Transparency about what data the PRIV mobile app collects, how it's structured, and your privacy controls.

Data Collection

Full transparency about what data we collect, how it's used, and how you control it.

Collection Philosophy

PRIV follows a privacy-first approach to data collection:

Minimal Collection - Only what's needed for the service
User Control - You decide what to share
Anonymization - Data is aggregated before use
Transparency - You can see what's collected

Unlike traditional data companies, PRIV never sells individual user data. Only aggregated, anonymized insights are shared with buyers.

What We Collect

Required Data (For Service)

This data is required for the app to function:

Data	Purpose	Example
Email	Account authentication	user@example.com
Session tokens	Secure API access	jwt_token_xxx
Device ID	Device identification	uuid_xxx
VPN sessions	Earnings calculation	Duration, bytes

Optional Analytics Data

This data helps improve the service and can earn you extra PRIV:

Data	Purpose	Earnings Bonus
App usage events	Product improvement	Small
Screen view tracking	UX optimization	None
Error reports	Bug fixes	None
Feature usage	Prioritization	None

VPN-Specific Data

When using the VPN:

Data	Purpose	Stored
Connection timestamps	Earnings calculation	90 days
Bytes transferred	Earnings calculation	90 days
Server selection	Load balancing	30 days
Connection errors	Debugging	7 days

We never collect the content of your internet traffic, URLs visited, or DNS queries.

App Usage Events

Event Types

The analytics module tracks these event types:

type EventType =
  | 'app_open'         // App launched
  | 'app_close'        // App closed
  | 'app_background'   // App backgrounded
  | 'app_foreground'   // App foregrounded
  | 'vpn_connect'      // VPN connected
  | 'vpn_disconnect'   // VPN disconnected
  | 'vpn_error'        // VPN error occurred
  | 'earnings_view'    // Viewed earnings screen
  | 'earnings_claim'   // Claimed earnings
  | 'wallet_connect'   // Connected wallet
  | 'wallet_disconnect'// Disconnected wallet
  | 'navigation'       // Screen navigation
  | 'button_press'     // Button interaction
  | 'screen_view'      // Screen viewed
  | 'error'            // App error
  | 'custom'           // Custom events

Event Structure

Each event contains:

interface AnalyticsEvent {
  id: string           // Unique event ID
  type: EventType      // Event category
  name: string         // Human-readable name
  properties: {        // Event-specific data
    [key: string]: unknown
  }
  timestamp: string    // ISO timestamp
  sessionId: string    // Analytics session ID
  deviceId: string     // Device identifier
  platform: 'ios' | 'android'
  appVersion: string   // App version
}

Example Events

App Open:

{
  "id": "lq1abc123",
  "type": "app_open",
  "name": "App Opened",
  "properties": {},
  "timestamp": "2025-01-22T10:30:00Z",
  "sessionId": "sess_xyz",
  "deviceId": "dev_abc",
  "platform": "ios",
  "appVersion": "1.0.0"
}

VPN Connect:

{
  "id": "lq1def456",
  "type": "vpn_connect",
  "name": "VPN Connected",
  "properties": {
    "vpn_session_id": "vpn_123",
    "server_id": "us-east-1",
    "connection_time_ms": 1250
  },
  "timestamp": "2025-01-22T10:30:15Z",
  "sessionId": "sess_xyz",
  "deviceId": "dev_abc",
  "platform": "ios",
  "appVersion": "1.0.0"
}

Session Data Structure

Analytics Sessions

Each app usage session tracks:

interface SessionInfo {
  id: string           // Session ID
  startedAt: string    // Session start time
  lastActivityAt: string // Last event time
  eventCount: number   // Events in session
}

Sessions expire after 30 minutes of inactivity.

VPN Sessions

VPN sessions track connection data:

interface VpnSession {
  sessionId: string       // Backend session ID
  startedAt: Date        // Connection time
  endedAt?: Date         // Disconnection time
  bytesTransferred: number // Total bytes
  earnings: number       // PRIV earned
  serverId: string       // Server used
  status: 'active' | 'ended' | 'error'
  deviceType: string     // Device platform
}

Data Transfer Tracking

What's Measured

For VPN earnings, we measure:

Metric	Description	Used For
Bytes uploaded	Data sent through VPN	Earnings
Bytes downloaded	Data received through VPN	Earnings
Session duration	Time connected	Earnings
Connection quality	Latency, drops	Service quality

Heartbeat Updates

While connected, the app sends periodic updates:

interface SessionHeartbeat {
  sessionId: string
  bytesUploaded: number    // Since last heartbeat
  bytesDownloaded: number  // Since last heartbeat
  status: 'connected' | 'reconnecting'
}

Heartbeats occur every 60 seconds to:

Update earnings in real-time
Detect connection issues
Maintain session state

Not Measured

We never inspect the content of data transfer. Only aggregate byte counts are recorded.

We do NOT track:

Which apps use the most data
What websites you visit
What files you download
What messages you send

During onboarding, you choose:

Required Data - Needed for basic service (cannot opt out)
VPN Analytics - Session data for earnings
App Analytics - Usage data for improvements
Optional Sharing - Additional data for extra earnings

Access your consent settings anytime:

Settings > Privacy > Data Sharing

[x] VPN session data (required for VPN earnings)
[ ] App usage analytics
[ ] Error reporting
[ ] Feature usage tracking

You can change your preferences at any time:

Changes take effect immediately
Historical data remains under original consent
No penalty for reducing sharing
Earnings may decrease if you opt out of VPN data

Privacy Controls

View Collected Data

See what data exists about you:

Settings > Privacy > View My Data

- Account information
- Recent analytics events
- VPN session history
- Earned PRIV history

Delete Local Data

Remove data stored on your device:

Settings > Privacy > Clear Local Data

[!] This will:
- Clear analytics cache
- Clear event buffer
- Reset device preferences
- Keep account and earnings intact

Request Data Export

Download all your data:

Settings > Privacy > Export My Data

Receive a JSON file containing:
- Account details
- All analytics events
- VPN session history
- Earnings records

Delete Account

Permanently delete your account and data:

Settings > Account > Delete Account

[!] This will permanently delete:
- Your account
- All collected data
- Pending earnings (claim first!)
- Session history

Claim any pending earnings before deleting your account. Unclaimed PRIV will be lost.

Data Security

On-Device Security

Data on your device is protected by:

Encrypted storage - iOS Keychain / Android Keystore
App sandboxing - Isolated from other apps
Secure networking - TLS 1.3 for all API calls
No plain text secrets - All credentials encrypted

In-Transit Security

Data sent to servers uses:

TLS 1.3 encryption
Certificate pinning
Request signing

At-Rest Security

Server-side data is:

Encrypted in database
Access-controlled
Regularly backed up
Subject to retention policies

Data Retention

Retention Periods

Data Type	Retention	Reason
Account data	Until deletion	Service operation
VPN sessions	90 days	Earnings verification
Analytics events	30 days	Product improvement
Error logs	7 days	Debugging
Earnings records	Permanent	Financial records

After Retention

When data expires:

Automatically deleted from active systems
May persist in backups for 30 additional days
Completely purged after backup rotation

Anonymization Process

How Data Becomes Anonymous

Before any data is shared or aggregated:

1. Identifier Removal

User: user_abc123 -> [removed]
Device: dev_xyz789 -> [removed]

2. Generalization

Session: 47 minutes -> 30-60 minutes
Data: 523 MB -> 500-1000 MB

3. Aggregation

Individual session -> Part of 1000+ user average

4. k-Anonymity Data only included if at least 50 users share same characteristics.

What Buyers See

Data purchasers receive:

{
  "segment": "Mobile VPN Users - US",
  "sample_size": 5234,
  "metrics": {
    "avg_session_minutes": 45,
    "avg_weekly_sessions": 12,
    "peak_usage_hours": [18, 19, 20, 21],
    "platform_split": { "ios": 0.65, "android": 0.35 }
  }
}

They never see individual user data.

Compliance

For EU users, we comply with GDPR:

Lawful basis for processing
Right to access your data
Right to deletion
Right to portability
Data minimization

CCPA

For California users:

Right to know what data is collected
Right to delete data
Right to opt-out of data sale
No discrimination for exercising rights

App Store Guidelines

We comply with:

Apple App Store privacy requirements
Google Play data safety requirements
Platform-specific data handling rules

Contact

Questions about data collection:

Privacy inquiries: privacy@priv.io
Data requests: data@priv.io
General support: support@priv.io

Next Steps

Earnings Guide - How data contributes to earnings
VPN Guide - VPN-specific data collection
Privacy Policy - Full legal privacy policy

Data Collection

On this page