At ProtonVPN we are committed to protecting and respecting your privacy. Our company's overriding policy is to collect as little user information as possible to ensure a private and anonymous user experience when using the Service. Below is a summary of how we deal with information when you use ProtonVPN.
Data we retain from ProtonVPN sessions:
Each time a user connects to ProtonVPN, we only store a timestamp of the last successful login attempt. While it is stored indefinitely, this gets overwritten the each time you log in.
Why do you retain a timestamp:
We retain this limited information to know how many devices are being connected and ensure users do not make excessive number of connections.
What we don't do when you use ProtonVPN:
Website data collection is limited to the following instances:
Visiting our website: We employ a local installation of Piwik, an open source analytics tool. It collects non identifiable information such as; title of the page being viewed, screen resolution, outlinks and page and website speed. However, this data cannot be used to personally identify users or visitors as we don't save IP addresses.
Account creation: We will store the email address you have entered when creating an account. This is for communication and anti-abuse purposes.
Support: When you submit support requests or bug reports we will collect the data that you chose to share with us about the issue being reported. Bug reports sometimes rely on third parties such as Zendesk.
Payment: The Company relies on third parties to process credit card and PayPal transactions and we do not save your payment method. Anonymous cash or bitcoin payments and donations are also accepted.
How we will use this data
We do NOT have any advertising on our site and the limited information we collect is used for the following purposes:
Active accounts will have data retained indefinitely until they are requested to be deleted by the user.
We take data security very seriously at ProtonVPN. Only employees of the Company have physical or other access to the servers. Data is usually stored in encrypted format on our servers. Offline backups may be stored periodically, but these are also secured.
Disclosure of your information
We will only disclose the limited user data we possess if we receive an enforceable court order from either the Cantonal Courts of Geneva or the Swiss Federal Supreme Court. Under Swiss law, it is obligatory to notify the target of a data request, although such notification may come from the authorities and not from the Company.
This Agreement shall be governed in all respects by the substantive laws of Switzerland. Any controversy, claim, or dispute arising out of or relating to the Agreement shall be subject to the jurisdiction of the competent courts of the Canton of Geneva, the jurisdiction of the Swiss Federal Court being expressly reserved.