Legal

Privacy Policy

Effective Date: March 13, 2026 · Last Updated: March 13, 2026

Summary: OneOh Cloud LLC provides VPN proxy and AI access services. We collect only the information necessary to deliver our services — account credentials, payment details (via trusted third-party processors), and anonymized usage statistics. We never log your VPN traffic content or sell your data. Contact us at support@oneoh.cloud for any privacy requests.

1. Introduction

OneOh Cloud LLC ("we," "our," or "us") operates a subscription-based platform offering VPN proxy services and AI API access. We are committed to protecting your privacy and handling your personal data with the highest standards of care and transparency.

This Privacy Policy explains what information we collect when you use our website and services, how we use it, your rights, and how to contact us. It applies globally, with specific provisions for users in the European Economic Area (EEA) under the General Data Protection Regulation (GDPR) and for users in California under the California Consumer Privacy Act (CCPA / CPRA).

2. Data Controller

OneOh Cloud LLC

Email: support@oneoh.cloud
Website: https://oneoh.cloud
Address: 1021 East Lincolnway #7001, Cheyenne, WY 82001-4851, USA

As the data controller under GDPR, we determine the purposes and means of personal data processing carried out in connection with our services.

3. Information We Collect

We collect the following categories of information when you use our services:

Account Information

Email address — used for account registration, authentication, and service communications
Password — stored in a securely hashed and salted form; never stored in plaintext
Account creation timestamp — for account management and audit purposes

Payment Information

Payment transactions are processed exclusively by trusted third-party payment processors (e.g., Stripe, Alipay, WeChat Pay). We do not store full payment card numbers or sensitive financial data on our systems.
We retain a transaction record including plan type, amount, currency, and timestamp for billing and legal compliance purposes.

Service Usage Data

Connection metadata — timestamps of VPN connection events and total bandwidth consumed per billing cycle (for plan limit enforcement). We do NOT log the content of your network traffic, websites visited, or any data transmitted through the VPN tunnel.
AI service usage — the number of API requests made and token counts for billing purposes. The content of AI prompts and responses is NOT stored by us beyond the duration of the active session.
IP address — collected at connection time solely for service delivery and abuse prevention. Connection IP logs are retained for a maximum of 30 days, then automatically deleted.

Device and Technical Information

User-agent string (browser or client type and version) for compatibility purposes.
Operating system type for client-specific service configurations.

What We Do NOT Collect

The content of your internet traffic or any data transmitted through the VPN tunnel
Websites you visit, applications you use, or your browsing history
Your geographic location beyond what is implicit in your connection IP address
Biometric data or any special categories of personal information
Personal information from individuals under the age of 18

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area, our legal bases for processing personal data are:

Contract performance (Art. 6(1)(b) GDPR): Processing necessary to provide the VPN and AI services you subscribed to, including account management and billing.
Legal obligation (Art. 6(1)(c) GDPR): Retaining billing records as required by applicable tax and financial regulations.
Legitimate interests (Art. 6(1)(f) GDPR): Preventing abuse, ensuring network security, and improving service quality — provided these interests are not overridden by your fundamental rights and freedoms.

We do not process any special categories of personal data as defined under Article 9 of the GDPR.

5. How We Use the Information

To create, manage, and maintain your account
To provide and operate VPN proxy and AI access services
To process subscription payments and manage billing
To enforce usage limits and manage subscription plans
To send transactional communications (e.g., payment receipts, service notices, security alerts)
To detect and prevent fraud, abuse, and unauthorized access
To comply with applicable legal obligations
To improve service performance and reliability based on aggregated, anonymized analytics

We do not use your data for targeted advertising, sell data to third parties, or profile users for any commercial purpose unrelated to service delivery.

6. Data Sharing and Third-Party Processors

We may share your data with the following categories of third parties, solely to deliver our services:

Payment processors: To process subscription payments securely (e.g., Stripe, Alipay). These processors handle payment data under their own privacy policies and are PCI-DSS compliant.
Infrastructure providers: Cloud and server infrastructure providers who host our services, bound by data processing agreements (DPAs) limiting data use.
AI API providers: When you use our AI service, your prompts may be processed by upstream AI model providers under strict confidentiality terms.
Legal authorities: When required by applicable law, court order, or to protect the rights, property, or safety of OneOh Cloud or others.

We do not sell your personal data. We do not share your data with any third party for their own marketing or advertising purposes.

7. International Data Transfers

OneOh Cloud LLC is incorporated in the United States (Wyoming). When personal data from EEA, UK, or other jurisdictions is transferred to the United States or other countries, we ensure adequate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions issued by the European Commission where applicable
Other legally recognized transfer mechanisms under applicable data protection law

8. Data Retention

Account data: Retained for the duration of your subscription plus 90 days after account closure, or longer as required by law.
Billing records: Retained for up to 7 years as required by applicable tax and financial regulations.
Connection IP logs: Retained for a maximum of 30 days, then automatically and irreversibly deleted.
AI usage metadata (token counts, request counts): Retained for the current billing cycle plus 90 days.

9. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal data:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of any inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data ('Right to be Forgotten').

Right to Restriction

Request that we temporarily or permanently restrict how we process your data.

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing of your data based on our legitimate interests.

EEA / UK Residents

You have the right to lodge a complaint with your local data protection authority (DPA). A list of EEA DPAs is available at: edpb.europa.eu.

California Residents (CCPA / CPRA)

You have the right to know what personal information is collected, the right to delete personal information, and the right to opt out of the sale or sharing of personal information for cross-context behavioral advertising. We do not sell or share your personal information.

To exercise any of your rights, contact us at: support@oneoh.cloud. We will respond within the timeframes required by applicable law (e.g., 30 days under GDPR).

10. Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS 1.2+), hashed and salted password storage, and strict access controls. However, no method of electronic transmission or storage is completely secure. In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authorities and affected individuals as required by applicable law.

11. Cookies and Tracking

Our website uses strictly necessary session cookies for authentication and security purposes. We do not use third-party advertising cookies or tracking pixels. You may configure your browser to reject cookies; however, this may affect your ability to log in or use certain features of the service.

12. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected information from a minor, please contact us at support@oneoh.cloud and we will promptly delete it.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will indicate the "Last Updated" date at the top of this page. For material changes, we will provide additional notice via email to your registered address at least 30 days before the changes take effect. Your continued use of our services after the effective date constitutes your acknowledgment of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us:

OneOh Cloud LLC

Email: support@oneoh.cloud
Website: https://oneoh.cloud
Address: 1021 East Lincolnway #7001, Cheyenne, WY 82001-4851, USA

This Privacy Policy applies to the VPN proxy and AI access services operated by OneOh Cloud LLC. In case of any inconsistency between the English and Chinese versions, the English version shall prevail.