Privacy Policy for VLF Proxy

1. Information We Process

VLF Proxy may process the following types of information to provide its core functionality.

Authentication Information

The extension processes authentication-related data, including:

• personal access links;
• short-lived browser session tokens;
• temporary proxy authentication credentials;
• session expiration information;
• selected server information.

This information is required to verify access, create an active browser proxy session, and authenticate the user to the selected proxy server.

IP Address and Approximate Location

When the extension communicates with the VLF backend or proxy infrastructure, the server may receive the user’s IP address. This may reveal approximate location information such as country, region, or city.

This information is used for:

• connection handling;
• proxy access validation;
• abuse prevention;
• security monitoring;
• service diagnostics.

Browsing / Connection Metadata

Because VLF Proxy provides proxy access, the proxy server may technically process connection metadata such as:

• target domain names;
• target hostnames;
• target ports;
• connection timestamps;
• proxy session identifiers.

For example, when a user connects to a website through the proxy, the proxy may see the destination host needed to establish the connection.

VLF Proxy does not decrypt HTTPS website content and does not read the contents of web pages.

2. Information We Do Not Collect

VLF Proxy does not collect, read, or store:

• webpage content;
• text, images, videos, or files from visited websites;
• passwords entered on websites;
• cookies from websites;
• personal messages;
• emails;
• payment card numbers;
• medical information;
• GPS location;
• keystrokes;
• mouse movements;
• browsing content from pages.

The extension does not inject scripts into websites for tracking or content analysis.

3. How We Use Information

We use the processed information only to provide and maintain the VLF Proxy service, including:

• validating access links;
• creating short-lived browser sessions;
• providing proxy configuration;
• authenticating proxy connections;
• maintaining connection state;
• preventing abuse and unauthorized access;
• troubleshooting technical issues;
• improving reliability and security.

We do not use this information for advertising, profiling, credit scoring, or selling user data.

4. Chrome Extension Permissions

VLF Proxy uses Chrome extension permissions only for its stated purpose.

proxy

Used to configure Chrome’s browser-level proxy settings when the user explicitly connects through the extension.

storage

Used to store local extension state, such as the active session token, selected server, routing mode, connection status, and user preferences.

alarms

Used to handle session expiration and scheduled state refreshes in the Manifest V3 service worker.

webRequest and webRequestAuthProvider

Used only to provide temporary proxy authentication credentials when Chrome requests authentication for the configured VLF proxy server.

Host Access

Host access is used for communication with the VLF backend API and for handling proxy authentication flow. The extension does not use host access to read or collect webpage content.

5. Remote Code

VLF Proxy does not use remote code.

All executable JavaScript, HTML, CSS, and extension logic are packaged inside the extension bundle. The backend only provides session validation, proxy configuration, and status data. No remote scripts are downloaded or executed by the extension.

6. Data Sharing

We do not sell user data.

We do not share user data with advertisers, data brokers, or unrelated third parties.

Data may be processed by infrastructure providers only as necessary to operate the VLF Proxy service, such as hosting servers, proxy infrastructure, and backend systems.

7. Data Retention

VLF Proxy uses short-lived browser sessions and temporary proxy credentials.

Session-related data is retained only as long as necessary to:

• maintain active access;
• validate the user’s subscription or access status;
• prevent abuse;
• troubleshoot service issues;
• comply with operational and security requirements.

Users can reset local extension access at any time using the extension’s reset/logout controls.

8. Security

We use reasonable technical and organizational measures to protect user data, including:

• short-lived session tokens;
• temporary proxy credentials;
• encrypted HTTPS communication with backend and proxy services where applicable;
• redaction of sensitive values in logs;
• limited data collection;
• access validation before proxy configuration is issued.

No system can be guaranteed to be completely secure, but we design VLF Proxy to minimize unnecessary data exposure.

9. User Control

Users can:

• connect or disconnect the browser proxy;
• reset extension access;
• remove locally stored session data;
• uninstall the extension at any time;
• contact us regarding privacy questions.

Uninstalling the extension removes local extension data stored by Chrome.

10. Children’s Privacy

VLF Proxy is not intended for children. We do not knowingly collect personal information from children.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If changes are made, the updated version will be posted at the same Privacy Policy URL with a new effective date.

12. Contact

For privacy-related questions, please contact us:

• Email: support@vlf-project.tech
• Privacy Policy URL: https://www.vlf-project.tech/vlf-proxy-privacy-policy/