Shipping

Iceslab v1.0 panel - multi-core VPN infrastructure for operators.

Open Iceslab

icecompany.tech/privacy

/ Legal|Document 01 · privacy|v1 · 14 May 2026

Privacy

We collect the minimum needed to run a security and networking studio — and we publish the list. This page is the list, not a legal disclaimer. The formal policy lives at the bottom; everything above it is what it means in plain English.

If something here disagrees with the formal policy, the formal policy wins for legal purposes — but tell us, because we want plain English to match the contract.

TL;DR

Three sentences,
then the details

Updated 14 May 2026
Previous: n/a — first version

One

We don't sell your data. To anyone.

There is no ad business, no analytics broker, no data partner — no commercial reason to leak.

Two

We don't log VPN traffic.

Icepath nodes don't record destination, DNS query, or source IP. We can't hand over what we don't have.

Three

We publish what we do collect.

Per-product breakdown lives below. If it grows, this page updates — before the build ships.

By product

Different products,
different shapes of data.

Each product touches different parts of your machine. We list what each one reads — and what it never does.

Icepath

Telegram Mini App + VPN nodes

Consumer VPN. Subscription via Telegram, traffic through our nodes.

We don't log

  • Destination of your traffic (URLs, IPs you visit)
  • DNS queries — resolved server-side, not stored
  • Source IP before the tunnel
  • Telegram email, name, or phone (Telegram doesn't share)

We do keep (honest)

  • Telegram user ID (so we know whose subscription is whose)
  • Bytes per day, per user — for fair-use, no per-session record
  • Last region you connected to — to show the right server first
  • Aggregate node metrics — CPU, network, error rate

Iceslab

Self-hosted operator panel

Runs on the operator's own infrastructure. We have no access to operator data by default.

We don't receive

  • Anything from your Iceslab install — it doesn't phone home
  • Your end-users, their keys, their traffic
  • Your operator API tokens or admin credentials
  • Anything from machines we don't operate

What is requested

  • License check ping on start — license ID + version, nothing else
  • Optional anonymized crash reports — opt-in only, opt-out per install
  • Update channel check — package version, OS arch, that's it
  • Migration-service interactions, when you opt in to assisted migration

Icecore

In development — alpha Q4 2026

Below is the stance, not the shipped reality. When alpha ships, this list locks before any ban can fire.

We will not collect

  • Keystrokes outside the game window
  • File contents, browser history, mic, camera
  • Anything when the game isn't running
  • Hardware fingerprint that survives reinstall

What we will read (only while the game runs)

  • Loaded modules in the game process
  • Game-related syscall patterns + memory integrity
  • Input cadence statistics — not literal keystrokes
  • Per-session HWID hash — rotates, doesn't survive uninstall

This site

icecompany.tech itself

Static pages. No login. No newsletter. Analytics — server-side only, IP-truncated.

We don't run

  • Google Analytics, Facebook Pixel, or any third-party tracker
  • Cookies — not for sessions, not for tracking, not at all
  • A live-chat widget that loads someone else's JS
  • Fingerprinting scripts of any kind

What the server logs

  • Request path + status code — for debugging
  • Truncated IP (/24) + country — for traffic shape, not identity
  • Referer (if any) — to know which roads bring people here
  • User-agent — bucketed into desktop/mobile + browser family
Retention

How long things
stick around

If we don't list it, we don't keep it. If we delete it, we delete it everywhere — backups roll off on the same schedule.

Server-access logs14 days, then deletedRolling window
Icepath fair-use counters30 days, then aggregatedPer-user → monthly total
Iceslab crash reports90 daysOpt-in only
Icecompany match telemetryPer studio's contractHeld by studio, not us
Email correspondenceAs long as the thread is activeClosed threads archived 1 yr
Subprocessors

The full list of who
also touches the data

Short list. If it grows, this page updates before they're added.

HetznerInfrastructure

Bare-metal + cloud hosting for Icepath nodes and our control plane.

DE · FI
AezaStatic hosting

Serves icecompany.tech (this site). Self-hosted on a single VPS, server-side logs only — no analytics SDK.

DE
TelegramMini App platform

Delivery of the Icepath bot. Telegram's own privacy terms apply to the app shell.

Global
MigaduEmail

Handles inbound mail to @icecompany.tech. Encrypted at rest, no third-party scanning.

CH
Your rights

Ask for it
We honour it

No forms. No portals. Write to privacy@icecompany.tech from any address — we'll verify ownership of the account or product before acting.

  1. 01

    Export everything we have on you

    A signed JSON file with every row keyed to your identifier. Usually within 72 hours.

  2. 02

    Delete everything we have on you

    Hard delete in primary storage; backup rollover within 30 days. We write back when it's done.

  3. 03

    Correct a wrong record

    Tell us what's wrong. We change it, log the change, and confirm.

  4. 04

    Object to specific processing

    If something we do feels wrong to you, push back. We respond with reasoning or we stop.

Questions on this page

Read it, tell us where
it's wrong

A person reads every message. If a phrasing here is unclear, ambiguous, or doesn't match what the product actually does — that's our bug, not yours. We rewrite the page.

Privacy / data requests

privacy@icecompany.tech

Security disclosures

security@icecompany.tech