valtrogen (operated by VALTROGEN, incorporated in Estonia, EU) provides encrypted network transport services for individuals, teams, and organizations. This page consolidates the key facts about our service architecture, data practices, use boundaries, and compliance posture into a single reference. It should be read together with our Terms of Service, Privacy Policy, and Acceptable Use Policy.
1. Service Classification
valtrogen provides encrypted network transport technology designed to protect the confidentiality and integrity of network communications in transit. Our infrastructure encrypts traffic between user devices and our globally distributed edge network, providing enhanced security for legitimate business and personal communications.
1.1 Primary Purpose
The service exists to serve the following authorized use cases:
- Enterprise Connectivity: Securing communications for distributed teams, remote workers, and branch offices accessing company resources over untrusted networks.
- Data Protection in Transit: Applying encryption to network traffic to reduce exposure to interception, particularly on shared or unmanaged network infrastructure.
- Access Policy Enforcement: Enabling organizations to apply consistent access controls, IP allowlisting, and egress routing policies across their workforce.
- Developer & Testing Environments: Providing isolated, secure endpoints for API testing, sandbox environments, and development workflows.
- Regulatory Alignment: Supporting organizations that need encrypted transport to meet data protection obligations (e.g., GDPR transit encryption requirements).
1.2 Legal Entity & Jurisdiction
valtrogen is operated by VALTROGEN, a private limited company registered in the Republic of Estonia, European Union. The service is subject to EU law, including the General Data Protection Regulation (GDPR), EU export control regulations, and applicable international sanctions frameworks.
2. What the Service Is Not
To avoid any mischaracterization, valtrogen explicitly states the following classification boundaries. These boundaries are legally binding and also reflected in our Terms of Service (Section 3) and Acceptable Use Policy (Section 2.1A).
2.1 Not a Consumer VPN Subscription Service
valtrogen is not marketed, operated, or positioned as a consumer VPN subscription product. While the underlying technology involves encrypted transport, the service is designed for enterprise security, team access management, and policy-based routing — not for consumer-oriented privacy marketing or location-spoofing features.
2.2 Not an Open or Public Proxy Network
The service does not operate as an open proxy, public relay, or unmanaged transit network. All access requires authenticated accounts, and all usage is subject to capacity controls, policy enforcement, and abuse monitoring.
2.3 Not an Anonymity Service
valtrogen does not promise, guarantee, or imply anonymity, untraceability, or concealment from lawful process. We collect account data, billing data, and connection metadata as described in Section 5. We respond to valid legal process as described in Section 6. Users should not rely on this service as a means of avoiding identification or legal accountability.
2.4 Not a Telecommunications Carrier
valtrogen is not a public telecommunications carrier or operator service. We do not provide public telephone numbering, voice termination, SMS, or equivalent telecom functions. The service is classified as an information society service (encrypted data transport), not a regulated electronic communications service.
2.5 Not a Tool for Illegal Activity
Encryption protects the confidentiality of legitimate communications. It does not make illegal activities legal, and it does not shield users from the legal consequences of unlawful conduct. Using valtrogen's services does not create any expectation of immunity from investigation, prosecution, or civil liability.
3. How the Service Works
The following describes the end-to-end flow when a user connects to and uses the valtrogen network. This disclosure is provided for transparency; specific implementation details may evolve as we improve our infrastructure.
3.1 Authentication & Session Establishment
- Account Authentication: The user authenticates with their valtrogen account credentials through our client software or supported protocol configurations.
- Policy Verification: The system verifies the user's subscription tier, device limits, and any team/organization-level access policies.
- Session Establishment: An encrypted transport session is established between the user's device and the nearest available edge node using modern cryptographic protocols (including TLS 1.3 and equivalent).
3.2 Encrypted Transport
- Traffic Encryption: All traffic between the user's device and our edge infrastructure is encrypted. We do not inspect, log, modify, or store the content of user traffic.
- Routing: Traffic is routed through our infrastructure according to the user's subscription configuration, including region selection, load balancing, and any applicable egress policies.
3.3 Egress & Destination Access
- Egress Processing: Traffic exits our network through shared, fixed, or dedicated egress points depending on the user's plan and configuration.
- Destination Access: The traffic reaches the intended destination server. The destination sees a valtrogen egress IP, not the user's original IP address.
3.4 Metadata Generation
- Operational Metadata: During and after the session, certain connection metadata is generated and retained for operational, abuse-prevention, and compliance purposes. See Section 5 for a full disclosure of what is and is not retained.
3.5 Abuse Detection & Response
- Monitoring: Automated systems monitor for patterns indicative of abuse (unusual bandwidth consumption, connection anomalies, known-bad destination patterns). This monitoring operates on metadata and connection patterns, not on traffic content.
- Enforcement: Confirmed abuse may result in warnings, rate limiting, suspension, or termination as described in Section 6.
4. Capability Boundaries
Each capability offered by valtrogen has a defined purpose and explicit boundaries. Capabilities must not be represented, marketed, or used beyond these boundaries.
4.1 Encrypted Transport
| Intended for | Protecting the confidentiality and integrity of network communications in transit across untrusted or shared networks. |
| Not intended for | Guaranteeing anonymity, evading lawful interception, or circumventing legitimate network access controls. |
4.2 Shared / Fixed / Dedicated Egress IPs
| Intended for | Policy-based routing, IP allowlisting for APIs and payment gateways, B2B integrations, and operational consistency. |
| Not intended for | Anonymity guarantees, location spoofing, credential stuffing, or large-scale unsolicited outbound activity. Assigned IPs may be rotated, restricted, or withdrawn for abuse mitigation or legal compliance. |
4.3 IP Access Control (Allowlisting)
| Intended for | Restricting access to allocated infrastructure by source IP, reducing exposure if credentials are compromised. |
| Not intended for | Creating closed or unaccountable networks. All IP-restricted resources remain subject to valtrogen's abuse and compliance policies. |
4.4 Team Access Management
| Intended for | Centralized member onboarding, role-based access, usage analytics, and shared capacity management for teams and organizations. |
| Not intended for | Reselling, redistributing, or providing the service to unaffiliated third parties without authorization. |
4.5 Bring Your Own Egress (BYOE)
| Intended for | Organizations that need to define custom upstream egress endpoints (HTTP/SOCKS5) for infrastructure integration, compliance, and governance over outbound paths. |
| Not intended for | Chaining through third-party infrastructure for anonymization, circumvention, or obfuscation purposes. Customers are responsible for the legality and authorization of their upstream egress endpoints. |
5. Data Handling & Logging Disclosure
This section describes data categories that the platform observes during service operation, records that are persisted or returned by the current implementation, and categories of information that the service does not collect or process.
5.1 Data Operationally Visible to the Platform
The following categories of information may be observed, derived, or enforced by the platform for authentication, routing, access control, metering, and runtime management. Not every field is present for every request, protocol, or subscription tier.
| Service identity | service_id, access UUID, protocol credential, source IP allowlist entries |
| Policy state | Rate limit, device-count limit, connection-frequency limit |
| Connection metadata | Client source IP, destination IP/port, TLS SNI, HTTP Host, QUIC server name |
| BYOE state | Proxy type, host, port, authentication username, runtime status |
| Traffic and node telemetry | Uploaded/downloaded bytes, node public IP, CPU, memory, heartbeat, online state |
Illustrative example
service_id svc_01HZX7... uuid 2c8f3d7d-...-af91 source_ip 198.51.100.24 target 203.0.113.10:443 routing_name api.example.com (TLS SNI) policy rate_limit=50 Mbps device_limit=5 byoe socks5 egress.example.net:1080 status=healthy traffic upload=1 832 041 B download=9 281 142 B node 203.0.113.55 cpu=41% mem=58% heartbeat=ok
5.2 Records Persisted by the Current Implementation
The current implementation is designed to persist the following categories of operational records for metering, administration, security response, and compliance:
| Traffic counters | Uploaded bytes and downloaded bytes per user or service. |
| Recent IP activity | Current or recently active public IP addresses associated with a user or service. |
| Node telemetry | Node public IP, CPU, memory, online connection count, and heartbeat timestamp. |
| Subscription access logs | Client IP, User-Agent, subscription format, HTTP status code, and time-bucketed access time. |
| Audit logs | Actor identity, action type, affected object, and a structured details payload for administrative traceability. |
| BYOE runtime state | Bound node, runtime status, error or notice details, and last report timestamp. |
These records exist for operational governance, security response, troubleshooting, and enterprise administration. Their presence does not imply publication to other customers or unrestricted internal access.
Illustrative examples
// Subscription access log entry
{
"client_ip": "198.51.100.24",
"user_agent": "SubscriptionClient/1.0",
"format": "standard",
"http_status": 200,
"time_bucket": "2026-04-10T14:00Z"
}// Audit log entry
{
"actor": "admin_user_42",
"action": "update_byoe_binding",
"object": "svc_01HZX7...",
"details": { "node": "edge-fra-02", "type": "socks5" },
"status": "degraded",
"reported_at": "2026-04-10T14:05:12Z"
}5.3 Information We Do Not and Cannot Process
In the ordinary operation of this service, we do not collect, inspect, store, or otherwise process the following categories of information:
- Real name, mobile number, or email address as automatically harvested transport metadata.
- Precise geolocation data derived from device-level location services.
- Device hardware fingerprints or comparable persistent hardware identifiers.
- Full operating-system fingerprints beyond what is operationally necessary for client compatibility.
- Plaintext browsing or communication content carried through the encrypted transport path.
- Complete URL-level browsing history as a platform-wide telemetry artifact.
This statement applies to information automatically observed or generated during routine service operation. Separate account registration, billing, identity verification, or support workflows may still involve user-supplied contact or compliance information where required.
5.4 Legal Disclosure Circumstances
valtrogen may disclose account data, operational metadata, and connection-related records that it actually possesses only in response to valid legal process, including:
- Court orders issued by a court of competent jurisdiction;
- Warrants meeting applicable legal standards;
- Subpoenas or equivalent compulsory process under applicable law.
Where legally permitted, we will make reasonable efforts to notify affected users before disclosure. We do not voluntarily share data with government agencies absent valid legal process.
Because the service does not retain plaintext traffic content or complete URL-level browsing histories as operational records, such data may not exist for production in response to any request.
6. Abuse Prevention & Enforcement
valtrogen operates abuse-prevention systems to maintain the integrity of its network and to comply with applicable laws. These measures are designed to detect and respond to misuse without compromising user privacy.
6.1 Detection Methods
- Pattern Analysis: Automated systems analyze connection metadata (not content) for patterns indicative of abuse, such as unusual bandwidth consumption, connection frequency anomalies, or traffic to known-bad infrastructure.
- Third-Party Reports: We investigate credible abuse reports from third parties, destination services, hosting providers, and law enforcement.
- IP Reputation Monitoring: We monitor the reputation of our egress IP ranges and take action when IPs are blocklisted due to user misuse.
6.2 Enforcement Actions
Confirmed violations may result in one or more of the following:
- Warning notification to the account holder;
- Temporary rate limiting or capacity reduction;
- Rotation, restriction, or withdrawal of assigned IP resources;
- Suspension of service access;
- Permanent termination of the account without refund;
- Reporting to law enforcement where required or appropriate.
6.3 Legal Preservation & Cooperation
We may preserve Account Data in response to legal preservation requests pending receipt of valid legal process. We cooperate with law enforcement investigations as required by applicable law, including EU mutual legal assistance frameworks. This cooperation is limited to data we actually possess as described in Section 5.
7. Geographic & Regulatory Scope
7.1 Jurisdiction
valtrogen is subject to the laws of the Republic of Estonia and the European Union. This includes GDPR, EU export control regulations, EU sanctions regulations, and any other applicable EU and Estonian laws governing encrypted communications technology and data processing.
7.2 Restricted Territories
Due to regulatory requirements, export controls, international sanctions, and local laws governing encrypted communications services, access to valtrogen from or within certain countries and territories is restricted. The current list of restricted territories is maintained in our Acceptable Use Policy (Section 4).
Using unauthorized technical means to access the service from restricted territories is prohibited and may result in immediate termination.
7.3 Export Control Compliance
As an EU-based provider of encryption technology, valtrogen complies with applicable EU dual-use export control regulations (Regulation (EU) 2021/821). Users are responsible for ensuring that their use of the service does not violate export control laws applicable to their jurisdiction.
7.4 Local Law Compliance
Users are solely responsible for determining whether using encrypted transport services is lawful in their jurisdiction and for obtaining any required governmental authorizations. valtrogen does not represent that the service is appropriate or available for use in every location.
8. Customer Responsibilities
Use of valtrogen's services comes with specific responsibilities that are binding under our Terms of Service:
8.1 Lawful Use
You must use the service only for purposes that are lawful in your jurisdiction and in compliance with all applicable laws, regulations, and our Acceptable Use Policy.
8.2 Authorized Access Only
You may use the service only to access systems, applications, domains, and digital resources that you own, control, or are explicitly authorized to access. Using the service to access systems without authorization is prohibited regardless of whether the access is technically possible.
8.3 Account & Credential Security
You are responsible for maintaining the confidentiality of your account credentials and for all activity that occurs under your account. If you suspect unauthorized access, you must notify us immediately.
8.4 BYOE Upstream Responsibility
If you configure custom upstream egress endpoints (BYOE), you are solely responsible for:
- Ensuring you have legal authority to use the upstream infrastructure;
- Ensuring the upstream endpoints comply with applicable laws;
- Any traffic that exits through your designated upstream endpoints;
- Any third-party claims arising from the use of your upstream infrastructure.
8.5 Accurate Information
You must provide accurate account information and keep it current. Providing false identity information or using the service to misrepresent your identity is a violation of our terms.
8.6 Local Regulatory Compliance
You are responsible for determining whether using encrypted transport services requires registration, licensing, or governmental approval in your jurisdiction. valtrogen is not responsible for users' failure to comply with local regulatory requirements.
10. Frequently Asked Questions
Is valtrogen a VPN?
No. While our technology involves encrypted network transport (which shares some technical characteristics with VPN technology), valtrogen is not marketed, operated, or positioned as a consumer VPN subscription service. Our service is designed for enterprise security, team access management, policy-based routing, and data protection in transit — not for consumer privacy marketing or location-masking features.
Does valtrogen guarantee anonymity?
No. We explicitly do not promise or guarantee anonymity, untraceability, or concealment from lawful process. We collect account data, billing data, and connection metadata. We respond to valid legal process. Destination services may identify users through cookies, browser fingerprinting, account logins, or other means independent of our service.
Is valtrogen a proxy service?
No. The service is not operated as an open or public proxy network. All access requires authenticated accounts. All usage is subject to capacity controls, policy enforcement, and abuse monitoring. We do not provide unmanaged public relay capacity.
Does valtrogen log user traffic?
We do not log, inspect, or store the content of user network traffic. We do collect connection metadata (timestamps, session duration, bandwidth, server region) for operational and abuse-prevention purposes, retained for up to 90 days. See Section 5 for the complete disclosure.
Will valtrogen cooperate with law enforcement?
Yes. We respond to valid legal process (court orders, warrants, subpoenas) from authorities with jurisdiction. Where legally permitted, we make reasonable efforts to notify affected users. Our cooperation is limited to data we actually possess — because we do not log traffic content, we cannot produce it.
Can I use valtrogen from any country?
No. Access from certain countries is restricted due to export controls, international sanctions, and local regulations. The current restricted territories list is published in our Acceptable Use Policy. Users are responsible for determining whether encrypted transport services are lawful in their jurisdiction.
Is the service legal?
valtrogen is a lawfully operated information society service incorporated in Estonia (EU), compliant with applicable EU regulations including GDPR and export control laws. However, the legality of using encrypted transport services varies by jurisdiction. Users are solely responsible for ensuring compliance with their local laws.
What happens if I violate the terms?
Violations may result in warnings, rate limiting, IP resource withdrawal, service suspension, permanent termination without refund, and/or reporting to law enforcement. The specific response depends on the nature and severity of the violation. See our Acceptable Use Policy for details.