Privacy Policy

Effective date: 15 July 2026 · Last updated: 15 July 2026

This Privacy Policy explains how Quorinava Limited ("Quorinava", "we", "us", "our"), a private limited company incorporated in Hong Kong with its registered office at Unit 1603, 16th Floor, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong, collects, uses, discloses and protects personal data in connection with our website, our white-label VPN platform, and the BoltVPN product (collectively, the "Services").

1. Who this policy applies to

2. Data we collect

2.1 Data you provide

2.2 Data collected automatically

No-logs commitment for VPN traffic. We do not log, store, or share the browsing history, traffic destination, DNS queries or content of data transmitted through VPN connections operated on our infrastructure. Temporary connection data needed to operate the service (e.g. current session state) is kept in memory only and is not retained after a session ends.

3. How we use data

4. Legal bases

Where the GDPR or similar laws apply to particular users, we rely on: performance of a contract (providing the Services), legitimate interests (security, service improvement, B2B communications), consent (optional analytics and marketing), and compliance with legal obligations.

5. Sharing of data

We do not sell personal data. We share data only with:

6. International transfers

Our infrastructure spans multiple countries. Where personal data is transferred across borders, we use appropriate safeguards, such as contractual data protection clauses, consistent with the PDPO and, where applicable, GDPR transfer mechanisms.

7. Retention

We retain personal data only as long as necessary for the purposes described above: enquiry data for up to 24 months, business client account and billing records for the duration of the contract plus statutory retention periods, and end-user account data for the life of the account. VPN traffic data is not retained at all.

8. Security

We apply industry-standard measures including encryption in transit (WireGuard®, TLS), encryption at rest for account data, access controls, and regular security reviews. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9. Your rights

Subject to applicable law, you may request access to, correction or deletion of your personal data, object to or restrict certain processing, and withdraw consent at any time. End users of client-branded apps should contact the operator of their app in the first instance; we will assist our clients in fulfilling such requests. To exercise rights against Quorinava Limited, contact us at the address below. You may also lodge a complaint with the Office of the Privacy Commissioner for Personal Data, Hong Kong, or your local supervisory authority.

10. Children

The Services are not directed at children under 16, and we do not knowingly collect personal data from them.

11. Changes to this policy

We may update this policy from time to time. The current version is always available on this page with its effective date. Material changes will be notified to business clients directly.

12. Contact

Quorinava Limited
Unit 1603, 16th Floor, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong
Email: a@itzenit.com