Nettica VPN Knowledge Base

Build Your Own Secure Cloud!

Have a Question?

Search or ask here!

Is Nettica truly private?

Summary

When you register on our site, purchase a product, or fill out a form, we collect information from you. This page describes what data we collect and how we might use it.

Use of Personal Data

When ordering or registering on our site, as appropriate, you may be asked to enter your name, e-mail address, phone number, or credit card information. You may, however, visit our site anonymously.
The minimum information Nettica Corporation requires is an e-mail address for registration and contact purposes. We may also ask for payment and business information for invoicing purposes.

Any of the information we collect from you may be used in one of the following ways:

  1. To improve our website
    We continually strive to improve our website offerings based on the information and feedback we receive from you.
  2. To improve customer service
    Your information helps us to more effectively respond to your customer service requests and support needs.
  3. To process transactions
    Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.
  4. To send you email
    The email address you provide for order processing will only be used to send you information and updates about your order: for example, renewal reminders. Since Nettica started in 2004, we have never sent generalized marketing or “announcement” email to our customers. It is possible we will do so in the future, but if we do, unsubscribing will be easy, will be respected, and will not require you to log into the service. We hate spam as much as you do, maybe more so.

We implement a variety of security measures to maintain the safety of your personal information when you place an order. We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.

After a transaction, your private information (credit cards, financials, etc.) will not be stored on our servers.

Cookies

We do use cookies. A cookie is a piece of data that a website can send to your browser, which may then be stored on your computer as a tag that identifies your computer.

To prevent our use of cookies, go to this website’s footer, click on the Cookies Consent link, and then click “Reject All.”

While cookies are often only used to measure website usage and effectiveness and to allow for ease of navigation or use, and as such are not associated with any personal information, they are also used at times to personalize a known visitor’s experience to a website by being associated with profile information or user preferences.

You can set your browser in most instances to notify you before you receive a cookie, giving you the chance to decide whether or not to accept it. You can also generally set your browser to turn off cookies. Since cookies allow you to take advantage of some of our website’s features, we recommend that you leave them turned on.

Collection of IP Addresses

While not directly collected, our upstream content delivery network (CloudFlare) may evaluate your IP address to determine malicious intent, protect the service, and potentially enforce policy against Embargoed Countries/Regions. This evaluation may also happen with our authentication provider partners: Okta, Apple, Microsoft, or Google. In addition to embargoed countries, additional policies may be enforced against countries/regions with laws that do not meet our standards or requirements, such as India, Argentina, or Türkiye. Examples of embargoed countries include Cuba, North Korea, and Iran.

In these situations, no personal information is available or collected.

Account Deletion

To remove credit card information or cancel a subscription purchased on this website (and not made through other means, such as in-app purchases of the Nettica VPN Agent), login to this website using the same credentials you initially signed up with, click on My Account, Subscriptions, and cancel your subscription. You can also remove any credit card information. To remove past billing information, name, and email address from this website, contact support@nettica.com. Canceling a subscription and removing credit card information do NOT delete your account, or any accounts or devices you have invited to your networks.

Deleting an account via the API deletes the account, but does not affect devices, networks, or VPNs, because we have no way of knowing the circumstances around the account deletion.

Deleting an account through the mobile apps will check to see if any networks, VPNs, or services are configured for the account, and account deletion will fail if any of these are found. If none are found, the mobile device and the account will be deleted.

So, if you really want to delete everything, you’ll need to delete all devices, networks, VPNs, and services first, and delete your account after everything else is cleaned up.

Logs and Privacy

Nettica VPN complies with the “no logs” policy standard. Our underlying technology, WireGuard, only maintains state with the WireGuard infrastructure you are using, not the websites you are visiting. Our admin website has necessary, non-customer-sensitive logging. We can use them to diagnose problems and manage the service, but they do not contain information about what sites you visited or what you did. The logs, if available, reside on your network. They are for you; you can view them at any time to see what’s in them. It would be irresponsible not to provide them to you.

We also take a pragmatic approach towards privacy. We use OAuth2 to identify you and those you invite to your networks. This is not a design flaw – you want to authenticate the people accessing your network, and we provide a simple and elegant solution. It also means that, if you choose Apple, Google, or Microsoft as your authentication provider, Nettica VPN will not have access to your users’ passwords. For additional privacy, Apple specifically also provides a feature that creates an email address specific to Nettica services. And if you’re worried about sharing your own regular email address with us, it’s easy to create a single-purpose email address.

For additional security, the network administrator can give Nettica EZ-Codes to their users, so the users can configure their devices without having to log into the service. Administrators control which devices are allowed to connect to which networks. A device configured with EZ-Code can connect to and disconnect from the VPN, and it can delete itself and/or its access to a particular VPN, but it cannot access or add itself to any other networks in the administrator’s account.

Security

Private keys can be generated on the agent and never leave the device. Nettica also uses WireGuard pre-shared keys to both double encrypt the traffic, as well as secure the public keys from anyone monitoring the traffic. OAuth2 is used to validate users based on their email addresses. In our tunnel and relay services, containers are used to isolate customers. Containers also isolate the processes and memory used from the hosting server. There is no logging inside the container.

Network Policy allows you to manage the openness of your network: make it open, or lock it down.