Last updated: February 2026
SecureHome Ltd ("SecureHome", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We are a company registered in England and Wales. We are registered with the Information Commissioner's Office (ICO) as a data controller. This policy applies to all personal data collected through our website, products, services, and communications.
By using our products and services, you acknowledge that you have read and understood this Privacy Policy. If you have any questions, please contact us at hello@securehome.co.uk.
The data controller responsible for your personal data is:
We collect and process only the personal data that is necessary to provide our products and services. The data we collect falls into the following categories:
SecureHome operates a strict no-logs policy with respect to your internet activity. We do not collect, store, monitor, or log any of the following:
This no-logs policy is fundamental to our service. Our VPN infrastructure is built on the WireGuard protocol, which is designed with minimal state and does not log traffic by design. WireGuard maintains only the data necessary for active cryptographic sessions and discards connection information when a session ends.
We process your personal data on the following legal bases under UK GDPR:
| Purpose | Legal Basis |
|---|---|
| Providing our products and services (account creation, installation, VPN service) | Performance of a contract (Article 6(1)(b)) |
| Processing payments and billing | Performance of a contract (Article 6(1)(b)) |
| Sending service notifications and security reports | Performance of a contract (Article 6(1)(b)) |
| Maintaining service quality and diagnosing faults | Legitimate interests (Article 6(1)(f)) |
| Complying with legal obligations (e.g. tax records) | Legal obligation (Article 6(1)(c)) |
| Responding to support requests | Legitimate interests (Article 6(1)(f)) |
SecureHome does not sell, rent, trade, or otherwise share your personal data with third parties for their marketing or commercial purposes. This is a firm commitment and a core principle of our business.
We work with a limited number of trusted third-party service providers ("data processors") who process personal data on our behalf and under our instruction. These include:
All data processors are bound by data processing agreements that require them to process your data only on our instructions, maintain appropriate security measures, and comply with applicable data protection law.
We may disclose personal data if required to do so by law, regulation, or valid legal process (such as a court order). However, given our no-logs policy, we do not hold browsing history, DNS queries, traffic content, or destination IP addresses, and therefore cannot provide such data even if requested. We will notify you of any legal request for your data unless prohibited from doing so by law.
We retain your personal data for the duration of your active account and subscription with SecureHome. This includes your contact information, billing records, and service data as described in Section 3.
When you cancel your subscription, we will delete or anonymise your personal data within 30 days of your cancellation date, except where we are required to retain certain records for legal or regulatory purposes (such as financial records required for tax compliance, which are retained for up to 7 years as required by HMRC).
Connection timestamps and bandwidth usage data are retained for the current billing period plus one additional billing cycle (for dispute resolution), after which they are permanently deleted. Device count data is transient and not stored beyond real-time monitoring.
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:
While we take all reasonable precautions, no method of transmission or storage is completely secure. If you become aware of any security breach affecting your account, please contact us immediately at hello@securehome.co.uk.
Under the UK General Data Protection Regulation (Articles 15–21) and the Data Protection Act 2018, you have the following rights with respect to your personal data:
You have the right to request a copy of the personal data we hold about you. We will respond to your request within one month and provide the data in a commonly used, machine-readable format.
You have the right to request that we correct any inaccurate or incomplete personal data we hold about you. You can update your contact and billing information at any time by emailing us.
You have the right to request that we delete your personal data where it is no longer necessary for the purposes for which it was collected, where you withdraw consent, or where there is no overriding legitimate reason for us to continue processing it. Please note that we may need to retain certain data for legal compliance purposes.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller without hindrance from us.
You have the right to object to our processing of your personal data where we rely on legitimate interests as the legal basis for processing. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
You have the right to request that we restrict the processing of your personal data in certain circumstances, for example while we verify the accuracy of data you have contested.
To exercise any of these rights, please contact us at hello@securehome.co.uk. We will respond to your request within one month. In exceptional circumstances, where requests are particularly complex or numerous, we may extend this period by a further two months, but we will notify you of any extension and the reasons for it within the initial one-month period.
If you are not satisfied with how we handle your personal data or respond to your requests, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
We would, however, appreciate the opportunity to address your concerns before you approach the ICO. Please contact us first so we can try to resolve any issues.
Our website uses only minimal, strictly necessary cookies. These are limited to:
We do not use:
Because we only use strictly necessary cookies, we are not required to obtain your consent for their use under the Privacy and Electronic Communications Regulations 2003 (PECR). However, we believe in full transparency and have documented our cookie usage here for your information.
Your personal data is primarily processed and stored within the United Kingdom. Where data is transferred outside the UK (for example, if a data processor operates servers in another jurisdiction), we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the ICO, or transfers to countries recognised as providing an adequate level of data protection.
Our products and services are intended for purchase by adults aged 18 and over. We do not knowingly collect personal data from children under the age of 18. If you believe that we have inadvertently collected personal data from a child, please contact us immediately and we will take steps to delete that data.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will notify you by email at least 30 days before the changes take effect. The "Last updated" date at the top of this policy will be revised accordingly.
We encourage you to review this Privacy Policy periodically. Your continued use of our products and services after any changes constitutes your acceptance of the revised policy. If you do not agree with the changes, you may cancel your subscription in accordance with our Terms and Conditions.
This Privacy Policy is governed by and construed in accordance with the laws of England and Wales. Any disputes arising in connection with this policy shall be subject to the exclusive jurisdiction of the courts of England and Wales.
If you have any questions about this Privacy Policy, your personal data, or wish to exercise any of your rights, please contact us:
We aim to respond to all enquiries within 48 hours.