Security & Data Handling
How we protect your data and run our infrastructure
KloxVPN, operated by Secuno LLC, is committed to transparent security and responsible data handling. This page gives enterprises and users a clear overview of our practices, encryption, no-logs policy, and compliance posture.
Security & data handling overview
We run KloxVPN with security and privacy in mind: no-logs VPN infrastructure, strong encryption, and practices that line up with GDPR and what enterprises expect. This page spells out how we protect data and what you get when you use us.
Encryption & protocols
All VPN traffic is encrypted in transit. We support WireGuard, OpenVPN, IKEv2, and OpenConnect. OpenVPN uses AES-256; WireGuard uses ChaCha20. Key exchange and auth follow current best practice. Our apps use certificate pinning where it makes sense.
Infrastructure & access control
Servers run in data centers with proper physical and logical access controls. We don't store traffic or connection logs that could identify you. Who can access what is restricted, logged, and reviewed. Enterprise and white-label customers can ask about dedicated infra and custom security.
No-logs policy
We don't collect, store, or tie together data that could identify your browsing, DNS, or traffic content. We may use aggregated, non-identifying data for capacity and performance. The Privacy Policy has the full list of what we do and don't collect.
Compliance & certifications
We're SOC 2 certified and our practices support GDPR. We can provide compliance docs and audit support for enterprise and regulated customers. For things like HIPAA or data residency, get in touch with our business team.
Data handling & retention
Account and payment data are handled as set out in our Privacy Policy. We keep only what we need for the service, billing, and legal obligations. Data lives in controlled environments and is deleted when we no longer need it.
Security incidents & disclosure
We monitor and respond to security events. If a breach affects personal data, we'll notify affected users and regulators as the law requires. Enterprise customers can ask for incident notification terms in their contract.
Frequently asked questions
Is KloxVPN SOC 2 certified?
Yes. Our infrastructure is SOC 2 certified. We can provide compliance docs and audit support for enterprise and regulated customers.
Do you log user traffic or browsing?
No. We don't collect, store, or monitor browsing history, DNS queries, or traffic content. Our no-logs policy is strict.
Where is data stored?
Account and operational data live in controlled environments. We don't store VPN traffic. For data residency or geographic needs, contact our business team.
Can we get a security questionnaire or DPA?
Yes. Enterprise and B2B can request our SOC 2–style questionnaire, data processing agreement, and compliance docs. Email [email protected].