The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Personal data can be anything that allows a living person to be directly or indirectly identified. This may be a name, an address, or even an IP address. It includes automated personal data and can also encompass pseudonymized data if a person can be identified from it.
Private Internet Access has always been privacy and security-focused which is why we do not log.
We believe that we cannot share information if we do not have the data, and as such, the personal information we hold about a customer is:
Payment Processor Transaction ID
If you signed up using a Credit Card, PayPal or Amazon your personal information (including name and address) will be held by the respective payment processor.
Please note: If you request a Personal Information Purge (under Article 17 of the GDPR) whilst having an active account, this will terminate the account and a refund cannot be given. Customer Support will not be able to provide support as they will have no information available.
Whilst a user can request a personal information purge, please be aware that Article 17 of the GDPR only applies to residents within the EU. As we believe in personal privacy, we will still remove personal information from our systems upon request even from non-EU users.