Privacy Policy
Last updated: June 19, 2026
Privacy is the whole point of GhostVPS. We designed the service so we never need your identity, and we collect the minimum data required to run servers and protect the network from abuse. This page explains exactly what that means.
1. No KYC, no identity verification
We do not ask for your real name, government ID, date of birth, home address, or a bank card, and we do not run any "know your customer" (KYC) checks. You sign up with an account token; an email address or Telegram link is optional and only used if you choose to provide it.
2. What we collect
| Data | Why we have it |
|---|---|
| Account token / login session | To authenticate you and keep you signed in. |
| Account balance & billing ledger | To run prepaid, hourly billing. |
| Server metadata (plan, region, OS, status, SSH public keys) | To provision and manage your servers. |
| On-chain payment data (deposit addresses, transaction IDs, amounts) | To credit your top-ups and reconcile payments. |
| Email address (optional) | Only if you provide it โ for notifications or account recovery you opt into. |
| Telegram user ID (optional) | Only if you link Telegram โ to operate the bot and send alerts. |
| Technical logs (IP address, timestamps, request data) | Security, fraud/abuse prevention, and debugging. Kept for a limited time. |
3. What we do not collect or access
- No real-world identity documents, legal names, or KYC records.
- No payment-card or bank-account information โ payments are crypto only.
- We do not monitor or inspect the contents of your servers in the ordinary course of business. What you run and store inside your VPS is yours.
4. Payment privacy
Payments are made in Bitcoin, Monero, or USDT (TRC20). Bitcoin and USDT transactions are recorded on public blockchains and may be analyzable by third parties โ that is a property of those networks, not of GhostVPS. If you want maximum payment privacy, we support Monero (XMR), whose transactions are private by design. We store the on-chain details needed to credit and reconcile your payment, nothing more.
5. Cookies
We use a single essential, HttpOnly session cookie to keep you logged in to the panel. It is strictly functional โ we do not use advertising cookies, third-party trackers, or behavioral analytics that profile you.
6. How we use your data
We use the data above only to: provide and bill the service; deliver and manage your servers; communicate with you about your account; secure the platform and prevent abuse, fraud, and attacks; and comply with valid legal obligations. We do not sell your data or share it for advertising.
7. Who we share data with
- Upstream cloud providers. To create your server, technical details (such as region, plan, and the SSH public key) are passed to the underlying cloud provider that hosts the machine. Their handling of that data is governed by their own policies.
- Blockchain networks. Crypto payments are inherently processed on public (or, for Monero, private) ledgers.
- Legal requests. We may disclose information if compelled by a valid, lawful order โ but we can only ever produce the limited data we actually hold, which by design does not include your identity.
8. Data retention
We keep account, balance, and server data for as long as your account is active. Technical/abuse logs are retained only for a limited period needed for security and then discarded or aggregated. When a server is destroyed, its data is removed from active systems by the upstream provider; you are responsible for your own backups. If you stop using GhostVPS, you can ask us to delete the data we hold that is not required for legitimate security or legal reasons.
9. Security
We protect accounts with token-based authentication and an HttpOnly session cookie, encrypt sensitive material at rest where appropriate, and limit internal access to data. No system is perfectly secure; because we hold little identifying data, the impact of any incident on your real-world identity is minimized by design. Keep your token private โ it is the key to your account.
10. Your choices and rights
You can use the service with the minimum optional data (no email, no Telegram). You may request access to, correction of, or deletion of the limited personal data we hold, subject to data we must retain for security or legal compliance. Email support@ghostvps.shop to make a request.
11. Children
GhostVPS is not directed to children and may not be used by anyone below the age required to form a binding contract in their jurisdiction. We do not knowingly collect data from children.
12. Changes
We may update this Privacy Policy. Changes are reflected by the "Last updated" date above, and material changes will be announced in the panel or via the Telegram bot where appropriate.
13. Contact
Privacy questions: support@ghostvps.shop or our Telegram bot.