Exposed – Many VPN Providers Log Your Data

With 300+ VPN providers, it’s tough to know which ones should be trusted. Likewise, you also believe that if you’re using any VPN, it should offer you complete privacy, anonymity, and security.

All the VPN providers claim “Anonymity & Privacy” for their services. So, it’s right to ask a question like whether the VPN providers are true with their claims or not, as many of their claims about privacy, anonymity are oftentimes disingenuous. Technically it’s not always true that a VPN provides pure Anonymity and Privacy. They may say “100% No Logs”, but it’s more of a marketing term to attract clients.

vpn logging policies
For instance, whenever a user contacts the support team for their queries or issues to be resolved, VPN providers do try to know what’s creating the issue to resolve them and for that, they do ask at least some details, of which certain logs are kept for a limited time. But it doesn’t mean that its necessarily a bad thing as long as actual addresses or phone numbers are not logged.

However, if any provider keeps an extensive number of logs or the provider comes under 5, 9 & 14 eyes jurisdictions due to which they have to disclose transparency reports, then it’s better to avoid those VPN providers.

Also, different VPN providers do different types of logging activities. So, before getting into which VPN providers are safe and which are not, let’s first cover the different types of VPN logs that VPN providers keep, as there’s a handful of VPN providers who have been put to the test and verified their Zero Log Policy claims. And, until an incident occurs such as a subpoena from the Government, no one can tell whether a VPN provider is entirely safe or not. It doesn’t mean that a VPN should not be used and some are even transparent about their logging activity, but you must be aware whether it’s a reliable product.

Generally, there are two different types of VPN logs, namely, Usage/Activity Logs which invades privacy and then Connection Logs which are quite harmless and are often deleted after one or two weeks.

Activity/Usage Logs – What Is It & How It Can Prove Harmful?

As the name implies, VPN providers collect all the data such as the online activity of their VPN users, which is mostly a compilation of several things such as collection of metadata, like your actual IP addresses, traffic logs such as browsing history, files and messages sent or downloaded, connection times, which software is used and more.

Depending upon the VPN providers activity/usage logs vary, but the majority of Free VPNs keep track of these. Because, Free VPN services need to pay for expansion of their servers, updates of the software, website expenses, technical support, data centers and much more which are not free So, they likely sell the users information to third-party services.

Connection Logs – Collects Information but Less Harmful

Unlike an Activity Log it will not end up destroying your online anonymity, and connection logs are even less harmful compared to it. Though, the recording of this type of information is mostly justified by the VPN providers for valid reasons. And, they even provide clarification about when all the collected information during VPN logs will be deleted.

Usually, these connection logs collect IP addresses, connection date, time, and location. However, VPN providers do not reveal your identity, location, connection time, and date directly. Some VPNs who collect connection logs, despite claiming to support Zero Log policy are TunnelBar, Betternet, Proton VPN, and PureVPN. Though the good part is that, it’s temporary like for one to two weeks, and like HideMyAss some goes up to 6 months, but after that it’s deleted. So, as per the perspective of privacy, to some extent it’s intrusive.

Warrant Canaries – Way to Inform their Users About Secret Warrant

ISPs and VPN services are liable to receive “secret warrants” in the form of national security letters or government subpoenas, mostly which are in a gag order from the countries especially when it comes under 5/9/14 Jurisdictions. Due to these secret warrants, law enforcement agencies are allowed to demand any information of the ISP’s or VPN’s users for investigation without informing the target user or anyone else.

Here, Warrant Canaries come in, and it’s not related to logging any information regarding connection or activity. But they are the landing pages which are advertised by the VPN providers to maintain their privacy. It’s a published statement on a specific page which confirms that service has never received any secret warrant till date. However, if the page stops publishing a regular statement, it means the canary statement is removed, which means the subpoena is issued towards that VPN provider while prohibiting them from reporting it.

Though, the use of this “Warranty Canary” does have particular queries. For example, why a “Warranty Canary” is needed if a VPN provider claims to have a no logs policy. And, they are updated once a month which makes them a bit useless. However, it was essential for making the readers aware, so a little insight has been given in this post.

Why VPN Providers Log Data Despite No-Log Privacy Policy Claims?

If you have this question why VPN providers log users’ data, then you’re not alone, as many of the users have the same question. A VPN provider is probably logging user information due to the following reasons:

Helps in Troubleshooting

Troubleshooting is one of the common reasons for data logging. For example, while using a VPN, you may encounter connectivity issues, WebRTC leaks, or other related issues. If there’s a log of your data, it can prove beneficial in optimizing the VPN network as well as to solve the problems. Also, majority of the VPN troubleshooting, or maintenance does require little connection logs.

Limited Concurrent Connections

VPN providers enforce a limited number of concurrent connections. Mostly all VPN providers allow 5, 6, 10 and even unlimited parallel logins, which may require some logging to know how many devices relate with one single account. Hence, it’s recommended to ask your VPN provider, how they track the restrictions on connections while claiming zero logs at the same time.

Bandwidth Control

If any VPN services limit the bandwidth, it means they might be tracking activity or usage of the VPN. So, if you find any VPN provider, even the paid ones that impose bandwidth restriction, then it is suggested to avoid them.

Using VPS (Rented Servers)

Many providers dupe users by using VPS (Virtual Private Servers). In other words, these VPS are not actual but a rented virtual server, which is way cheaper compared to those real metal servers. Also, these VPS do not offer the level of privacy given by actual servers. And, they often maintain the server activity logs, which means they will record your VPN information and may also gather your private data.

Granting Requests of Government Laws or Intelligence Agencies

Notably, countries which come under the strict laws of Five, Nine, and Fourteen Eyes, demand the companies to log and handover the private information of users whenever it’s asked. However, different countries have their surveillance and data retention laws. For example, the Investigatory Powers bill of the UK makes it compulsory to store and maintain users’ log for about a year, which can hamper the privacy.

Moreover, the Government intelligence security organizations such as the GCHQ (Government Communications Headquarters) and the NSA (National Security Agency) spy on the UK and the USA based tech companies, as a part of surveillance program PRISM since 2010, which issues a “gag order” for demanding logging files of any tech company without disclosing it to the target user. And if the issued “gag order” is not followed, it can even be counted illegal.

VPN Providers & Their Logging Policies

If you’ve read till here, then we assume that you might have got an idea about the information recorded by VPNs and the reason behind it. Now, let’s read the below-mentioned logging policy analysis of VPN providers, so you can know about their logging policies, before making any decision about the VPN provider.

Seychelles Headquartered – Astril VPN

Though Astril VPN is far away from the 5/9/14 Eyes alliances located in Seychelles, it still records individual connection logs. If you visit their Privacy Policy page, first you’ll find the claim which says, they keep as little information as possible. But, reading further you will find certain points, such as

"Our system keeps track of active sessions - connection time, IP address, device type and Astrill VPN application vesion during the duration of your VPN session."

"Additionally to this, we keep last 20 connection records which include: connection time, connection duration, country, device type and Astrill client application version number."

As per these above statements, we can say that Astrill does collect the actual logs such as Connection timestamps, devices used, users’ country and even the IP address.

Also, the question of the FAQ section, “Does Astrill keep any logs?” states that it’s done only for the ACTIVE sessions for monitoring the simultaneous connection from one subscription. And, claims to remove the logs once the session is over. So, if you’re looking for any VPN with zero-log policy, then its better you look any other providers.

The USA Headquartered – Anonymizer

Anonymizer is considered as a part of an “Internet Enemy” country, as per the Reporters Without Borders. It follows the government laws which involve 5/9/14 Alliances. So, it’s legal to say that Anonymizer does keep user’s VPN logs and if the subpoena with a gag order gets issued to them, they won’t be able to say no and have to provide all the details. Moreover, the terms of service page have been removed. But luckily, I was able to find the statement written into it:

“To the maximum extent permitted by applicable law, Anonymizer may monitor your use of the Anonymizer service, e-mail, or other electronic communications and may disclose such information in the event it has a good faith reason to believe it is necessary for purposes of ensuring your compliance with this Agreement, and protecting the rights, property, and interests of the Anonymizer Parties or any customer of a Anonymizer Party.”

To be more precise, Anonymizer VPN logs whatever they can and if that’s not enough, on their website homepage they had even stated, “You’ll never have to worry about keeping track of your usage or connections”, which is quite contradicting.

Ace VPN – The USA based VPN Provider

Being headquartered in the USA, ACE VPN does become a part of the privacy related issue. Furthermore, their Privacy Policy page states, “We do not log VPN traffic. We do not spy on our users nor monitor their bandwidth or Internet usage. Our VPN servers do not store any personal identifying information (PII).”
Also they admit, “Personal Information is collected when you establish an account with us, place an order on the site, participate in a contest, sweepstakes or on-line survey, or when you communicate with any of our departments such as customer service, sales or technical services through the site, telephone, email or fax.”

While further stating that, “We may employ other companies or individuals to provide certain services to or on behalf of us such as server management, security audit, analyzing customer lists and data, or performing marketing or consulting services. These third parties (“Service Providers”) will only have access to the information needed to perform these limited functions on our behalf and are required to provide your personal information with at least the same level of protection and security as we use on the site. Such service providers are prohibited from using your personal information for any purpose other than that for which such party was engaged by us and/or as stated in this privacy policy.”

Now, whether to go with this VPN provider or not, it’s all in your hand.

AirVPN –Italian VPN Provider

Italy is a part of the 14-Eyes country, which does raise questions regarding privacy of AirVPN. Though, AirVPN is quite amazing in service, performance, reliability and support. Still, its country being a part of the 14-Eye Jurisdiction does mandate surveillance activities and data retention, and they can’t even protest it.
Moreover, their FAQs section have one question, “Do you keep session logs or any other kind of logs that can be used to track identity and Net activity?” to which their reply is, “No, we don’t keep logs of that kind.” whereas in their Privacy Policy they state, “the database of the accounts is not stored in those Air servers which are dedicated to provide VPN access; it is stored on servers which are not accessible from the outside.” Now, being under the 14-Eyes jurisdiction, the reality of their statement can only be seen through their reaction, if a subpoena with a gag order gets issued towards them.

Germany based- Avira Phantom VPN

No doubt, Avira Phantom is one of the VPN services which is good in maintaining online anonymity but being headquartered in the 14 Eyes Country Germany makes it questionable. As they have to support the Government by providing user information, whenever it’s demanded or else a subpoena with a gag order can get issued.

Though Avira Phantom privacy policy claims about not storing any activity/usage logs, they do track VPN bandwidth and timestamps, which raises a concern as being under the 14 Eyes country.

Malaysian Headquartered – BolehVPN

Being headquartered in Malaysia, BolehVPN is entirely safe from the 5/9/14 Eyes jurisdiction. And it even claims that “BolehVPN does not keep logs of user activity or access. We do keep logs of general traffic throughput of our servers to ascertain loading and usage of our servers but not at an individual level. However if we do notice any unusual activity on our servers (high bandwidth loading, high number of connections or cpu usage) we may turn on logs temporarily to identify abuse of our services (such as DoS or spamming through our servers).”

However, they even claim, “Turning on logs for troubleshooting is a very last resort and is necessary to ensure the integrity of our services. It has happened very rarely (only a handful of times in our 9 years of operation) and such information was not disclosed to third parties but merely used to terminate the offending user. In any case logs were usually enabled for not more than few hours and only for the particular server that was experiencing abuse.” So, we assume that the provider may become co-operative if they receive a subpoena for revealing logs of a target.

The USA Headquartered – FlyVPN

The USA-based FlyVPN comes under the Five Eye Agreement and further they even openly admit about their log storage, which reduces its credibility without investigation.

But I like their openness. If you visit their TOC page, below lines are written:

“When you use FlyVPN, we will record the following information:

  1. Your local IP
  2. Timestamp of when you successfully accessed VPN
  3. The VPN IP that is assigned to you
  4. The port number that is assigned to you
  5. Timestamp of when you disconnected from VPN”

Whether to go with this or not, it’s all up to you. If you know what the VPN is really about and the information being tracked bothers you, then you’re well aware that this VPN is not something you should be looking into.

Cyprus Based – Faceless.me

Thinking from the 5/9/14 Eyes Jurisdictions point of view, Faceless.me is safe and its headquarters is based in Cyprus, which is not part of it. Though, they do log user information, which got them in this list. On their FAQs page, in one of the questions, “Do you keep logs of my online activity?” it is stated that “We only track your data usage totals and your IP address, which is required for our internal bookkeeping. And even this data is kept on our servers for a limited time.” And the funny part is that on the homepage it mentions, “We’re not keeping logs of your activity, so in case FBI asks – there’s nothing.”

By looking at these types of contradictory statements, we think it’s better to avoid such VPN providers and instead go for others.

Canada Based VPN Provider- Flow VPN

Canada being part of Five Eyes Alliance, makes FlowVPN bit questionable. Furthermore, the statement made by Flow VPN is also something making it more doubtful.

For instance, if you look through TOC page of the provider, it says “Upon installation of the client application all users are allocated an Account Name against which we reserve the rights to log subscription information (including transaction references), connecting IP address, authentication requests, session data (allocated IP, connection date, time, duration, etc).” It has a hidden message in it, through which users can be fooled.

Further, it even goes on stating, “To comply with the requirements of our bandwidth providers we reserve the right to log activity across our network and use automated systems to monitor network activity for abuse (such as use of BitTorrent and similar peer-to-peer file sharing).”

Likewise, most users that are also looking for safe Torrenting or log-free VPN connections, you’ve to look somewhere else.

France Headquartered – Freedom – IP

France based Freedom- IP already gets a negative impression as it has to comply with the 14-Eyes Alliance.

Also, their logging policy (for which they are quite frank), gives alarming information that users can be traced back, though it doesn’t record the content of the communications. For example, in their privacy page, it has stated:

“Data kept by VPN Session:

  • IP Address of connection
  • Start time of session
  • End time of session
  • Data received of session
  • Data sent of session”

The UK Based – HideMyAss

The UK is the official founder of the UKUSA Agreement. So, it’s true that when it comes to privacy, HideMyAss will not be much trusted. Moreover, the strict Government Laws and Gag orders of GCHQ, secret intelligence agencies make the HideMyAss mandatory to store the user’s information.

Likewise many VPN providers, HideMyAss also claims the same thing, “We do not collect or store your IP address, your DNS requests, your application or online services use, or the websites you visit.”

However, in the past HideMyAss was involved in an FBI case, where they had handed over the details such as bandwidth data, real IP address, VPN address, timestamps to the intelligence agency for tracking down LulzSec Hacker. The same information has also been posted on their website’s blog, though it has been deleted. Also, we’ve found through internet archives that despite of no-log policy claims they do maintain the logs and user privacy is not 100% or else it wouldn’t have been possible to provide any information if they weren’t.

Moldova Based – HideIP VPN

Moldova is not a part of the invasive 5/9/14 Eyes, which makes it considerably safe by location, but HideIP VPN is not so when it comes to privacy. In their Terms page, it has claimed that

“HideIPVPN keeps a no-logs policy. It means that activity while using VPN is not being stored nor shared in any form. Only data stored is client’s full name and billing activity. We do not store IP addresses, browsing history, traffic destination or DNS queries. HideIPVPN cannot be obligated to provide data that do not exist due to our log policy.”

And further, what they claimed entirely contradicts with the above,

“HideIPVPN may disclose information, including but not limited to, information concerning a client, in order to comply with a court order, subpoena, summons, discovery request, warrant, statute, regulation, or governmental request. HideIPVPN assumes no obligation to inform the client that client information has been provided and in some cases may be prohibited by law from giving such notice. Finally, HideIPVPN may disclose client information where necessary to protect HideIPVPN and others from harm or where such disclosure is necessary to the proper operation of the system.”

Cyprus Based IPredator

Headquartered in Cyprus, it’s safe to say that retention laws are not mandatory on IPredator and their belief for users’ rights to their privacy even help them gain a bit of fame in the market. However, according to their “Legal” page, it does collect users data at a certain level. For instance, it claims, “We minimize the use of logs within our systems and only grant access to them to a selected number of staff for debugging when service quality is an issue.” Here, the collected information includes users’ name, email address, payment data and telephone number.

Likewise, they share the legal Canary statement, which says that the data can be collected and can be given to a law-abiding agency if it’s demanded, without informing the targeted user.

Hong Kong Based IronSocket

Though Hong Kong is considered safe from the 5/9/14 Jurisdiction, IronSocket has lost the credibility as it was found guilty for tracking users’ connection and activity logs. When you visit their Privacy Policy page, it claimed the following “We DO NOT LOG or record in any manner the content you access while using our Services.”

Also, when you go further down the page, you will find that their claim contradicts itself, as they do collect session information though only for 72 hours, which includes:

  • Date and Time of the connection and disconnection.
  • Real IP Address and the assigned VPN Server of the user.
  • Bandwidth consumption per session in a numerical representation.

The USA Based proXPN

proXPN has already earned the reputation of being genuine towards their users and not disclosing their information to anyone. It’s a USA-based company, where data retention laws are mandatory.
If you go through the Privacy Page, you will see their claim regarding privacy, “proXPN, B.V. will only use personally identifiable information collected through our web site to contact users regarding only products and services offered by proXPN, B.V. We will NOT share this information with anyone. Period.

Our system only monitors a connection if a user is having connection issues so that we can improve our services to you.”

Till now, we haven’t found any information regarding the logs of user activity. So, we would say it’s your decision because it’s coming from the place where it can become mandatory for proXPN to provide information about the users if they receive any subpoena from the Government.

Sweden Based PrivateVPN

Despite being a good and affordable VPN service provider, such as offering HTTP Proxy and SOCKS5, which makes them good even for Torrenting, PrivateVPN joins this club, as it is headquartered in Sweden. It’s sad to say that their country Sweden, comes under the fourteen-eye jurisdiction.

Granted, Sweden is a bit lenient towards terms of user privacy and even PrivateVPN claims that they don’t log any user information, but being from the country with data retention laws it might backfire, as they have to provide the user information, upon receiveing a subpoena with a gag order from the Government.

ProtonVPN From Switzerland

Being from Switzerland, you might think it’s safe to users, as it’s free from data retention laws. But, that’s not the case with ProtonVPN. Being one of the Free VPN providers already creates a curiosity, as most of the free VPN are not safe to use as everyone thinks.

And, here our curiosity turns out true. Currently, ProtonVPN is fighting with the accusations put on them being related with “Tesonet” a data mining company, that has even signed their Google Play Store Android application.

Moreover, it’s even been claimed that ProtonVPN does maintain connection timestamps, which can be linked with real IP addresses or accounts of the users.

The USA Headquartered StrongVPN

As mentioned about the US-based VPN providers, this one also has the same reason of making it a bit unsafe to use. StrongVPN claims the following in their privacy policy,

“StrongVPN does not collect or log any traffic of its Services, making us a zero-logging VPN.”

Though, no one can give surety whether they’re following what they claim, as being from the USA, one subpoena with a gag order issued towards StrongVPN is enough, to get the details of the targeted user.

McAfee Safe Connect

Being headquartered in the USA implies that they already come under the Five Eyes agreement, making them follow the data retention law. Undoubtedly, they have been one of the best pioneers in providing dedicated applications for PC, Android, and iOS. But, when it comes to VPN services, it would be wise to go for a better provider. Also, their privacy policy states that:

“We automatically collect information about your interactions with the Services as well as devices on which the Services are installed. In some cases, we automatically collect information about other devices connected to the same network as the device on which the Services are installed.”

And also, they will share information. For example, if McAfee receives any subpoena,

“To legal, governmental, or judicial authorities as instructed or required by those authorities and applicable laws, or in relation to a legal activity, such as in response to a subpoena or investigation of suspected illicit or illegal activities, or where we believe in good faith that users may be engaged in illicit or illegal activities, or where we are bound by contract or law to enable a customer or business partner to comply with applicable laws;”.

HolaVPN

Though Israel is not a part of the 5/9/14 Eyes Jurisdiction, it is quite similar to it when it comes to privacy, and due to that, a VPN is not something which would be considered safe. Like other VPN providers, HolaVPN also states

“Log data may include the following information- browser type, web pages you visit, time spent on those pages, access times and dates.

Personal information is information that may be of a private or sensitive nature, and which identifies or may identify you. The Personal Information we may collect and retain includes your IP address, your name and email address, screen name, payment and billing information or other information we may ask from time to time as will be required for the on-boarding process and services provisioning.”

Further, it even states, “We will retain your personal information for as long as necessary to provide the Service, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Under applicable regulations, we will keep records containing client personal data, account opening documents, communications and anything else as required by applicable laws and regulations.”

Looking at these statements, it’s not hard to say that your privacy is safe. So, it’s better to go with other VPN providers who take the privacy of users more seriously.

Hoxx VPN

Owned by VPN1 LLC, Hoxx.com is headquartered in the USA, which comes under the 5/9/14 Eyes Jurisdiction, making them lose their credibility over there. Moreover, looking through their privacy policy, you will find that,

“We log information about your use of our website, including your browser type and language, access times, pages viewed, your IP address and the website you visited before navigating to our website.

a) If we respond to subpoenas, court orders or legal process, or if we need to establish or exercise our legal rights or defend against legal claims.

b) If we believe it is necessary to share information in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or as otherwise required by law.

We may share your data with our services providers who process your personal information to provide services to us or on our behalf “

So, we don’t think anything is left out to say. Yes, it would be wise to consider any other VPN provider if you want to safeguard your privacy.

AVG VPN

AVG one of the heard names of web security, which is pretty famous for their antivirus protection. If you look through the surface, you will think it’s one of the top-notch service providers, as they come with some of the positives.

No doubt, they are doing a great job with their anti-virus software, but when it comes to VPN service, it is not something which can be considered. Despite giving good customer support and other essential features like No IP or DNS Leaks, they miss one of the crucial elements of VPN, which is logging users’ information.

If you go through their Policy, it has claimed right off the bat that AVG Secure VPN does collect user’s data which is kept stored from one month. Also, the information collected by them is your connection timestamps, your original IP address subnet, IP address of the VPN server you connected, amount of data being transmitted. Moreover, they have also claimed

“In the event we are served with valid subpoenas, warrants, or other legal documents (for example, documents concerning the sale of all or part of our business or a merger), or where applicable law compels us to comply, or when we are required to defend the rights or property of the Avast Group, including the security of our products and services, and the personal safety, property, or other rights of our customers and employees — we may share your personal data as collected above.”

So, it’s clear to know that why AVG VPN may not prove good option, as the most important feature of VPN which is no-log policy is missing.

Unlocator

Located in Denmark, it is already clear that this VPN provider is collecting data, as Denmark comes under the nine-eye jurisdiction. One subpoena from the Government with the gag order and they have to tell everything about the targeted users. Also, if you go through their privacy policy, they have stated,

“We keep a log at a personal identifiable level which is automatically purged at a 24-hour interval with no backups. The purpose of this log is to prevent abuse patterns from malicious usage of the service.”

Also,

“We are transferring your personal data, when necessary to be able to deliver the ordered service to you. These are typically Hosting Providers. In that case, your IP-adress will be transferred to one or more hosting providers handling the communication required to delivery the service.

We transfer personal data to data processors that are solely processing personal data on our behalf and are not allowed to use this data for their own purposes. We have entered into agreements with all data processors regarding a written data processing agreement and ensured that they are subject to confidentiality.”

Now, whether to trust them or not, it’s all up to you. But, I feel it’s better to look at some other VPN providers who do not log or share data with anyone else.

Seed 4 Me

Though it’s free from data retention law, Seed4.me does keep certain logs. Moreover, in their blog, they even state,

“we are often asked: “Do you keep logs?” and the answer is “Yes, we do”. The same as the rest VPN providers in the world!

If anybody says VPN company does not keep ANY logs, they lie.

information is kept only for 7 days and then removed.”

Another thing which picks our interest is that they have mentioned about this logging only in their blog post and not in terms of service page.

Hotspot Shield of Switzerland

Switzerland being away from the 5/9/14 Alliances makes the VPN usage safe. But this is not the same with Hotspot Shield. No doubt, it started well, but very soon it had to face setbacks due to the shady behavior which came into the light.

By going through their Privacy Policy page, their claim, “Hotspot Shield replaces your IP address with an anonymous proxy IP address associated with one of our servers so that your actual IP address is not shared with the websites you visit.” It looks all good, as expected from any VPN provider.

However, the recent study of CSIRO says a different story. As per them, Hotspot Shield has used tracking codes which gather and sell the information of their users to third-party advertisers. Also, Hotspot Shield has been charged with a complaint by a non-profit advocacy group of digital rights, the Centre for Democracy and Technology (CDT), regarding this activity of spying on their users and collecting their data.

Canadian VPN Provider – Betternet

Based in Canada, Betternet already comes under the Five Eyes Alliance, making them questionable. Further, they also provide “FREE VPN,” which makes it questionable if they might be logging users’ data. Also, they store information like your actual IP address and browsing activity. Though, their FAQs claim, “Betternet does not collect, log, store, share any data log belonging to users.” But they have also been found collecting users’ browser logs.

Also, we are judging based upon the Free VPN service provided by them, which is mostly run on an ad-revenue model and even sold to third parties.

Finally, we would say all VPN providers differ from each other and it’s same for the data retention law as well Different countries will have different laws to follow, even if they come under 5//9/14 eye jurisdiction.

As a user, your major concern should be about the type of data is logged and how long it’s kept in their database. If it’s under data retention law-abiding country and also logs a lot of information, then it’s better to go with another one. Lastly, it’s recommended you go through their privacy policy, before deciding to purchase a VPN. So, you can have a clear idea what you’re up to.