Legal · Privacy

Privacy Policy — what we actually log

Most "no-logs" claims are unverifiable slogans. This page does the opposite: a specific, honest list of the little we hold and the identity data we deliberately never ask for.

Last updated: 14 July 2026

HushVPS is built around data minimisation: the strongest privacy guarantee is data that was never collected in the first place. You sign up without a name, pay in Monero, and receive a server. We keep only what is technically required to run and secure that service, and nothing that ties it back to you as a person. This policy explains, in plain terms, what that means.

What we collect

The list is intentionally short. If a field isn't below, we don't have it.

  • Email — only if you provide one. It is optional. When given, it is used solely to send server credentials and support replies. A burner or alias address is perfectly fine, and we never verify who is behind it.
  • Payment status. Whether an order's Monero invoice is pending, paid, or expired. We never take card or bank details, so there is nothing of that kind to store.
  • Minimal operational data. The technical data required to provision and secure the service — which plan you deployed, the current resource state of your VPS, and abuse-prevention signals.

What we never ask for

These are the fields a conventional host would demand at checkout. We designed the flow so they are never requested and never storable:

  • Your legal name
  • Your postal or billing address
  • Any government ID, passport, or KYC verification
  • A credit card, bank account, or PayPal identity

Because these are absent by design, there is no identity database to breach, subpoena, or leak. "You don't exist. We don't ask."

Your server is yours

In normal operation we do not inspect the contents of your VPS, mount its disks, or read the traffic passing through it. What you host, and the data living on it, are under your control and your responsibility. The one boundary is our Acceptable Use Policy: privacy is not a licence for CSAM, malware, spam, or network attacks, and those carve-outs are what let us keep everyone else's server private.

Sharing and legal requests

We do not sell, rent, or trade any data, and we do not run third-party advertising or analytics trackers on your account. We respond only to valid legal orders issued by a competent court in our hosting jurisdiction — and even then, we cannot hand over data we never collected. A request for "the account holder's name and address" returns nothing because that record does not exist. What we can and cannot produce is documented in our transparency report, and any change in our ability to make privacy assurances is signalled through the warrant canary.

Payment processor

Monero payments settle through our payment rail rather than a card network, which is what keeps checkout identity-free.

Changes to this policy

If this policy changes materially, we update the date at the top and note what changed. We will never quietly broaden what we collect. Questions about your data, or a request to delete the little we hold, can go to our contact channels.

Ready for hosting that forgets you on purpose?

No name, no card, no KYC — just a server and a Monero invoice.