Privacy Policy
Last updated: 23 February 2026Our core promise: KEN VPN is built on a strict zero-log policy. We do not monitor, record, log, store, or share any of your browsing activity, connection timestamps, DNS queries, or IP addresses while connected to our VPN service.
1. Who We Are
KEN VPN is operated by KEN Secure Ltd ("we", "us", "our"). Our website is located at kensecure.com and our service is delivered through the KEN VPN mobile application ("the App"). This Privacy Policy explains how we collect, use, and protect information when you use our services.
2. Information We Collect
2.1 Account Information
When you create an account, we collect:
- Email address — required for account authentication and important service notifications
- Display name — optional, used to personalise your experience
- Password — stored as a securely hashed value (bcrypt); we never store or can view your plain text password
2.2 Subscription & Payment Information
If you subscribe to a paid plan, payments are processed by Stripe. We store your Stripe customer ID to manage your subscription. We never see, store, or process your credit card number, CVV, or full billing details — Stripe handles this directly under PCI-DSS compliance.
2.3 Device Information
When you register a device with KEN VPN, we store a device identifier, device name, platform type (Android/iOS), and a VPN-internal IP address. This is required for the WireGuard protocol to function.
2.4 Aggregate Bandwidth Usage
We track the total amount of bandwidth consumed per account for the purpose of enforcing plan limits (e.g. 500 MB for free plans, 50 GB for Shield plans). This is a cumulative number only — we do not record which websites, services, or IP addresses the bandwidth was used for.
3. What We Do NOT Collect
We want to be completely transparent about what we never collect or store:
- Your browsing history or websites visited
- DNS queries or search history
- Your real IP address while connected
- Connection timestamps or session durations linked to activity
- The content of your internet traffic
- Any information that could link your identity to your online activity
4. How We Use Your Information
We use the information we collect solely for:
- Providing the VPN service — authenticating your account, managing your subscription tier, and assigning VPN configurations
- Enforcing plan limits — tracking aggregate bandwidth to ensure fair usage across tiers
- Service communications — sending essential emails such as welcome messages, password resets, and upgrade confirmations
- Service improvement — aggregate, anonymised statistics to monitor server health and capacity planning
5. Data Storage & Security
Your account data is stored on secure servers hosted by Microsoft Azure in the United Kingdom. All data in transit is encrypted using TLS 1.3. VPN tunnel traffic is encrypted using WireGuard's ChaCha20-Poly1305 cipher suite. Passwords are hashed with bcrypt before storage. Access to production systems is restricted to authorised personnel only.
6. Data Sharing
We do not sell, rent, or trade your personal information to any third party. We share data only with:
- Stripe — for payment processing (see their privacy policy)
- Resend — for transactional email delivery (see their privacy policy)
- Law enforcement — only if required by valid legal process (court order, warrant). Even then, due to our zero-log policy, we have minimal data to provide
7. Data Retention
Your account data is retained for as long as your account is active. If you delete your account, we will remove your personal data within 30 days. Anonymised aggregate statistics (total bandwidth served, server utilisation) may be retained indefinitely as they contain no personal information.
8. Your Rights
Under UK GDPR and applicable data protection law, you have the right to:
- Access your personal data — request a copy of data we hold about you
- Correct inaccurate data — update your name, email, or password via the App
- Delete your account and all associated personal data
- Export your data in a portable format
- Object to processing — although we process minimal data as described above
To exercise any of these rights, contact us at privacy@kensecure.com.
9. Children's Privacy
KEN VPN is not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10. Cookies
The KEN VPN website uses only essential cookies required for the site to function. We do not use advertising cookies, tracking pixels, or analytics that identify individual visitors.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notice. The "Last updated" date at the top of this page indicates the most recent revision.
12. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices:
- Email: privacy@kensecure.com
- General support: support@kensecure.com