TunnelBuddy — Privacy Policy

1) Information we collect

We collect the minimum needed to run a peer-to-peer proxy and keep it reliable:

• Technical/operational metadata: connection timestamps, technical identifiers, limited diagnostic events, IP address and user agent presented by your client, and similar telemetry necessary to establish and maintain connections and to measure reliability.
• Access control artifacts: short-lived join codes, pairing identifiers, and counters required to issue and manage access.
• App preferences on your device: for example, whether you accepted the Terms, UI/verbosity options, and similar settings. These are stored locally on your device and are not sent to us unless explicitly stated in-app.
• Tips/donations (if you use them): payment details are handled by the payment provider; we receive minimal records like transaction references and amounts.

We do not intentionally collect: the contents of the traffic you route through your own proxy/exit node.

2) Why we collect it (purposes)

• Operate the Service: establish connections, pair peers, route signaling, and keep sessions working.
• Reliability and safety: detect service issues, rate-limit abuse, investigate service interruptions, and respond to credible abuse reports.
• Legal compliance: respond to lawful requests and meet our legal obligations.
• Improvements: high-level, aggregate insights to guide stability and quality (not marketing profiles).

We do not sell your personal information.

3) Retention

Operational artifacts (e.g., connection/session and access-control metadata) are short-lived and typically expire automatically within hours.

Diagnostic/analytics metadata is retained for a short period, typically up to 30 days, to support reliability, troubleshooting, and abuse handling, after which it is deleted or de-identified.

We may preserve specific records longer if reasonably necessary to comply with law, resolve disputes, or protect safety and security (e.g., a legal hold).

4) Sharing

We share data only as needed to provide the Service and as required by law:

• Service providers (e.g., cloud hosting, payments) acting on our instructions and subject to appropriate safeguards.
• Lawful requests from authorities, when legally required and limited to data we hold.
• Business transfers (e.g., restructure or sale) where your information may transfer subject to this Policy.

5) International transfers

We primarily host in Australia. If we process data elsewhere (for resilience or delivery), we apply appropriate safeguards.

6) Security

We use reasonable administrative, technical and organisational measures designed to protect information we process. No method is perfect; you should also keep your systems updated and share access codes only with people you trust.

7) Your choices & rights

Because operational artifacts are short-lived, most requests apply to diagnostic/analytics metadata within its retention window.

Access / correction / deletion: Email contact@tunnelbuddy.net.

Diagnostics controls: If we later offer optional diagnostics beyond what's described here, we'll provide in-app controls.

8) Children

TunnelBuddy is not directed to children. Do not use the Service if you are under the age where you can lawfully consent or where the Service is prohibited.

9) Websites, cookies, and third-party links

The desktop app does not use third-party cookies. Our website may use minimal, privacy-respecting analytics; details will be provided on the website if enabled. Third-party sites are governed by their own policies.

10) Changes to this Policy

We may update this Policy from time to time. If changes materially affect your rights, we will take reasonable steps to notify you in-app or by email. The "Effective date" above shows the latest version. Continued use after the effective date means you accept the updated Policy.

11) Contact

• Privacy & general: contact@tunnelbuddy.net
• Abuse or rights-holder reports: abuse@tunnelbuddy.net