This Privacy Policy describes how Secure Route Labs ("we", "us", "our") handles information in connection with the Android application Turbo VPN — Private & Fast (the "App"). By installing or using the App you accept the practices described here.
- Use of the Android VpnService (Prominent Disclosure)
- Our No-Logs Commitment
- Information We Collect
- How We Use Information
- Third-Party Services
- Security
- Your Rights under the GDPR (EEA Users)
- California Privacy Notice (CCPA/CPRA)
- Children's Privacy
- Data & Account Deletion
- Changes to this Policy
- Contact
1. Use of the Android VpnService (Prominent Disclosure)
Why the App requests VPN permission
Turbo VPN — Private & Fast uses the Android VpnService API. This system permission is required to establish an encrypted tunnel between your device and the VPN server you select. Creating this tunnel is the App's sole and core purpose: it routes your device's internet traffic through the encrypted connection so that it cannot be read by third parties on your network.
Traffic passing through the tunnel is encrypted end to end between your device and our servers. We do not inspect, record, or store the content, destinations, or DNS lookups of the traffic inside the tunnel, and we do not use the VpnService for any purpose other than providing the VPN connection you requested.
2. Our No-Logs Commitment
We operate the VPN under a strict no-activity-logs standard. In plain terms, while you are connected we never record:
- the websites or services you visit (browsing history);
- the destination or contents of your traffic;
- your DNS requests;
- the original IP address from which you entered the tunnel, tied to your activity.
Because this information is never written down, it cannot be sold, shared, or handed over.
3. Information We Collect
3.1 Automatic device registration (guest session)
You do not need to create an account manually or hand over any personal details to use the App. However, on first launch the App automatically creates a guest session and registers your device with our management backend. This is required to deliver the server list to your device, manage and balance active connections, apply fair-use limits, and keep your settings consistent between sessions. For this automatic registration we process:
- a randomly generated device/installation identifier — not your name, email address, or phone number;
- basic device parameters (device model, Android version, app version).
This guest identifier is not linked to your real-world identity unless you later choose to sign in or contact us.
3.2 Information you give us
If you choose to contact support, or if you optionally sign in with Google, we receive:
- your email address (support contact or optional account);
- basic Google profile details (name and email) when you use Google Sign-In, solely to authenticate you.
3.3 Diagnostics and app-interface data
To keep the App stable and the servers healthy, we collect a limited amount of technical data. This concerns your interaction with the App's interface and infrastructure — never your web activity inside the tunnel. It includes:
- crash reports (via Firebase Crashlytics);
- device model and Android OS version;
- aggregate bandwidth totals (bytes transferred), used to balance server load;
- counts of successful and failed connection attempts, used to diagnose connectivity problems.
4. How We Use Information
- Operating the service — keeping VPN servers online, balanced, and fast.
- Device management — recognizing your device's guest session so we can deliver server lists, manage connections, and apply fair-use limits.
- Stability — diagnosing crashes and failed connections.
- Abuse prevention — analyzing aggregate (not per-user) patterns to protect server capacity.
- Marketing measurement — attributing app installs to our advertising campaigns through attribution partners (see Section 5), so we can measure campaign performance.
- Support — responding when you email us.
- Advertising — showing ads in the App interface so the service can stay free. Ad partners never see traffic inside your VPN tunnel.
5. Third-Party Services
We use a small number of established providers for analytics and advertising. They process data about your device and in-app interaction only; none of them can access the encrypted tunnel.
Analytics & Attribution
- Google Analytics for Firebase & Firebase Crashlytics — app usage, engagement measurement, and crash diagnostics. Neither collects your browsing activity. You can limit certain collection in your device settings. See Google's Privacy Policy.
- Adjust — mobile install attribution and analytics, used to measure which marketing campaigns lead to installs. See the Adjust Privacy Policy.
- Meta (Facebook) Analytics — analytics and advertising attribution. See the Meta Privacy Policy.
Advertising
Ads shown in the App interface are served by the partners below. They may collect device identifiers (such as your Advertising ID) to display personalized ads. You can reset or delete your Advertising ID, or opt out of personalization, under Settings > Google > Ads on your device.
- Google AdMob — Privacy Policy
- AppLovin — Privacy Policy
- Unity Ads — Privacy Policy
- ironSource — Privacy Policy
- Mintegral — Privacy Policy
- Pangle — Privacy Policy
- Vungle (Liftoff) — Privacy Policy
6. Security
All traffic between your device and our servers is protected with industry-standard, openly audited protocols — WireGuard, OpenVPN, IKEv2 and V2Ray. We apply commercially reasonable safeguards to the limited data we do hold; however, no transmission method over the internet can be guaranteed 100% secure.
7. Your Rights under the GDPR (EEA Users)
If you are located in the European Economic Area, we process your personal data only where we have a lawful basis: your consent (for example, analytics), or the necessity of performing our contract with you (providing the VPN connection).
You have the right to access, correct, update, restrict, or request erasure of your personal data, and the right to data portability and to object to processing. To exercise any of these rights, email support@secure-route-labs.com. You also have the right to lodge a complaint with your local supervisory authority.
8. California Privacy Notice (CCPA/CPRA)
We do not sell personal information in the conventional sense. However, permitting advertising partners (such as Google AdMob) to collect device identifiers for interest-based advertising may qualify as a "sale" or "sharing" under California law.
Categories collected: identifiers (Advertising ID; a randomly generated device/installation identifier used for guest device registration; IP address used transiently for connection establishment only) and internet/network activity limited to in-app interaction data — never browsing history.
Your rights: California residents may opt out of the "sale"/"sharing" of personal information by disabling personalized ads in their device settings, and may request access to or deletion of their data by emailing us.
9. Children's Privacy
The App is not directed at children under 13, and we do not knowingly collect personal information from anyone under 13. If you believe a child has provided us personal data, contact us and we will delete it promptly.
10. Data & Account Deletion
To delete any account and all associated data, email support@secure-route-labs.com from the address linked to your request. Deletion requests are completed within 30 days.
11. Changes to this Policy
We may revise this Privacy Policy from time to time. Updates take effect when posted on this page, with the effective date above adjusted accordingly. Material changes will be highlighted within the App where practical.
12. Contact
Secure Route Labs
A-102, Shubh Square, Aamba Talavadi Road, Katargam,
Surat, Gujarat 395004, India