Public alpha

Iceslab v0.1.8 - open-source operator panel under AGPL-3.0. First publish 2026-05-19, latest v0.1.8 on 2026-06-20.

Open Iceslab

icecompany.tech/privacy

/ Legal|Document 01 · privacy|v1 · 14 May 2026

Privacy

We collect the minimum needed to run a security and networking studio - and we publish the list. This page is the list, not a legal disclaimer. The formal policy lives at the bottom; everything above it is what it means in plain English.

If something here disagrees with the formal policy, the formal policy wins for legal purposes - but tell us, because we want plain English to match the contract.

TL;DR

Three sentences,
then the details

Updated 14 May 2026
Previous: n/a - first version

One

We don't sell your data. To anyone.

There is no ad business, no analytics broker, no data partner - no commercial reason to leak.

Two

We don't log VPN traffic.

Icepath nodes don't record destination, DNS query, or source IP. We can't hand over what we don't have.

Three

We publish what we do collect.

Per-product breakdown lives below. If it grows, this page updates - before the build ships.

By product

Different products,
different shapes of data.

Each product touches different parts of your machine. We list what each one reads - and what it never does.

Icepath

Telegram Mini App + VPN nodes

Consumer VPN. Subscription via Telegram, traffic through our nodes.

We don't log

  • Destination of your traffic (URLs, IPs you visit)
  • DNS queries - resolved server-side, not stored
  • Source IP before the tunnel
  • Telegram email, name, or phone (Telegram doesn't share)

We do keep (honest)

  • Telegram user ID (so we know whose subscription is whose)
  • Bytes per day, per user - for fair-use, no per-session record
  • Last region you connected to - to show the right server first
  • Aggregate node metrics - CPU, network, error rate

Iceslab

Self-hosted operator panel

Runs on the operator's own infrastructure. We have no access to operator data by default.

We don't receive

  • Anything from your Iceslab install - it doesn't phone home
  • Your end-users, their keys, their traffic
  • Your operator API tokens or admin credentials
  • Anything from machines we don't operate

What is requested

  • License check ping on start - license ID + version, nothing else
  • Optional anonymized crash reports - opt-in only, opt-out per install
  • Update channel check - package version, OS arch, that's it
  • Migration-service interactions, when you opt in to assisted migration

Icecore

R&D - no shipped builds yet

Icecore is a proxy protocol engine, not a data-collection product. When there are builds to describe, this section will have specific details.

We do not collect

  • Traffic content - Icecore is a protocol engine, not a traffic inspector
  • User identities - no auth layer in the engine itself
  • Anything when no connections are active
  • Data outside the connection lifecycle

What a proxy engine touches (when running)

  • Connection metadata for routing (destination host, port)
  • Performance metrics - throughput, latency, error rates
  • Protocol selection events (which protocol handled which connection)
  • Crash reports if opted-in by the operator

This site

icecompany.tech itself

Static pages. No login. No newsletter. Analytics - server-side only, IP-truncated.

We don't run

  • Google Analytics, Facebook Pixel, or any third-party tracker
  • Cookies - not for sessions, not for tracking, not at all
  • A live-chat widget that loads someone else's JS
  • Fingerprinting scripts of any kind

What the server logs

  • Request path + status code - for debugging
  • Truncated IP (/24) + country - for traffic shape, not identity
  • Referer (if any) - to know which roads bring people here
  • User-agent - bucketed into desktop/mobile + browser family
Retention

How long things
stick around

If we don't list it, we don't keep it. If we delete it, we delete it everywhere - backups roll off on the same schedule.

Server-access logs14 days, then deletedRolling window
Icepath fair-use counters30 days, then aggregatedPer-user → monthly total
Iceslab crash reports90 daysOpt-in only
Icecore connection metricsRetained per operator configAggregated - no per-connection record
Email correspondenceAs long as the thread is activeClosed threads archived 1 yr
Subprocessors

The full list of who
also touches the data

Short list. If it grows, this page updates before they're added.

Cloud hostingInfrastructure

Hosting for Icepath nodes and our control plane.

Europe
Site hostingStatic hosting

Serves icecompany.tech (this site). Self-hosted on a single VPS, server-side logs only - no analytics SDK.

Europe
TelegramMini App platform

Delivery of the Icepath bot. Telegram's own privacy terms apply to the app shell.

Global
Email providerEmail

Handles inbound mail to @icecompany.tech. Encrypted at rest, no third-party scanning.

Europe
Your rights

Ask for it
We honour it

No forms. No portals. Write to privacy@icecompany.tech from any address - we'll verify ownership of the account or product before acting.

  1. 01

    Export everything we have on you

    A signed JSON file with every row keyed to your identifier. Usually within 72 hours.

  2. 02

    Delete everything we have on you

    Hard delete in primary storage; backup rollover within 30 days. We write back when it's done.

  3. 03

    Correct a wrong record

    Tell us what's wrong. We change it, log the change, and confirm.

  4. 04

    Object to specific processing

    If something we do feels wrong to you, push back. We respond with reasoning or we stop.

Questions on this page

Read it, tell us where
it's wrong

A person reads every message. If a phrasing here is unclear, ambiguous, or doesn't match what the product actually does - that's our bug, not yours. We rewrite the page.

Privacy / data requests

privacy@icecompany.tech

Security disclosures

security@icecompany.tech