A VPN's whole job is to limit what third parties — including the VPN — can see about your browsing. We took that literally. The list of things we don't store is longer than the list of things we do.
We do NOT log
- Which sites you visit.
- DNS queries.
- Session-attributable connection records (who → which exit → when → how long).
- Traffic content. (TLS makes this opaque to us anyway, but explicitly: no MITM, no inspection.)
We DO keep
- Email address (sign-in, password reset, transactional email).
- Hashed password — Argon2id, we never see the plaintext.
- Subscription state — which plan, renewal date, store of record.
- Active device count — fingerprint hashes, not externally-cross-referable IDs.
- Approximate sign-up country — derived once from IP at registration, used for regional pricing.
Why structured this way
Anything we keep, we could be compelled to disclose. So we keep only what's strictly required to run the business. Sessions are not.
See the full Privacy Policy for the legal version.