How to Read a VPN Logging Policy Like a Skeptic
Key points
- Separate activity logs, connection logs, and account data. Stored browsing activity is the deal breaker.
- Aggregate, short-lived operational data is normal. Per-user records with no retention limit are not.
- Red flags include undefined terms, missing retention periods, silence on DNS, and free services with no business model.
- Verify claims through recent audits, transparency reports, and how the provider behaved in real incidents.
On this page
Every VPN service on earth says it cares about your privacy. The sentence costs nothing to write. The logging policy is where you find out what the company actually does, and reading one well is a skill worth ten reviews.
This matters because of what a VPN is. You route all your traffic through a company's servers, which puts that company in the position your internet provider used to hold. The technology encrypts the path, but the provider at the end of the tunnel sees what it sees. What it records, for how long, and in what form is a policy decision, not a technical one.
This guide gives you the categories, the red flags, and the verification methods. It also states our own practices plainly, because we should be held to the same standard we are teaching you to apply.
The Three Kinds of Logs
Logging policies blur categories on purpose. Keep these three separate in your head and the fog clears:
| Category | What it includes | Privacy impact | Is keeping it normal? |
|---|---|---|---|
| Activity logs | Sites visited, DNS queries, traffic contents | Severe. This is your browsing history. | No. A privacy service has no good reason to store this. |
| Connection logs | Timestamps, server used, your IP, data volume | Moderate to high, depending on detail and retention | Partly. Aggregate, short-lived data for capacity planning is common. Per-user records tied to your real IP are a concern. |
| Account data | Email, payment records, subscription status | Low to moderate | Yes. Every paid service keeps some of this to function. |
The dividing lines matter. A service that stores which sites you visit has defeated its own purpose, whatever its homepage says. A service that counts total bandwidth per server to know when to add capacity is doing ordinary engineering. The policy's job is to tell you which side of those lines the provider stands on, and your job is to notice when it avoids saying.
Red Flags in the Wording
Once you know the categories, weak policies give themselves away. Watch for these patterns:
- Big claims, small print. A bold slogan on the homepage paired with a policy that quietly permits collecting "diagnostic data" or "service usage information" without defining either.
- No retention periods. "We may retain certain data for operational purposes" with no time limit means indefinitely.
- Undefined terms. If the policy never says exactly what counts as a log, the vagueness is the feature.
- Silence on DNS. DNS queries are a complete record of the sites you wanted. A privacy policy that never mentions DNS has skipped the most sensitive category.
- Free service, no business model. Servers cost money. If the company never explains how it pays for them, your data is the leading candidate. This pattern shows up across the industry, and we covered why in our roundup of VPN myths.
- Jurisdiction games. A mailbox registration in a privacy-friendly country means little if the team, servers, and parent company answer to laws elsewhere. Look for who actually operates the service.
How to Verify Instead of Trust
A policy is a promise. Verification is evidence. Three kinds of evidence are worth your attention:
Independent audits
An audit means an outside firm examined the provider's infrastructure or policies and published what it found. Read the scope: an audit of the apps is not an audit of the servers, and a 2021 audit says little about 2026. Repeated, recent audits with meaningful scope are the strong signal.
Transparency reports
These document the legal requests a provider received and what it handed over. A provider that stores little has little to hand over, and a history of responses saying exactly that is some of the best evidence available. It shows behavior under pressure, which marketing never does.
Real-world incidents
Server seizures and court cases occasionally test providers in public. When authorities seize a server and find nothing useful on it, the policy was real. When a "private" service's records show up in a court filing, the policy was a slogan. A provider's history is searchable, so search it.
Tip: before subscribing to any VPN, spend ten minutes searching the provider's name together with words like audit, court, seizure, and breach. What a company did when tested tells you more than anything it wrote about itself.
Our Own Answers
Since we are teaching the questions, here is how vpn.now answers them. We never store browsing activity, DNS queries, or traffic contents. There is no record of which sites you visit through our servers, because we do not create one. Connection metadata exists only in aggregate form, meaning per-server totals used for capacity planning rather than per-user records, and even that aggregate data is purged after 30 days. Account data is the minimum needed to run a subscription.
You should not take that paragraph on faith, because taking such paragraphs on faith is exactly what this article argues against. Our transparency page documents these practices, our infrastructure choices, and our history of legal requests, and we keep it current so the claims stay checkable. How we secure the servers themselves is covered separately on our security practices page.
Why Some Metadata Exists at All
An honest policy explains not just what is kept but why. Services need to know when servers are overloaded, whether connections are failing, and how much capacity to add next quarter. That requires counting things. The privacy question is whether the counting happens in aggregate, where individual users are not represented, or per user, where your behavior becomes a record with your name on it.
The same logic applies to limits like simultaneous device counts, which need a live session count but not a stored history. When you read a policy, the question is never "does any data exist anywhere" but "can what they keep be tied to me, and for how long." A clear-eyed view of what the provider can technically see is laid out in our VPN privacy guide, which pairs well with this one.
Putting It Together
Reading a logging policy like a skeptic comes down to a short checklist. Does the policy name the three categories and state clearly where it stands on each? Does it give retention periods in numbers? Does it mention DNS? Is there recent independent evidence, through audits, transparency reporting, or incident history? And does the business model explain who pays for the servers?
A provider that passes those checks has earned consideration. One that fails them is asking you to trade a provider you do not trust for another one you should not. The whole point of moving your traffic, as explained in our overview of what your internet provider can see, is that the company you move it to treats it with more care. If you want to evaluate us against this checklist, our plans and renewal prices are listed plainly on the pricing page, and the transparency page linked above holds the evidence.
Independent Audits and Warrant Canaries: What They Prove and What They Do Not
When a VPN says it does not keep records, the strongest backup for that claim is an independent audit. This is when an outside firm, not the VPN company, reviews the actual systems and then publishes what it found. That is much better evidence than a line on a sales page, because someone with no stake in the result looked under the hood. But an audit has limits, and an honest reader keeps them in mind. An audit is a snapshot. It describes how things looked on the days the auditors checked, not how they look today. The scope can also be narrow, covering only one part of the setup while leaving the rest untouched. And the value of any audit depends on how much access the auditors were given and how independent they truly are.
A warrant canary is a different kind of signal. It is a short statement that a company updates on a schedule, saying it has not received a secret legal order for user data. The idea is that if the canary stops being updated or quietly disappears, readers can infer that something may have changed. Be clear with yourself here: a canary is an indirect hint, not proof. Its legal weight is debated, and a missing canary can have ordinary causes too.
Here is a real-world note worth more than any slogan. There have been court cases where a provider's record-keeping claim was tested because authorities asked it to hand over data. What the company could actually produce in that moment tells you far more than a promise ever could.
So when you compare options on vpn.now or anywhere else, lean toward providers with recent third-party audits and a public track record. Just treat every audit, canary, and court outcome as partial evidence that points in a direction, not a guarantee that settles the question.
Summary
How to judge any VPN logging policy:
- Separate activity logs, connection logs, and account data. Activity logs are the deal breaker.
- Aggregate, short-lived operational data is normal. Per-user records with no retention limit are not.
- Red flags: undefined terms, missing retention periods, silence on DNS, and free services with no visible business model.
- Verify through recent audits, transparency reports, and how the provider behaved in real incidents.
- vpn.now stores no browsing activity or DNS queries, keeps connection metadata only as aggregates purged after 30 days, and documents it all for you to check.
