Legal Last updated: January 15, 2025

Privacy Policy

Your privacy is the foundation of our service. This policy explains how RamOnly protects your data.

Our Core Principle: Zero Data Retention

RamOnly operates on a fundamental principle: we cannot share what we do not have. Our RAM-only infrastructure ensures that no user data is ever written to persistent storage.

What We Do NOT Collect

Unlike traditional VPN providers, RamOnly does not collect:

  • Browsing history or traffic logs
  • Connection timestamps
  • IP addresses (source or destination)
  • DNS queries
  • Session duration
  • Bandwidth usage per user
  • Any content of your communications

This is not a policy choice — it is a technical impossibility. Our servers have no persistent storage devices attached.

What We Minimally Process

To provide the service, we temporarily process in volatile memory:

  • Account credentials — hashed, for authentication only
  • Active session tokens — exist only during your connection
  • Routing information — necessary for packet forwarding, purged immediately

All of the above exists only in RAM and is permanently erased when:

  • You disconnect from the VPN
  • Your session times out
  • The server reboots or loses power

Account Information

When you create an account, we store:

  • Email address — for account recovery and service notifications
  • Hashed password — we never store plaintext passwords
  • Subscription status — to manage your plan

This account data is stored separately from our VPN infrastructure and cannot be correlated with any VPN activity (because no activity logs exist).

Payment Information

Payment processing is handled by third-party providers (Stripe, cryptocurrency processors). We do not store complete credit card numbers or bank details. We retain only:

  • Transaction IDs for refund processing
  • Last 4 digits of payment method (for your reference)
  • Billing country (for tax compliance)

Third-Party Services

We use minimal third-party services:

  • Payment processors — subject to their own privacy policies
  • Email delivery — for transactional emails only

We do not use:

  • Analytics services (Google Analytics, etc.)
  • Advertising networks
  • Social media trackers
  • Third-party cookies

Law Enforcement Requests

If we receive a legal request for user data, we can only provide what we have: account email and subscription status. We cannot provide:

  • Connection logs (don't exist)
  • IP addresses (don't exist)
  • Browsing history (doesn't exist)
  • Any VPN usage data (doesn't exist)

We will notify affected users of any requests unless legally prohibited from doing so. Our Transparency Report details all requests received.

Data Security

Our security measures include:

  • RAM-only servers with no persistent storage
  • WireGuard protocol with state-of-the-art encryption
  • Regular third-party security audits
  • Hardware security modules for key management
  • Automatic memory purging on any anomaly detection

Your Rights (GDPR & CCPA)

You have the right to:

  • Access — request a copy of your account data
  • Rectification — correct inaccurate account information
  • Erasure — delete your account and all associated data
  • Portability — receive your data in a machine-readable format
  • Object — opt out of marketing communications

To exercise these rights, contact privacy@ramonly.io

Children's Privacy

RamOnly is not intended for users under 18 years of age. We do not knowingly collect information from children.

Changes to This Policy

We may update this policy periodically. Significant changes will be announced via email and posted on our website. Continued use of the service constitutes acceptance of any changes.

Contact Us

For privacy-related inquiries:

  • Email: privacy@ramonly.io
  • For GDPR requests: dpo@ramonly.io