Updated Date: April 8, 2026 Effective Date: April 8, 2026 Version: V1.0
To help you quickly understand the core content of this Policy, a summary is provided as follows:
| Serial Number | Information Type | Specific Information | Purpose of Use | Applicable Scenarios |
|---|---|---|---|---|
| 1 | Account Information | Enterprise domain name, username, password | Complete account login and identity authentication | User login |
| 2 | Single Sign-On (SSO) Information | Authorization result, access token | Complete enterprise single sign-on | User selects SSO account for login |
| 3 | Device Identification Information | ANDROID_ID, identifierForVendor, device_uuid | Device identification, configuration synchronization, security verification | Domain name identification, configuration pull, update check, connection control |
| 4 | Application and Configuration Information | Platform type | Determine updates and deliver incremental configurations | Configuration synchronization, update check |
| 5 | Network and Connection Information | Interface information, local IP | Establish and maintain VPN connections, troubleshooting and security auditing | Network access, VPN connection |
| 6 | Local Storage Information | Saved domain names, usernames, encrypted passwords, routing settings, protocol consent records | Improve usage continuity, save user preferences, and remember login status | When the user actively chooses to save information |
The current version mainly involves the following permissions or system authorizations:
1.VPN Authorization: Used to establish a VPN tunnel;
2.Update Package Installation Authorization: Used for users to actively install updated versions;
3.Network Access and Network Status Reading: Used for service communication and connection status judgment.
We will not enable non-essential permissions by default, and will only request them from you when you trigger the relevant functions.
The current version does not integrate third-party SDKs (Software Development Kits) for advertising, statistics, push notifications, maps, or payments. Under the current default deployment model, authentication services, controller services, configuration synchronization services, and update services are usually built, deployed, or operated by us ourselves, which are proprietary service nodes used by us to provide this service and generally do not constitute sharing with external third parties. For details, please see the chapter "How We Share, Transfer, and Publicly Disclose Your Personal Information" in this Policy.
You have the right to inquire about, copy, correct, delete, withdraw consent to, cancel your account, etc., in accordance with the law. If you cannot achieve this through product functions, you may contact us via the contact information at the end of this Policy.
Beijing Panabit Software Co., Ltd. (hereinafter referred to as "we") provides you with services such as enterprise domain name identification, account login, configuration synchronization, VPN connection, routing settings, log viewing, and version updates through the Panabit client. This Panabit Privacy Policy (hereinafter referred to as "this Policy") is intended to inform you of how we collect, use, store, share, and protect your personal information, as well as the rights you enjoy.
Please carefully read and fully understand the content of this Policy before using this software. For clauses involving your important rights and interests, we will prompt you to pay special attention to them in bold, list, or other reasonable ways.
Your click on "Agree and Continue" or continued use of this software indicates that you have read and understood this Policy and agree to our processing of your personal information in accordance with this Policy.
Enterprise domain name
Username
Password
Authorization code, access token, or session information in the context of single sign-on
Purposes of processing:
Verify your identity
Confirm the affiliated enterprise and network access configuration
Establish login sessions and access control
To implement domain name identification, authentication configuration pull, update check, incremental configuration synchronization, and security control, we will process the following device identification information:
ANDROID_ID for Android devices
identifierForVendor for iOS devices
device_uuid generated locally by the application and persisted
Purposes of processing:
Identify terminal devices
Associate configuration versions
Support encryption/decryption and local caching of configuration files
Improve service security and stability
Local network interface name
Local IP address
Request time, request results, access logs
IP address recorded by the server
Purposes of processing:
Establish and maintain VPN tunnels
Perform local network exclusion and routing processing
Locate connection abnormalities and conduct troubleshooting
When you use the configuration synchronization or update check function, we will process the following information:
Platform type
Application version
Configuration version
Purposes of processing:
Determine whether the configuration needs to be updated
Determine whether a new version of the application exists
Return configurations and update results adapted to the current terminal
To improve user experience and implement necessary functions, we may save the following on your local device:
Enterprise domain name
Username
Encrypted passwords
Routing settings
Authentication session information
Protocol consent status
Purposes of processing:
Implement the function of remembering login information
Save configurations and user preferences
Support protocol version verification and re-consent
On the Android platform, before you click "Agree" on the pop-up window on the home page, we will only read local static resources and protocol status configurations, and will not:
Obtain device identification information;
Initiate business requests;
Automatically log in;
Display the device ID.
To implement specific functions, we may need to request or use relevant system permissions or system capabilities. The current version mainly involves the following content:
| Item | Description |
|---|---|
| Permission/Capability Name | VPN Authorization / VPN Configuration Authorization |
| Applicable Platforms | Android, iOS |
| Purpose of Use | Establish enterprise VPN tunnels to achieve secure network access |
| Trigger Time | When you actively initiate a VPN connection |
| Is it Mandatory | Yes |
| Impact of Refusal | Unable to establish a VPN connection, and the network access function after login will be unavailable |
On Android, the request is made through the system VPN authorization process;
On iOS, the request is made through the system VPN configuration authorization process;
We will not forcibly initiate VPN authorization before you actively connect.
| Item | Description |
|---|---|
| Permission/Capability Name | Install apps from unknown sources / Update package authorization |
| Applicable Platforms | Android |
| Purpose of Use | Install the new version installation package when you actively perform application updates |
| Trigger Time | When you actively click to update and confirm installation |
| Is it Mandatory | Only mandatory for the in-app update installation function |
| Impact of Refusal | Unable to complete installation through the app, but you can still manually update through other legal means |
The following permissions are mainly used to implement network connections and service operation, and usually do not require separate pop-up confirmation like VPN authorization, but will take effect in the system installation and operation mechanism.
| Permission Name | Applicable Platforms | Purpose of Use |
|---|---|---|
INTERNET | Android | Access network resources such as enterprise services, update services, and protocol links |
ACCESS_NETWORK_STATE | Android | Judge network status and handle connection logic |
CHANGE_NETWORK_STATE | Android | Cooperate with connection and network status management |
FOREGROUND_SERVICE | Android | Run as a foreground service during VPN connection |
FOREGROUND_SERVICE_SPECIAL_USE | Android | Support foreground service scenarios for special VPN purposes |
WAKE_LOCK | Android | Reduce the impact of device hibernation on connections in specific scenarios |
Up to the current version, Panabit has not applied for or actually used the following capabilities:
Camera
Microphone
Contacts
Album/Photo reading
Precise location
Short messages
Calendar
Bluetooth scanning
Complete list of installed applications
If relevant permissions or capabilities are added in future versions, we will:
Individually inform you of the purpose before the function is triggered;
Update this Policy again when necessary;
Re-obtain your consent in accordance with the requirements of laws and regulations.
Please note:
Non-essential permissions will not be enabled by default;
You may refuse or withdraw relevant authorizations;
Refusing mandatory authorizations will result in the corresponding functions being unavailable, but will not affect your ability to view the content of the Agreement.
We process and store your personal information within the territory of the People's Republic of China. The current version does not have regular business scenarios involving the transmission of personal information overseas.
We will retain your personal information for the shortest period necessary to achieve the purposes of processing. After the retention period expires, we will delete or anonymize your personal information in accordance with the law, unless otherwise stipulated by laws and regulations.
The retention period of locally cached information depends on:
Whether you actively delete or log out;
Whether the protocol version has changed;
Whether the configuration cache has expired;
Requirements of laws, regulations or supervision.
Customer-built controllers or customer-designated controller services;
Customer-designated or external identity providers;
Other external update service recipients.
| Scenario | Current Default Recipient | Whether it constitutes sharing with external third parties |
|---|---|---|
| Account Authentication | Our self-operated authentication service | No |
| Controller configuration pull / Configuration synchronization | Our self-operated controller or configuration service | No |
| Application update check and installation package distribution | Our self-operated update service | No |
| OIDC Single Sign-On | Currently usually provided by our self-operated identity service; if an external identity source is integrated, it will be disclosed separately | No by default currently |
| Component/Capability | Main Purpose | Whether it is a third-party commercial sharing party |
|---|---|---|
flutter_appauth / AppAuth | Implement OIDC (OpenID Connect) login capability | No |
device_info_plus | Obtain platform device identification-related capabilities | No |
android_id | Obtain Android ANDROID_ID | No |
shared_preferences | Local storage of configurations and consent status | No |
flutter_secure_storage | Local secure storage of tokens/sensitive information | No |
url_launcher | Open protocol and official website links | No |
Transmission encryption
Encrypted storage of sensitive information
Access permission control
Log auditing
Abnormal monitoring
Regular security checks
Inquiry and access
Replication
Correction and supplementation
Deletion
Withdrawal of consent
Account cancellation
Obtaining explanations
Complaint and report
Changes in the purpose, method, or type of personal information processing;
Changes in the objects of information sharing;
Major changes in the methods and procedures for you to exercise your rights;
Changes in the operating entity, contact information, or dispute resolution rules.
Company Name: Beijing Panabit Software Co., Ltd.
Contact Email: support@panabit.com
Contact Address: 10th Floor, Building 5, Haikai Park, Phase II of Zhongguancun Dongsheng Science Park, Haidian District, Beijing