Legal

Privacy Policy

Last updated: June 28, 2026.

This Privacy Policy explains what data is processed when you use the Nafanya VPS application (the “App”). The App is a client that provides a convenient interface for connecting to the user's own servers on iOS, Android, macOS and Windows. By default, the App contains no information about which server to connect to: to establish a connection, the user must import a configuration themselves — via a https:// link (a list of configurations, opened from the browser through a deeplink) or manually by pasting a vless:// link. Without an explicitly imported server, no connection is established. We follow the principle of collecting only the minimum data necessary.

The data controller is sole proprietor Dmitriev Maksim Aleksandrovich (“we”). For any data-related questions, contact support@nafanya.llc.

In short

What data is processed

1. Data stored only on your device

The following data is stored locally in the device’s secure storage and is never sent to our servers:

You can delete this data at any time within the App or by uninstalling the App.

2. Data required to operate the connection

3. Crash diagnostics (anonymized)

In case of an error or failure in the App, anonymized technical data about the failure is sent via Google Firebase Crashlytics. It helps us find and fix problems and includes: device model, operating system version, App version, time and circumstances of the failure, the call stack, and a technical installation identifier generated by Crashlytics. This data does not identify you personally and contains no content of your traffic. Diagnostics are not sent in debug builds.

4. Update checks

To notify you about available updates, the App uses Google Firebase Remote Config and compares the current version with the latest one. No personal data is collected for this.

What we do not do

Third-party services

The App uses Google services (Firebase Crashlytics and Firebase Remote Config). Their processing of data is governed by the Google Privacy Policy. The connection technology is built on the open-source Xray Core; the list of open-source components is available on the Licenses page.

Encryption

The connection is encrypted using standard modern cryptographic protocols (based on the Xray Core engine with TLS and AES-family encryption). Communication with import links uses the secure HTTPS/TLS protocol.

Retention periods

Your rights

Depending on your jurisdiction (including the GDPR for EU users and the CCPA for California users), you may have the right to access, correct, delete and restrict the processing of your data, as well as the right to object to processing. To exercise these rights, contact support@nafanya.llc.

Data deletion

To delete local data it is enough to remove the imported configuration inside the App or uninstall the App.

Children

The App is not intended for individuals below the age at which, under the laws of their country, they can independently consent to data processing. We do not knowingly collect data from children.

Changes to this Policy

We may update this Policy from time to time. The current version is always available on this page; the last updated date is shown above.

Contact

ControllerDmitriev Maksim Aleksandrovich, IP