New users get a free welcome pack with all features unlocked.

Which devices are supported?

iPhone (iOS 17+), Mac (Apple Silicon), Windows 10/11, all major Android brands, and the web.

Alipay or WeChat Pay — scan and you're done.

What if a line fails?

The app switches lines automatically. You usually don't notice. Outages extend your plan duration.

Last updated: May 25, 2026

Privacy Policy

WangYuYun treats user privacy as its highest core value. We solemnly commit to and operate under a Strict No-Log Policy: we do not record, store, or share any of your network activity data. This page details exactly what we do and do not do, and the rights you have.

1. Strict No-Log Policy

We understand that you use WangYuYun to protect your personal network security and privacy. Therefore, when you connect and use our core VPN service, we will absolutely never collect, record, store, or share any of your network activity data.

Once you connect to our servers, all your activity on the network is completely invisible and untraceable to us. Even if we are subject to external compulsory requests, we cannot provide data that does not exist.

This commitment applies to all VPN nodes, clients, and infrastructure provided by WangYuYun.

2. Data We DO NOT Collect

No traffic logs: We never log your browsing history, visited websites, downloaded files, or apps you use.

No IP address records: We never record your originating IP address, nor the IP address of the VPN server you connect to.

No DNS query records: We never log your DNS resolution requests.

No connection timestamps or bandwidth logs: We never record the exact time you connect, the time you disconnect, or the specific bytes of traffic consumed.

No communication content: We never inspect, cache, or read any payload you transmit through the VPN.

3. Data We DO Collect (Minimum Necessary)

To keep the app running, provide customer support, and handle subscription issues, we only collect the following minimum information that is completely unrelated to your network traffic:

Account information: only your registered email (or identifying fields returned by Apple / Google sign-in) and the encrypted hash of your password.

App diagnostics (fully anonymous): only when you experience a crash, we collect OS version, device model, client version, and crash stack — anonymous, with no link to your VPN activity. You may disable this in system settings at any time.

Subscription state: only your current tier, expiry, and remaining traffic quota, used to decide whether connection quotas apply.

4. Payment Data

Purchases on the web and in clients go through in-site orders or customer-service confirmation flows, with actual payment handled by third-party channels such as Alipay and WeChat Pay. We never collect, process, or store your credit-card number, payment password, or any financial data.

We retain only the order ID, plan tier, and payment time required for entitlement activation and invoicing compliance.

5. Data Sharing and Third Parties

Because we do not collect your individual network activity logs in the first place, we never sell user data. We have no traffic-monitoring data to share with advertisers, analytics companies, or any third party.

To operate basic services, we share minimum necessary information with: email delivery providers (registration codes), payment channels (order sync), app-store identity providers (Apple Sign-In, Google Sign-In), CDN, and cloud infrastructure. These providers may only handle that information as needed to serve us.

We do not share any of your information with ad networks or data brokers.

Where a law or judicial process compels us, we may disclose necessary information; but even then, we cannot provide traffic logs, IP records, or DNS queries that we do not hold.

6. Cookies and Local Storage

We use only necessary cookies and browser local storage on the website to keep you signed in and to remember language, theme, and cookie-consent preferences.

These items are stored only on your own device — our servers do not read their content.

You can clear cookies and local storage at any time in your browser settings; the cookie banner will reappear next time you visit.

We do not use any third-party tracking cookies, and we do not serve targeted ads.

7. Data Retention and Deletion

Active account information is retained for as long as you use the service.

Expired codes, invalid sessions, and temporary tokens are cleared automatically (usually within 24 hours to 30 days).

Order and invoice records are kept for 3–5 years to satisfy financial and compliance obligations.

After account closure, we delete or anonymize most account information within 30 business days; residual backups may take up to 90 days to rotate out naturally.

8. Your Rights

Access — request the personal information we hold about you via a ticket.

Correction — update your email, display name, and avatar in the account center.

Deletion — request account closure; we follow the process above to delete your data.

Portability — request a copy of portable data including account, subscription, device, and ticket history.

Withdrawal of consent — withdraw consent to optional items such as push and email notifications; withdrawal does not affect prior processing.

Exercise these rights through the in-client ticket system or the email at the bottom of this page; support responds within 7 business days.

9. Data Security

We protect account and service data with access controls, least privilege, password hashing, session invalidation, log auditing, rate limits, and end-to-end encrypted transport.

Employees access the minimum necessary data on a need-to-know basis, and every access is audited.

If a security event might affect your rights, we will inform you within 72 hours through in-app messages or push, as required by law.

No internet service can be absolutely secure. We recommend using a strong password, not reusing it across services, and reviewing your authorized devices periodically.

10. Cross-Border Data Transfers

To provide low-latency global internet access, some of our infrastructure (nodes, CDN, monitoring) is located outside mainland China.

All cross-border transfers always use TLS 1.3 end-to-end encryption and follow the same level of security controls as our domestic systems.

We do not provide your account information to foreign governments or judicial bodies unless explicitly required under the applicable laws of China.

11. Protection of Minors

The service is intended for adults aged 18 and over. We do not knowingly collect personal information from children under 14.

If you discover a minor using the service without guardian consent, please notify us via the email below or through a ticket; we will suspend the account and delete the related data immediately.

12. Policy Updates

This policy may be updated due to service adjustments, legal changes, or community feedback. We will display prominent notice of material updates on the site, by email, or in the clients.

The "Last updated" date at the top reflects the current effective version. Continuing to use the service is taken as acceptance of the updated terms.

13. Contact Us

If you have any questions about our No-Log Policy or how we handle privacy, please contact us through the following channels:

Email: [email protected]

Website: https://wangyuyun.dev

In-app: open More → Tickets and select the "Privacy & Data" category. We respond to privacy requests within 7 business days.