[PRIVACY POLICY]

Last Updated: October 5, 2025

Our Commitment to Privacy

At AES128, our entire philosophy is built on a single, non-negotiable principle: your privacy. We engineered our VPN and encrypted email services from the ground up to minimize data collection. We believe that your online life is yours alone, and we are here to keep it that way. This policy outlines what data we collect, what we deliberately do not collect, and why.

Our guiding principle is simple: if we don't need the data to provide our service, we don't collect it.

What Information We DO NOT Collect

This is the most important part of our policy. We have a strict, verified no-logs policy. We DO NOT collect, store, or log any of the following data:

  • VPN Service Data:
    • Your original IP address or the IP address of the server you connect to.
    • Any browsing history, websites visited, or DNS queries.
    • Any traffic data, content, or metadata of your internet activity.
    • Connection timestamps or session duration.
  • Email Data:
    • The content of your emails sent to external providers. For security, all emails are stored encrypted on our servers.
    • Your contact lists.

We cannot be compelled to provide data that we do not possess. Our RAM-only server infrastructure physically prevents the long-term storage of session data.

What Little Information We DO Collect

To operate our service and manage your account, we require a minimal amount of information. Transparency means being honest about what this is.

  • Account Information:
    • Username & Hashed Password: We need this to authenticate your account. Your password is cryptographically hashed and is never stored in plain text.
    • Recovery Phrase: Upon registration, you are issued a unique recovery phrase. This is the only way to regain access to your account if you forget your password. We do not store this phrase and cannot recover your account for you. It is your sole responsibility to store it safely.
  • Service Status: Open Beta
    • Our service is currently in an Open Beta Test (OBT) phase and is provided free of charge. Therefore, we do not request or collect any payment information, billing details, or donation data.
  • Aggregated & Anonymized Service Data:
    • To maintain and improve our server infrastructure, we monitor the total bandwidth consumed on a server and its current CPU load. This data is fully anonymized and contains no information about individual users or their activities. For example, we know that Server A handled 10TB of traffic in a month, but we have no idea who used it or for what.
  • User Correspondence:
    • When you contact us for support via email, Jabber, or Telegram, we keep a record of that conversation to provide you with the best possible assistance.

Data Security

We employ robust physical, procedural, and technical security measures to protect the minimal data we hold. All communication with our website and services is encrypted using TLS. Emails within our system are stored encrypted, and we use TLS to secure connections to external mail servers. Our VPN traffic is secured with the AES-256 cipher.

Your Rights

You have the right to access or delete your account information at any time through your account panel. If you choose to delete your account, all associated minimal data (username, hashed password) is permanently erased from our systems.

Changes to This Policy

We may update this policy from time to time. We will notify our users of any significant changes by posting a notice on our blog and updating the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.

Questions?

If you have any questions about this Privacy Policy, please contact us at contact@aes128.com. We believe in transparency and are happy to clarify any points.