efir369999/montana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cba0bf477f
montana/Android/Play-Store-Pack/privacy-policy-en.md
Afgroup 7766538b9b sync 2026-05-21T00:44:38Z
2026-05-21 03:44:38 +03:00

5.2 KiB
Raw Blame History

Privacy Policy — Montana VPN

Effective: May 18, 2026 Publisher: Montana Network (efir369999@gmail.com) Application: Montana VPN (quest.montana.vpn)

Summary

Montana is a decentralized VPN protocol with a built-in wallet. We do not collect personal data, do not store traffic logs, and do not identify users. Below is a detailed breakdown of what the app does and what data is processed.

1. What data the app processes

1.1 Seed phrase (24 BIP39 words)

  • Storage: only on user's device, in app localStorage. Never leaves the device.
  • Server transmission: none.
  • Export option: user can view 24 words on the "Wallet" screen to write down.
  • Deletion: uninstall app or tap "Sign out of wallet".

1.2 Wallet address

  • Origin: deterministically derived from 24 words via BIP39 + PBKDF2-HMAC-SHA512 + SHA-256.
  • Server transmission: yes — sent in each heartbeat to credit Ɉ to the correct wallet.
  • What the server sees: only 40-hex characters of the address. Cannot be linked to a specific person — address is randomly generated on first launch.

1.3 Network traffic

  • VPN traffic: routed through cascade Helsinki → Frankfurt/NewYork/Helsinki → open internet.
  • Logging on servers: xray and haproxy on VPN nodes operate with access logs disabled. Long-term connection logging is not maintained.
  • Content inspection: none.
  • Third-party sharing: none.

1.4 User IP

  • What we see: on first VPN connection — user IP at haproxy level (Helsinki) for 24-hour stick-table routing.
  • Storage: in-memory only on one node, not persisted to disk.
  • Removal: automatically after 24 hours of inactivity.

1.5 Heartbeat metadata

  • Sent every 5 seconds: wallet address (40-hex), nonce (timestamp), Ed25519 public key, signature.
  • Server-side storage: atomic JSON file with balance, seconds online, last connection node.
  • Retention: records with zero balance and ≥30 days inactive are automatically purged.

2. What we do NOT collect

  • Name, email, phone — app never requests.
  • Geolocation — no permission requested, GPS not used.
  • Contacts — no permission requested.
  • Photos / media — no permission requested.
  • Device identifiers (IMEI, Android ID, Advertising ID) — not read.
  • Analytics — Firebase, Google Analytics, Crashlytics not integrated.
  • Ads — no ads shown, no ad SDKs.
  • Cookies and trackers — absent.

3. Android permissions

Permission Purpose
INTERNET connecting to VPN servers and backend
ACCESS_NETWORK_STATE detecting active network (WiFi / mobile)
CHANGE_NETWORK_STATE setUnderlyingNetworks on WiFi/mobile switching
FOREGROUND_SERVICE keeping VPN active with screen off
FOREGROUND_SERVICE_SPECIAL_USE Android 14+ requirement for VPN services
POST_NOTIFICATIONS showing VPN status in notification shade
WAKE_LOCK preventing CPU sleep while VPN is active
RECEIVE_BOOT_COMPLETED VPN auto-start after reboot (optional)

BIND_VPN_SERVICE is requested through system dialog on first VPN activation (standard Android VpnService API procedure).

4. Third-party data sharing

None. Montana is an open-source project. Source code: https://hub.montana.quest/efir369999/montana.

The only third parties in the data flow are:

  • Hosting providers of nodes: Timeweb (Frankfurt), THE.Hosting (NewYork, Helsinki). They see only encrypted TLS Reality traffic, not content.
  • DNS resolvers: on first connection WebView may resolve cdn.montana.quest via 1.1.1.1 (Cloudflare) and 8.8.8.8 (Google). These providers do not receive traffic content.

5. Security

  • Device encryption: Android FBE (File-Based Encryption) automatic when device is off.
  • Network encryption: TLS 1.3 + XTLS Reality (X25519 key exchange, ChaCha20-Poly1305 AEAD).
  • Wordlist tampering protection: SHA-256 integrity check on bundled bip39-en.txt at every launch.
  • Cryptographic authentication: every heartbeat signed by Ed25519 from a key derived from BIP39 seed.

6. User rights

Under GDPR (EU), CCPA (California), and Russian Federal Law 152-FZ:

  • Right to access: user sees address and balance in the app at any time.
  • Right to deletion: uninstall app = delete all local data. Server record is removed after 30 days inactivity or upon request to efir369999@gmail.com.
  • Right to portability: 24 BIP39 words are portable — user can recover wallet on any device with Montana app.
  • Right to rectification: balance is auto-synced with server, manual intervention not provided.

7. Children

App is not intended for persons under 13 (COPPA) / 14 (RF). Financial functionality (accumulating Ɉ for VPN session) is not suitable for minors.

8. Policy changes

This policy may be updated. New version is published at the same URL with effective date. Material changes are announced via in-app notification.

9. Contacts

  • Email: efir369999@gmail.com
  • GitHub Issues: https://github.com/efir369999/Montana-App/issues
  • Telegram: @efir369999

All requests processed within 30 days.