DE EN RU

Privacy Policy

Effective: 26.12.2025 GDPR Compliant (EU 2016/679)

We take the protection of your personal data very seriously. This Privacy Policy informs you how MoleHole (hereinafter referred to as "we", "us", or "the Provider") as a Data Controller under the General Data Protection Regulation (GDPR) processes your personal data in relation to our VPN services provided via Telegram.

1. Introduction and Scope

  • 1.1. This Privacy Policy applies to the collection, use, and processing of personal data obtained through our Telegram bot @MoleHoleBot.
  • 1.2. By using our service, you agree to the privacy of this policy.
  • 1.3. Since our company is established and operates within the European Union (Germany), data processing is strictly governed by the provisions of the GDPR.

2. Data Controller

2.1. The Data Controller responsible for processing your personal data is:

MoleHole
Location: Germany, EU
For any questions regarding data protection or to exercise your rights, please contact our authorized support representative via Telegram: @QuestionSupportMeBot.

3. Data Collection

We only collect data that is absolutely necessary for providing our VPN services (Data Minimization).

Categories of Data Collected
  • 3.1. Telegram Account Data: Unique User ID (Telegram ID), username, first and last name (if specified in profile).
  • 3.2. Technical Metadata: Connection date and time, IP address, connection country, volume of traffic transferred. Note: We do not store the content of your traffic.
  • 3.3. Subscription and Payment Data: Subscription start and end dates, selected plan, transaction information (amount, status, payment provider like Stripe or CryptoBot), account balance.

4. Purpose and Legal Basis (Art. 6 GDPR)

We process your data based on the following legal grounds:

  • 4.1. Contract Performance (Art. 6(1)(b) GDPR). To provide VPN services, activate subscriptions, and provide technical support.
  • 4.2. Legitimate Interest (Art. 6(1)(f) GDPR). For network security, fraud prevention, and the protection of the Provider's legitimate interests.
  • 4.3. Legal Obligation (Art. 6(1)(c) GDPR). To comply with trade and tax retention laws.

5. Recipients of Data

We do not sell or rent your data to third parties for marketing purposes. Disclosure occurs only in the following cases:

  • 5.1. Payment Providers. Data required for payment processing is transmitted to trusted payment processors (Stripe, CryptoBot) to the extent necessary for the transaction.
  • 5.2. Legal Requirements. We may disclose data to competent authorities if required by law or to protect our rights.

6. International Data Transfers

6.1. Since VPN services involve connecting to servers in various countries, your technical metadata may be processed outside the European Union (e.g., on servers located in other countries you select).

6.2. By selecting a server, you consent to the transfer of your data to the jurisdiction where that server is located.

7. Your Rights under GDPR

As a Data Subject, you are entitled to the following rights under Chapter III of the GDPR:

  • Right of Access (Art. 15): You can confirm whether and what data about you is stored.
  • Right to Rectification (Art. 16): You may request the correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17): You may request the deletion of your data ("Right to be forgotten") if it is no longer necessary.
  • Right to Restriction of Processing (Art. 18): You may request the restriction of data processing instead of deletion.
  • Right to Data Portability (Art. 20): You have the right to receive your data in a structured, commonly used format.
  • Right to Object (Art. 21): You have the right to object to processing based on legitimate interests.
  • Right to Lodge a Complaint: You have the right to file a complaint with a supervisory authority (e.g., BfDI in Germany).

To exercise these rights, please simply contact our support bot: @QuestionSupportMeBot. We will respond to your request within a reasonable timeframe (usually within 30 days).

8. Data Retention

  • 8.1. We retain your data only for as long as necessary for the purposes outlined in this policy.
  • 8.2. Technical logs (metadata) are kept for a maximum of 90 days for security purposes and are then automatically deleted.
  • 8.3. Billing and payment data may be retained longer to comply with legal retention obligations in Germany (typically 10 years).
  • 8.4. You may request the deletion of your data at any time via support.

9. Data Security

9.1. We take appropriate technical and organizational measures to protect your data against unauthorized access, loss, destruction, or alteration.

  • Encryption of data transmission channels.
  • Restriction of employee access to user data.
  • Regular updates of security systems.

10. Usage Restrictions

It is prohibited to use our VPN service for illegal activities.

  • 10.1. Use of P2P networks (BitTorrent) to distribute copyrighted content.
  • 10.2. Conducting DDoS attacks or cybercrime.
  • 10.3. Sending spam or phishing materials.
10.4. Violation of the privacy of use entitles us to immediate account termination without refund.

11. Protection of Minors

Our service is not intended for persons under 16 years of age. We do not knowingly collect data from children. If you become aware that data of a child under 16 has been transmitted to us without parental consent, please inform us at @QuestionSupportMeBot so that we can delete it immediately.

12. Changes to the Privacy Policy

12.1. We reserve the right to amend this Privacy Policy. We will notify users of any material changes via our Telegram bot.

12.2. Continued use of the service after a change constitutes acceptance of the new version of the Privacy Policy.