In order to respect our users’ privacy, Proton VPN enforces a strict no-logs policy. This means we keep no session usage logs of what you do online, and we do not log metadata that can compromise your privacy.
- We don’t log which websites you visit
- We don’t log your traffic or the content of any communications
- We don’t log your IP address
- We don’t log your session lengths
- We don’t log or track any location-based information
This level of privacy is possible in part because we are based in Switzerland, which has some of the strongest data protection and digital privacy laws in the world. Data required for maintenance and troubleshooting purposes is secured using full-disk encryption on all our bare-metal servers, over which we have full control.
Full details about the information that we do store (such as account information) are available in our Privacy Policy. Our apps are all fully open source and independently audited so that you can be sure they are trustworthy, and we aim for transparency in everything we do.
Proton VPN’s Swiss jurisdiction also confers additional benefits which are favorable for VPN services. In most countries, VPNs can be forced to log as the result of government orders, even if they are by default no-logs. However, within the current Swiss legal framework, Proton VPN also does not have forced logging obligations.
This notably differs from Swiss regulations for other online services such as email which is generally not no-logs and can require IP disclosure in the event of a Swiss criminal investigation. That’s why if your threat model requires hiding your IP from Swiss authorities when using Proton Mail, we recommend using a VPN or Tor.
Proton VPN’s strict no-logs policy was tested in a legal case in 2019 where we were ordered to turn over logs to help identify a user and we were unable to comply because such logs did not exist. Our no-logs policy has also been verified by external independent experts.
Hi guys. I’m a visionary member and just wanted to thank you for your product and what you do. I’m on iOS and used the open vpn setup until just today when I started using the beta app and it works great. Super easy to turn on secure core, it’s just a slider button and it’s nice not to have to set up your own server connection. Love you guys!
0
Are all the servers owned by Protonvpn itself or are they rented from other big companies ??
0
Hello. All of the secure core entry servers are owned by us and some of the other standard servers, but majority of them are from a reputable host service providers.
0
How many (exact number) free servers are there in US
0
Hello! There are 2 Free servers in the US currently.
0
Do you keep information on ‘who used that IP address’ ?
0
Hello Bob. No, as stated in the article, only the last time stamp of successful or unsuccessful user account login attempt is kept and no server ip or your ip is saved.
0
When aspecting IOS iPhone/iPad app!
0
Hello Henk, the closed beta is launching next week!
0
Does Proton Vpn store my original IP address or the IP address i have connected to ?
0
Hello. We store nothing but just your last login attempt timestamp, that means no IP`s nor any other information included.
0
What is the big difference if you store my Email and username or my IP address ? Both can identify who I am if law enforcement needs it.
0
Hello. There is no difference since we do not store your IP or what server you connected to. As disclaimed in the article, only timestamps of last login attempts are stored for the account. https://protonvpn.com/privacy-policy
0
I did not notice anywhere, but apologies if this has been already answered elsewhere.. Is it possible to pay for ProtonVPN using bitcoin? I only noticed credit card option? Thank you.
0
Hello Shack, you were close to finding that it is possible!? https://protonvpn.com/support/vpn-bitcoin-payments/
0
Dear sir please help me about payments mode in coupan by google play store. That’s ask me to you buy membership with Google play store coupons are valid on your site
0
Hello, we are sorry to say but we only accept paypal, credit card and bitcoin payments.
0
Hello, do you plan to create a dedicated GUI app for Linux anytime soon? I do appreciate the intuitive design and features like the kill switch. Thanks!
0
Hello Sam, currently there are no plans for linux gui but we have made a linux cli, which you have probably seen already, if not you can find it in our help center!
0
Hey Sam you used this servers please inform to me how can buy to प्लस membership plan
0
When you say “no-log policy”, is it only for the PLUS version or for the free version also ?
0
Hello. All of our customers are treated with the same security that we provide, so that means even free customers are getting AES-256 encryption and no logs policy applied.
0
How do you compare to services like NordVPN or ExpressVPN?
0
Hello John. Well, we are a younger project which is striving to do its best at all costs, thus we yet have a lot to develop but we are climbing there! First of all, we have an always free VPN that we provide for our customers that really need the security but cannot contribute to our services. Our vision for paid services is that you contribute not only for Proton, but for the people that do really need free VPN which we could expand and maintain. Second of all, we are always upfront about our services, what is happening and how its handled so we try our best to eliminate the doubts of our customers. And third, while we cannot measure the numbers with big guys like those, we can measure big hearts that Proton and our community has. In short, we offer 12 countries to connect to right now (Italy yet to be added) 3 apps, for Android, MacOS, Windows( iOS comming soon) . Features like secure core, start on boot, killswitch, auto-connect customization and of course, no logs policy with 30-day money back guarantee. :)
0
Would like to know what kind of servers are there in Singapore ? Dedicated gigabit servers ? Very much interested to go for paid plan as my current vpn service provider is getting crappy over time.
0
Hello, all of our servers are gigabit at minimum, some are even 10 gigabit connection speeds servers. After upgrading the account you always have a chance to downgrade it if you are not happy with the results. :)
0
I have a few questions.
1 – How is ProtonVPN able to hand out that ‘limited information’ about an account, if you don’t log user activity and therefore can’t tell which user has used your service to perform a certain illegal activity?. For example: How do you know if a user has e.g. posted child pronography if you don’t log activity? Or how do you prevent people from posting bomb threats if you don’t log user activity?
2 – How is payment informaiton tied to an account? For example: If I pay for a ProtonVPN account via PayPal and you are ‘forced’ to hand out data for that account, is the name/credit card (and therefore the real name and address) tracebale to that account/included in the data you hand out?
Thank you.
0
Hello,
1 – ProtonVPN provides a legal security service and its main purpose is to provide users with a tool to protect their internet data from being monitored, as well so to provide other security benefits. While it is true that a VPN can be potentially misused like any other service or tool for illegal activities, we do not support it by using our service. We do not monitor any of our users’ activity and we will always stay true to that, however, in an event where we would eventually figure out abuse/illegal activity of any account in other ways (f.e. user would report it by him/herself), we remain a right to suspend that account without further notice.
2 – We do not hold your payment information on our database besides the information of what payment provider you have used and this information is required in order for us to be able to provide refunds or renew the subscription if you opt for a recurring one. In an event where we would be requested to provide the limited information we possess that meets the criteria of the jurisdiction of the Swiss Federal Court, we would only be able to provide the payment type that has been used, other information would have to be obtained directly from the payment provider.
Please keep in mind that your actual VPN account uses a set of separate credentials which can be found by logging in to ProtonVPN website. Your account activity is not tied to the payment type you have used and none of it is being tracked or logged due to our no-logs policy. Also, PayPal might not be the best payment type for very anonymity-focused users so in this case we strongly recommend to use cryptocurrency in order to purchase an account.
0
Thank you for your lenghty answer!
However, I’d like to follow up with some questions based on your reply:
1 – How is it even possible for authorities to construct a court order for a specific account, since the only thing they know (99% of cases) is just the IP address of one of your VPN servers which was used to perform an illegal activity? Tailoring a court order for a specific account would require previous information hand out by ProtonVPN (by tying an IP address, correlating time stamps to possible accounts in question and therefore produce the type of payment used).
2 – Do you have any ‘Red Lines’ where you might decide to expose a user to authorities by following a court order or out of your own volition, thus handing out all information like IP addresses or turning on logging?
For example, if you know (through authorities or a ‘Tip’) that someone using your VPN IP address is posting *CREDIBLE* threats on a forum which could cause severe harm to human life. How do you proceed?
Thanks!
0
Since the questions are very similar in the ticket we have received, not to duplicate the answer we will post it here as well:
We are not liable for how a certain user decided to behave while connected to one of our servers and this is not our responsibility, as stated in Terms of Service Limited Warranties and Liability/Indemnification sections. It is platforms’ responsibility to take care of the content that is posted on the platform and take action against users who infringe the rules/guidelines etc., whether it would be an account suspension or IP ban as well.
We wouldn’t be able to identify the user since we do not log original IP addresses or internet traffic of any particular user.
So far we have not encountered any such case that we know of. Of course, it is a real risk for a VPN service to be misused, but it is true for every other service, especially when it comes to services that provide encryption, Turning on logging is something that we will never do because the whole service would lose its purpose.
0
Thank you for your answer.
I thought all the servers were your own ones. Maybe they sould.
As a swiss citizen paying for a swiss service in Switzerland, the last thing I would like to see is my communications transiting through a british company.
I mean, it’s the point of using your service to begin with. Why don’t you own all your servers? I don’t see any necessity for using any british or american servers in Switzerland. It seems that this cancels most of the attractivity of your offer. Less and less people want to deal with anglo companies in thid field, due to their attitude toward internet privacy.
0
Hello Mike,
The service would be simply unsustainable if we would own all of our servers. That’s why we are only renting servers from trusted data centers that meet all of our security criteria and are able to provide us with full access to the server itself. We have put a lot of work into the server structure in order to make sure that they are both secure and to not log any of our users information at all times. You are not forced to use those servers if you do not want to, we offer servers that we physically own – they are all listed under Secure Core category. You can read more about Secure Core servers here: https://protonvpn.com/support/secure-core-vpn/
0
WoW mike ur one of those irrational people huh.
0
Hello,
1. – why is there no “Switzerland” as contry option when secure core is enabled? No secure core in Switzerland?
2. – why the server CH3 and other in Zürich are found to be “UK Web.Solutions Direct Ltd”? when CH6 for instance is “Proton AG, Bern”?
what is the difference?
Thank you.
0
Hello Mike. 1 – Currently we don’t have secure core server that would exit through CH node but US, UK, CA have Switzerland as entry node. 2 – That is because its a server provider that has servers in Switzerland and some of the servers are our own ones.
0
Do you store DNS request logs, bandwidth logs or IP logs? If not, would you mind contacting ThatOnePrivacyGuy from some official address like admin@protonvpn.com and asking him to update his VPN comparison table? I think logging is the most filtered section on that site and more people would opt for ProtonVPN if you had more green cells in this section. Imo it’s little work and the benefits might be big.
https://thatoneprivacysite.net/contact-info
https://thatoneprivacysite.net/vpn-comparison-chart
In contrary, in his email comparison ProtonMail has a lot of green ones:
https://thatoneprivacysite.net/email-comparison-chart
0
Hello,
Thank you for your attention and care for ProtonVPN services. We are already in contact with the one privacy guy and will do our best to re-evaluate our services.
0
Almost a month passed and still no change in the VPN table. Any problems with getting an answer from ThatOnePrivacyGuy or are there some problems with confirming that you actually don’t store any logs (except the timestamp)?
0
Hello, We are working on corrections to the review, however, it is not up to us how fast the review gets updated.
0
I’ve contacted ThatOnePrivacyGuy and he said that you should specifically write that you don’t log DNS requests, bandwidth and IP addresses, instead of just writing “No Logs policy”.
0
yeey! I love the Protonvpn and Protonmail!
0
If you are a logless server, how do you expect to be able to enforce your terms and conditions for conduct? Either, you’re covering your ass with a fangless TOU, you are lying about being logless, or you will enforce the TOU exclusively on the evidence provided by 3rd parties which may or may not be fabricated.
0
As we mention in our Privacy Policy, we will only disclose the limited user data we possess if we receive an enforceable court order from either the Cantonal Courts of Geneva or the Swiss Federal Supreme Court. The only information we keep about the user is a single login timestamp which only contains the username and time when user logged in his/her account – this mainly done to secure accounts from brute forcing. We do not keep any other information about our users, hence the limited data.
0
After updating to version 3.7.5 for Tunnelblick on Mac, an error pops up about ‘comp-lzo’ and something about needing to uninstall this for the server configurations. The service has worked so far until now, so how should I go about fixing this?
0
Hello.
Could you please contact our support team? We certain that we can help you sort this out!
https://protonvpn.com/support-form
0
Having operated a VPN service myself for years, I’m very familiar with all the legal and technical aspects. I’ll list a few direct questions that those who’re specifically looking for a high anonymity (Truly No-Logs, NO cooperation with the KGB, etc.)
Hopefully the information below will better help people understand the basics with VPN logging as well as to better explain my questions.
Standard PPTP, L2TP, and OpenVPN (Types of VPN protocols) installations all have a basic form of connection logging enabled by-default, for example, a standard VPN server with a default configuration, logs enough key details about the user, both whenever he connects as well as whenever he disconnects, to unmask him. The typical VPN connection log contains information such as the exact time of the connection/disconnection, both the public (what you’re used to seeing on whatsmyip.com) and local IP address (ex. 192.168.x.x/10.0.x.x) assigned to the user, as well as any other relevant info, such as username, diagnostic information, ports being forwarded to this user, etc. (Some variations in both the depth & and exact content being logged are expected depending upon the VPN implementation, OS, Software/etc…) Even with this default logging disabled, the server itself will still be conducting logging, whether via seperate software such as firewalls and error-handlers or even via higher systems such as those at data-center level like network/firewall logs. These other forms of logging will need to have logging disabled as well or at least be modified to prevent accidental logging of VPN connection info (ex: A firewall that logs every connection = enough info to identify VPN users).
Questions
0. With the above information regarding the basics of VPN logging in mind, does ProtonVPN or any of its affiliated assets and/or entities (Such as Protonmail, Proton Ag, etc.) have equipment that produces changes in data in response to an individual PROTONVPN user’s specific actions? Such as connecting or disconnecting? Do any changes in data include user specific information, such as a user’s username, time of connection, IP Address, or other form(s) of information unique to each individual user? Where does this change(s) occur? Only on the server(s) hosting user accounts or on the VPN servers? Please specify.
1. If so, when does this change in data occur (for example, one time only upon sign-up? Every time a user connects? Etc.)
2. What information is produced or altered on these occasions, as specified above under ‘1.’
(Example: When a user connects, the date and time of the connection are stored…When a user connects to a VPN server, the server logs the connection…etc…)?
3. Please outline the circumstances under which you will cooperate with third parties (i.e. Government agencies, Law enforcement, etc.) as well as your full capabilities for the circumvention of the anonymity provided by your service(s) should you so be compelled or decide to do so, specifically in regards to ProtonVPN.
4. In summary, please confirm or deny whether or not any information that could potentially be used to identify a specific ProtonVPN user would be left on your servers at any point, either before, during, or after their connection to a PROTONVPN VPN server. If the answer is in the affirmative, please elaborate on the specifics of said information.
As with legalese, some questions may seem to repetitive, apologies, not trying to be annoying, just get some straightforward answers along with technical specifics (“No logs” really doesn’t cut it these days….)
0
Hey Andrew, when you connect to a server, we log save a timestamp of that event and no IP information. All VPN providers have the ability to fully circumvent the anonymity, which is why using a trustworthy VPN is essential (https://protonmail.com/blog/trusted-vpn/). ProtonVPN is fortunate to be based in Switzerland where strong privacy protections exist which prevent us from being forced to log IP addresses even if given a court order.
0
So, it seems that you’re saying it” “log save a timestamp of that event and no IP information”
Please elaborate, what else is included in the ‘event log’, surely the username as well? Please detail below everything captured and stored on connect (i.e. IP Address, time connected username, auto assigned IPs, etc. EVERYTHING)
0
This is a timestamp of a login attempt, it does not contain any other information (for example user IP address) and it’s main purpose is to protect our users’ accounts from brute force. As we state in Privacy Policy, the timestamp is overwritten each time you connect to a server. Since the topic is quite complicated, we have extensively answered this concern in our reddit post which you can check here: https://www.reddit.com/r/ProtonVPN/comments/6jablj/this_is_protonvpn_on_the_vpn_comparison_chart_of/djdvsj8/
0
Thank you very much for ProtonVPN. I have tested this on Linux, macOS and Windows and am amazed at how easy it is to work. I have asked some friends in more restricted locations where VPNs are frequently blocked to test it and they have all reported that it works for them.
I’m looking at the various account options and considering which suits me best.
May ProtonVPN and ProtonMail have a long and successful life.
0
when connecting to non-Swiss server does it provide same level of protection, despite that those ProtonVPN servers are based in other countries? Countries like (China, US, etc etc enforces monitoring, logging and demanding info). What level of safety, privacy,no-log and other type of protections ProtonVPN provides when its not Switzerland based server?
0
Hey Sam, no-logs policy applies to all of our servers – we do not keep any information on any of them, so it is safe to connect to any country you prefer.
0
if someone connects to non-Swiss server(ex: USA, Canada, China, etc where there are chances of intrusion and enforced logging, monitoring and other things) how ProtonVpn deals? like no-log and other policies works out?.. in that sense does it provide same protection when connected to non-swiss servers?
0
Hello, the same no-logs policy applies to all of our servers. Also, please keep in mind that our servers do not store any personal information at any time about our users, so it is safe to connect to any country you prefer.
0
I would like to know how can you avoid to log data as it is compulsive under Swiss law.
As a matter of fact, a retention law exists and obviously applies also to VPN. SwissVPN located in Zurich clearly states that logs are kept accordingly to Swiss legislation, therefore how can you bypass that if you’re located in Geneva ?
0
hi, we’ve previously written a blog post on this topic and have updated again in 2017 with the latest info: https://protonmail.com/blog/swiss-surveillance-law/
short excerpt:” … As a participant in these discussions, we can confirm unequivocally that upon implementation, the provisions regarding data retention introduced by the BÜPF will exempt companies like ProtonMail and ProtonVPN which are not major telecommunications operators. This is in addition to the points in the article below, which still hold. … ”
0
What is your policy regarding bittorrent downloads and do you provide port forwarding?
0
we do not provide port forwarding, p2p traffic is allowed on designated servers in p2p friendly countries
0
Hi, this might be not the right place to ask, but I am very much interested if you are planning to set up servers in Austria.
0
What is your clients will use your vpn for bad deals, like carding, hacking etc. How will you stop this if you don’t know what they are doing?
0
How can you ensure BÜPF (Bundesgesetz betreffend die Überwachung des Post- und Fernmeldeverkehrs) if you not store meta data for the ÜPF (Überwachung Post- und Fernmeldeverkehr)?
0
we do not have to store any data to comply as we do not fall under its blanket
0
What server location (countries) ProtonVPN provide?
0
for now check this support page for a list of countries https://protonvpn.com/vpn-servers; we will have a separate servers page soon as well
0
Regarding user information and logs, I assume that you contract VPN providers in various countries. How is the no logging policy enforced at the local level?
0
We do not contract VPN providers. All the infrastructure is hosted only for ProtonVPN and not shared with others. We configure the hardware when setting them up and therefore set up the no log policy ourselves (-> /dev/null)
0
Works great! very easy to get it working. i was supprised to se that netflix was working seeing as they block all vpn services, whats the general idee from protonvpn to using netflix streaming and or torrents and other items in that catacory
0
Can you provide the step-by-step process to setup the VPN on iOS 10.3 on an iPad Pro? I just checked the vpn settings in general settings and it needed more information than just my email and password. I’m not comfortable using OpenVPN where unknown people with unknown political positions will be ‘verifying’ a VPN is working. Thanks for any feedback.
0
check out https://protonvpn.com/support/ios-vpn-setup
0
The last sentence states the same thing twice:
Here again, we do not store any information about where you signed in from, how long you were logged in or where you logged in from.
– “we do not store any information about where you signed in from”
– “or where you logged in from”
0
Are you able to see what sites we visit?
0
When you say – “…we store a single timestamp of your accounts most recent login.” How long is that kept?
0
As a protonmail user I assume that it is a column in the DB which is rewritten the next time you log in: the timestamp of the most recent login. When you log in again, it gets rewritten.
0