Return to protonvpn.com Facebook   Twitter   Reddit   ProtonMail
Support Center / General Information / Does ProtonVPN store user information?

Does ProtonVPN store user information?

ProtonVPN respects its users’ privacy and enforces a No Logs policy. This means your VPN connections remain private and we do not store information about your connections or the websites you visit.

 

For the purpose of securing your account and making sure it’s you who is signing in, we store a single timestamp of your accounts most recent login. Here again, we do not store any information about where you signed in from, how long you were logged in or where you logged in from.

 

 

Related questions

How do I check for updates?

Unable to connect

What is OpenVPN?

 

 

 

Post Comment

51 comments

  1. john

    How do you compare to services like NordVPN or ExpressVPN?

  2. ProtonVPN Team

    Hello John. Well, we are a younger project which is striving to do its best at all costs, thus we yet have a lot to develop but we are climbing there! First of all, we have an always free VPN that we provide for our customers that really need the security but cannot contribute to our services. Our vision for paid services is that you contribute not only for Proton, but for the people that do really need free VPN which we could expand and maintain. Second of all, we are always upfront about our services, what is happening and how its handled so we try our best to eliminate the doubts of our customers. And third, while we cannot measure the numbers with big guys like those, we can measure big hearts that Proton and our community has. In short, we offer 12 countries to connect to right now (Italy yet to be added) 3 apps, for Android, MacOS, Windows( iOS comming soon) . Features like secure core, start on boot, killswitch, auto-connect customization and of course, no logs policy with 30-day money back guarantee. 🙂

  3. woots

    Would like to know what kind of servers are there in Singapore ? Dedicated gigabit servers ? Very much interested to go for paid plan as my current vpn service provider is getting crappy over time.

  4. ProtonVPN Team

    Hello, all of our servers are gigabit at minimum, some are even 10 gigabit connection speeds servers. After upgrading the account you always have a chance to downgrade it if you are not happy with the results. 🙂

  5. Anon

    I have a few questions.

    1 – How is ProtonVPN able to hand out that ‘limited information’ about an account, if you don’t log user activity and therefore can’t tell which user has used your service to perform a certain illegal activity?. For example: How do you know if a user has e.g. posted child pronography if you don’t log activity? Or how do you prevent people from posting bomb threats if you don’t log user activity?

    2 – How is payment informaiton tied to an account? For example: If I pay for a ProtonVPN account via PayPal and you are ‘forced’ to hand out data for that account, is the name/credit card (and therefore the real name and address) tracebale to that account/included in the data you hand out?

    Thank you.

  6. ProtonVPN Team

    Hello,
    1 – ProtonVPN provides a legal security service and its main purpose is to provide users with a tool to protect their internet data from being monitored, as well so to provide other security benefits. While it is true that a VPN can be potentially misused like any other service or tool for illegal activities, we do not support it by using our service. We do not monitor any of our users’ activity and we will always stay true to that, however, in an event where we would eventually figure out abuse/illegal activity of any account in other ways (f.e. user would report it by him/herself), we remain a right to suspend that account without further notice.
    2 – We do not hold your payment information on our database besides the information of what payment provider you have used and this information is required in order for us to be able to provide refunds or renew the subscription if you opt for a recurring one. In an event where we would be requested to provide the limited information we possess that meets the criteria of the jurisdiction of the Swiss Federal Court, we would only be able to provide the payment type that has been used, other information would have to be obtained directly from the payment provider.

    Please keep in mind that your actual VPN account uses a set of separate credentials which can be found by logging in to ProtonVPN website. Your account activity is not tied to the payment type you have used and none of it is being tracked or logged due to our no-logs policy. Also, PayPal might not be the best payment type for very anonymity-focused users so in this case we strongly recommend to use cryptocurrency in order to purchase an account.

  7. Anon

    Thank you for your lenghty answer!
    However, I’d like to follow up with some questions based on your reply:
    1 – How is it even possible for authorities to construct a court order for a specific account, since the only thing they know (99% of cases) is just the IP address of one of your VPN servers which was used to perform an illegal activity? Tailoring a court order for a specific account would require previous information hand out by ProtonVPN (by tying an IP address, correlating time stamps to possible accounts in question and therefore produce the type of payment used).

    2 – Do you have any ‘Red Lines’ where you might decide to expose a user to authorities by following a court order or out of your own volition, thus handing out all information like IP addresses or turning on logging?
    For example, if you know (through authorities or a ‘Tip’) that someone using your VPN IP address is posting *CREDIBLE* threats on a forum which could cause severe harm to human life. How do you proceed?

    Thanks!

  8. ProtonVPN Team

    Since the questions are very similar in the ticket we have received, not to duplicate the answer we will post it here as well:

    We are not liable for how a certain user decided to behave while connected to one of our servers and this is not our responsibility, as stated in Terms of Service Limited Warranties and Liability/Indemnification sections. It is platforms’ responsibility to take care of the content that is posted on the platform and take action against users who infringe the rules/guidelines etc., whether it would be an account suspension or IP ban as well.

    We wouldn’t be able to identify the user since we do not log original IP addresses or internet traffic of any particular user.

    So far we have not encountered any such case that we know of. Of course, it is a real risk for a VPN service to be misused, but it is true for every other service, especially when it comes to services that provide encryption, Turning on logging is something that we will never do because the whole service would lose its purpose.

  9. Mike

    Thank you for your answer.
    I thought all the servers were your own ones. Maybe they sould.
    As a swiss citizen paying for a swiss service in Switzerland, the last thing I would like to see is my communications transiting through a british company.
    I mean, it’s the point of using your service to begin with. Why don’t you own all your servers? I don’t see any necessity for using any british or american servers in Switzerland. It seems that this cancels most of the attractivity of your offer. Less and less people want to deal with anglo companies in thid field, due to their attitude toward internet privacy.

  10. ProtonVPN Team

    Hello Mike,

    The service would be simply unsustainable if we would own all of our servers. That’s why we are only renting servers from trusted data centers that meet all of our security criteria and are able to provide us with full access to the server itself. We have put a lot of work into the server structure in order to make sure that they are both secure and to not log any of our users information at all times. You are not forced to use those servers if you do not want to, we offer servers that we physically own – they are all listed under Secure Core category. You can read more about Secure Core servers here: https://protonvpn.com/support/secure-core-vpn/

  11. George

    WoW mike ur one of those irrational people huh.

  12. Mike

    Hello,
    1. – why is there no “Switzerland” as contry option when secure core is enabled? No secure core in Switzerland?
    2. – why the server CH3 and other in Zürich are found to be “UK Web.Solutions Direct Ltd”? when CH6 for instance is “Proton AG, Bern”?
    what is the difference?

    Thank you.

  13. ProtonVPN Team

    Hello Mike. 1 – Currently we don’t have secure core server that would exit through CH node but US, UK, CA have Switzerland as entry node. 2 – That is because its a server provider that has servers in Switzerland and some of the servers are our own ones.

  14. Anon

    Do you store DNS request logs, bandwidth logs or IP logs? If not, would you mind contacting ThatOnePrivacyGuy from some official address like admin@protonvpn.com and asking him to update his VPN comparison table? I think logging is the most filtered section on that site and more people would opt for ProtonVPN if you had more green cells in this section. Imo it’s little work and the benefits might be big.
    https://thatoneprivacysite.net/contact-info
    https://thatoneprivacysite.net/vpn-comparison-chart
    In contrary, in his email comparison ProtonMail has a lot of green ones:
    https://thatoneprivacysite.net/email-comparison-chart

  15. ProtonVPN Team

    Hello,
    Thank you for your attention and care for ProtonVPN services. We are already in contact with the one privacy guy and will do our best to re-evaluate our services.

  16. Anon

    Almost a month passed and still no change in the VPN table. Any problems with getting an answer from ThatOnePrivacyGuy or are there some problems with confirming that you actually don’t store any logs (except the timestamp)?

  17. ProtonVPN Team

    Hello, We are working on corrections to the review, however, it is not up to us how fast the review gets updated.

  18. Anon

    I’ve contacted ThatOnePrivacyGuy and he said that you should specifically write that you don’t log DNS requests, bandwidth and IP addresses, instead of just writing “No Logs policy”.

  19. Jose

    yeey! I love the Protonvpn and Protonmail!

  20. Brett

    If you are a logless server, how do you expect to be able to enforce your terms and conditions for conduct? Either, you’re covering your ass with a fangless TOU, you are lying about being logless, or you will enforce the TOU exclusively on the evidence provided by 3rd parties which may or may not be fabricated.

  21. ProtonVPN Team

    As we mention in our Privacy Policy, we will only disclose the limited user data we possess if we receive an enforceable court order from either the Cantonal Courts of Geneva or the Swiss Federal Supreme Court. The only information we keep about the user is a single login timestamp which only contains the username and time when user logged in his/her account – this mainly done to secure accounts from brute forcing. We do not keep any other information about our users, hence the limited data.

  22. VPN User

    After updating to version 3.7.5 for Tunnelblick on Mac, an error pops up about ‘comp-lzo’ and something about needing to uninstall this for the server configurations. The service has worked so far until now, so how should I go about fixing this?

  23. ProtonVPN Team

    Hello.
    Could you please contact our support team? We certain that we can help you sort this out!
    https://protonvpn.com/support-form

  24. OneOfThoseDeafMutes

    Having operated a VPN service myself for years, I’m very familiar with all the legal and technical aspects. I’ll list a few direct questions that those who’re specifically looking for a high anonymity (Truly No-Logs, NO cooperation with the KGB, etc.)

    Hopefully the information below will better help people understand the basics with VPN logging as well as to better explain my questions.
    Standard PPTP, L2TP, and OpenVPN (Types of VPN protocols) installations all have a basic form of connection logging enabled by-default, for example, a standard VPN server with a default configuration, logs enough key details about the user, both whenever he connects as well as whenever he disconnects, to unmask him. The typical VPN connection log contains information such as the exact time of the connection/disconnection, both the public (what you’re used to seeing on whatsmyip.com) and local IP address (ex. 192.168.x.x/10.0.x.x) assigned to the user, as well as any other relevant info, such as username, diagnostic information, ports being forwarded to this user, etc. (Some variations in both the depth & and exact content being logged are expected depending upon the VPN implementation, OS, Software/etc…) Even with this default logging disabled, the server itself will still be conducting logging, whether via seperate software such as firewalls and error-handlers or even via higher systems such as those at data-center level like network/firewall logs. These other forms of logging will need to have logging disabled as well or at least be modified to prevent accidental logging of VPN connection info (ex: A firewall that logs every connection = enough info to identify VPN users).

    Questions

    0. With the above information regarding the basics of VPN logging in mind, does ProtonVPN or any of its affiliated assets and/or entities (Such as Protonmail, Proton Ag, etc.) have equipment that produces changes in data in response to an individual PROTONVPN user’s specific actions? Such as connecting or disconnecting? Do any changes in data include user specific information, such as a user’s username, time of connection, IP Address, or other form(s) of information unique to each individual user? Where does this change(s) occur? Only on the server(s) hosting user accounts or on the VPN servers? Please specify.

    1. If so, when does this change in data occur (for example, one time only upon sign-up? Every time a user connects? Etc.)
    2. What information is produced or altered on these occasions, as specified above under ‘1.’
    (Example: When a user connects, the date and time of the connection are stored…When a user connects to a VPN server, the server logs the connection…etc…)?
    3. Please outline the circumstances under which you will cooperate with third parties (i.e. Government agencies, Law enforcement, etc.) as well as your full capabilities for the circumvention of the anonymity provided by your service(s) should you so be compelled or decide to do so, specifically in regards to ProtonVPN.
    4. In summary, please confirm or deny whether or not any information that could potentially be used to identify a specific ProtonVPN user would be left on your servers at any point, either before, during, or after their connection to a PROTONVPN VPN server. If the answer is in the affirmative, please elaborate on the specifics of said information.

    As with legalese, some questions may seem to repetitive, apologies, not trying to be annoying, just get some straightforward answers along with technical specifics (“No logs” really doesn’t cut it these days….)

  25. ProtonVPN Team

    Hey Andrew, when you connect to a server, we log save a timestamp of that event and no IP information. All VPN providers have the ability to fully circumvent the anonymity, which is why using a trustworthy VPN is essential (https://protonmail.com/blog/trusted-vpn/). ProtonVPN is fortunate to be based in Switzerland where strong privacy protections exist which prevent us from being forced to log IP addresses even if given a court order.

  26. Andrew

    So, it seems that you’re saying it” “log save a timestamp of that event and no IP information”
    Please elaborate, what else is included in the ‘event log’, surely the username as well? Please detail below everything captured and stored on connect (i.e. IP Address, time connected username, auto assigned IPs, etc. EVERYTHING)

  27. ProtonVPN Team

    This is a timestamp of a login attempt, it does not contain any other information (for example user IP address) and it’s main purpose is to protect our users’ accounts from brute force. As we state in Privacy Policy, the timestamp is overwritten each time you connect to a server. Since the topic is quite complicated, we have extensively answered this concern in our reddit post which you can check here: https://www.reddit.com/r/ProtonVPN/comments/6jablj/this_is_protonvpn_on_the_vpn_comparison_chart_of/djdvsj8/

  28. Kevin

    Thank you very much for ProtonVPN. I have tested this on Linux, macOS and Windows and am amazed at how easy it is to work. I have asked some friends in more restricted locations where VPNs are frequently blocked to test it and they have all reported that it works for them.
    I’m looking at the various account options and considering which suits me best.
    May ProtonVPN and ProtonMail have a long and successful life.

  29. Sam

    when connecting to non-Swiss server does it provide same level of protection, despite that those ProtonVPN servers are based in other countries? Countries like (China, US, etc etc enforces monitoring, logging and demanding info). What level of safety, privacy,no-log and other type of protections ProtonVPN provides when its not Switzerland based server?

  30. ProtonVPN Team

    Hey Sam, no-logs policy applies to all of our servers – we do not keep any information on any of them, so it is safe to connect to any country you prefer.

  31. Sam

    if someone connects to non-Swiss server(ex: USA, Canada, China, etc where there are chances of intrusion and enforced logging, monitoring and other things) how ProtonVpn deals? like no-log and other policies works out?.. in that sense does it provide same protection when connected to non-swiss servers?

  32. ProtonVPN Team

    Hello, the same no-logs policy applies to all of our servers. Also, please keep in mind that our servers do not store any personal information at any time about our users, so it is safe to connect to any country you prefer.

  33. Mr.nobody

    I would like to know how can you avoid to log data as it is compulsive under Swiss law.
    As a matter of fact, a retention law exists and obviously applies also to VPN. SwissVPN located in Zurich clearly states that logs are kept accordingly to Swiss legislation, therefore how can you bypass that if you’re located in Geneva ?

  34. ProtonVPN

    hi, we’ve previously written a blog post on this topic and have updated again in 2017 with the latest info: https://protonmail.com/blog/swiss-surveillance-law/

    short excerpt:” … As a participant in these discussions, we can confirm unequivocally that upon implementation, the provisions regarding data retention introduced by the BÜPF will exempt companies like ProtonMail and ProtonVPN which are not major telecommunications operators. This is in addition to the points in the article below, which still hold. … ”

  35. John Rambo

    What is your policy regarding bittorrent downloads and do you provide port forwarding?

  36. ProtonVPN

    we do not provide port forwarding, p2p traffic is allowed on designated servers in p2p friendly countries

  37. brack

    Hi, this might be not the right place to ask, but I am very much interested if you are planning to set up servers in Austria.

  38. viktor

    What is your clients will use your vpn for bad deals, like carding, hacking etc. How will you stop this if you don’t know what they are doing?

  39. John Doe

    How can you ensure BÜPF (Bundesgesetz betreffend die Überwachung des Post- und Fernmeldeverkehrs) if you not store meta data for the ÜPF (Überwachung Post- und Fernmeldeverkehr)?

  40. ProtonVPN

    we do not have to store any data to comply as we do not fall under its blanket

  41. Matt

    What server location (countries) ProtonVPN provide?

  42. ProtonVPN

    for now check this support page for a list of countries https://protonvpn.com/support/vpn-servers/; we will have a separate servers page soon as well

  43. Antonio Maltese

    Regarding user information and logs, I assume that you contract VPN providers in various countries. How is the no logging policy enforced at the local level?

  44. ProtonVPN

    We do not contract VPN providers. All the infrastructure is hosted only for ProtonVPN and not shared with others. We configure the hardware when setting them up and therefore set up the no log policy ourselves (-> /dev/null)

  45. Richard Hulsebos

    Works great! very easy to get it working. i was supprised to se that netflix was working seeing as they block all vpn services, whats the general idee from protonvpn to using netflix streaming and or torrents and other items in that catacory

  46. hello

    Can you provide the step-by-step process to setup the VPN on iOS 10.3 on an iPad Pro? I just checked the vpn settings in general settings and it needed more information than just my email and password. I’m not comfortable using OpenVPN where unknown people with unknown political positions will be ‘verifying’ a VPN is working. Thanks for any feedback.

  47. ProtonVPN

    check out https://protonvpn.com/support/ios-vpn-setup

  48. ProtonVPN Rocks!

    The last sentence states the same thing twice:

    Here again, we do not store any information about where you signed in from, how long you were logged in or where you logged in from.

    – “we do not store any information about where you signed in from”
    – “or where you logged in from”

  49. Jeff

    Are you able to see what sites we visit?

  50. john doe

    When you say – “…we store a single timestamp of your accounts most recent login.” How long is that kept?

  51. ahn557

    As a protonmail user I assume that it is a column in the DB which is rewritten the next time you log in: the timestamp of the most recent login. When you log in again, it gets rewritten.

Leave a Reply

Your email address will not be published. Required fields are marked *

Don't find your answer? We're happy to help you!     Contact Our Support Team

Secure Your Internet Today

Get ProtonVPN