Quels services VPN vous gardent anonyme * TorrentFreak

privacy-featured-3965957-jpg

privacy-5151202Mise à jour mars 2020: Nous travaillons sur la version 2020 mise à jour de notre aperçu.

Lorsque nous avons commencé cette série d’anonymat VPN, il y a près d’une décennie, le marché était relativement petit et facile à superviser.

Aujourd’hui, l’industrie du VPN est en plein essor avec des centaines d’entreprises offrant une grande variété de services, certains plus anonymes que d’autres.

L’activité de révision de VPN est également en plein essor. Effectuez simplement une recherche aléatoire du «meilleur VPN» ou de la «révision VPN» et vous verrez des dizaines de sites remplis de recommandations et de choix préférés.

Nous ne voulons faire aucune recommandation. En matière de confidentialité et d’anonymat, un étranger ne peut offrir aucune garantie. Les vulnérabilités se cachent toujours au coin de la rue et même avec le VPN le plus sécurisé, vous devez toujours faire confiance à la société VPN avec vos données.

Au lieu de cela, nous visons à fournir un aperçu non classé des fournisseurs VPN, en leur posant des questions que nous jugeons importantes. Beaucoup de ces questions concernent l’anonymat et la sécurité, et les différentes entreprises y répondent avec leurs propres mots.

Nous espérons que cela aidera les utilisateurs à faire un choix éclairé. Cependant, nous soulignons que les utilisateurs eux-mêmes doivent toujours s’assurer que leur configuration est sécurisée.

Les questions et réponses de cette année sont énumérées ci-dessous. Nous avons inclus tous les VPN qui ne conservent pas de journaux détaillés ni ne bloquent le trafic BitTorrent sur tous leurs serveurs. Cette liste n’est pas exhaustive.

1. Conservez-vous des journaux qui vous permettraient de faire correspondre une adresse IP et un horodatage à un utilisateur actuel ou ancien de votre service? Si oui, quelles informations détenez-vous exactement et pendant combien de temps?

2. Quel est le nom sous lequel votre entreprise est constituée et sous quelle juridiction opère-t-elle?

3. Quels outils sont utilisés pour surveiller et atténuer les abus de votre service, y compris les limites de connexions simultanées si elles sont appliquées?

4. Utilisez-vous des fournisseurs de messagerie externes (par exemple, Google Apps), des outils d’analyse ou d’assistance (par exemple, l’assistance en direct, Zendesk) qui contiennent des informations fournies par les utilisateurs?

5. Si vous recevez un avis de retrait DMCA ou un équivalent non américain, comment sont-ils traités?

6. Quelles mesures seraient prises dans le cas où un tribunal ordonnerait à votre entreprise d’identifier un utilisateur actif ou ancien de votre service? Comment votre entreprise réagirait-elle à une ordonnance d’un tribunal qui vous obligerait à enregistrer l’activité d’un utilisateur à l’avenir? Ces scénarios se sont-ils déjà déroulés dans le passé?

sept. Est BitTorrent et tout autre trafic de partage de fichiers autorisé sur tous les serveurs? Sinon, pourquoi? Fournissez-vous des services de redirection de port? Des ports sont-ils bloqués?

8. Quels systèmes / fournisseurs de paiement utilisez-vous? Prenez-vous des mesures pour vous assurer que les détails de paiement ne peuvent pas être liés à l’utilisation du compte ou aux attributions IP?

9. Quoi est l’algorithme de cryptage et de connexion VPN le plus sécurisé que vous recommanderiez à vos utilisateurs?

10. Fournissez-vous des outils tels que des «kill switches» en cas de coupure de connexion et une protection contre les fuites DNS / IPv6? Prenez-vous en charge la fonctionnalité Dual Stack IPv4 / IPv6?

11. Certains de vos serveurs VPN sont-ils hébergés par des tiers? Si oui, quelles mesures prenez-vous pour empêcher ces partenaires de fouiner sur le trafic entrant et / ou sortant? Utilisez-vous vos propres serveurs DNS?

12. Dans quels pays vos serveurs sont-ils physiquement situés? Offrez-vous des emplacements virtuels?

pia-52514681. Nous ne stockons aucun journal concernant le trafic, la session, le DNS ou les métadonnées. Il n’y a pas de journaux pour toute personne ou entité pour correspondre à une adresse IP et un horodatage à un utilisateur de notre service. En d’autres termes, nous ne nous connectons pas, point final. La confidentialité est notre politique.

2. London Trust Media Incorporated, une société de l’Indiana.

3. Nous avons un système propriétaire actif en place pour aider à atténuer les abus.

4. Pour le moment, nous utilisons Google Apps Suite et Google Analytics avec le suivi des centres d’intérêt et des données démographiques désactivé et les adresses IP anonymisées activées.

5. Nous ne surveillons pas nos utilisateurs et nous ne conservons aucun journal, point final. Cela dit, nous avons un système propriétaire actif en place pour aider à atténuer les abus.

6. Chaque assignation à comparaître est examinée dans toute la mesure du respect de «l’esprit» et de la «lettre de la loi». Bien que nous n’ayons pas reçu d’ordonnances judiciaires valides, nous recevons périodiquement des citations à comparaître de la part d’organismes chargés de l’application des lois que nous examinons pour vérifier leur conformité et répondons en conséquence. Tout cela est basé sur notre engagement envers la confidentialité.

Cela étant dit, nous ne nous connectons pas et n’avons pas de données sur nos clients autres que leur e-mail d’inscription et les informations de compte.

7. BitTorrent et le trafic de partage de fichiers sont autorisés et traités de manière égale à tous les autres trafics (bien qu’il soit acheminé via un deuxième VPN dans certains cas). Nous ne censurons pas notre trafic, point final.

8. Nous utilisons une variété de systèmes de paiement, y compris, mais sans s’y limiter: PayPal, carte de crédit (avec Stripe), Amazon, Google, Bitcoin, Bitcoin Cash, Zcash, CashU, OKPay, PaymentWall et tout autre cadeau acheté en magasin carte. Les données de paiement ne sont pas liées ni liées à l’activité de l’utilisateur en raison de notre politique d’absence de journaux.

9. Pour le moment, l’algorithme de connexion et de cryptage VPN le plus sûr et le plus pratique que nous recommandons à nos utilisateurs serait notre suite de chiffrement AES-256 + RSA4096 + SHA256.

10. Oui, nos utilisateurs ont accès à une pléthore d’outils supplémentaires, y compris mais sans s’y limiter:

(a) Kill Switch: garantit que le trafic est acheminé via le VPN de telle sorte que si la connexion VPN est interrompue de manière inattendue, le trafic ne sera pas acheminé.

(b) Protection contre les fuites IPv6: protège les clients contre les sites Web qui peuvent inclure des intégrations IPv6, ce qui pourrait entraîner la diffusion d’informations IPvv IP.

(c) Protection contre les fuites DNS: elle est intégrée et garantit que les demandes DNS sont effectuées via le VPN sur un démon DNS sûr, privé et sans journal.

(d) Système IP partagé: nous mélangeons le trafic des clients avec le trafic de nombreux autres clients grâce à l’utilisation d’un système IP partagé anonyme garantissant que nos utilisateurs se fondent dans la foule.

(e) MACE ™: protège les utilisateurs contre les logiciels malveillants, les trackers et les publicités.

11. Nous utilisons nos propres serveurs bare metal dans des centres de données tiers qui sont exploités par des amis de confiance et, maintenant, des partenaires commerciaux que nous avons rencontrés et sur lesquels nous avons effectué une diligence raisonnable sérieuse. Nos serveurs sont situés dans des installations telles que 100 To, Choopa, Leaseweb, entre autres.

Nous exploitons également nos propres serveurs DNS sur notre réseau à haut débit. Ces serveurs sont privés et ne se connectent pas.

Nous exploitons actuellement 3 335 serveurs sur 53 sites dans 33 pays. Pour plus d’informations sur les pays disponibles, veuillez visiter notre page d’informations sur le réseau. Tous nos emplacements sont physiques et non virtualisés.

Page de révision du VPN dédié à l’accès Internet privé

nordnew1-37468871. Nous ne conservons aucun journal ni horodatage permettant d’identifier nos clients.

Remarque (Oktober 2019): NordVPN a ses serveurs piratés en 2017, ce qui a provoqué une controverse. Aucun journal n’était disponible, mais un compte rendu complet de ce qui s’est passé est disponible ici.

2. Tefincom S.A., exploitée sous la juridiction du Panama.

3. Nous ne pouvons voir que la charge du serveur, ce qui nous aide à optimiser notre service et à fournir la meilleure vitesse Internet possible à nos utilisateurs. Nous avons également développé et implémenté un outil automatisé qui limite le nombre maximum de connexions simultanées à six. En dehors de cela, nous n’utilisons aucun autre outil.

4. NordVPN utilise des processeurs de données tiers pour les services de courrier électronique et pour collecter les analyses de base des sites Web et des applications. Nous utilisons Iterable pour la correspondance, Zendesk pour fournir un support client, Google Analytics pour surveiller les données des sites Web et des applications, ainsi que Crashlytics, Firebase Analytics et Appsflyer pour surveiller les données des applications.

Tous les services tiers que nous utilisons sont liés par un contrat avec nous de ne jamais utiliser les informations de nos utilisateurs à leurs propres fins et de ne pas divulguer les informations à des tiers non liés au service.

5. Nous opérons sous la juridiction du Panama, où le DMCA et les commandes similaires n’ont aucune portée juridique. Par conséquent, ils ne s’appliquent pas à nous.

6. Si l’ordonnance ou l’assignation est délivrée par un tribunal panaméen, nous aurions à fournir les informations si nous en avions. Cependant, notre politique de zéro journal signifie que nous ne stockons aucune information sur l’activité en ligne de nos utilisateurs – uniquement leur adresse e-mail et les informations de paiement de base. Jusqu’à présent, nous n’avons pas eu de tels cas.

7. Nous ne restreignons pas BitTorrent ou d’autres applications de partage de fichiers sur la plupart de nos serveurs. Nous avons optimisé un certain nombre de nos serveurs spécifiquement pour le partage de fichiers. Pour le moment, nous n’offrons pas de redirection de port et ne bloquons pas les ports sortants SMTP25 et NetBIOS.

8. Nos clients peuvent payer via toutes les principales cartes de crédit, les solutions de paiement localisées au niveau régional (par exemple AliPay, Yandex, etc.) et les crypto-monnaies. Nos partenaires de traitement des paiements collectent des informations de facturation de base pour le traitement des paiements et les demandes de remboursement, mais elles ne peuvent être liées à aucune activité Internet d’un client particulier. Le bitcoin est l’option la plus anonyme, car il ne lie pas les détails de paiement à l’identité de l’utilisateur ou à d’autres informations personnelles.

9. Pour la connexion OpenVPN, nous utilisons l’algorithme AES 256 GCM. Pour IKEv2 / IPSec, les chiffres utilisés pour générer les clés Phase1 sont AES-256-GCM pour le chiffrement, couplé à SHA2-384 pour assurer l’intégrité, combiné avec PFS (Perfect Forward Secrecy) à l’aide de clés Diffie Hellmann de 3072 bits.

10. Oui, nous fournissons à la fois un kill switch automatique et une fonction de protection contre les fuites DNS. La fonctionnalité Dual Stack IPv4 / IPv6 n’est pas encore prise en charge par notre service; cependant, toutes les applications NordVPN offrent une protection intégrée contre les fuites IPv6.

11. Nous utilisons un modèle hybride, selon lequel nous possédons nous-mêmes certains de nos serveurs, mais nous nous associons également à des centres de données haut de gamme dotés de solides pratiques de sécurité.

En raison de notre configuration de serveur spéciale, personne n’est en mesure de collecter ou de conserver des données, ce qui garantit la conformité avec notre politique de non-journalisation. Nous avons également des exigences spécifiques pour les fournisseurs de réseau afin d’assurer la meilleure qualité de service pour nos clients. Nous avons nos propres serveurs DNS et toutes les demandes DNS passent par ceux-ci. De plus, nos clients peuvent utiliser n’importe quel serveur DNS de leur choix.

12. Tous nos serveurs sont physiquement situés dans les pays indiqués. Nous ne proposons pas d’emplacements virtuels. À l’heure actuelle, NordVPN fournit plus de 5 000 serveurs dans 61 pays, et la liste complète des emplacements peut être trouvée ici.

Page de revue dédiée NordVPN

expressvpnlogo-50702481. Non, ExpressVPN ne conserve aucun journal de connexion ou d’activité, y compris l’historique de navigation, le contenu des données, les demandes DNS, les horodatages, les adresses IP source, les adresses IP sortantes ou les adresses IP de destination. Cela garantit que nous ne pouvons pas déterminer si un utilisateur donné a été connecté au VPN à un certain moment, a supposé une adresse IP sortante particulière ou a généré une activité réseau spécifique.

2. Express VPN International Ltd. est une société BVI (British Virgin Islands).

3. Nous ne surveillons ni n’enregistrons aucune activité utilisateur sur notre réseau. Nous nous réservons le droit de bloquer un trafic abusif spécifique afin de protéger le réseau de serveurs et les autres clients ExpressVPN.

En ce qui concerne les limites du nombre d’appareils connectés simultanément, aucun horodatage ou adresse IP n’est jamais enregistré; nos systèmes sont simplement capables d’identifier le nombre de sessions actives d’une licence donnée à un moment donné et d’utiliser ce compteur pour décider si une licence est autorisée à créer une session supplémentaire. Ce compteur est temporaire et n’est pas suivi dans le temps.

4. Nous utilisons Zendesk pour les tickets d’assistance et SnapEngage pour l’assistance par chat en direct; nous avons évalué les profils de sécurité des deux et les considérons comme des plates-formes sécurisées. Nous utilisons Google Analytics et les cookies pour collecter des mesures marketing pour notre site Web et plusieurs outils externes pour collecter les rapports d’erreur (uniquement si un utilisateur choisit de partager ces rapports).

5. Comme nous ne conservons pas de données ou de journaux susceptibles de lier une activité spécifique à un utilisateur donné, ExpressVPN n’identifie ni ne signale les utilisateurs à la suite des notifications DMCA.

6. Légalement, notre entreprise n’est tenue de respecter les assignations à comparaître et les ordonnances des tribunaux que si elles émanent du gouvernement des îles Vierges britanniques ou conjointement avec les autorités des îles Vierges britanniques via un traité d’entraide judiciaire.

En règle générale, nous répondons aux demandes des forces de l’ordre en informant l’enquêteur que nous ne possédons aucune donnée pouvant lier l’activité ou les adresses IP à un utilisateur spécifique. En ce qui concerne une demande d’enregistrement de l’activité à l’avenir: si quelqu’un devait faire une telle demande, nous refuserions de réorganiser nos systèmes d’une manière qui porte atteinte aux protections de la confidentialité que nos clients nous font confiance pour respecter.

7. ExpressVPN autorise tout le trafic, y compris BitTorrent et tout autre trafic de partage de fichiers (sans redirection), à partir de tous nos serveurs VPN. Pour le moment, nous ne prenons pas en charge la redirection de port.

8. ExpressVPN accepte toutes les principales cartes de crédit, PayPal et un grand nombre d’options de paiement locales. Nous acceptons également le Bitcoin, que nous recommandons à ceux qui recherchent une confidentialité maximale par rapport à leur mode de paiement. Comme nous n’enregistrons pas l’activité des utilisateurs, les adresses IP ou les horodatages, il n’y a aucun moyen pour ExpressVPN ou toute autre partie externe de lier les détails de paiement saisis sur notre site Web aux activités VPN d’un utilisateur.

9. Les applications ExpressVPN utilisent généralement par défaut notre protocole recommandé pour la sécurité et les performances: OpenVPN UDP. Nos applications utilisent une signature CA 4096 bits, un cryptage AES-256-CBC, des signatures TLSv1.2 et SHA512 pour authentifier nos serveurs.

10. Oui, ExpressVPN protège les utilisateurs contre les fuites de données de plusieurs façons; notre suite d’outils de protection contre les fuites et de test de fuites open source est détaillée sur notre page Privacy Research Lab.

Notre fonctionnalité «Network Lock», qui est activée par défaut, empêche tous les types de trafic, y compris IPv4, IPv6 et DNS, de fuir en dehors du VPN, comme lorsque votre connexion Internet tombe ou dans divers scénarios supplémentaires où d’autres VPN peuvent fuir. .

Nous ne prenons pas encore en charge le routage IPv6 via le tunnel VPN, bien que nous envisagions de l’ajouter à l’avenir dans un sous-ensemble de nos emplacements de serveur.

11. Nos serveurs VPN sont hébergés dans des centres de données de confiance avec de solides pratiques de sécurité, où les employés du centre de données n’ont pas d’informations d’identification de serveur.

Au cours de la dernière année, nous avons développé une technologie permettant à nos serveurs de fonctionner uniquement en RAM, démarrés à partir d’un disque en lecture seule. Cela signifie que nous pouvons appliquer des correctifs de serveur rapidement et avec certitude et empêcher tout intrus potentiel de persister sur nos serveurs.

Nous ne conservons pas de journaux d’activité ou de connexion, et comme nos serveurs VPN ne peuvent pas écrire sur les disques durs, ils ne peuvent pas enregistrer de données sensibles même par accident. Nous exécutons notre propre DNS sans journal sur chaque serveur, ce qui signifie qu’aucune donnée personnellement identifiable n’est jamais stockée. Nous n’utilisons pas de DNS tiers.

12) ExpressVPN possède plus de 3 000 serveurs couvrant 94 pays. Pour les pays où il est difficile de trouver des serveurs qui répondent aux normes rigoureuses d’ExpressVPN en matière de sécurité, de fiabilité et de vitesse des serveurs, nous utilisons des emplacements virtuels pour permettre aux utilisateurs d’assumer des adresses IP enregistrées dans ces pays.

Ces emplacements représentent moins de 3% du nombre de serveurs d’ExpressVPN, et les pays spécifiques sont publiés sur notre site Web ici.

Site Web d’ExpressVPN

proton-83321341. Non. Chaque fois qu’un utilisateur se connecte à ProtonVPN, nous surveillons uniquement l’horodatage de sa dernière tentative de connexion réussie. Cela est remplacé lors de chaque connexion réussie. Cet horodatage ne contient aucune information d’identification, juste l’heure et la date de la connexion.

Nous ne collectons aucune information concernant l’adresse IP d’un utilisateur et nous ne conservons que les informations d’horodatage limitées pour protéger les comptes d’utilisateurs contre les attaques par mot de passe par force brute.

2. Notre nom enregistré est Proton Technologies AG, et nous opérons sous la juridiction de la Suisse.

3. Nous utilisons des outils et des systèmes internes pour atténuer les abus de notre service et garantir la meilleure qualité à nos utilisateurs.

4. Nous utilisons actuellement données Google Analytics anonymisées (23 décembre: Proton nous a informés qu’il est passé à Matomo, qui est un outil d’analyse open source) pour optimiser notre site Web, mais nous migrons vers une installation locale de Matomo, un outil d’analyse open source. Pour le support client, nous utilisons ZenDesk.

Les informations fournies par les utilisateurs lorsqu’ils contactent notre équipe d’assistance sont traitées à des fins d’analyse (comme l’agrégation du nombre de questions concernant le streaming sécurisé), mais elles ne sont pas combinées à des données personnelles.

5. Un avis de retrait DMCA ou son équivalent non américain serait traité conformément à nos processus internes. Une telle demande ne serait jamais connectée à un utilisateur spécifique, grâce à notre politique stricte de non-journalisation.

6. Nous ne pouvons divulguer que les données utilisateur limitées que nous possédons, mais notre politique stricte de non-journalisation signifie que nous ne disposons d’aucune information sur l’activité en ligne de nos utilisateurs.

Les données limitées dont nous disposons ne seront divulguées que sur demande d’un tribunal suisse à des fins de prévention, d’enquête, de détection ou de poursuite d’infractions pénales ou d’exécution de sanctions pénales, y compris la protection et la prévention des menaces à la sécurité publique.

Les décisions de justice doivent être approuvées soit par les tribunaux cantonaux de Genève soit par le Tribunal fédéral. En vertu du droit suisse, il est obligatoire de notifier la cible d’une demande de données, bien que cette notification puisse provenir des autorités et non de la Société. Nous n’avons reçu aucune demande de ce type.

7. Nous autorisons le torrent P2P sur tous nos plans payants. En fonction des lois du pays hébergeant le serveur, il se peut que nous devions tunneler la connexion via un pays compatible P2P. Actuellement, nous ne fournissons pas de services de redirection de port.

8. Nous comptons sur des tiers pour traiter les transactions par carte de crédit et PayPal, et nous ne sauvegardons jamais les détails complets de la carte de crédit de nos utilisateurs. Nos partenaires de traitement des paiements collectent des informations de facturation de base pour traiter les paiements et les remboursements, mais elles ne peuvent pas être liées à l’activité en ligne d’un utilisateur. Nous acceptons également les paiements anonymes en espèces ou en Bitcoin.

9. Nous utilisons uniquement des protocoles VPN qui sont connus pour être sécurisés – soit IKEv2 / IPSec ou OpenVPN. Nous chiffrons le trafic de nos utilisateurs avec AES-256, l’échange de clés se fait avec RSA 4096 bits et HMAC avec SHA384 est utilisé pour l’authentification des messages. Ceci est disponible pour tous les utilisateurs, y compris ceux de notre forfait gratuit. Les utilisateurs de plans Plus et Visionary peuvent également utiliser notre fonction Secure Core pour une couche de sécurité supplémentaire.

10. Nous prenons actuellement en charge un Kill Switch sur Windows, Android et Mac. Les utilisateurs iOS peuvent utiliser la fonction Always-on, car un véritable interrupteur d’arrêt est empêché par les restrictions de niveau réseau d’Apple sur iOS. Nous exploitons nos propres serveurs DNS pour assurer la prévention des fuites DNS. Nos serveurs prennent actuellement en charge IPv4.

11. Nous ne transigeons jamais sur la sécurité; nous n’utilisons que des serveurs physiques provenant de tiers de bonne réputation qui ont suivi notre processus de vérification. Nos serveurs Secure Core offrent une couche de protection supplémentaire contre toute interférence potentielle avec nos serveurs finaux, y compris par nos partenaires. Nous utilisons nos propres serveurs DNS, qui gèrent toutes les demandes DNS de nos utilisateurs.

12. Nous avons actuellement 380 serveurs dans 31 pays et nous élargissons continuellement notre réseau. Nous utilisons uniquement des serveurs physiques situés dans leurs pays déclarés. Nous n’utilisons aucun serveur virtuel et n’offrons aucun emplacement virtuel. Une liste de tous nos serveurs et de leurs emplacements peut être trouvée ici.

Page d’examen déconseillé ProtonVPN

ipredator_brand_blue-89638461. Aucun journal n’est conservé qui permettrait la corrélation de l’adresse IP de l’utilisateur avec une adresse VPN. La base de données de session n’inclut pas l’adresse IP d’origine de
l’utilisateur. Une fois la connexion terminée, les informations de session sont supprimées de la base de données de session.

2. Le nom de la société est PrivActually Ltd qui opère à partir de Chypre.

3. Les vrais abus sont atténués par les viandes [humans]. Le trafic des utilisateurs n’est en aucun cas surveillé ou inspecté. Les sessions TCP / IP ne sont pas limitées individuellement, mais par serveur, à 10 millions de connexions établies. Les inondations de paquets sont gérées en utilisant des limiteurs de débit de paquets adaptatifs au niveau du port du commutateur et démarrent à 90 000 points par seconde. Le nombre de connexions simultanées est limité par le logiciel backend VPN.

4. Il n’y a pas de mécanisme de suivi des visiteurs, pas même passif analysant les journaux du serveur Web. IPredator gère sa propre infrastructure de messagerie et n’utilise pas de produits tiers comme Gmail. Nous n’utilisons pas non plus de porcs de données comme un système de ticket pour gérer les demandes d’assistance. IPredator s’en tient à un système de messagerie simple et supprime les anciennes données après trois mois des boîtes aux lettres.

5. Les demandes sont évaluées selon les cadres juridiques définis dans les juridictions dans lesquelles le service opère et nous réagissons en conséquence. Après réception d’une demande, sa validité est vérifiée. L’abus de retrait DMCA en utilisant de fausses informations d’identification semble être à la mode ces jours-ci.

6. Si l’ordonnance du tribunal n’est pas un bâillon, un avis sera donné dans les canaux canaris et autres médias. Dans le cas où nous serions obligés de consigner l’activité des utilisateurs, nous fermerions le service. Faillite spontanée… parfois le seul coup gagnant est de ne pas jouer.

7. BitTorrent et tout autre trafic de partage de fichiers sont autorisés. Sur les pools VPN IP publics, la redirection de port n’est pas requise.

8. PayPal, Bitcoins et Payson sont entièrement intégrés. D’autres modes de paiement sont disponibles sur demande. Un ID de transaction interne est utilisé pour lier les paiements au processeur de paiement.

Nous ne stockons aucune autre donnée sur les paiements associés au compte de l’utilisateur. Les systèmes traitant des paiements n’ont aucune connexion avec la partie de l’infrastructure qui gère les connexions VPN.

Les proxys frontaux sont utilisés pour s’assurer que les adresses IP des utilisateurs n’apparaissent dans aucun des systèmes backend. Les processeurs de paiement ne peuvent pas lier un paiement à un compte ou une adresse IP spécifique sur la base des données que nous devons fournir.

9. IPredator fournit des fichiers de configuration pour diverses plates-formes et clients qui appliquent TLS1.2 sur les systèmes pris en charge. Idéalement, le client négocie ECDHE-RSA-AES256-GCM comme une suite pour le contrôle et AES256 pour le canal de données. Pour plus de protection, des instructions de configuration détaillées et des howtos sont fournis à nos utilisateurs.

10. Netsplice, le client VPN multiplateforme d’IPredator, prend en charge en natif différents types de kill switches. Vous pouvez tuer un programme, simplement le mettre en veille, arrêter votre machine ou essuyer votre disque dur… c’est à vous de décider. Les utilisateurs peuvent utiliser cette page pour vérifier un certain nombre de fuites, pas seulement des fuites DNS.

11. Nous possédons tous les serveurs, commutateurs et câbles que nous utilisons pour fournir le service VPN jusqu’à notre réseau de liaison montante. Les machines sont situées en Suède en raison des lois qui nous permettent d’exécuter notre service de manière à protéger la confidentialité.

Si la situation devait changer, nous pourrions déplacer nos opérations dans un autre pays. Le cœur de tout service de confidentialité est la confiance dans l’intégrité de l’infrastructure sous-jacente. Tout le reste doit s’appuyer sur cela, ce qui inclut les serveurs DNS.

12. Suède, aucun emplacement virtuel pour le moment.

Site Web d’Ipredator

hideipvpn-29414461. Actuellement, nous ne stockons aucun journal lié à des adresses IP. Il n’y a aucun moyen pour un tiers de faire correspondre l’adresse IP d’un utilisateur à une activité spécifique sur Internet.

2. Le nom enregistré de la société est Server Management LLC et nous opérons sous juridiction américaine.

3. Un seul abonnement peut être utilisé simultanément pour trois connexions. Les abus de service signifient généralement l’utilisation de serveurs non P2P pour les torrents ou les avis DMCA. Nous utilisons le plugin iptables pour bloquer le trafic P2P sur les serveurs où le P2P n’est pas explicitement autorisé. Nous bloquons le courrier sortant sur le port 25 pour empêcher toute activité de spam.

4. Nous utilisons le chat en direct fourni par tawk.to et Google Apps pour les e-mails entrants. Pour les e-mails sortants, nous utilisons notre propre serveur SMTP.

5. Puisqu’aucune information n’est stockée sur aucun de nos serveurs, nous ne pouvons rien retirer. Nous répondons au centre de données ou au détenteur des droits d’auteur que nous n’enregistrons pas le trafic de nos utilisateurs et que nous utilisons des adresses IP partagées, ce qui rend impossible de suivre qui a téléchargé des données depuis Internet à l’aide de notre VPN.

6. HideIPVPN peut divulguer des informations, y compris, mais sans s’y limiter, des informations concernant un client, afin de se conformer à une ordonnance du tribunal, une assignation à comparaître, une assignation, une demande de découverte, un mandat, une loi, un règlement ou une demande gouvernementale. Mais étant donné que nous avons une politique de non-journalisation et que nous utilisons des adresses IP partagées, il n’y aura rien à divulguer, à l’exception des détails de facturation. Cela ne s’est jamais produit auparavant.

7. Ce type de trafic est le bienvenu sur nos serveurs allemand (DE VPN), néerlandais (NL VPN), luxembourgeois (LU VPN) et lituanien (LT VPN). Il n’est pas autorisé sur les serveurs américains, britanniques, canadiens, polonais, singapouriens, australiens et français, comme indiqué dans nos CGU – la raison en est nos accords avec les centres de données. Nous n’autorisons pas la redirection de port et nous bloquons les ports 22 et 25 pour des raisons de sécurité.

8. Actuellement, HideIPVPN accepte les méthodes suivantes: PayPal, Bitcoin, cartes de crédit et de débit, JCB, American Express, Diners Club International, Discover. Tous les détails de facturation de nos clients sont stockés dans le système de facturation WHMCS.

9. Le protocole VPN SoftEther semble très prometteur et sécurisé. Les utilisateurs peuvent actuellement utiliser nos applications VPN sur les systèmes Windows et OSX. Les deux versions ont une fonction «kill switch» en cas de coupure de connexion. Nos applications peuvent rétablir la connexion VPN et redémarrer une fois les applications fermées. En outre, l’application a la possibilité d’activer la protection contre les fuites DNS.

10. Oui, nos applications VPN gratuites ont les deux fonctionnalités intégrées. Nous ne prenons pas en charge la fonctionnalité Dual Stack IPv4 / IPv6.

11. Nous n’avons aucun contrôle physique sur nos serveurs VPN. Les serveurs sont externalisés dans un centre de données premium avec des réseaux tire1 de haute qualité. Nos serveurs sont autogérés, l’accès est limité à notre personnel uniquement. Nous utilisons Google DNS pour nos serveurs VPN et bien sûr nos serveurs DNS pour Smart DNS.

12. Actuellement, nous avons des serveurs VPN situés dans 11 pays – États-Unis, Royaume-Uni, Pays-Bas, Allemagne, Luxembourg, Lituanie, Canada, Pologne, France, Australie et Singapour. Comme vous pouvez le voir, un certain nombre d’emplacements disponibles sont en constante augmentation.

Site Web HideIPVPN

hideme-49935061. Non, nous ne conservons aucun journal. Nous avons développé notre système en tenant compte de la confidentialité de nos clients, nous avons donc créé un cluster VPN distribué avec des nœuds publics indépendants qui ne stockent aucune donnée ou journal du client.

2. Hide.me VPN est exploité par eVenture Limited et basé en Malaisie sans aucune obligation légale de stocker les journaux d’utilisateurs.

3. Nous ne limitons ni ne surveillons les connexions individuelles. Pour atténuer les abus, nous déployons des règles générales de pare-feu sur certains serveurs qui s’appliquent à des plages d’adresses IP spécifiques. De par leur conception, un nom d’utilisateur ne peut établir qu’une seule connexion simultanée.

4. Nos pages de destination qui sont uniquement utilisées à des fins publicitaires incluent un nombre limité de scripts de suivi tiers, à savoir Google Analytics. Cependant, aucune information personnelle qui pourrait être liée à l’utilisation du VPN n’est partagée avec ces fournisseurs. Nous n’envoyons pas d’informations susceptibles de compromettre la sécurité de quelqu’un par e-mail.

5. Étant donné que nous ne stockons aucun journal et / ou hôte de matériel portant atteinte aux droits d’auteur sur nos services, nous répondrons à ces avis en conséquence.

6. Cela ne s’est jamais produit, mais dans un tel scénario, nous ne pourrons pas recevoir les ordonnances du tribunal parce que notre infrastructure est conçue de manière à ne pas stocker de journaux.

Il n’y a aucun moyen de lier une cyberactivité particulière à un utilisateur particulier. Dans le cas où nous serions obligés de stocker les journaux des utilisateurs, nous préférerions fermer plutôt que de mettre en jeu nos utilisateurs qui nous font confiance.

7. Il n’existe aucun moyen efficace de bloquer le trafic de partage de fichiers sans surveiller nos clients, ce qui est contraire à nos principes et serait même illégal.

8. Nous prenons en charge un large éventail de méthodes de paiement populaires, y compris toutes les principales crypto-monnaies comme Bitcoin, Litecoin, Ethereum, Dash, Monero, Paypal, les cartes de crédit et les virements bancaires.

Tous les paiements sont gérés par des prestataires de paiement externes et sont liés à un identifiant de paiement temporaire. Cet ID de paiement temporaire ne peut pas être connecté au compte / à l’activité VPN de l’utilisateur. Une fois le paiement effectué, l’ID de paiement temporaire sera définitivement supprimé de la base de données.

9. Tous les protocoles VPN modernes que nous prenons tous en charge – comme IKEv2, OpenVPN, SoftEtherVPN et SSTP, sont considérés comme sécurisés même après la fuite de la NSA. Nous suivons les normes cryptographiques et configurons nos serveurs VPN en conséquence afin de prendre en charge un échange de clé sécurisé avec une taille de clé de 8192 bits et un cryptage symétrique fort (AES-256) pour le transfert de données.

10. La confidentialité de nos utilisateurs nous préoccupe au plus haut point. Notre client Windows possède les fonctionnalités telles que Kill Switch, Firewall pour limiter les applications au VPN, Firewall pour limiter toutes les connexions au VPN, Split Tunnel, Auto Connect, Auto Reconnect etc., ce qui garantit que l’utilisateur est toujours crypté et anonyme.

Nous avons mis en place des couches de sécurité supplémentaires qui incluent une protection par défaut contre les fuites IP et DNS. Nos applications de bureau bloquent également automatiquement les connexions IPv6 sortantes pour éviter les fuites IP. La fonctionnalité Dual Stack IPv4 / IPv6 sera déployée au deuxième trimestre 2019.

11. Nous exploitons nos propres serveurs DNS sans enregistrement pour protéger nos clients contre le piratage DNS et les attaques similaires. Cependant, nous ne possédons pas de matériel physique. Il existe une détection d’intrusion et diverses autres mesures de sécurité en place pour garantir l’intégrité et la sécurité de tous nos serveurs uniques.

De plus, nous choisissons très soigneusement tous les fournisseurs d’hébergement tiers, afin de pouvoir garantir qu’il existe certaines normes de sécurité (ISO 27001) et qu’aucune personne non autorisée ne peut accéder à nos serveurs. Parmi nos partenaires réputés figurent Leaseweb, NFOrce, M247 et Softlayer.

12. Nos serveurs sont situés dans des pays du monde entier, parmi les plus populaires, le Canada, les Pays-Bas, Singapour, l’Allemagne, le Brésil, le Mexique et l’Australie. Vous trouverez ci-dessous la liste complète des pays, vous pouvez également consulter tous les emplacements disponibles ici.

Site Web Hide.me

ivpn-53906981. Non. Nous pensons que la non-journalisation des données liées à la connexion VPN est fondamentale pour tout service de confidentialité, indépendamment de la sécurité ou des politiques mises en œuvre pour protéger les données du journal.

2. Privatus Limited, Gibraltar.

3. Nous limitons les connexions simultanées en conservant un compteur temporaire sur un serveur central qui est supprimé lorsque l’utilisateur se déconnecte.

4. Non. Nous avons pris la décision stratégique dès le premier jour qu’aucune donnée d’entreprise ou de client ne serait jamais stockée sur des systèmes tiers. Tous nos services internes fonctionnent sur nos propres serveurs dédiés que nous installons, configurons et gérons. Aucun tiers n’a accès à nos serveurs ou données.

Nous n’hébergeons aucun script externe sur notre site Web et nous ne faisons pas de publicité sur Google ou Facebook, etc.

5. Notre service juridique envoie une réponse indiquant que nous ne stockons pas de contenu sur nos serveurs et que nos serveurs VPN ne servent que de canal pour les données. De plus, nous les informons que nous ne stockons jamais les adresses IP des clients connectés à notre réseau et que nous ne sommes pas légalement tenus de le faire.

6. Premièrement, cela ne s’est jamais produit. Cependant, si on vous demandait d’identifier un client sur la base d’un horodatage et / ou d’une adresse IP, nous répondrions en fait que nous ne stockons pas ces informations. Si nous sommes légalement obligés d’enregistrer les activités à l’avenir, nous ferons tout ce qui est en notre pouvoir pour alerter les clients concernés directement (ou indirectement par le biais de notre mandataire).

7. Oui, nous traitons tout le trafic de manière égale sur tous les serveurs. Oui, nous proposons un service de redirection de port.

8. Nous acceptons les cartes Bitcoin, Cash, PayPal et de crédit. When using cash there is no link to a user account within our system. When using Bitcoin, we store the Bitcoin transaction ID in our system.

If you wish to remain anonymous to IVPN you should take the necessary precautions when purchasing Bitcoin. When paying with PayPal or a credit card a token is stored that is used to process recurring payments but this is not linked in anyway to VPN account usage or IP-assignments.

9. We provide RSA-4096 / AES-256-GCM with OpenVPN, which we believe is secure enough for our customers’ requirements.

10. Yes, the IVPN client offers an advanced VPN firewall that blocks every type of IP leak possible including IPv6, DNS, network failures, WebRTC STUN etc. Our VPN clients work on a dual-stack IPv4/IPv6 but we currently only support IPv4 on our VPN gateways.

11. We use bare metal dedicated servers leased from third-party data centers in each country where we have a presence. We install each server using our own custom images and employ full disk encryption to ensure that if a server is ever seized the data is worthless.

We also operate an exclusive multi-hop network allowing customers to choose an entry and exit server in different jurisdictions which would make the task of legally gaining access to servers at the same time significantly more difficult. We operate our own network of log free DNS servers that are only accessible to our customers through the VPN tunnel.

12. Please see here. We do not offer virtual locations.

IVPN website

azire-1-54326561. No, we do not record or store any logs related to our services. No traffic, user activity, timestamps, IP addresses, number of active and total sessions, DNS requests, or any other kind of logs are stored. System logs are disabled.

2. The registered company name is Netbouncer AB and we operate under Swedish jurisdiction where there are no data retention laws that apply to VPN providers.

3. We took extra security steps to harden our servers. They are running using Blind Operator mode, a software module which ensures that it’s extremely difficult to set up any kind of traffic monitoring. Abuses like incoming DDoS attacks are usually mitigated with UDP filtering on the source port used by an attacker.

4. No, we do not rely on and refuse to use external third-party systems. We run our own email infrastructure and encourage people to use PGP encryption for reaching us. The ticketing support system, website analytics (Piwik, with anonymization settings) and other tools are hosted in-house on open-source software.

5. We politely inform the sender that we do not keep any logs and
are unable to identify a user.

6. In the case that a valid court order is issued, we will inform the other party that we are unable to identify an active or former user of our service due to our particular infrastructure. In that case, they would probably force us to handover physical access to the server, which they would have to reboot to gain any kind of access due to the Blind Operator mode. Since we are running our custom system images directly into RAM, all data would be lost.

So far, we have never received any court order and no personal information has ever been given out.

7. Yes, BitTorrent, peer-to-peer and file-sharing traffic is allowed and treated equally to any other traffic on all of our servers. We do not provide port forwarding services, however, we do provide a public IPv4+IPv6 addresses mode which assigns IP addresses being used by only one user at a time the whole duration of the connection to the server.

In this mode, all ports are opened, with the exception of unencrypted outgoing port 25 TCP, usually used by the SMTP protocol, which is blocked to prevent abuse by spammers.

8. As of now, we propose a variety of payments options including anonymous methods such as Bitcoin, Bitcoin Cash, Litecoin, Monero, Ethereum and some other cryptocurrencies (through CoinPayments) and cash money via postal mail.

We also offer PayPal, credit cards (VISA, MasterCard and American Express through Paymentwall) and Swish. We do not store sensitive payment information on our servers, we only retain an internal reference code for order confirmation.

9. We recommend our users to use our WireGuard servers, using official
clients and tools available on Linux, macOS, Android, iOS, OpenWRT
(routers), and soon on Windows.

– Data channel cipher: ChaCha20 with Poly1305 for authentication and
data integrity
– Authenticated key exchange: Noise Protocol Framework’s Noise_IKpsk2,
using Curve25519, Blake2s, ChaCha20, and Poly1305. It uses a formally
verified construction.

10. We offer a custom open-source VPN application called azclient for all major desktop platforms (Windows, macOS and Linux) and currently support OpenVPN. Its source code is released on Github under a GPLv2 license. We plan to add a kill switch and DNS leak protection features to our client in the future.

As we provide our users with a full dual stack IPv4/IPv6 functionality on all
servers and VPN protocols, we do not need to provide any IPv6 leak protection. Our tunnels are natively supporting IPv6 even from IPv4 only lines, by tunneling IPv6 traffic into IPv4 transparently. Also, our WireGuard servers can be reached through both IPv4 and IPv6.

11. We physically own all of our hardware in all locations, including bare metal dedicated servers and switches, brought and installed on our own, co-located in closed racks on different data centers around the world meeting our strict security criteria, using dedicated network links and carefully chosen network upstream providers for maximum privacy and network quality.

We host our own non-logging DNS servers in different locations and provide DNSCrypt support for DNS requests encryption.

12. As of now, we operate across five locations including Canada, Spain,
Sweden, the United Kingdom, and the United States. New locations in Oslo,
Norway and Amsterdam, the Netherlands are planned soon. Il n’y a pas
virtual locations.

AzireVPN website

windscribe-e1488796046663-81992731. We do not store a historical record of VPN sessions, source IPs, or sites you visited. We store a byte count of data used in the last 30 days and number of parallel connections.

2. Windscribe Limited, Ontario (Canada) Corporation.

3. We use bespoke tools specifically made for the purpose. We use the bandwidth usage in 30 days + number of parallel connections to weed out extreme cases of abuse (100+ connections and hundreds of terabytes used).

4. No, we self host everything. This includes email, analytics, support desk, and live chat. The only 3rd party services we use are Stripe, PayPal and CoinPayments.

5. We notify the sender that the IP address is a VPN node and is shared by hundreds of people at any given moment, so there is no way to trace the activity to any single user.

6. We have received multiple subpoenas and court orders requesting subscriber information. Our response was identical to what we send in case of a DMCA related request. We were never ordered to log users (although there were requests), but since we’re in Canada which has no mandatory data retention directives that apply to VPNs, we wouldn’t need to comply.

7. BitTorrent is allowed in all locations as we don’t interfere with the traffic. We request that users don’t use it in India, Russia and South Africa due to more stringent providers in those regions, but it’s more of a guideline than a rule.

8. Credit cards (Stripe), PayPal, all major cryptocurrencies and various gift cards. As we don’t store any logs of this type, there is nothing to link the payments to.

9. We support OpenVPN and IKEv2. Both are equally secure as we use the strongest encryption possible (GCM-AES-256) with both. We recommend trying IKEv2 first, as it’s faster almost in all cases. If it’s blocked on your network, then you can use OpenVPN which operates on common ports and is a lot harder to block, especially when using Stealth (Stunnel) mode. Our application tries all the protocols automatically and uses the best one for your specific network.

10. The Windscribe Firewall is built into our Windows and Mac applications. It blocks all connectivity outside of the tunnel to ensure that there is zero chance of any kind of leak, including but not limited to DNS leaks, IPv6 leaks, WebRTC leaks, etc. This is superior to a “kill switch”, which is a reactive measure, so there is no guarantee that nothing will leak.

11. All our servers are bare metal machines which are leased from various reputable hosting providers worldwide. We request to remove all anti-DDoS mitigations when possible to help reduce the chance of network monitoring. Each VPN node we operate has a recursive DNS server running on it, which is only accessible over the tunnel.

12. We have servers in 60 countries and over 110 cities. All our servers are physically where they are claimed to be, as we don’t have any fake/virtual locations.

Windscribe website

vpnarea-35743451. We do not keep or record any logs. We are therefore not able to match an IP-address and a time stamp to a user of our service.

2. The registered name of our company is “Offshore Security EOOD” (spelled “ОФШОР СЕКЮРИТИ ЕООД” in Bulgarian). We’re a VAT registered business. We operate under the jurisdiction of Bulgaria.

3. To prevent email spam abuse we block mail ports used for such activity, but we preemptively whitelist known and legit email servers so that genuine mail users can still receive and send their emails.

To limit concurrent connections to 6, we use an in-house developed system that adds and subtracts +1 or -1 towards the user’s “global-live-connections-count” in a database of ours which the authentication API corresponds with anonymously each time the user disconnects or connects to a server. The process does not record any data about which servers the subtracting/detracting is coming from or any other data at any time, logging is completely disabled at the API.

4. We host our own email servers. We host our own Ticket Support system on our servers. The only external tools we use are Google Analytics for our website and Live Chat software by Tawk.

5. DMCA notices are not forwarded to our users as we’re unable to identify a responsible user due to not having any logs or data that can help us associate an individual with an account. We would reply to the DMCA notices explaining that we do not host or hold any copyrighted content ourselves and we’re not able to identify or penalize a user of our service.

6. This has not happened yet. Should it happen our attorney will examine the validity of the court order in accordance with our jurisdiction, we will then inform the appropriate party that we’re not able to match a user to an IP or timestamp, because we’re not keeping any logs.

7. BitTorrent is allowed on all our servers. We offer port forwarding only on the dedicated IP private VPN servers at the moment. We will work on providing port forwarding automatically on all servers soon. The only ports which are blocked are those widely related to abuse, such as spam.

8. We accept PayPal, Credit/Debit cards, AliPay, Bitcoin, Bitcoin Cash, WebMoney, GiroPay, and bank transfers. In the case of PayPal/card payments, we link usernames to the transactions so we can process a refund. We do take active steps to make sure payment details can’t be linked to account usage or IP assignments. In the case of Bitcoin, we do not link usernames to transactions.

9. We use AES-256-CBC + SHA256 cipher and RSA4096 keys on all our VPN servers without exception. We also have Double VPN servers, where for example the traffic goes through Russia and Israel before reaching the final destination.

10. Yes, we provide both KillSwitch and DNS Leak protection. We actively block IPv6 traffic to prevent IP leaks, so connections are enforced via IPv4.

11. We work with reliable and established data centers. Nobody but us has virtual access to our servers. The entire logs directories are wiped out and disabled, rendering possible physical brute force access to the servers useless in terms of identifying users. We use our own DNS servers.

12. All our servers are physically located in the stated countries. A list of our servers in 60+ countries can be found here.

VPNArea website

vpnbaron-81192661. We do not keep traffic logs that match an IP address to a user.

2. Our registered legal name is Hexville SRL. We’re under Romanian jurisdiction, which is a member of the European Union.

3. Our tools are developed in-house. To limit the concurrent connections we keep track of the active connections of users. Every user has a limited number of concurrent connections, depending on his subscription. When he connects, we subtract one. When he disconnects, we add one back. Reach zero and the service will not allow the user to connect until he disconnects one of his active instances.

To limit the brute force types of abuses, we monitor the health of the servers and limit the network priority of the obvious DDOS that might be masked through our service. SMTP abuses will also result in temporary port blocking for that service.

4. Emails and the support platform are hosted in-house. For our sales site analytics, we rely on Google Analytics. Live support is hosted by tawk.to, which has a great privacy policy.

5. We designed our system in such a way that DMCA notices cannot be forwarded to our users. A diverse approach is needed to deal with this particular industry issue: from explaining that we don’t host any content to replacing IPs and servers that received multiple strikes.

6. No subpoena has been received by our company. If that happens, we’ll be sure to assist as much as we’re legally obliged.

7. We allow any kind of traffic, P2P included. Port forwarding is not active at this time.

8. We use Bitcoins (and many other kinds of virtual currencies: ETH, XRP, DGB, LTC ), PayPal, PerfectMoney and credit cards. The sales & billing platform is stored separately from the actual VPN system, and VPN credentials are randomly generated, making it harder for them to be associated with an email address.

9. For mobile, we recommend IKEV2 Protocol which supports VPN-ON-DEMAND, allowing users to stay connected even when changing wifi networks or switching from wifi to data. We also support OpenVPN, with AES-256-CBC cipher, TLSv1/SSLv3 DHE-RSA-AES512-SHA, 2048 bit RSA.

On top of the OpenVPN, you can also choose one of the two anti DPI (Deep Package Inspection) protocols: “TOR’s OBFSPROXY Scamblesuit” and “SSL” that mask your VPN connection from your ISP. These protocols come handy in places that actively block VPN connections, like China, Egypt or university campuses.

10. Yes, we have an incorporated kill switch in our client as well as DNS leak protection. At the moment, only IPv4 is supported, but we do provide assistance to any user that might experience leaks.

11. We use our own DNS and Google DNS for some servers. Because of the nature of the industry, we consider that replacing servers and blacklisted IPs is fast as possible. The partners don’t have permission to access the servers and we’ll immediately stop the collaboration at any suspicion of snooping.

12. We do not offer virtual locations. We offer more than 30 servers in 18 countries and we’re expanding fast. You can find the full list here.

VPNBaron website

surfs-79568461. We do not keep any logs, and thus we have no data that could be retained and attributed to a current or former user. We do not collect any IP addresses, browsing history, session information, used bandwidth, connection timestamps, network traffic, or similar data.

2. Surfshark provided by Surfshark Ltd., a company registered in the British Virgin Islands (BVI).

3. We neither monitor nor log user activity on our network. Also, currently we do not limit the number of simultaneous connections. As a safeguard against abuse, such as unauthorized resellers or organizers of illicit activities which involve the use of a very large number of devices, we have implemented a Fair Usage Policy which manages inappropriate use of network and guarantees that our services can be used fairly by everyone.

4. For our operations and day-to-day business, we use the secure email system Hushmail. We do not use any of Alphabet Inc. products, except for Google Analytics, which is used to improve our website performance for potential customers. For a live 24/7 customer support and ticketing service, we use industry-standard Zendesk.

5. DMCA takedown notices do not apply to our service as we operate outside the jurisdiction of the United States. In case we received a non-US equivalent, we could not be of any help to authorities because of our strict no logs policy. It would simply not be possible to attribute any claims to a specific user as we have no information about any of our current or former users.

6. We have never received a court order or any logging requirement from the British Virgin Islands (BVI) authorities. If we ever received a court order from the BVI authorities, we would truthfully respond that we are unable to identify any user as we keep no logs whatsoever. If data retention laws would be enacted in the BVI, we would look for another country to register our business in.

For any information regarding received legal inquiries and orders we have a live Warrant canary.

7. Surfshark is a torrent-friendly service. We not only allow all file-sharing activities and P2P traffic, including BitTorrent, but also protect P2P users from any possible threats, such us tracking, surveillance, and such. We do not provide port forwarding services, and we block port 25.

8. Surfshark subscriptions can be purchased using various payment methods, including many which are only available in certain countries. As well as cryptocurrency we accept PayPal, Alipay and major credit cards. None of these payments can be linked to a specific user account.

9. For our users, we recommend using advanced IKEv2/IPsec and OpenVPN security protocols with strong and fast AES-256-GCM encryption and SHA512 signatures. The AES-256-GCM is different from a widespread AES-256-CBC as it has an inbuilt authentication which makes encryption process much faster. All our apps are based on a fast, stable, and reliable IKEv2 security protocol, including Windows app, which is a very rare case in the industry. Our Linux app is based on OpenVPN.

10. We provide ‘kill switches’ in most of our apps which also have built-in DNS leak protection. Also, Surfshark comes with a plethora of other security features, such as IP masking, IPV6 leak protection, WebRTC protection, a CleanWeb™ feature to block trackers, ads, and malware, MultiHop™ which works as double VPN, Whitelister™ for a split tunneling functionality, etc.

Currently, we do not support Dual Stack IPv4/IPv6 functionality, but it is in the product development roadmap.

11. We use our own DNS servers which do not keep any logs as per our Privacy Policy. All our servers are physically located in trusted third-party data centers. We always perform due diligence before choosing each of our providers to make sure they meet our security and trust requirements.

Nevertheless, even in the case of unanticipated snooping attempts, nobody would be able to decrypt the traffic as we encrypt it with modern AES-256-GCM encryption which has not been cracked yet.

12. As of March 2019, we maintain over 800 servers which are physically located in 69 locations, based in 50 different countries. We do not offer virtual locations.

Surfshark website

nvpn-40778131. We don’t store any kind of IP logs in any shape or form, neither through the available payment methods during the order, nor on the VPN servers themselves.

All VPN servers are set up in a way to completely avoid producing critical output in the first place, or in the very few rare cases where they do, we redirect it to “/dev/null” right away.

2. Technically speaking, we don’t have a company which is incorporated with our VPN business infrastructure. We operate this entire service with a group of four individual persons, who mostly reside in the Eastern European region and we, therefore, don’t have, need or want a company headquarter address.

There is no such thing as a main jurisdiction under which our service operates from. For tax reasons only, we have a company structure set up in Bosnia. It is not visible in the public eye and only used behind the curtains for certain actions.

3. We take common counter-measures if deemed reasonable. For example, blocking certain ports like 25, 80. Or,  if we know certain ports are the default port of RATs then we disallow such few ports from being forwarded. But seeing how a user could simply use another non-default port instead, this isn’t really so effective either. Concurrent connections are not checked.

If we receive an abuse complaint about an event which is literally happening right now, in realtime, then we do a quick simple check if the user is maybe assigned to a dedicated IP. If that’s the case, we go ahead and suspend this account to end the ongoing abuse.

4. Yes, we use Kayako ticket software for support. Apart from that, we use self and custom coded solutions within our whole infrastructure wherever possible. On the website, we use only two third-party services, that being the CAPTCHA picture provider and the support ticket software.

5. DMCA notices are internally treated as low ranked abuse cases which are mostly ignored where possible. For countries like the USA, we send an automated template reply to the hosting provider informing them the case has been solved. Only in very rare cases, we would even think about moving an entire shared IP group to another country where DMCA notices are ignored, like Sweden, Switzerland and the like.

6. The steps are identical and always the same. We reply to the requester and explain that there are no IP logs kept and that no other useful information is available which could help during the event of an investigation.

And yes, requests along the lines of somebody basically asking us to start logging in order to help solve a certain case, have actually happened in the past, but we did not and are not going to comply with those kinds of requests.

7. File-sharing is allowed on all our server locations and it’s really no issue to us. We offer a port forwarding feature. We have only one port blocked in the Firewall: 25/tcp

8. Non-disputable payment solutions like Bitcoin (Cryptocurrency in generally), PerfectMoney, WebMoney, Paysafecard, Amazon Giftcard, Yandex are NOT linked with the user account, because there is no reason to do this. Non-disputable payments are paid and forgotten. Contrary to that, disputable payment methods like PayPal, Skrill are linked to a user account in order to suspend the account in the case of a payment dispute.

This has nothing to do with IP assignments or account usage, the linking for disputable payment methods is strictly limited to the event where a payment gets disputed, so that the related account can be closed.

9. We would still recommend using our default OpenVPN 256 Bit AES-CBC / SHA512 solution, but on top of that, we offer even further obfuscation / hardening approaches. For example, a TLS-crypt OpenVPN config, or even combine it with Stunnel (which is available on all servers) to add a second layer of traffic obfuscation where needed/desired.

10. Yes, our own custom-coded client has an advanced IP kill-switch and as well a DNS leak protection for IPv4 included. Furthermore, we are currently working on a fully native IPv6 integration some point this year. Once that is completed, we will add IPv6 DNS/IP leak protection. There is no Dual Stack IPv4/IPv6 functionality available yet.

11. The server infrastructure for the VPN servers is operated from third-party datacenters. Even if we wanted, we can not always have full physical control of all servers all over the globe. Yes, we are from now on using our own setup DNS nameservers provided by the “Unbound” software.

About the snooping part, we are in fact currently working on our own implementation approach to further harden potential snooping attempts from third-parties.

12. At the time of writing this, we operate physically located servers in the following countries: Albania, Armenia, Australia, Austria, Belarus, Canada, Czechia, Denmark, Finland, France, Germany, Hong Kong, Hungary, India, Iran, Israel, Italy, Kaliningrad, Macedonia, Moldova, Netherlands, Norway, Panama, Poland, Romania, Russia, Serbia, Singapore, South Africa, South Korea, Spain, Sweden, Swiss, Tunisia, Turkey, Ukraine, United Arab Emirates, United Kingdom, United States.

Given that some of those locations are very exotic and hard to acquire, 11 of those countries use virtual servers.

nVpn website

airvpn-65588291. No, we don’t keep such logs and we do not log or inspect users’ traffic data and/or metadata.

2. The name is AirVPN and it operates in Italy. The VPN service has been active since 2010.

3. Our infrastructure remains totally protocol and application agnostic. The limit of 5 concurrent connections per account is enforced through a simple integer counter to not affect in any way the customers’ privacy layer.

4. No, we do not use any external e-mail provider or any external analytics or support tool. We do not use any tracker for any purpose, not even in our  Android app.

5. They are ignored unless the takedown notice pertains to some web site hosted behind our VPN servers (thanks to our remote port forwarding system), in which case we reserve the right to investigate that web site and make a decision based on a case-by-case basis.

6. We will do our best to comply with legitimate orders by competent magistrates, but of course, we can’t give out information that we do not have.

About orders enforcing indiscriminate traffic monitoring, they can’t be satisfied by us because we do not meet the legal requirements to gather data in such a way which can be legally meaningful in a court (the chain of integrity cannot be assured), so it’s unrealistic to suppose such a scenario, which actually has never occurred in 9 years of operations.

7. Yes, P2P protocols are allowed on every and each Air VPN server. Our infrastructure remains protocol and application agnostic.  The only and unique exception is our block of outbound port 25, which is anyway not a big deal except for professional spammers. We support inbound remote port forwarding, while no outbound ports (except 25) are blocked. Therefore, services behind our VPN servers, including P2P software, can receive incoming connections if the user wishes so.

8. We rely on PayPal, 2Checkout Avangate and CoinPayments for a wide range of cryptocurrencies, including Monero and ZCash, while we process Bitcoin directly without intermediaries. Since the transaction data will be retained indefinitely (or for a very long time) by credit card companies and PayPal, we make sure to accept payments with cryptocurrencies, to offer the option to make the privacy and anonymity layers stronger and prevent any correlation between VPN usage and customers’ identities.

Additionally, we do not require any personal data to use the service, not even an e-mail address. If a customer shares an e-mail address (essentially to receive support via e-mail) this will be protected according to the best privacy and personal data protection practices and in accordance with the GDPR. No data is ever sent to any third-party entity.

9. We would recommend using the latest OpenVPN version supporting tls-crypt and TLS 1.2 (as soon as OpenVPN 2.4.7 will be widespread, we will also support TLS 1.3). Preferred cipher for both the Control Channel and the Data Channel are AES-256-GCM (default settings in our service). In case an old OpenVPN version is used, we recommend AES-256-CBC with HMAC-SHA384 as MAC (default settings again in our service when used with old OpenVPN versions). The initial handshake must be protected by an RSA key, which must have at least a 2048 bit size (4096 bit in our service).

It is essential that on server side OpenVPN operates in “full TLS” mode to ensure Perfect Forward Secrecy. For an effective PFS, Diffie-Hellman keys must be at least 2048 bit in size, and should be unique on each server (we use per server unique 4096 bit DH keys).

Last but not least, as an obvious requirement for the aforementioned TLS mode that AirVPN has always employed, OpenVPN must be configured properly to ensure reciprocal authentication between client and server via certificates and keys (never with username and password alone).

10. Our free and open source software, available for Android, GNU/Linux, OS X, macOS and Windows, implements a “Network Lock” method to prevent traffic leaks outside the VPN tunnel.

AirVPN supports pure IPv6, pure IPv4, and IPv6 over IPv4 connections. Optionally, our software can even block IPv6 completely (disabling IPv6 option is not available on Android for system access limitations). Users whose ISP does not provide IPv6 connectivity can access IPv6 based services through our VPN servers. DNS leaks are prevented as well.

11. We do not own datacenters, so our servers are all hosted in third-party datacenters, either when they are our property or they are rented. Mitigation against data snooping by datacenters is carefully applied. Mitigation includes, but is not limited to:

– no database is kept on the VPN servers
– all logging is sent to /dev/null
– everything is kept in RAM except the parts required for the bootstrap of the server
– any change to the system is recorded and sent encrypted to us (and not stored on the server)
– unnecessary kernel or system parts are discarded
– DH keys are on the server, but they are unique per each server
– IPMI is disabled or access to it is restricted to specific VPN or specific IP addresses
– VPN servers do not communicate directly with backend servers: any necessary communication passes through reverse proxies, so that single datacenters can not know where the databases (client keys, certificates, etc.) are located.

We talk about mitigation because the main threat in this respect is simply inspecting all incoming packets and correlating them with all outgoing packets. There is no known method to ascertain for sure when such “black boxes”, external to the server, are operating, simply because they work “outside”. For such a threat model, again we recommend partition of trust and that’s also the reason for which we support Tor so strongly by running or financing a great number of relays and exit nodes.

12. Our servers locations, as well as a lot of additional information, are visible in our real-time servers monitor here. We don’t use virtual servers.

AirVPN website

cactus-62012471. We don’t keep any logs.

2. CactusVPN Inc., Canada

3. We restrict our services to up to 5 devices per account for the VPN connection. Abuse of services is regulated by our Linux firewall and most of the datacenters we rent servers from provide additional security measures against server attacks.

4. No.

5. We haven’t received any official notices yet. We will only respond to local court orders.

6. If we receive a valid order from Canadian authorities, we have to help them identify the user. But as we do not keep any logs, we just can’t do that. We haven’t received any orders yet.

7. BitTorrent and other file-sharing traffic are allowed on servers in the Netherlands, Germany, Switzerland, Spain and Romania.

8. PayPal, Visa, MasterCard, Discover, American Express, Bitcoin & Altcoins, Alipay, Qiwi, Webmoney, Boleto Bancario, Yandex Money and other less popular payment options.

9. We recommend users to use SoftEther with ECDHE-RSA-AES128-GCM-SHA256 cipher suite.

10. Yes, our apps include a Kill Switch. They also include DNS Leak protection. We only support Iv4.

11. We use servers from various data centers. All the VPN traffic is encrypted so the data centers cannot see the nature of the traffic, also the access on all servers is secured and no datacenter can see its configuration.

12. Here is our overview of server locations.

CactusVPN website

trustzone-87429591. Trust.Zone doesn’t store any logs. All we need from VPN users is an email to sign up. No first name, no last name, no personal info, no tracking, no logs.

2. Trust.Zone is under Seychelles jurisdiction. The company is operated by Internet Privacy Ltd.

3.Trust.Zone doesn’t use any third party tools on our website. The only restriction is three simultaneous connections per user.

4. Trust.Zone does not use any third-party support tools or tracking systems.

5. If we receive any type of DMCA requests or Copyright Infringement Notices – we ignore them.

6. A court order would not be enforceable because we do not log information and therefore there is nothing to be had from our servers.

Trust.Zone is a VPN provider with a Warrant Canary. Trust.Zone has not received or been subject to any searches, seizures of data or requirements to log any actions of our customers.

7. We don’t restrict any kind of traffic. Trust.Zone does not throttle or block any protocols, IP addresses, servers or any type of traffic whatsoever.

8. All major credit cards are accepted. Besides PayPal, Alipay, wire transfer and many other types of payments are available. In 2018 we have started working in partnerships with anonymous crypto like Verge, Bytecoin, Emercoin.

9. We use a protocol which is faster than OpenVPN and also includes Perfect Forward Secrecy (PFS). Trust.Zone uses AES-256 Encryption by default. We also offer L2TP over IPsec which also uses 256bit AES Encryption.

10. Trust.Zone supports a kill-switch function. We also own our DNS servers and provide users with using our DNS to avoid any DNS leaks. Trust.Zone has no support for IPv6 connections to avoid any leaks. We also provide users with additional recommendations to be sure that there are no DNS leaks or IP leaks.

11. We have a mixed infrastructure. Trust.Zone owns some physical servers and we have access to them physically. In locations with lower utilization, we normally host with third parties. But the most important point is that we use dedicated servers in this case only, with full control by our network administrators. DNS queries go through our own DNS servers.

12. We are operating with 177+ dedicated servers in 37 countries and are still growing. We also provide users with dedicated IP addresses if needed. The full map of the server locations is available here.

Trust.Zone website

switch-29412341. SwitchVPN does not store any logs which would allow anyone to match an IP address and a time stamp to a current or former user of our services.

2. The name of the company is CS SYSTEMS, INC and it operates out of the United States.

3. We use preventive methods to prevent abuse of our service such as SMTP blocking which would prevent any spamming from occurring.

4. We use Crisp Live Chat and Google Analytics but users can choose to chat with us without providing any identifying details and no personal information is stored.

5. SwitchVPN is transitory digital network communications as per 17 U.S.C § 512(a) of the Copyright Act. So in order to protect the privacy of our users we use shared IP addresses, which makes it impossible to pinpoint any specific user. If the copyright holder only provides us with an IP address as identifying information, then it is impossible for us to associate a DMCA notice with any of our users.

6. There have been no court orders since we started our operation in 2010, and as we do not log our users’ sessions and we utilize shared IP addresses, it is not possible to identify any user solely based on timestamps or IP addresses.

Currently, there is no mandatory data logging in the United States but in-case the situation changes, we will migrate our company to another privacy friendly jurisdiction.

7. Yes, all torrent traffic is allowed on all of our servers, however, we have a special list of servers which provides a port forwarding option which will give people a better experience while torrenting. No ports are blocked.

8. We accept Credit Card, PayPal, Bitcoin, and Paymentwall. SwitchVPN assigns all of its users random login details instead of email and password. Which makes it more anonymous while using our service.

9. By default, our application uses the highest encryption settings in OpenVPN with AES-256-GCM.

10. Yes, our application comes with built-in Kill Switch in case of any drops and SwitchVPN also uses its private DNS to anonymize all DNS requests. It also comes with DNS leak protection and it has passed all the tests by major reviewers. Currently, we do not offer Dual Stack IPv6 Functionality but it will be implemented very soon.

11. Before we get into agreement with any third party, we make sure the company does not have any poor history for privacy and we make sure the company is in-line with our privacy requirements for providing our users with a no log VPN service. We also use our own DNS servers to anonymize all DNS requests.

12. All our servers are physically located in the countries we have mentioned, we do not use virtual locations.

SwitchVPN website

vyprvpn-35373451. At VyprVPN we do not log any usage data from our VPN service, and we are unable to match an IP-address and a time stamp to a specific user.

2. Golden Frog, GmbH – Meggen, Switzerland. We have operated under the jurisdiction of Swiss law since 2014.

3. Our proprietary server software checks open VPN connections to the servers so we can enforce concurrent connection limitations. This state information is not logged. Once the connection closes the state information is gone. We also block port 25 (SMTP) outbound on our edge routers to mitigate the use of our service to send SPAM.

4. We use a couple of different platforms, namely Zendesk for support tickets and SnapEngage for live chat support. We also utilize Silverpop and MailChimp as our email platforms to communicate with customers. Our customers, of course, keep the option to opt out of our email program if they’re not interested. We only share account information, such as email address, with our providers; and have a strict no log policy that prevents us from obtaining or sharing any customer VPN usage data internally or externally.

5. To increase the privacy for our users, we do not log the IP address used by any user. If we receive a DMCA notice that relies on IP address and a time stamp as identifying information, it is not technically possible for us to associate a DMCA notice with any of our users with this information.

6. We cooperate fully with law enforcement agencies. In the past, we have always requested a subpoena before providing a member’s identifying information – minimal information reasonably calculated to identify and no more.

We only record personal data that is associated with a user’s account which can include name, email address, phone number, payment information and/or physical address. We do not retain any data associated with the VPN service usage. Although we have never been asked by law enforcement to log additional user activity, we would seek the protection of strong Swiss privacy laws to vigorously fight such an attempt.

7. We do not discriminate against devices, protocols, or application. All traffic is allowed on our network at any of our VPN servers across the world, including BitTorrent.

Once a customer is connected to our service they are provided with a public IP address that allows all ports inbound to them. Outbound traffic is open as well with the exception of port 25. We block 25 outbound to prevent the abusive use of our service for sending spam.

8. We never store credit card information or other potentially vulnerable payment information for any of our customers. We utilize well known, industry standard, payment processors to protect this information. And since we are a No Log VPN service we cannot link any individual’s account usage or IP-assignments to our customers.

9. For the most private experience, we recommend that our users try our proprietary Chameleon VPN Protocol in tandem with VyprDNS, our No Log DNS service.

10. Absolutely, we understand the need to protect people on insecure networks or living under censorship restrictions. VyprVPN includes a Kill Switch feature that is available on our Mac, Windows, and Android apps. DNS Leak Protection is included with all our desktop and mobile applications. VyprVPN also offer users access to our No Log DNS service, VyprDNS, to further protect DNS requests. We currently only run IPv4.

11. We own, engineer and manage our VPN servers and network so we can deliver fast and reliable connections and remain independent from any third parties. Along with owning 100% of the physical hardware to operate VyprVPN, we also own and operate our own DNS solution – VyprDNS.

12. We do have some virtual locations and we allow VyprVPN users to utilize more than 200,000 IP addresses. We maintain and operate more than 700 servers scattered across more than 70 different countries. We have virtual locations in our own physical data centers across the globe.

VyprVPN website

privatevpn-1-65224701. We don’t log any user-identifying information. Metadata or identifiers namely IP addresses, timestamps or any sort of connections on our VPN or authentication servers. The speed of connections are not logged or retained at all. Période.

That being so, the total amount of data used is kept for a month solely for the limited purpose of preventing trial abuse duly stated in our money-back guarantee as well.

2. PrivateVPN is run by a Swedish company viz. ‘Privat Kommunikation Sverige AB’ under Swedish jurisdiction

3. The nature of our VPN service makes it practically impossible for us to do any sort of live monitoring at all.

4. We use a service known as LiveAgent to provide email or ticket and live chat support. They do not hold any information about chat sessions. Chat conversation transcripts are not stored on chat servers. They remain on the chat server for the duration of the chat session, then optionally sent by email to a user, and then destroyed.

5. DMCA is not applicable to our service as it is not a codified law or act under Swedish jurisdiction. So, it is none of our business. A Swedish equivalent isn’t in the scene as of now in our jurisdiction at all.

6. As already mentioned above, we don’t retain or log any identifiers at all. So, basically even when ordered to actively investigate a user we are limited to the number of active logins which is just a numerical value. That being said, we have not received a court order to date.

7. Of course, P2P is allowed on all our servers as a matter of policy. Port forwarding is readily available on all the platforms. Moreover, Dynamic Dedicated IP with all ports open (which you are allotted from a block of IPs we have dynamically when you are connected, this IP is a dedicated IP and when allotted to you, no one else in the world but you are uniquely using it.) are also available. Dynamic dedicated IPs are offered in multiple locations (not all as of now) with OpenVPN-TUN-UDP/1194 connection type only.

8. We support PayPal, Stripe, and Bitcoin. Alipay as a payment method is en route. We offer a 30-day money-back guarantee and in order to enforce it, we keep a track of payments linked to a user account. There is no way to link an IP address assigned from us to a user account as we do not log such data.

9. No single VPN protocol works for everyone. We support multiple VPN protocols viz. PPTP, L2TP, IPsec, IKEv2, OpenVPN and Wireguard(beta). Our default VPN protocol on all the platforms is OpenVPN over UDP with 256-bit security for both data and TLS control channel encryption.

We recommend a user with an ideal ISP to use OpenVPN over UDP/1194. In case your ISP happens to throttle default OpenVPN port 1194, you can use OpenVPN over TCP/443, which is deployed with the latest –tls-crypt that OpenVPN offers for additional privacy and very basic obfuscation of the protocol itself.

For users who love built-in VPN clients for an OS, like Windows, Mac, Blackberry, iOS etc, we recommend IKEv2. For users from UAE, Egypt, some parts of China etc, we are offering and actively improving secure Stealth VPN technology to tunnel a client’s VPN traffic for users from Egypt, UAE, China etc. For Tor lovers, we offer a guide, help, instructions on how to connect to our OpenVPN servers over Tor for additional security and privacy.

For speed and comparatively low latency, state-of-the-art Wireguard server is recommended.

10. Our Windows VPN App offers robust Kill switch and DNS leak protection. DNS leaks on any major platform are owing to broken installations which are fixed as soon we see a report or any issues. IPv6 leak protection is available on every platform and multiple VPN protocols. We offer guides and instructions to set up a kill switch on macOS, GNU/Linux, BSD etc and are rapidly working with our developers to add these features in our easy to use and install VPN applications.

As of now, no Dual stack VPN is available, unfortunately.

11. We have physical control over our servers and network in Sweden. We’re only using trusted data centers with strong security. Our providers have no access to PrivateVPN’s servers and most importantly, there is no customer data/activities stored on the VPN servers or on any other system we have.

12. We use a mix of physical and virtual servers depending on the demand and needs of a given location. Virtual servers are categorized in our server list on our website to avoid confusion and maintain transparency.

PrivateVPN website

fvpn-31115441. No, FastestVPN does not record any logs. Your internet activity such as your browser history, traffic destinations, DNS queries, downloads and uploads, and the websites you visit all stay with you.

2. FastestVPN is incorporated under the name Fast Technology Limited. It operates out of the Cayman Islands and under its jurisdiction.

3. We use an in-house developed tool to limit the maximum number of connections to 10 devices. It is used for this purpose and this only.

4. We use Google Analytics and Hotjar to improve our service and make our website more user-friendly. We also use a live-chat tool called Tawk.to for the purpose of providing 24/7 support to customers.

5. Because we operate under the jurisdiction of Cayman Islands, the DMCA has no authority or influence on us. Therefore, we are not required to comply with such notices.

6. Although such an event has not occurred, we may comply in the event a Cayman Islands Court orders us to provide information on a user’s activity. But because we do not log any activity, the information we provide cannot help identify any of our customers.

7. Our servers are optimized for P2P and allow BitTorrent and other file-sharing traffic. We suggest users to connect to our European servers for the best speed.

8. We provide our customers with the option to pay with Credit Card, eWallets (PayPal, Apple Pay, Visa Checkout, MasterPass etc), AliPlay, and other payment methods such as Skrill, Webmoney etc. It is handled by the payment processor which requires only basic billing information for payment processing and refund requests. The details can’t be linked to any particular customer.

9. We recommend the use of the OpenVPN and IKEv2 protocols for better security. We use multiple security protocols coupled with AES 256-bit encryption.

10. We do provide Kill Switch and DNS leak protection features.

11. We rely on both owned and outsourced servers. We maintain exclusive rights to our servers that are physically located across various countries worldwide. We use our own DNS servers.

12. All of our servers are physically located in various countries worldwide. We currently have servers in 23 countries. You can check the full list of locations here.

FastestVPN website

cslogo-fortorrentfreak-26403331. No, none of our logs contain any data that can be used to match an IP or time stamp with a user.

2. Cryptostorm consists of several different entities that are in different regions. This is so if an adversary were to put legal pressure on one of those entities, we can simply drop and replace it, along with any resources that might be under it. The names and locations of these entities are not publicly disclosed, simply to make it more difficult for any potential adversaries.

3. Abuse is mitigated by using Snort’s NFQ DAQ as an Intrusion Prevention System. This allows us to block the most basic or automated attacks/scans that would violate the Terms of Service at most data centers. Snort is used directly against the tunnel interface, which means any alerts generated would only include the internal 10.x.x.x VPN IP, which is randomly generated. No customer IPs ever show up in those Snort alerts.

4. No, email/support is done in-house on our own servers.

5. Most of the data centers we’ve chosen aren’t legally required to do anything about DMCA notices or similar complaints. Currently, the only exceptions are one of our Dutch data centers and the London one, which both require a response from us. For them, we use a template very similar to this.

If an ISP, data center, or anyone else were to request customer information related to a DMCA complaint, we wouldn’t be able to provide anything since we don’t have anything. If a data center threatens to suspend our server if we don’t provide something more useful, we would simply stop doing business with that data center.

6.  We wouldn’t be able to comply with any court order requesting customer information since we don’t have any information to give. If a court successfully ordered one of our entities to start collecting customer information, we would absolve any entities in that court’s region.

As of March 2019, we have never received any such court orders. If any “gag orders” were successful, our warrant canary would inform customers of its existence.

7. Yes, BitTorrent etc. is allowed. We also provide port forwarding. The only ports blocked at the moment are blocked for security reasons: ports 135, 139, and 445 which could be used to deanonymize a Windows customer using one of the many NetBIOS/SMB vulnerabilities.

8. Credit/debit card payments are accepted via PayPal and CCBill. Bitcoin is accepted through BitPay. Bitcoin, Litecoin, Bitcoin Cash, Monero, BlackCoin, CloakCoin, Dash, Decred, DigiByte, Dogecoin, Ether Classic, Ether, Expanse, GameCredits, Komodo, LISK, Namecoin, PotCoin, Peercoin, Qtum, Stratis, Syscoin, Vertcoin, VERGE, ZCash, ZenCash, and TetherUSD are accepted through CoinPayments.net.

Our anonymous token authentication system plus our no-logging policy prevents us from knowing which customers are connected to which server, or what traffic they’re generating on that server.

9. Our most secure OpenVPN instances use: AES-256-GCM to encrypt the data channel; TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 for the control channel, forced to at least TLSv1.2 to prevent downgrade attacks, with support for TLSv1.3; 521-bit secp521r1 ECC server/CA certificates (~15360-bit RSA), signed with ecdsa-with-SHA512; A 2048-bit static key for additional encrypting/authenticating of control channel packets via -tls-crypt.

Perfect Forward Secrecy is implemented in all of the above using ephemeral keys or unique DH parameters, with key renegotiation every 20 minutes.

10. For Windows users, our open-source VPN client includes a kill switch and DNS/IPv6 leak protection. For every other OS, we offer firewall rule sets for iptables, ufw, pf, etc. that will accomplish the same. Only IPv4 is supported at the moment, so instructions for blocking or disabling IPv6 are provided.

11. To account for the possibility of physical compromise (i.e., a confiscated server), each server is designed to be as disposable as possible. No data on the servers can be used to identify a customer, nor can it be used to gain access to any other server.

We also do secure PKI management, which means the CA private key is never stored on the VPN server, and each server gets its own unique server certificate/key pair.

Although our data centers aren’t known to actively monitor customers, we assume that they are, or can if requested. That’s why we use cryptography that’s probably unbreakable, which means the most any snooper can see is encrypted traffic coming in, but because of other users on the server, they won’t be able to correlate incoming and outgoing traffic.

We use our own DNS servers, as well as DNSCrypt to encrypt a client’s DNS before they connect to the VPN. We also offer an optional DNS-based ad/tracker blocking service. All of our DNS and DNSCrypt servers are publicly available, which means you don’t have to be a customer of ours to use them.

12. Our current country/server list is available here. We do not use VPS/VMs for our VPN servers. Only bare metal dedicated servers.

CryptoStorm website

whatheserver-e1488473253988-89662561. We do not maintain any logs that would allow us to identify a user.

2. What The * Services, LLC is incorporated in the USA.

3. All limiting is done by active sessions to prevent one person from sharing an account with hundreds of people. We use a custom session management system which operates completely on real-time data and keeps no logs.

4. We run all of our own communications infrastructure. No analytics software is used currently.

5. We send out the following response as we have no logs.

6.  We have only had one of these requests for a VPS client. The customer’s identity was never revealed to the people making the DMCA take-down request and subpoena, because the bill was paid in Bitcoin & throwaway email account was used.

If this happens again in the future, we will take several steps. First, we would consult with our lawyers to confirm the validity of the order/subpoena, and respond accordingly if it is NOT a valid order/subpoena. Then we would alert our user of the event in the event we are legally able to.

If the order/subpoena is valid, we would see if we have the ability to provide the information requested, and respond accordingly if we do NOT have the information requested. If we DO have the information requested, we would immediately reconfigure our systems to stop keeping that information. Then we would consult with our lawyer to determine if there is any way we can fight the order/subpoena and/or what is the minimum level of compliance we must meet, and notify the user of the event if we are legally able to do so.

If we were forced to start keeping logs on our users, we would go out of business and start a new company in a different jurisdiction.

7. We do allow file sharing on our network. We do ask people to use the EU nodes for file sharing. We have no way to enforce that, but it helps to prevent the USA based nodes from complaints and shutdown from overzealous copyright trolls. We do offer port forwarding plans with our Perfect Dark Plans. We do not block any ports.

8.  We accept PayPal and cryptocurrency. As always, anyone can open an account anonymously with a wide variety of cryptocurrencies including Bitcoin (BTC), LiteCoin (LTC), Monero (XMR), and many more CryptoCurrencies and AltCoins via CoinPayments.net.

All that is required is a working email for signup. Signups via Tor or proxies are highly encouraged along with placeholder information if paying in cryptocurrency. We also use a completely different authentication infrastructure and random usernames for the VPN accounts.

9. We recommend OpenVPN and our VPN has Perfect Forward Secrecy setup with ECDHE-RSA-AES256-GCM-SHA384 for all our VPN servers. This is based on Softether and Ubuntu which allows people to use any protocols their devices supports.

10. Our VPN profiles are compatible with Qomui (Qt OpenVPN Management UI) and others which have this built into the opensource VPN client. We push custom adblocking DNS to clients. We also have ‘push “block-outside-dns”’ in our OpenVPN server config files which will prevent the client from leaking DNS requests. Additionally, we include “resolve-retry infinite” and “persist-tun” in the OpenVPN client config files which will prevent the client from sending data in the clear if the VPN connection goes down.

11. All of our infrastructure is hosted in 3rd party colocations. cependant,
we use full-disk-encryption on all of our servers.

12. We offer VPN server locations in AU, US, FR, DE, NL, UK, HK, JP. We do offer virtual locations upon request.

WhatTheServer website

ibvpn-99036801. We do not keep ANY logs that can identify a user of our service with an IP address and/or a timestamp.

2. The company’s registered name is Amplusnet SRL. We are a Romanian company, which means we are under EU jurisdiction. In Romania, there are no mandatory data retention requirements.

3. We limit the number of concurrent connections and we are using Radius for this purpose.

4. The back end of the website is a dedicated WHMCS for billing and support tickets. We do not use external e-mail providers (we host our own mail server). Our users can contact us via live chat (Zopim). The chat activity logs are deleted on a daily basis. There is no way to associate any information provided via live chat with the users’ account.

5. So far we did not receive any DMCA notice for any P2P server from our server list. That is normal considering that the servers are located in DMCA free zones. For the rest of the servers, P2P and file sharing activities are not allowed/supported.

6. So far, we have not received a court order. We do not support criminal activities, and in case of a valid court order, we must follow the EU laws under which we operate.

7. We have dedicated P2P servers that allow BitTorrent and other file-sharing traffic. The servers are located in the Netherlands, Luxembourg, Canada, Sweden, Russia, Hong Kong, and Lithuania. We do not provide port forwarding. We are blocking the SMTP ports 25 and 465 to avoid spam from our servers.

8. Payments are performed exclusively by third-party processors, thus no credit card info, PayPal ids or other identifying info are stored in our database. For those who would like to keep a low profile, we accept BitCoin, LiteCoin, Ethereum, WebMoney, Perfect Money etc.

9. We support SSTP and SoftEther on most of the servers. We also offer double VPN and TOR over VPN.

10. Yes, a Kill Switch and DNS leak protection are implemented in our VPN Clients. Our users can decide to block all the traffic when the VPN connection drops or to kill a list of applications. We allow customers to disable IPv6 Traffic and to make sure that only our DNS servers are used while connected to the VPN.

Also, we support SOCKS5 on our P2P servers which can be used for downloading torrents and does not leak any data if the connection to SOCKS5 proxy drops.

11. We do not have physical control over our VPN servers. We have full remote control to all servers. Admin access to servers is not provided for any third party.

12. The full list of server locations is available here.

ibVPN website

mullvad-80473521. No, all details are explained in our no-logging data policy.

2. Amagicom AB, Swedish.

3. We mitigate abuse by blocking the use of ports 25, 137–139, and 445 due to email spam and Windows security issues.

When a customer connects to a VPN server, the server asks the central service to validate the account number, whether or not the account has any remaining time, if the account has reached its allowed number of connections, and so on. Everything is performed in temporary memory only; none of this information is permanently stored to disk.

Our VPN servers send three types of data to our monitoring system: total number of current connections, CPU load per core, and total bandwidth used per server. We log the total sum of each of these statistics in order to monitor the health of each individual VPN server. We ensure that the system isn’t overloaded, and we monitor the servers for potential attacks, bugs, and network issues.

4. We have no external elements on our website. We do use an external email provider. We encourage those who want to email us to use PGP encryption, which is the only effective way to keep email somewhat private. The decrypted content is only available to us.

5. There is no such Swedish law that is applicable to us.

6. From time to time, we are contacted by governments asking us to divulge information about our customers. Given that we don’t store activity logs of any kind, we have no information to give out.

Worst-case scenario: we would discontinue the servers in the affected countries. The only information AT ALL POSSIBLE for us to give out is records of payments since these are stored at PayPal, banks etc. This, however, does not prove anything more than you made a payment to us.

7. All traffic is treated equally, therefore we do not block or throttle BitTorrent or other file-sharing protocols. Port forwarding is allowed. Ports 25, 137–139, and 445 are blocked due to email spam and Windows security issues.

8. We accept cash, Bitcoin, Bitcoin Cash, bank wire, credit card, PayPal, and Swish. We encourage anonymous payments via cash or one of the cryptocurrencies. We run our own full node in each of the blockchains and do not use third parties for any step in the payment process, from the generation of QR codes to adding time to accounts.

9. We offer OpenVPN with RSA-4096 and AES-256-GCM. And we also offer WireGuard which uses Curve25519 and ChaCha20-Poly1305. We also offer an experimental post-quantum secure VPN tunnel using WireGuard and NewHope.

10. We offer a kill switch and DNS leak protection, both of which are supported in IPv6 as IPv4. While the kill switch is only available via our client/app, we also provide a SOCKS5 proxy that works as a kill switch and is only accessible through our VPN.

11. At 8 locations – 3 in Sweden, 1 in Amsterdam, 1 in Norway, 1 in the UK, 1 in Finland, 1 in Germany– we own and have physical control over all of our servers. In our other locations, we rent physical, dedicated servers (which are not shared with other companies) and bandwidth from carefully selected providers.

We use our own DNS servers. All DNS traffic that’s routed via our tunnel is hijacked. Even if you set accidentally select another DNS, our DNS will be used. Except if you have set up DNS over HTTPS or DNS over TLS.

12. We don’t have virtual locations. All locations are listed here.

Mullvad website

ace-20690061. We do not log period. No meta-data logging, no traffic logging, no bandwidth usage tracking. We do not store any personal or billing information on VPN servers. IPs are shared amongst users and our configuration makes it extremely difficult to single out any user.

2. We are registered in the USA and operate as AceVPN.com

3. We have developed in-house tools to mitigate abuse.

4. We use Google Analytics on www.acevpn.com (marketing web site). We do not track proxied pages. We use G Suite for email. Emails are deleted regularly.

5. If we receive a DMCA takedown, we block the port mentioned in the complaint. IPs are shared by other users and our configuration makes it extremely difficult to single out any user. We do not share any information with third parties.

6. To date, we have not received a court order. We only store billing information which the payment processor or bank or credit card issuer has.

7. We have special servers for P2P and are in datacenters that allow such traffic. These servers also have additional security to protect privacy when P2P programs are running. We do not offer port forwarding.

8. We accept PayPal, Bitcoin and credit cards for payments. We store billing information on a secure server separate from VPN servers and do not track usage nor IP assignments.

9. Our IKEv2 and OpenVPN offer Elliptic curve cryptography (ECC) which
we recommend for secure connectivity. To give an idea, 384 bits ECDSA is equivalent to RSA 7680 bits. Higher the bits, the more secure it gets. We just completed a network upgrade and dropped all insecure algorithms.

10. Yes, we do provide kill switches if a connection drops. Our servers are tested for DNS leaks. We are an IPv4 only service.

11. We have full control over our servers. Servers are housed in reputed
datacenters. Many of them are ISO certified and are designed to the highest specifications for performance, reliability and security. We operate our own DNS servers (Smart DNS) for streaming videos.

For VPN, we use Cloudflare, Google, OpenDNS and Level3 DNS.

12. All our locations are physical, meaning servers are physically located in these locations. We have servers in 26+ countries and over 50+ locations / datacenters. USA, Brazil, Canada, Mexico, Denmark, Egypt, France, Germany, Ireland, Italy, Japan, Latvia, Luxembourg, Netherlands, Norway, Romania, Russia, Spain, Sweden, Switzerland, Turkey, UK, Hong Kong, Singapore, Australia, and South Africa.

AceVPN website

torguard_tf_logo2-2410212

1. No logs or timestamps are kept whatsoever. TorGuard does not store any traffic logs or user session data on our network. In addition to a strict no logging policy we run a default shared IP configuration across all servers. Because there are no logs or timestamps kept and multiple users sharing a single IP address, it is not possible to match any user to an IP address or username.

2. TorGuard is owned by VPNetworks LLC and operates under US jurisdiction.

3. We utilize customized software to monitor server health and network performance, we use global rule sets to try to catch and block attempts to abuse our service in real time. We also limit simultaneous connections through our backend authentication servers.

4. We use anonymized Google Analytics data to optimize our website and Sendgrid for transactional email. TorGuard’s 24/7 live chat services are provided through Livechatinc’s platform. Customer support desk requests are maintained by TorGuard’s own private ticketing system.

5. In the event a valid DMCA notice is received it is immediately processed by our abuse team. Due to our no log and no time stamp policy and shared IP network – we are unable to forward any requests to a single user.

6. If a court order is received, it is first handled by our legal team and examined for validity in our jurisdiction. Should it be deemed valid, our legal representation would be forced to further explain the nature of our shared IP network configuration and the fact that we do not hold any identifying logs or time stamps.

TorGuard’s network was designed to operate with minimum server resources and is not physically capable of retaining such logs. There is no on/off switch to log activity so it would be impossible to comply with such a request. No, this has never happened.

7. Yes, BitTorrent and all P2P traffic is allowed on all servers, no restrictions are in place. Yes, we do provide port forwarding through OpenVPN (with port fail protection), we also offer the ability to whitelist IP’s that can access open ports externally, and all other IPs will be blocked. We allow all ports above 2048 to be opened by users through the control panel in the member’s area.

8. We currently offer over 200 different payment options. This includes all forms of credit card, PayPal, Bitcoin, cryptocurrency (e.g. Litecoin, Ethereum, Monero + many more), Alipay, WeChat Pay, UnionPay, 100+ Gift Card brands, and many other worldwide local payment options.

It is impossible to be linked back to account usage or IP assignments because we maintain zero logs across our network.

9. For best security, we advise clients to use OpenVPN and select the cipher option AES-256-GCM, with 4096bit RSA and SHA512 HMAC. We use TLS 1.2 on all servers with perfect forward secrecy enabled. This can also be used in conjunction with Stunnel for a second SSL layer or it can be used in conjunction with shadowsocks stealth proxy that also uses AES-256-CBC on top of what you’re already using. OpenVPN port 53 also takes advantage of tls-crypt.

TorGuard offers a wide range of VPN protocols, including OpenVPN, iKEV2, IPsec, SSTP, OpenConnect/AnyConnect, Stunnel, WireGuard, SSH Tunnels and Shadowsocks.

10. TorGuard’s VPN software provides strict security features by automatically disabling IPv6 and blocking any potential DNS or WebRTC leaks.

We offer a full connection kill-switch that safeguards your VPN traffic against accidental disconnects and will hard kill your interfaces if needed. There is also an application kill-switch that can terminate specific apps if the VPN connection is interrupted.

TorGuard will begin offering IPv6 VPN connectivity in select Shared IP and Residential IP locations in the coming months.

11. We retain full physical control over all hardware and only seek partnerships with data centers who can meet our strict security criteria. All servers are deployed and managed exclusively by TorGuard staff.

By default, the TorGuard VPN app uses private no log DNS on each VPN endpoint. The TG android and desktop apps also allow clients to modify their connected DNS with a custom DNS entry of their choosing or to use TorGuard Endpoint DNS on 10.9.0.1.

All traffic between the end user and the VPN server is encrypted making it impossible for any provider to decipher the tunnel or snoop on user activity.

12. TorGuard currently maintains thousands of servers in over 55 countries around the world, and we continue to expand the network each month. All servers are physically located in the stated country of origin and we do not use any virtual locations on any location within the TorGuard network.

TorGuard website

pplogovpn-51594271. Perfect Privacy does not log or store any traffic, IP addresses or any other kind of data that would allow identification of our users or their activities.

2. Perfect Privacy is operated by Vectura Datamanagement, registered in Zug, Switzerland.

3. We don’t keep track of the number of VPN connections per user and are unable to limit it. In case of malicious activity towards specific targets, we block IP addresses or ranges, so they are not accessible from our VPN servers.

Additionally, we have limits on new outgoing connections for protocols like SSH, IMAP, and SMTP to prevent automated spam and brute force attacks. We do not use any other tools.

4. We develop and host all email and support tools in-house where it is under our control. We use Google Analytics for website optimization and better market reach, but with the anonymizeIp parameter set. However, Perfect Privacy users are exempted from any tracking by Google Analytics
and are also able to use our TrackStop filter which will block any tracking (as well as ads and known malware domains) directly on our servers.

5. Because we do not host any data, DMCA notices do not directly affect us. However, we do receive copyright violation notices for file-sharing in which case we truthfully reply that we have no data that would allow us to identify the responsible party.

6. If we receive a Swiss court order, we are forced to provide the data that we have. Since we don’t log any IP addresses, timestamps or other connection-related data, the only step on our side is to inform the inquiring party that we do not have any data that would allow the identification of a user based on that data.

Should we ever receive a legally valid court order that requires us to log activity for a user going forward, we’d rather shut down the servers in the country concerned than compromising our user’s privacy.

There have been incidents in the past where Perfect Privacy servers have been seized, but no user information was compromised that way. Since no logs are stored in the first place and additionally all our services are running within RAM disks, a server seizure will never compromise our customers. Although we are not subject to US-based laws, there’s a warrant canary page available.

7. Perfect Privacy users are allowed to use BitTorrent and other file-sharing tools. P2P traffic is treated equally to other traffic. However, at specific locations that are known to treat copyright violations rather harshly (very quick termination of servers), we block the most popular torrent trackers to reduce the impact of this problem. Currently, this is the case for servers located in the United States and France. Perfect Privacy users can use port forwarding.

8. We offer a variety of payment options ranging from anonymous methods
such as sending cash, or Bitcoin. We also offer PayPal and credit cards for users who prefer these options. Because we do not monitor or log IP assignments or account usage, there is no link to the payments.

9. Generally, we recommend using OpenVPN with 256-bit AES-GCM encryption on desktop computers. On mobile platforms, we recommend IPSec/IKEv2 with 256-bit AES-GCM encryption, a SHA2-512 integrity algorithm and Perfect Forward Secrecy (PFS) enabled using a CURVE25519 or ECP512 elliptic curve algorithm.

10. Our VPN apps for Windows and macOS both have a so-called kill switch
built in, which is advanced firewall protection against IP and DNS leaks. On Android and iOS, you can use the system-integrated On-Demand or Always-on features which are also often called a kill switch.

Perfect Privacy fully supports Dual Stack IPv4/IPv6 functionality. On the vast majority of the servers, users get both a public IPv4 and a public IPv6
adresse. Of course, the kill switches support IPv6, so there’s no need to disable IPv6.

11. All our VPN servers are dedicated bare-metal servers that run in various data centers around the world. While we have no physical access to the servers, they all are running within RAM disks only and are fully encrypted. Additional security can be established by using a cascaded multi-hop connection over up to four hops.

With NeuroRouting enabled, user’s traffic is brought as close as possible to the destination within the fully encrypted VPN network. That way, the traffic is only exposed to the internet where it is unavoidable. We operate our own DNS servers.

12. Currently, we offer servers in 24 countries worldwide. All servers are located in the city displayed in the hostname – there are no virtual or fake locations. For full details about all servers locations, please check our server status site as we are constantly adding new servers.

Perfect Privacy website

vpnland-1-e1488550455715-90648651. We don’t store logs with our users’ Internet activity, nor we are able to match a user to an IP address. In order to detect and prevent payment fraud, we do compare buyers’ IP addresses to their billing addresses.

2. VPNLand Inc, Toronto, ON, Canada.

3. We don’t impose limits on concurrent sessions. In terms of abuse prevention – each case is investigated individually and most of the time blocking the port in question for 1 day is sufficient.

4. We utilize Zendesk for online chat support. Other tools are in-house and data is stored in-house as well.

5. DMCA emails received on our non-US servers are usually ignored.

6. We won’t be able to identify such user due to the lack of matching IP-port-username logs. Regarding future requests: each case will be reviewed individually, and there is no universal scenario available.

7. P2P is allowed on ALL non-US servers. Yes, we do provide incoming port forwarding services for an additional fee.

8. Credit Cards, PayPal, CryptoCurrency. Yes, we have multiple physically separated databases with different functionalities.

9. We recommend our users to use OpenVPN + TLS-Crypt. In countries where OpenVPN is blocked, we utilize dual encryption via Stunnel.

10. In our new set of apps, we offer “kill switches”. Dual IPv4/IPv6 support work in progress.

11. We rent servers from multiple third parties. These servers don’t have anything stored on them except VPN config scripts, and all servers are used by numerous clients at a time. We use a combination of our own DNS servers and Google public DNS servers

12. US, Canada, UK, All European countries, Singapore, Korea, Japan. No, we don’t play these fraud games with RIPE or ARIN databases. All our servers are physically in the locations we claim

VPN Land website

bolehvpn-69614481. We do not keep any logs on our VPN servers that would allow us to do this.

2. BV Internet Services Limited, Seychelles.

3. Generally, we just look at network graphs a number of connections and see if there is any abnormal activity. We also block certain sensitive ports that are often used for hacking/spamming.

4. We use Zendesk to deal with support queries and do track referrals from affiliates. We, however, provide the option to send us PGP encrypted messages via e-mail and also Zendesk. We do not use Cloudflare.

5. We generally find providers that are friendly towards such DMCA notices. Where it cannot be avoided, we just keep them as Surfing/Streaming servers with P2P disabled. These servers are more for geo-location or general purpose surfing rather than p2p. A no time we give out customer information.

6. Several years ago, we received a German police request for certain information in relation to a blackmail incident. Despite it appearing legitimate, we could not assist as we did not have any user logs. We maintain a warrant canary which we do update once a month or when there is a request for information (even if we have not complied with it).

7. We marked a few servers as Surfing-Streaming, as they are on providers with strict DMCA requirements. All other servers support P2P and are not treated differently from any other traffic.

8. Paypal, Paymentwall, Coinpayments, Paydollar, MolPay, Bitcoin, ZCoin, ZCash, Dash, and direct bank transfers.

9. We recommend OpenVPN, with our Cloak servers running AES-256 bit encryption as well as an XOR patch that obfuscates your traffic. This obfuscation prevents it from being recognized as VPN traffic.

10. Yes, we do. Our leak prevention also includes IPv6. We do support dual stack functionality.

11. They are bare metal boxes hosted in various providers. We do use our own DNS servers.

12. Canada, France, Germany, Italy, Japan, Luxembourg, Malaysia, Netherlands, Singapore, Sweden, Switzerland, United Kingdom, and the USA.

BolehVPN website

slick-e1488485082900-59374001. SlickVPN doesn’t log traffic or session data of any kind. We don’t store connection time stamps, used bandwidth, traffic logs, or IP addresses.

2. Slick Networks, Inc. is our recognized corporate name. We operate a complex business structure with multiple layers of offshore holding companies, subsidiary holding companies, and finally some operating companies to help protect our interests. The main marketing entity for our business is based in the United States of America but the top level of our operating entity is based out of Nevis.

3. We block port 25 to reduce the likelihood of spam originating from our systems. The SlickVPN authentication backend is completely custom and limits concurrent connections.

4. We utilize third party email systems to contact clients who opt in for our newsletters and Google Analytics for basic website traffic monitoring and troubleshooting. We believe these platforms to be secure. Because we do not log your traffic/browsing data, no information about how users may or may not use the SlickVPN service is ever visible to these platforms.

5. If a valid DMCA complaint is received while the offending connection is still active, we stop the session and notify the active user of that session. Otherwise, we are unable to act on any complaint as we have no way of tracking down the user. It is important to note that we rarely receive a valid DMCA complaint while a user is still in an active session.

6. This has never happened in the history of our company. Our customer’s privacy is of topmost importance to us. We are required to comply with all valid court orders. We would proceed with the court order with complete transparency, but we have no data to provide any court in any jurisdiction. SlickVPN uses a warrant canary to inform users if we have received any such requests from a government agency.

7. Yes. All traffic is allowed. SlickVPN does not impose restrictions based on the type of traffic our users send. Outgoing mail is blocked but we offer a method to split tunnel the mail out if necessary. We can forward ports upon request. Some incoming ports may be blocked with our NAT firewall but these can be opened on request

8. We accept PayPal, Credit Cards, Bitcoin, Cash, and Money Orders. We keep user authentication and billing information on independent platforms. One platform is operated out of the United States of America (Marketing) and the other platform is operated out of Nevis (Operations).

Payment details are held by our marketing company which has no access to the Operations data. We offer the ability for the customer to permanently delete their payment information from our servers at any point and all customer data is automatically removed from our records shortly after the customer ceases being a paying member.

9. We recommend using OpenVPN if at all possible (available for Windows, Apple, Linux, iOS, Android) and we use the AES-256-CBC algorithm for encryption.

10. Our leak protection (commonly called a ‘kill-switch’) keeps your IPv4 and IPv6 traffic from leaking to any other network and protects against DNS leaks. Your network will be disabled if you lose the connection to our servers and the only way to restore the network is manual intervention by the user. We don’t offer IPv6 connections at this time

11. We physically control some of our server locations where we have a heavier load. Other locations are hosted with third parties unless there is enough demand in that location to justify racking our own server setup. To ensure redundancy, we host with multiple providers in each location. We have server locations in over forty countries.

In all cases, our network nodes load over our encrypted network stack and run from RAMDisk . Anyone taking control of the server would have no usable data on the disk. We periodically remount our RAMDisks to remove any lingering data. Each of our access servers acts as the DNS server for customers connected to that node.

12. At SlickVPN we actually go through the expense of putting a physical server in each country that we list. SlickVPN offers VPN service in 40 countries around the world. We do not do offer virtual locations.

SlickVPN website

new-headvpn-16725521. We do not keep any logs on our network servers that can match an IP address and time stamp with a user.

2. Our service is incorporated under a company in Seychelles for our users’ security and anonymity. The company name is “Global Stealth, Inc.”.

3. There are no such limits on our network.

4. Yes, we are using Google Analytics for our website traffic analysis. We also use Zendesk for chat platform.

5. We don’t receive DMCA notices as we have Special server network in DMCA free zones.

6. It will be basically ignored.

7. BitTorrent and P2P are allowed on our special networks designed for this purpose. These networks have all ports open.

8. We support credit card and PayPal. Payments can be linked to accounts.

9. We support AES256 SSL encryption supported protocols over multiple ports.

10. Yes, we do support Kill Switch for our users.

11. All our servers are hosted on globally known data centers with high security. We have our global DNS and SmartDNS network.

12. We have servers in more than 80 countries globally.

HeadVPN website

vpnhub-52434171. We do not keep any logs of data transmitted through our service and we have no way of knowing what our users are doing while connected to our servers. However, we will note that all payment processors store IP data for the purpose of fraud mitigation. Our payment processor is no different.

2. We operate under AppAtomic, physically headquartered with personnel in Cyprus. We also have offices in Montreal where sales, development, and support take place.

3. We have proprietary systems being used to mitigate abuse, but don’t enforce limitations on concurrent connections at the current time.

4. We use Google’s Firebase and Analytics for basic statistical reporting, however, those services do not have access to data transferred by our users. ZenDesk is currently employed to provide support, however, we plan on migrating everything in-house in the near future.

5. Since we keep no logs, there is virtually nothing we can do to respond to DMCA or equivalent inquiries.

6. Since we do not log activity, we have no way of identifying users. In the event that we are somehow forced to log activity for a user going forward, it would be reflected in the Warrant Canary within our Privacy Policy.

7. We do not restrict torrents, file sharing or P2P.

8. We use ProBiller as a payment provider on our web site, as well as Apple and Google within our iOS and Android apps respectively. Since we have no logs, there is never anything that can be linked to usage of our service nor IP assignment.

9. It depends on the platform. Open VPN and IKEv2 are both considered to be the best in the industry.

10. We have a kill-switch feature within our Desktop apps, as well as our Android app. For iOS, incorporating a kill-switch is not possible due to operating system restrictions, but we do have an Auto-Reconnect upon Disconnect feature there.

11. We’ve contracted StackPath for the purpose of network infrastructure. Our agreement forbids the snooping of any traffic, and we use DNS servers they host.

12. Here’s a full list.

VPNhub website

sigavpn-42010591. No. The service is designed to minimize the amount of information known about users.

2. SigaVPN, a sole proprietorship in the United States of America

3. I can’t monitor abuse because I don’t snoop on internet traffic passing through SigaVPN servers. Concurrent connections aren’t limited, because once again, there is truly no monitoring of users at all.

4. I use Tutanota for email. I had analytics briefly, but it has since been removed.

5. All DMCA requests must be sent by snail-mail to SigaVPN. They must be valid. The response is always the same: I can’t help you because I don’t have the information you are inquiring about.

6. I can’t identify a user of the service, former or active. I would close SigaVPN before I log activity for a user. These scenarios have not happened.

7. No ports are blocked. BitTorrent is allowed on every server. Port forwarding is not offered.

8. PayPal or cryptocurrencies. Absolument.

9. AES-128-CBC

10. IPv6 leak protection is provided. There is no kill switch provided, however, users can configure qBittorrent to bind to the OpenVPN interface.

11. I use dedicated servers as the rest of the industry does. DNS requests are proxied through a recursive DNS server to Cloudflare. This way Cloudflare doesn’t even see the VPN IP. The DNS proxy server collects no logs.

12. France, Luxembourg, USA, Netherlands, Switzerland, Singapore, Romania. A new location will be added soon. Virtual locations are not offered.

SigaVPN website

cyberghost-87099451. We have a strict No Logs policy, so none of our traffic or DNS servers log or store any user info.

2. We’re incorporated as CyberGhost S.A. and we operate under Romanian jurisdiction.

3. Our dedicated team monitors the whole service and infrastructure for any abuse of service. We have several tools in place, from Cloudflare, to firewalls and our own server monitoring system. Concurrent connections limits are monitored & also enforced via our systems in order to avoid such types of abuses.

4. We use Conectoo, ActiveCampaign and Zendesk.

5.  When we receive DMCA takedown notices, we send the other party a standard email informing them we keep no logs and cannot comply with the request.

6. Since we store no logs, such requests have no effect on us. Under Romanian law, data retention is not mandatory.

7.  We have specific high-performance servers optimized for torrenting. In certain countries, local legislation prevents us from offering an adequate service for torrenting. Other locations have performance constraints.

No port forwarding is allowed, as this can be a security risk. Some ports are blocked to prevent malicious uses of our servers (25, 80).

8. Our current payment providers are Cleverbridge, Stripe, and BitPay. Payment details are held in a dedicated database and cannot be linked to anything else.

9. On iOS, macOS and Windows, our default protocol, IKEv2 with AES-256 encryption offers a good balance of performance and security. OpenVPN with AES-256 is also a solid alternative on Windows, Android, Linux, routers or other devices.

10. Yes, we have a kill switch in place, but we do not support dual stack.

11. Except for our NoSpy servers, we rent our VPN servers. All inbound connections from users to our servers are encrypted VPN tunnels, and we use our own DNS servers. We also install our custom OS on the servers to fully run a secure environment (no involvement from 3rd parties).

12. We have over 3,600 servers physically located in 60+ countries. The full list is here.

CyberGhost website

ovpn-39455961. Our entire infrastructure and VPN service is built to ensure that no logs can be stored – anywhere. Our servers are locked in cabinets and operate without any hard drives. We use a tailored version of Alpine, which doesn’t support SATA controllers, USB ports etc. To further increase security, we use TRESOR and grsecurity to be resistant to cold boot attacks.

2. OVPN Integritet AB (Org no. 556999-4469). We operate under Swedish jurisdiction.

3. We don’t monitor abuse. In order to limit concurrent connections, our VPN servers validate account credentials by making a request to our website. Our web server keeps track of the number of connected devices. This is stored as a value of 0-4, where it is increased by 1 when a user connects and decreased by 1 when a user disconnects.

4. For website insights, we use Piwik, an Open Source solution that we host ourselves. The last two bytes of visitors’ IP addresses are anonymized; hence no individual users can be identified. Automatic emails from the website are sent using Mailgun, but we never send any sensitive information via email. Intercom is used for support.

5. Since we don’t store any information, such requests aren’t applicable to us.

6. We can’t provide any information to the court. A court wouldn’t be able to require logging in our jurisdiction – but in case it did happen we would move the company abroad.

7. We don’t do any traffic discrimination. As such, BitTorrent and other file-sharing traffic are allowed on all servers. We do provide port forwarding services as incoming ports are blocked by default.

8.  PayPal, credit cards (via Braintree), Bitcoin (via Bitpay), Bitcoin Cash (via Bitpay), cash in envelopes as well as a Swedish payment system called Swish. We never log IP addresses of users, so we can’t correlate an IP address to a payment.

9. We offer AES-256-GCM. In terms of connection, we recommend using our Multihop add-on.

10. Our desktop client provides a kill switch as well as DNS leak protection. All our servers support dual stack IPv4 & IPv6.

11. We own all the servers and routers used to operate our service. All VPN servers run without any hard drives – instead we use tmpfs storage in RAM. Writing permissions for the OpenVPN processes have been removed, as well as syslogs. Our VPN servers do not support physical console access, keyboard access nor usb access. The servers are collocated in various datacenters that meet our requirements. OVPN does not rent any physical or virtual servers.We operate our own DNS servers.

12.  We do not offer any virtual locations. At the time of this writing OVPN has VPN servers in USA, Sweden, Germany, Switzerland, the Netherlands, Canada and Norway.

OVPN website

vpnciry-29294341. Privacy is so important for VPNCity, therefore, we do not store or retain any logs relating to traffic, sessions, DNS, etc. There is no way you could match a person or entity to an IP Address or time stamp.

2. VPNCity.com is wholly owned and operated by Think Huge Ltd, incorporated in Hong Kong.

3. We don’t monitor abuses automatically, this is handled carefully by a member of staff. There is a limitation of 1 connection at a time for port 25 and we do limit the VPN concurrent connections according to our advertised plans.

4. We do use Google Analytics for marketing purposes and Kayako/Zopin for live chat, however, our staff is instructed to never ask customers for their public IP Addresses. Our applications have a feature which will help the customer to provide our support team the internal IPs to avoid leakage of external IPs during chat/support.

5. As we are incorporated in HK, DMCA and similar Acts have no legal ground.

6. If the order or subpoena is issued by a Hong Kong court, we would have to provide any information we hold. However, as our clients’ privacy is paramount, our NO log policy means that we don’t have any user-specific data to pass onto the authorities.

7. We currently do not block any forms of traffic on any of our servers. We do not currently offer port forwarding services, and we currently do not block any ports.

8. We accept payments via PayPal, all major credit cards and AliPay. Credit cards are processed via Stripe and AliPay is processed via Payssion. We are also about to introduce crypto payments in the coming weeks, processed via CoinGate.

There is a link between the payment and the users account as that must be tracked in case of support concerns such as refunds/credits. There is no link between the VPN connection and the user account though. The user account just allows them access to pay for a VPN – beyond that, there is no correlation between the user’s account and the connections that the user has to our VPN servers.

9. TLS 1.2, 256-GCM, 4096bit RSA and SHA512 HMAC. shadowsocks/proxy should use 256-CBC and of course, all DNS should be encrypted by TLS.

10. Yes, a Kill Switch is available to all clients and we’ve gone to great lengths to ensure clients information is secure. IPv6 is enabled by default however our customers have the ability to disable it.

11. We use our own DNS servers, and as the traffic is encrypted, our data center providers are unable to port mirror our traffic. We also insist on strict procurement procedures where we insist our suppliers provide security certificates, such as ISO 270001, and ensure they comply with our security checklist.

12. At the moment we have infrastructure operating in 68 cities across 47 countries.

VPNCity website

anonine-1-74959551. During active session (when the user is connected via one of the available protocols) we record the amount of consumed traffic (bytes sent/received) and store this in DB. After the user disconnects, we no longer have info about the IP, so there’s no way to identify a customer.

2. Edelino Commerce, Seychelles.

3. We use an in-house set of custom scripts that run on each server.

4. For support we use Freshdesk, GA for analyzing web pages, mail is self-hosted.

5. This depends on where the server is hosted. We either ignore it or issue an automatic email reply. The autoreply is long, but basically, it says that we don’t host any files and are not obliged to reveal any info about our customers.

6. We haven’t seen such scenarios in the past, however, we received email requests to get info about users. We always replied as it is – that we don’t have any logs to provide, and are not obliged to store any. The same reply would be to the court order in case it happens.

7. BitTorrent and other p2p protocols are mostly allowed. On some servers, it’s blocked due to fact that there are no hosters in that region that will tolerate torrents. This means that if we enable torrenting on such servers – we’re basically losing this server/location. Yes, we have port forwarding. We block 25 port due to spam issues, any other ports are allowed.

8. We accept credit cards via integration with few different payment systems, PayPal and Bitcoin. Latter is the most anonymous option. Even though when paying with credit card payment system collects basic info required for payment – we don’t store it, and it can’t be linked to any activity that happened while the customer was connected to our VPN.

9. Our recently upgraded OpenVPN with AES256, 4096-bit keys and TLS auth. Upcoming Wireguard rollout will also offer state-of-art
modern encryption.

10. Yes, we added killswitch support to our application recently. Also regardless of what protocol customer choose we protect you from
DNS leaks. We support only IPv4 for now.

11. Depending on location we either own hardware or rent it. In both cases, only several people from our staff have access to servers.
We strictly control access to servers and encrypt disks. All traffic regardless is it management or our customer’s traffic is encrypted.
We use our own DNS servers, and protect customers from leaking their IP by using any other DNS.

12. All servers are located in countries that are listed on our web site. Now we offer servers in 35 countries, and most of the countries have servers in different cities. We do not offer virtual locations when you connect to a specific location – you connect to the server located in that country.
Anonine website

casvpn-7046410

1. We do not keep any kind of logs on our systems. When the user is logged into the server, his information is only available at that time, on our server, and only used for authentication. Once he disconnects all his login information is destroyed.

2. Rothas Apps Limited, we are located in Hong Kong.

3. We offer 5 Multi-Logins, for one account. Abuse of our services is monitored through our server built-in tools and techniques.

4. We have our own email servers. But yes, we use Google Analytics for traffic analysis and Tawk.to for live chat.

5. We monitor our services for misuse in real time. Our system is built upon multiple tools and techniques to assist in the monitoring of our services and alerts us for any misuse.

6. To date, no valid court orders have been submitted to us, but we do receive requests from law enforcement periodically, on which we perform our own investigations for compliance and respond according to our Privacy Policy.

7. We have certain servers that allow the use of torrents and related tools for file-sharing, and they are only allowed in cases where file-sharing is legal and allowed, therefore, all such traffic is treated as regular traffic. On these servers, file-sharing ports are all open.

8. At the moment our payment methods include PayPal and Stripe for Major Credit and Debit Cards. All payments made by any user is not linked nor is logged as stated in our Privacy Policy. Hence, this information is controlled by the user as we keep no logs.

9. AES-256 + RSA4096 + SHA256.

10. Our applications have Kill Switch and DNS Leak Protection. We are only working with IPv4 at the moment.

11. Our VPN servers are hosted in trusted data centers with strong security practices, where the data center employees do not have server credentials.

12. We have +150 servers in over 57 countries, more are added continuously and will not stop.

CASVPN website

securevpnto1-61091791. We don’t log any individually identifying information. The privacy of our customers is our top priority.

2. Our service is operated by a group of autonomous privacy activists outside of “Fourteen Eyes” or “Enemy of the Internet” countries. Each server is handled within the jurisdiction of the server’s location.

3. There are no tools which monitor our customers but we use techniques which don’t require any logging to prevent the abuse of our service.

4. Our website has entirely been developed by ourselves and thus we don’t rely on external service providers.

5. We reply to takedown notices but nobody can force us to hand out information because of our non-logging policy.

6. This hasn’t happened yet, but if we were forced to identify any of our customers at a specific server location, we would immediately terminate this location. We are not going to log, monitor or share any information about our customers under any circumstances.

7. BitTorrent and other file-sharing traffic is allowed and treated equally to other traffic on all servers. Port forwarding and TCP port 25 (SMTP) are disabled to prevent our servers from being abused for shady things.

8. The only payment methods we offer are privacy preserving payment methods like Bitcoin, Dash, Ethereum, Paysafecard and Perfect Money. No external payment processor receives any information because all payments are processed by our own payment interface.

9. We would recommend OpenVPN, available in UDP and TCP mode. We are using AES-256-GCM/CBC for traffic encryption, 4096 bit RSA keys for the key exchange and SHA-512 as HMAC. This setup offers a very high grade of security.

10. Our VPN Client provides advanced security features like a Kill Switch, DNS Leak Protection, IPv4/IPv6 Leak Protection, WebRTC Leak Protection and many more. Connections from Dual Stack IPv4/IPv6 are supported.

11. We rent 24 servers in 18 countries and are continuously enhancing our server park. It is impossible to have physical control over all widespread servers but we took security measures like disabling hardware ports to prevent unintended server access. The solution to an adversary snooping to inbound/outbound traffic is our service itself. Due to the nature of a VPN connection is not possible to correlate a connection between inbound and outbound traffic. Thus it is not possible to learn anything from such an attack which could break our customers privacy. At the moment we are using the nameservers of Quad9 which offer good privacy.

12. Every server is physically located in its specified country and thus we don’t offer virtual locations. You can find our server list at the following link.

SecureVPN.to website

VPN provider(s) With Some Logs

vpnac-84701541. We keep connection logs for one day to help us in troubleshooting customers’ connection problems but also to identify attacks (e.g. bruteforce, account theft). This information contains IP address, connection start and end time, protocol used (including port) and amount of data transferred. This info isn’t stored on any servers but transfered securely in real time to an undisclosed location.

2. Netsec Interactive Solutions SRL, registered in Romania.

3. There are automated firewall rules that can kick-in in the event of some specific abusive activities. Manual intervention can take place when absolutely necessary, in order to maintain the infrastructure stable and reliable for everyone. Concurrent connections are limited by the authentication back-ends.

4. No, we don’t.

5. We are handling DMCA complaints internally without involving the users (i.e. we are not forwarding anything). We use shared IP addresses so it’s not possible to identify the users.

6. It has never happened. In such an event, we would rely on legal advice.

7. It is allowed on all servers. Port forwarding is not supported due to security and privacy weaknesses that come with it, ports aren’t blocked except for SMTP/25.

8. All popular cryptocurrencies, PayPal, credit cards, several country-specific payment methods, gift cards. Crypto payments can be anonymous.

9. OpenVPN using Elliptic Curve Cryptography for Key Exchange (ECDHE, curve secp256k1) is used by default in most cases. We also support RSA-4096, SHA256 and SHA512 for digest/HMAC. For data encryption we use AES-256-GCM and AES-128-GCM. We are also supporting the WireGuard VPN protocol (in beta).

10. Yes, such features are embedded in our client software.

11. We have physical control over our servers in Romania. In other countries, we rent or collocate our hardware. We use our own DNS resolvers and all DNS traffic between VPN gateways and DNS resolvers is encrypted.

12. We don’t use “virtual locations”. All servers are physically located in several countries such as: Australia, Brazil, Canada, Belgium, Switzerland, Germany, Spain, Finland, France, Hong Kong, Italy, Japan, Lithuania, Luxembourg, Mexico, Netherlands, Norway, Poland, Portugal, Romania, Sweden, Singapore, Taiwan, UK, USA.

VPN.ac website

VPN providers With Some Logs

seed4me-75214351. General connection logs are stored on a secure server for 7 days to solve network issues if there are any (for example if VPN IP is blocked in China and needs replacement). These logs are deleted after 7 days if there are no network problems.

2. We operate under a few jurisdictions and prefer to keep this information private as an extra layer of protection for our customers.

3. We use simple firewall rules to avoid some abuses in advance. Regarding concurrent connections: we do not have any limits when people use our Windows, MAC, iOS or Android app. When Customer sets up L2TP/PPTP VPN manually he has 3 simultaneous connections by default, this number can be increased and it’s totally free. We use our own solution to manage abusive accounts and limit concurrent L2TP/PPTP connections.

4. Currently, we utilize Google Analytics and G Suite (ex. Google Apps).

5. In case of abuse we null route the IP to keep ourselves in compliance with DMCA. Currently, we use simple firewall rules to block torrents in countries where DMCA applies.

6. We will act in accordance with the laws of the jurisdiction, only if a court order comes from a jurisdiction where the affected server is located. Fortunately, as we said before, we do not keep any logs on VPN nodes, on the other hand, we do not encourage illegal activity. This never happened.

7. Torrents are allowed on our VPN servers in Switzerland, Sweden and Latvia. This is torrent-friendly countries with high-quality data centers and network. We firewall mail ports on some servers to avoid mail spam.

8. We accept Bitcoin, PayPal, Visa, MasterCard, bank transfers, In-App purchases in our mobile apps (iTunes, Google Play, Amazon) and all kinds of electronic payments like WeChat, Webmoney, QIWI, Yandex.Money.

We do not store sensitive payment information on our servers, in most cases, the payment system simply sends us a notification about successful payment with the amount of payment. We validate this data and grant access to the VPN. BTW, we do not require the name of the cardholder when he pays for the VPN with a card.

9. Obfuscated OpenVPN with 2048-bit key will be a good choice, it’s available in our Desktop and Android apps. Also, our iOS App has Automatic protection option that guarantees for example that all outgoing connections on open Wi-Fi will be encrypted and passed through a secure VPN channel.

10. Yes, we do provide DNS leak protection in our Desktop app (Windows and MacOS) and we suggest customers to turn off IPv6 support. We offer Kill switch option in our Desktop apps. We are also compatible with free software that prevents unsecured connections after VPN connection goes down.

11. We rent servers. Here are some basic facts to help people enjoy using our Network:
– No data is stored on VPN nodes (if the node is confiscated, there will not be any data).
– VPN nodes only receive and forwards traffic.
– All data sent to our clients is encrypted.
– All servers are remotely administered by our team only, no outsourcing.

We prefer to deal with trustworthy Tier-3 (PCI-DSS) data centers and providers to ensure reliable service with high security. As for DNS, we use Google, users can override these settings with their own.

12. We avoid using “virtual locations”. Currently we offer VPN nodes in 30+ countries: USA, UK, Canada, Russia, Latvia, Lithuania, Ukraine, Finland, Moldova, Romania, Sweden (torrent-friendly), Bulgaria, Czech Republic, Germany, Netherlands, Swiss (torrent-friendly), Belgium, Italy, France, Israel, Spain, India, Hong Kong, Japan, Taiwan, Singapore, Australia and a special China-optimized cluster for users in China.

Seed4.me website

—–

Note: several of the providers listed in this article are TorrentFreak sponsors. We reserve the first three spots for our sponsors, as a courtesy. A few of the links to VPN providers contain affiliate links which help us pay the bills. We never sell positions in our review article or charge providers for a listing.

VPN providers who want to be in future question rounds are free to get in touch.