Privacy Policy

Effective from May 25, 2026 · Version 2.1

This Privacy Policy governs the collection, use and protection of information of the Service's users. Account identifiers, technical information and interaction history are collected. The data is used to ensure the operation of the Service, to communicate with the User and for analysis. Disclosure of information to third parties is possible only in cases established by law or with the User's consent. Data is stored for the period necessary, and its protection is provided within reasonable limits. The User is solely responsible for the risks associated with data transmission. The Administration has the right to make changes to the Policy without notice — consent is deemed accepted upon continued use of the Service.

1. General provisions

1.1. This Privacy Policy (hereinafter — the «Policy») governs the procedure for processing and protecting the information that the User provides when using the Wrab service (hereinafter — the «Service»).

1.2. By using the Service, the User confirms their consent to the terms of the Policy. If the User does not agree with the terms, they must stop using the Service.

2. Collection of information

2.1. The Service may collect the following types of data:

  • account identifiers (login, ID, nickname, etc.);
  • technical information (IP address, data about the browser, device and operating system);
  • history of interactions with the Service.

2.2. The Service does not require the User to provide passport data, documents, photographs or other personal information, except for the minimum necessary for operation.

3. Use of information

3.1. The Service may use the information received solely for:

  • ensuring the operation of the functionality;
  • communicating with the User (including for notifications and support);
  • analyzing and improving the operation of the Service.

4. Disclosure of information to third parties

4.1. The Administration does not disclose the data received to third parties, except in cases where:

  • this is required by law;
  • this is necessary to fulfill obligations to the User (for example, when working with payment systems);
  • the User has given their consent to this.

5. Storage and protection of data

5.1. Data is stored for the period necessary to achieve the purposes of processing.

5.2. The Administration takes reasonable measures to protect the data, but does not guarantee the absolute security of information when transmitted over the internet.

6. Disclaimer of liability

6.1. The User understands and agrees that the transmission of information over the internet is always associated with risks.

6.2. The Administration is not liable for the loss, theft or disclosure of data if this occurred through the fault of third parties or the User themselves.

7. Changes to the Policy

7.1. The Administration has the right to change the terms of the Policy without prior notice.

7.2. Continued use of the Service after changes have been made means the User's consent to the new version of the Policy.

8. Contact

For all questions related to the processing of personal data, please contact us on Telegram: @wrab_bot.

9. VPN service: data collected by the Wrab app

9.1. The Wrab app for iOS is a VPN client. It establishes an encrypted connection to the Service's servers using the iOS system APIs (NEVPNManager, NetworkExtension).

9.2. The Service does not collect or record:

  • the history of visited sites and DNS queries;
  • the contents of network traffic;
  • the IP addresses of the servers and services to which the User connects through the tunnel;
  • geolocation (GPS): the app does not use CoreLocation and does not request permission to access location;
  • contacts, photos, calendar, microphone, camera.

9.3. To ensure the operation of the Service and maintain the quality of the connection, the following are collected:

  • Email address — entered by the User during onboarding for authentication (login via one-time code or PIN). It is linked to the User's account.
  • APNs device token — collected only with explicit permission for notifications in the iOS system dialog. Used solely to deliver push notifications about the service status and app updates.
  • Diagnostic connection events — network type (Wi-Fi / cellular), radio technology (LTE / 5G), the name of the internet provider, country, the version of the app and iOS, the fact of connection / disconnection, transport switching. These events do not contain the contents of the traffic, the name of the visited site or a DNS query. They are stored for 6 hours on the device (ring-buffer) and for up to 30 days on the Service's servers. They are used solely to monitor the stability of the connection by operators and regions.

9.4. Disclosure to third parties. The Wrab app does NOT integrate third-party tracking, advertising, analytics or crash-reporting SDKs. All collected data is stored on the Service's own infrastructure and is not disclosed to third parties, except in cases expressly provided for in clause 4 of this Policy.

9.5. Encryption. The tunnel uses the standard iOS system cryptographic APIs (TLS, CryptoKit) and the VLESS protocol with client-side encryption. The Service technically has no ability to decrypt the contents of the User's traffic.

9.6. User control. In the app, in the «Support» → «Send logs» section, the User can view and send to the developers the collected diagnostic events for the last 6 hours before the request. No log submission is performed automatically without an explicit action by the User or background telemetry as described in clause 9.3.

Privacy Policy · Wrab