Last updated: 2026-06-20
This operational DPA describes PrismGuard processing for the landing site, account subscription backend, VPN admission, and Premium Shield.
For normal VPN service operation, PrismGuard acts as service provider/controller for account, payment, entitlement, and abuse-prevention records. For business customers, a separate signed DPA may define controller/processor roles.
PrismGuard may process:
Current architecture may use Solana RPC/Helius, Cloudflare Pages for the public site, the PrismGuard backend, and the VPN server fleet. The backend runs on dedicated infrastructure; specific sub-processor details are available on request.
Security controls include account-based access, short-lived credentials, RS256 JWKS validation for VPN admission, Premium gating for Shield endpoints, TLS, firewalling, rate limits, and operational monitoring.
Operational records are retained only as long as needed for subscription, abuse handling, security, accounting, or legal obligations. Private keys and seed phrases are never collected.