Privacy Policy

How we collect, use, and protect your information

Our Privacy Philosophy

Open Source Security, Inc. is built so we don't need personally identifiable information to operate. No real name required. No verified address. No card details. We use no advertising analytics, behavioral tracking, or third-party tracking services on our website. Privacy is not just a policy for us, it is the core of what we build.

OSS provides network security consultation services and operates the SafeNet VPN. This policy explains what information we have, what we don't, and how we handle it.

Information We Collect

Consultation Services

Required

  • An email address for scheduling and service communications. Aliases like Apple Hide My Email or any forwarder work fine.

Optional

  • A name if you choose to provide one. A pseudonym is fine, we don't verify.
  • Video call participation (you may keep your camera off).
  • Screen sharing (affects service customization level).

You may limit the personal information you provide. Limiting it does not limit the service.

OSS Membership

For OSS Members, your account is identified by your WireGuard public key and tunnel IP. That's how we know which peer is paid up and which network to route. We do not require, store, or verify a name attached to that account.

SafeNet VPN Service

What SafeNet knows

  • Your WireGuard public key
  • Your tunnel IP (10.x.x.x)
  • Your public IP address while connected (inherent to WireGuard, not logged)
  • Total bandwidth used (aggregate, not per-site)
  • Connection status (connected / disconnected)

What SafeNet does NOT know

  • Websites you visit
  • DNS queries
  • Content of your traffic
  • Browsing history
  • A real name attached to your peer

SafeNet performs zero logging of DNS queries and zero logging of websites visited. No payload inspection or content logging is performed. As with any internet service, temporary operational data may be processed in memory to maintain service availability. Connection metadata (tunnel IP, bandwidth totals) is retained only for billing and capacity planning.

Payment Processing

Payments are processed through Stripe. OSS does not store your credit card numbers, bank account details, or other payment credentials. Stripe handles your payment information according to their own privacy policy. We see "this peer is paid up." We never see your card or billing info.

Self-Hosted Infrastructure

The tools we use to run OSS are also operated by OSS. Our support ticketing system (OpenSupport), Knowledge Base, source code (Forgejo), and internal documentation all run on our own servers. Your support tickets and any technical context you share live on our infrastructure, not on a third-party SaaS provider's cloud.

The standalone single-peer SafeNet VPN at safenetvpn.us is operated by OSS under the same privacy approach.

Your Rights

Access and Deletion

You can request a copy of any information we hold about you, or request deletion of it, at any time. Email us at the address below.

Practical Note on Deletion

For active OSS Members, removing the email we have on file means we have no way to reach you about service issues, billing, or abuse incidents on the network. If you request full PII removal while still subscribed, we may be unable to continue providing the service. The WireGuard public key remains until you cancel, because that's how the tunnel works.

Third Parties

The only third parties that hold information related to your account are Stripe (payment processing) and Protectli (hardware purchase and warranty). Both have their own privacy policies. OSS does not sell, rent, or share any of your information with anyone else.

Questions?

For privacy-related inquiries or to exercise your data rights:

[email protected]

Last updated: April 2026