RoTunneling VPN


The purpose of RoTunneling VPN service is to help users access the Internet without censorship and to ensure their safety while surfing the internet. 
 
This service is not intended for the following: 
 
- This is not a service intended for user anonymity. We do not tolerate illegal activities. 
- It is strictly forbidden to use the VPN network to send unsolicited email (spam). 
- It is strictly forbidden to use the VPN to exploit informational systems. 
- It is strictly forbidden to use the VPN for DDoS attacks. 
- It is strictly forbidden to use the VPN for fraud, illegal access to applications, databases, to access child pornography, and any actions must abide by laws of this country (Romania) and also international laws. Especially, but not only the law 161/2003 including all changes until the current date. 
 
RedShift IT SRL, as sole operator of the RoTunneling VPN service is not responsible and can not be held liable for any action of the beneficiaries of the service. The recipients are solely responsible for all their actions. 
By activating an account on this website you agree to comply with this Terms and Services and to the law, these conditions have agreement valuation (contractual validation). 

To use the service, it requires a working Internet connection and a stable connectivity RoTunneling VPN servers on at least one of the ports 53 UDP, ICMP, TCP 443.


The SMS Service attached to the VPN Service is provided free of charge to the subscribers of RoTunneling VPN but its functionality is not guaranteed. RedShift IT SRL will not be held responsible for the content of the messages, the only one morally and legally responsible for, are the users who used the service to send/receive the messages.

Beneficiaries have the obligation to correctly provide personal data required for registering an account, incorrect personal data represents forgery and use of forgery in public documents as it falls under the Romanian law.
 
Accounts that do not complain one or more of this terms and conditions can be disabled without notice. Beneficiaries accept this along with all terms and conditions and RedShift IT SRL can't be held liable for any direct or indirect damage or beneficiaries actions.
 
Clause available until May 25, 2018: Terms and conditions are subject to change without notice. Users are required to verify and be aware of their modification. 
 
The clause will take effect on May 25, 2018: The user's acceptance is necessary for the provision of services set out in the contract, the subsequent disagreement on the Terms and Conditions, the impossibility of providing the services and, consequently, the deletion of the account. Disclaimer of Service through Disagreement on the Terms and Conditions does not imply the return of the counter value.
 
GDPR - this section will take effect on May 25, 2018.
 
According to the GDPR provisions, we will further detail:
 
Information collected from users.
The purpose for which they are collected.
Other collection information by third parties
Information collected by RoTunneling and shared with third parties.
The period they are stored.
The right to be forgotten.
The locations where the collected data is stored.
Maximum response time to GDPR requests.
 
Information collected from users.
 
In order to offer our services at the highest quality, we collect the following personal data:
 
Individuals:
1. Nick / Nickname (username)
2. Name and surname
3. Phone number
4. Email
5. Address
6. CNP / National ID (for users registered before 02/12/2014)
 
Legal persons:
 
1. Nick / Nickname (username)
2. Organization name
3. Phone number
4. Email
5. Billing address
6. CIF / VAT number
7. Registration number of the Trade Register (J)
8. Information on the status of VAT payer (Y / N)
9. IBAN
10. Branch and Bank where the IBAN account was opened.
 
During the service we also collect the following data:
 
1. Linking information and traffic statistics centralization:
 
username
the server to which the user has logged in
the server port on which the connection was made
the public IP of the user on which the connection was made
the date and time at which the connection was initiated
the date and time at which the connection was stopped
how long the connection lasted
traffic in
traffic out
 
 
The purpose for which they are collected:
 
Individuals:
1. First and last name
We need this billing information in accordance with the Romania Fiscal Code (Law 227/2015, with up-to-date updates).
Upon requesting a password reset, in order to verify the authenticity of your password reset request.
To identify the user with the purpose of solving technical and commercial support requests.
 
2. Phone number
We use this information:
- registration to ensure that a user does not have more than one account to abuse the trial version (TRIAL).
- asking for a password reset to verify the authenticity of your password reset request.
- to communicate service/security and personal data issues in case it is needed, for example, if your account has been compromised or affected by a security breach.
- in order to be able to resolve certain support requests sometimes more efficiently.
 
 
3. Email
We use this information:
- registration to ensure that a user does not have more than one account to abuse the trial version (TRIAL).
- asking for a password reset to verify the authenticity of your password reset request.
- to communicate service/security and personal data issues in case it is needed, for example, if your account has been compromised or affected by a security breach.
- in order to be able to resolve certain support requests sometimes more efficiently.
 
4. Address
We need this billing information in accordance with the Romania Fiscal Code (Law 227/2015, with up-to-date updates).
Upon requesting a password reset, in order to verify the authenticity of your password reset request.
To identify the user with the purpose of solving technical and commercial support requests.
 
5. CNP / National ID (for users registered before 02/12/2014)
We need this billing information.
In order to identify the user in order to solve the technical and commercial support requests in case it is necessary to check the authenticity of the application.
Upon request, we can delete this information from the system if it has been collected and the user wants to delete it. For this please contact us for contact details.
 
 
6. Nick / Nickname (username)
We use this information to make it possible to login to your account on the site and to the VPN servers.
Upon requesting a password reset, in order to verify the authenticity of your password reset request.
We prefer to use a pseudonym instead of an email to protect and avoid the use of more than personal data is required.
 
Companies:
 
1. Nick / Nickname (username)
 
We use this information to make it possible to login to your account on the site and to the VPN servers.
We prefer to use a pseudonym instead of an email to protect and avoid the use of more than personal data is required.
 
2. Organization / Company Name
 
We need this billing information in accordance with the Fiscal Code (Law 227/2015, with up-to-date updates).
To identify the user with the purpose of solving technical and commercial support requests.
 
3. Phone number
 
We use this information:
- registration to ensure that a user does not have more than one account to abuse the trial version (TRIAL).
- asking for a password reset to verify the authenticity of your password reset request.
- to communicate service/security and personal data issues in case it is needed, for example, if your account has been compromised or affected by a security breach.
- in order to be able to resolve certain support requests sometimes more efficiently.
 
4. Email
 
We use this information:
- registration to ensure that a user does not have more than one account to abuse the trial version (TRIAL).
- asking for a password reset to verify the authenticity of your password reset request.
- to communicate service/security and personal data issues in case it is needed, for example, if your account has been compromised or affected by a security breach.
- in order to be able to resolve certain support requests sometimes more efficiently.
 
5. Billing Address
 
We need this billing information in accordance with the Romania Fiscal Code (Law 227/2015, with up-to-date updates).
Upon requesting a password reset, in order to verify the authenticity of your password reset request.
To identify the user with the purpose of solving technical and commercial support requests.
 
6. CIF / VAT number
 
We need this billing information in accordance with the Romania Fiscal Code (Law 227/2015, with up-to-date updates).
Upon requesting a password reset, in order to verify the authenticity of your password reset request.
To identify the user with the purpose of solving technical and commercial support requests.
 
7. Registration number of the Trade Register (J) (Romanian companies only)
 
We need this billing information in accordance with the Romania Fiscal Code (Law 227/2015, with up-to-date updates).
Upon requesting a password reset, in order to verify the authenticity of your password reset request.
To identify the user with the purpose of solving technical and commercial support requests.
 
8. Information on the status of VAT payer (Y / N)
 
We need this billing information in accordance with the Romania Fiscal Code (Law 227/2015, with up-to-date updates).
Upon requesting a password reset, in order to verify the authenticity of your password reset request.
To identify the user with the purpose of solving technical and commercial support requests.
 
9. IBAN
 
We need this billing information in accordance with the Romania Fiscal Code (Law 227/2015, with up-to-date updates).
Upon requesting a password reset, in order to verify the authenticity of your password reset request.
To identify the user with the purpose of solving technical and commercial support requests.
 
10. Branch and Bank where the IBAN account was opened.
 
We need this billing information in accordance with the Romania Fiscal Code (Law 227/2015, with up-to-date updates).
Upon requesting a password reset, in order to verify the authenticity of your password reset request.
To identify the user with the purpose of solving technical and commercial support requests.
 
During the service usage:
 
The data collected during the operation of the service are aimed at the proper functioning of the service:
- Identify the number of simultaneous authentications automatically to apply the limit according to the chosen package.
- Traffic statistics to identify the need for upgrades/downgrades to servers.
- Identify the region from where the connection was made to increase the number of servers and thus improve the service in those regions.
- We partially display them in the user account, for the user to be able to track the use of the service (Connected Devices) in order to easily identify possible situations in which the user account has been compromised.
 
These data are automatically deleted 6 months after collection.
 
Other collection information by third parties:
 
Google Analytics - on the web application, in order to ensure the good functioning of the site and increase the traffic capacity when needed. Identify the main sources of traffic and the general interest of users in order to be able to mark the service in an appropriate way. - GDPR compliant
 
Google Adwords - Identify traffic revenue from paid advertisements to determine conversion rate and optimize creatives. - GDPR compliant
 
Facebook Ads - Identify traffic revenue from paid advertisements to set conversion rate and optimize ads. - GDPR compliant
 
CloudFlare - identifies the traffic and type of HTTP requests made to the web server to improve the automated and semi-automated security systems provided by Cloudflare. - GDPR compliant
 
Doorbell - email and other information the user chose to include in their feedback. - GDPR compliant
 
Information Collected by RoTunneling and Shared with Third Parties:
 
SC ACCOUNT EXPERT HOUSE SRL - Tax invoices for the purpose of accounting.
Tax invoices contain the personal data mentioned above for billing purposes.
Data retention is in line with the Romania Fiscal Code (Law 227/2015, with up-to-date updates) and with the Romanian State Law on the Retaining of Legal Entities in Romania.
Details:
Retention of tax invoices, in accordance with the provisions of the Order of the Ministry of Public Finance (MFP) no. 2634/2015, in force from 1 January 2016, must be retained for 10 years starting from the date of the financial year in which they were drawn up.
In addition, in case of ceasing the activity of a company, the financial-accounting acts shall be kept in accordance with the provisions of the Companies Law no. 31/1990 or can be taught in state archives.
Romania, Bucharest - GDPR compliant.
 
NETOPIA SRL - Interaction information, as defined above.
Netopia SRL is our payment processor, so it is necessary to share this information with Netopia SRL in order to make the payments.
Romania, Bucharest - GDPR compliant.
 
SendinBlue - Sending newsletters, transactional emails, marketing automation.
We share with them the email/phone number, the name, and surname of the users who have given their explicit consent and can withdraw it at any time to be contacted by email/phone for marketing purposes. And transactional emails eg at registration.
France, Paris - GDPR compliant.
 
SendGrid - Sending newsletters, transactional emails, marketing automation.
We share with them the email/phone number, the name, and surname of the users who have given their explicit consent and can withdraw it at any time to be contacted by email/phone for marketing purposes. And transactional emails eg at registration.
Denver, Colorado, United States - GDPR compliant.
 
The period they are stored:
 
Pre-login information is stored for 6 months and billing is stored for a period of 10 years.
Information collected by third parties that allow us to set up the retention period (eg google analytics) is stored for a period of 14 months.
Application-generated information for good functioning: sending and receiving SMS alerts or sending and receiving activation SMS will be automatically deleted after 6 months.
 
The right to be forgotten.
 
You may exercise the right to be forgotten by contacting us at the email address for support.
And we will delete all personal data in your account, including this, except for your tax invoices, which according to the Order of the Ministry of Public Finance (MFP) no. 2634/2015, in force from 1 January 2016, must be retained for 10 years starting from the date of the financial year in which they were drawn up.
In addition, in case of ceasing the activity of a company, the financial-accounting acts shall be kept in accordance with the provisions of the Companies Law no. 31/1990 or can be taught in state archives.
 
In case of using the right to be forgotten, and request deletion of all data about the account (except invoices) you understand that you can't use the service anymore and already paid Plan time if any remaining will be deleted. You understand and accept that and give up at any RoTunneling VPN obligation to you including VPN services, without any refund.
 
Locations where the collected data is stored:
 
AWS - eu-west-1 region - Ireland.
Amazon Web Services, Inc. - GDPR compliant.
 
Headquarter RedShift IT SRL (RoTunneling VPN) - Bucharest, Romania. - GDPR compliant.
S.C. ACCOUNT EXPERT HOUSE SRL - Bucharest, Romania. - GDPR compliant.
 
Maximum response time to GDPR requests:
 
Maximum 30 days.
 
In case of inconsistency between the version of this document in Romanian and English, the Romanian version will take precedence over the English version.
 
Last update 20.05.2018.


 



Tags: rotunneling vpn, terms and conditions, vpn