasonable efforts to ensure data security and compliance.
2. Retention Principles.
   • We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy;
   • To comply with legal, regulatory, tax, or audit requirements, subscription and billing records may be required to be retained for a longer period;
   • Customer support communications may be retained for a reasonable period after an issue is resolved, for follow-up and dispute prevention.
3. For data that exists only temporarily during processing and does not need to be stored long-term (for example, IP information processed only to establish a connection), we do not retain it for an extended period.

7. Cookies and Similar Technologies

If you visit our official website or web pages (for example, a help center or privacy policy page), we may use cookies or similar technologies to:

• Remember your language preferences or login status;
• Collect statistics on visits and usage in order to improve the website experience.

We do not use cookies for cross-site advertising tracking. You can manage or delete cookies through your browser settings, though doing so may affect the functionality of certain features.

8. Children’s Privacy

CloudLeopard and its Services are not specifically designed for children and are generally intended for users who are at least 18 years old.

We do not knowingly collect personal information from children under 18. If we become aware that we have collected children’s data without obtaining prior consent from their guardian, we will take steps to delete such information as soon as possible.

9. Your Rights

To the extent permitted by applicable law, you have the following rights regarding your personal information (the exact scope may vary depending on the laws in your jurisdiction):

1. Right of Access: You have the right to request confirmation of whether we process personal information relating to you and to obtain a copy of such data;
2. Right to Rectification: If you find that your information is inaccurate or incomplete, you have the right to ask us to correct or supplement it;
3. Right to Erasure: Where permitted by law, you have the right to request that we delete some or all of your personal information;
4. Right to Restrict Processing / Withdraw Consent: For processing activities based on your consent, you may withdraw your consent at any time (for example, by turning off diagnostic data reporting);
5. Right to Complain: If you believe our data processing violates applicable laws, you may lodge a complaint with the relevant supervisory authority.

You can submit these requests using the contact methods listed in the “Contact Us” section of this Policy. To protect your account and data security, we may ask you to complete reasonable identity verification before processing your request.

10. Account Deletion and In-App Privacy Controls

To comply with App Store requirements on account deletion and privacy controls:

1. If CloudLeopard provides an account registration feature, we will offer a clear account deletion entry within the App. Once you initiate account deletion:
   • Personal information directly associated with the account will be deleted or anonymized;
   • Data related to financial, tax, or legal compliance may be retained for the period required by law.
2. Before you use certain key features for the first time (for example, connecting to the VPN for the first time, or subscribing for the first time), CloudLeopard will, via in-App notices, briefly explain:
   • The main categories of data we collect (such as account information, connection metadata, diagnostic data, etc.);
   • The main purposes of data use (such as providing services, billing and subscription verification, performance and security, etc.);
   • What we do not collect (such as browsing activity and traffic content);
   • That we do not sell data or use it for third-party advertising or tracking.

11. International Data Transfers

Given the nature of VPN services, our servers may be distributed across different countries or regions. This means your data may be processed or stored outside your country or region of residence.

When we transfer data across borders, we will:

• Do so only to the extent necessary to provide the CloudLeopard Services;
• Take appropriate technical and organizational measures to protect data security;
• Implement necessary legal mechanisms to safeguard your rights where required by applicable law.

Depending on your location, data protection and privacy laws may differ from those in Malaysia. We will handle your data in accordance with this Privacy Policy and the mandatory requirements of applicable laws in your jurisdiction.

12. Data Security Measures

We implement multiple reasonable and necessary technical and organizational measures to prevent your data from unauthorized or unlawful access, use, disclosure, alteration, or loss, including but not limited to:

• Using industry-standard security protocols and encryption technologies to protect data in transit;
• Enforcing access controls and the principle of least privilege on our servers, and performing necessary log audits;
• Hardening and regularly backing up data storage systems;
• Providing privacy and security training to personnel involved in data processing and limiting access to those for whom it is strictly necessary.

Although we make every reasonable effort to protect your data, no network environment can guarantee absolute security. If a data breach or other security incident unfortunately occurs, we will take remedial measures in a timely manner and, where required by laws and regulations, notify you.

13. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, our business, or technology.

• If an update constitutes a material change (for example, changes in data usage or sharing practices), we will notify you via prominent in-App means (such as pop-up notices or announcements) and, where necessary, obtain your renewed consent;
• Unless otherwise stated, the updated Privacy Policy will take effect immediately upon publication;
• If you continue to use CloudLeopard or related Services after this Policy is updated, you will be deemed to have accepted the updated Policy.

14. Contact Us

If you have any questions, comments, or complaints about this Privacy Policy or our handling of your personal information, or if you wish to exercise any of the above rights, please contact us at:

• Email: go17trx@gmail.com

We will review and respond to your request as soon as reasonably possible. For requests involving access to or deletion of personal data, we may, within a reasonable scope, ask you to provide additional information to verify your identity.

Last Updated: December 2025