Sign Up Now

Privacy Policy

Effective date: 20 May 2026 · Replaces all prior versions

1. General

1.1 This privacy policy describes how Arresti Systems Pty Ltd ABN 29 658 736 559, trading as Arresti VPN (Arresti VPN, we, us, our), handles personal information. It applies to all personal information we collect in connection with the Arresti VPN software-as-a-service platform (Platform), our website at www.arresti.com (Website), and the Arresti VPN mobile and desktop applications (Arresti VPN Applications).

1.2 The privacy of our Platform users is important to us. We operate a strict no-logs policy. This means we do not store records of your browsing activity, the sites you visit, or your connection content while using the Arresti VPN Applications.

2. Purpose and legal framework

2.1 We comply with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). "Personal information" means information or an opinion about you (whether true or not) that identifies you or from which your identity is reasonably identifiable.

2.2 The purpose of this policy is to tell you how we collect, use, hold, disclose and protect your personal information, and to help you exercise your rights under the Privacy Act.

3. Changes to this policy

3.1 We may update this policy from time to time. The updated version will be posted on the Website with the effective date shown.

3.2 We encourage you to review this policy periodically.

4. What personal information we collect

4.1 We collect only the personal information we reasonably need to provide our Platform. Consistent with our no-logs policy, we do not store records of your browsing activity or connection content while you use the Arresti VPN Applications.

4.2 The personal information we collect from you is generally limited to:

  • the email address you provide when you create an account;
  • any other information you choose to provide when contacting us (for example, when you send an enquiry, complaint, or support request);
  • limited operational data necessary to run the service, such as the date you created your account and your subscription status; and
  • information you explicitly permit us to collect (for example, when you opt in to cookies on our Website).

5. How we collect information about you

5.1 We generally collect personal information directly from you, including:

  • when you subscribe to our Platform (we collect your email address to set up and administer your account);
  • when you communicate with us by telephone, email, or via the Platform;
  • when you submit an enquiry through our Website; and
  • when you explicitly permit us to track your interactions with our Website (for example, by accepting cookies).

5.2 Payment information. We use Stripe to process all payments for the Platform. We do not collect, see or store your full payment card details. Stripe collects and processes your payment information in accordance with Stripe's own privacy policy.

5.3 App store subscriptions. If you subscribe via the Apple App Store or Google Play, Apple or Google (as applicable) handles your purchase under its own terms and privacy policy. We receive limited subscription information from those stores so that we can provide you with the Platform.

5.4 If we collect personal information about you from a third party, we will, where appropriate, request that the third party take reasonable steps to inform you that we hold your information, how we use and disclose it, and how to contact us.

6. Unsolicited information

6.1 If we receive personal information about you that we have not requested, and we determine that we could not lawfully have collected that information under the Privacy Act, we will destroy or de-identify it where it is lawful and reasonable to do so.

7. Anonymity and pseudonymity

7.1 You may deal with us anonymously or by using a pseudonym in some circumstances. We will not ask for identifying details unless we need them to assist with your enquiry or respond to your request.

7.2 To create an account on our Platform, you must provide a valid email address. Without it, we cannot set up your account, send you receipts, or process billing matters.

8. Purposes for which we handle your personal information

8.1 We process personal information only for purposes that are relevant and reasonable in the circumstances, including:

  • providing and supporting the Platform;
  • administering our dealings with you (renewals, receipts, refunds);
  • communicating with you about your account and service-related matters;
  • sending marketing communications where you have opted in;
  • improving our products and services; and
  • otherwise managing our business and complying with applicable law.

8.2 The legal basis on which we collect and use personal information includes:

  • Consent — where you have given consent to a specific use;
  • Contract — where it is necessary to perform our agreement with you (for example, the Device Terms of Use); or
  • Legal obligation — where we are required to use personal information to comply with the law.

8.3 We will not use or disclose your personal information for any other purpose unless this policy permits it, the Privacy Act permits it, or you have consented to it.

9. Who we disclose your personal information to

9.1 We do not share, sell or trade your personal information except as set out in this policy or as permitted by the Privacy Act.

9.2 We may disclose your personal information to:

  • our employees, contractors and related entities who support our operations;
  • our service providers, including providers of payment processing (Stripe), email/customer support, accounting, auditing, banking, legal, data hosting and IT services; and
  • government agencies and law enforcement where we are required by law to do so, including where we receive a valid Australian legal request.

9.3 Because we do not store records of your browsing activity, there is no browsing data we can produce in response to a legal request. We can be required to disclose the account information we do hold (such as your email address and subscription status).

10. How we protect your personal information

10.1 We hold personal information as secure electronic records, in cloud-based systems, and in some cases on third-party servers, which may be located in Australia or overseas. We use appropriate physical, procedural and technical security measures to prevent loss, misuse, unauthorised access, disclosure or modification of personal information.

10.2 We have procedures for responding to personal information breaches and will notify you and the Office of the Australian Information Commissioner (OAIC) where we are required to do so under the Notifiable Data Breaches scheme.

10.3 We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.

11. Australian metadata and lawful interception obligations

11.1 To the extent we are a "carriage service provider" within the meaning of the Telecommunications Act 1997 (Cth), we may be subject to obligations under the Telecommunications (Interception and Access) Act 1979 (Cth) and related Australian laws, including the metadata retention scheme. We comply with valid legal requests issued under those laws.

12. Direct marketing

12.1 We may use the email address you give us to send you information about our products and services that we consider may be of interest to you, where you have opted in.

12.2 You can opt out at any time by using the unsubscribe link in our marketing emails or by contacting our Privacy Officer.

13. Cookies and analytics

13.1 We use cookies and similar technologies on our Website. Cookies are small text files stored by your browser. We use them to understand how visitors use the Website so we can improve it.

13.2 Google Tag Manager and Google Analytics 4 (GA4). We use Google Tag Manager to load and manage tags on our Website, and Google Analytics 4 to measure how visitors interact with the Website (for example, pages viewed, approximate location, device and browser type, and referral source). These services are provided by Google LLC and Google Ireland Limited. Information collected by GA4 is processed by Google in the United States, Ireland and other countries where Google operates. Google's use of this information is governed by Google's privacy policy, available at policies.google.com/privacy.

13.3 We have configured GA4 to use IP-address anonymisation. We do not use Google Analytics for advertising or remarketing purposes.

13.4 You can manage cookies through your browser settings, or opt out of Google Analytics tracking site-wide by installing the Google Analytics Opt-out Browser Add-on.

14. Overseas disclosures (APP 8)

14.1 We may disclose personal information to recipients located outside Australia, including:

  • Payment processing: Stripe, which may process data in the United States, Ireland and Australia;
  • App distribution: Apple (Ireland and United States) and Google (United States and Ireland);
  • Analytics: Google (United States, Ireland and other countries where Google operates), via Google Tag Manager and Google Analytics 4;
  • Server infrastructure: data may be processed in the locations of the VPN servers you choose to connect to; and
  • Related entities and service providers: located in Australia, the United Arab Emirates and other countries where we do business.

14.2 When we disclose personal information overseas, the privacy laws in that country may differ from Australia's. We take reasonable steps to require overseas recipients to handle your information consistently with the APPs, but you may have limited rights in those jurisdictions.

15. Your rights

15.1 Subject to applicable limitations, you may have the right to:

  • request access to the personal information we hold about you;
  • request correction of inaccurate or out-of-date information;
  • request erasure of your personal information;
  • object to or request restriction of certain processing;
  • withdraw consent where consent was the legal basis for processing; and
  • request portability of personal information you provided to us.

15.2 To exercise any of these rights, contact our Privacy Officer using the details below.

16. Accessing and correcting your information

16.1 You may contact our Privacy Officer to request access to, or correction of, the personal information we hold about you. We will respond within a reasonable time. If we refuse, we will provide a written notice setting out our reasons and the relevant provisions of the Privacy Act we rely on, and we will tell you how to complain.

16.2 We may recover reasonable costs for processing access requests.

17. Information retention

17.1 We retain personal information for the period necessary to fulfil the purposes outlined in this policy and to comply with applicable legal, regulatory and record-keeping requirements.

18. Complaints and contact

18.1 If you have any questions, concerns or complaints about this policy or how we handle your personal information, please contact our Privacy Officer:

Privacy Officer
Arresti Systems Pty Ltd t/a Arresti VPN
3/100 Campbell Street, Bowen Hills QLD 4006, Australia
contact@arresti.com

18.2 We take complaints seriously and will respond within a reasonable period. You may also lodge a complaint with the Office of the Australian Information Commissioner:

Office of the Australian Information Commissioner (OAIC)
Telephone: 1300 363 992
Web: www.oaic.gov.au

This privacy policy was last updated on 20 May 2026 (AEST).