efir369999/montana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7fb6239623
montana/Android/Play-Store-Pack/privacy-policy-en.md

130 lines
5.2 KiB
Markdown
Raw Normal View History

sync 2026-05-21T00:44:38Z
2026-05-21 03:44:38 +03:00
# Privacy Policy — Montana VPN
**Effective:** May 18, 2026
**Publisher:** Montana Network (efir369999@gmail.com)
**Application:** Montana VPN (`quest.montana.vpn`)
---
## Summary
Montana is a decentralized VPN protocol with a built-in wallet. We do **not** collect personal data, do **not** store traffic logs, and do **not** identify users. Below is a detailed breakdown of what the app does and what data is processed.
---
## 1. What data the app processes
### 1.1 Seed phrase (24 BIP39 words)
- **Storage:** only on user's device, in app `localStorage`. Never leaves the device.
- **Server transmission:** none.
- **Export option:** user can view 24 words on the "Wallet" screen to write down.
- **Deletion:** uninstall app or tap "Sign out of wallet".
### 1.2 Wallet address
- **Origin:** deterministically derived from 24 words via BIP39 + PBKDF2-HMAC-SHA512 + SHA-256.
- **Server transmission:** yes — sent in each heartbeat to credit Ɉ to the correct wallet.
- **What the server sees:** only 40-hex characters of the address. Cannot be linked to a specific person — address is randomly generated on first launch.
### 1.3 Network traffic
- **VPN traffic:** routed through cascade Helsinki → Frankfurt/NewYork/Helsinki → open internet.
- **Logging on servers:** xray and haproxy on VPN nodes operate with `access logs disabled`. Long-term connection logging is **not maintained**.
- **Content inspection:** none.
- **Third-party sharing:** none.
### 1.4 User IP
- **What we see:** on first VPN connection — user IP at haproxy level (Helsinki) for 24-hour stick-table routing.
- **Storage:** in-memory only on one node, not persisted to disk.
- **Removal:** automatically after 24 hours of inactivity.
### 1.5 Heartbeat metadata
- **Sent every 5 seconds:** wallet address (40-hex), nonce (timestamp), Ed25519 public key, signature.
- **Server-side storage:** atomic JSON file with balance, seconds online, last connection node.
- **Retention:** records with zero balance and ≥30 days inactive are automatically purged.
---
## 2. What we do NOT collect
- **Name, email, phone** — app never requests.
- **Geolocation** — no permission requested, GPS not used.
- **Contacts** — no permission requested.
- **Photos / media** — no permission requested.
- **Device identifiers** (IMEI, Android ID, Advertising ID) — not read.
- **Analytics** — Firebase, Google Analytics, Crashlytics **not integrated**.
- **Ads** — no ads shown, no ad SDKs.
- **Cookies and trackers** — absent.
---
## 3. Android permissions
| Permission | Purpose |
|------------|---------|
| `INTERNET` | connecting to VPN servers and backend |
| `ACCESS_NETWORK_STATE` | detecting active network (WiFi / mobile) |
| `CHANGE_NETWORK_STATE` | `setUnderlyingNetworks` on WiFi/mobile switching |
| `FOREGROUND_SERVICE` | keeping VPN active with screen off |
| `FOREGROUND_SERVICE_SPECIAL_USE` | Android 14+ requirement for VPN services |
| `POST_NOTIFICATIONS` | showing VPN status in notification shade |
| `WAKE_LOCK` | preventing CPU sleep while VPN is active |
| `RECEIVE_BOOT_COMPLETED` | VPN auto-start after reboot (optional) |
`BIND_VPN_SERVICE` is requested through system dialog on first VPN activation (standard Android VpnService API procedure).
---
## 4. Third-party data sharing
**None.** Montana is an open-source project. Source code: `https://hub.montana.quest/efir369999/montana`.
The only third parties in the data flow are:
- **Hosting providers of nodes:** Timeweb (Frankfurt), THE.Hosting (NewYork, Helsinki). They see only encrypted TLS Reality traffic, not content.
- **DNS resolvers:** on first connection WebView may resolve `cdn.montana.quest` via `1.1.1.1` (Cloudflare) and `8.8.8.8` (Google). These providers **do not receive** traffic content.
---
## 5. Security
- **Device encryption:** Android FBE (File-Based Encryption) automatic when device is off.
- **Network encryption:** TLS 1.3 + XTLS Reality (X25519 key exchange, ChaCha20-Poly1305 AEAD).
- **Wordlist tampering protection:** SHA-256 integrity check on bundled `bip39-en.txt` at every launch.
- **Cryptographic authentication:** every heartbeat signed by Ed25519 from a key derived from BIP39 seed.
---
## 6. User rights
Under GDPR (EU), CCPA (California), and Russian Federal Law 152-FZ:
- **Right to access:** user sees address and balance in the app at any time.
- **Right to deletion:** uninstall app = delete all local data. Server record is removed after 30 days inactivity or upon request to `efir369999@gmail.com`.
- **Right to portability:** 24 BIP39 words are portable — user can recover wallet on any device with Montana app.
- **Right to rectification:** balance is auto-synced with server, manual intervention not provided.
---
## 7. Children
App is not intended for persons under 13 (COPPA) / 14 (RF). Financial functionality (accumulating Ɉ for VPN session) is not suitable for minors.
---
## 8. Policy changes
This policy may be updated. New version is published at the same URL with effective date. Material changes are announced via in-app notification.
---
## 9. Contacts
- Email: `efir369999@gmail.com`
- GitHub Issues: `https://github.com/efir369999/Montana-App/issues`
- Telegram: `@efir369999`
All requests processed within 30 days.
Reference in New Issue Copy Permalink