Security Assessment Overview
Data Security Compliance FAQ
OpenVPN Access Server: This program is designed to create secure tunnels (VPN) over public or private networks with the goal of securing the data transferred over the secure tunnel from eavesdropping or unauthorized modification. It is a software solution that can be self-hosted on-premise, in data centers, or in cloud environments, on physical devices or virtual machines. The choice of deployment is up to the system administrator deploying the solution.
OpenVPN Cloud: Similar the OpenVPN Access Server product except this is hosted and maintained by OpenVPN Inc. It is a cloud service also referred to as a VPNaaS - VPN as a Service. It is designed to create secure tunnels (VPN) over public or private networks with the goal of securing the data transferred over the secure tunnel from eavesdropping or unauthorized modification. It is a software solution that allows hosts and host networks to be connected to OpenVPN Cloud for the purpose of secure encrypted communication.
OpenVPN Access Server: For OpenVPN Access Server for software licensing purposes we collect the minimum required information to ensure that the software licensing can let you use the amount of connections you are licensed for. Details are listed below.
We specifically do not collect sensitive data such as private keys, certificates, usernames, passwords, log reports, etcetera, that are stored on your OpenVPN Access Server. The only exception is when you send data yourself to our support department in the event we need to examine for example log files to investigate the cause of a reported issue.
OpenVPN Access Server subscriptions: We receive the subscription ID and only the amount of connections used at this time by each server during regular reports.
OpenVPN Access Server fixed license key: These lock to (hashes of) certain hardware specifics during activation, so that the license key is valid for your device only.
OpenVPN Access Server AWS tiered instances: We receive EC2 AMI ID and ProductCode metadata to determine if this machine has a valid software license.
- If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by emailing email@example.com.
- To exercise your rights to delete your personal data under the GDPR, you can request account deactivation and deletion by contacting OpenVPN support.
- In addition, you can object to the processing of your personal data, ask us to restrict the processing of your personal data, or request portability of your personal data. Again, you can exercise these rights by emailing firstname.lastname@example.org.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing, please contact us by emailing email@example.com.
- Similarly, if we have collected and process your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal data conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.