VPN Privacy Guide: What a VPN Hides and What It Does Not
Key points
- A VPN hides browsing destinations from your internet provider and your IP address from websites.
- It does not hide you from services you log into; cookies and fingerprinting keep working.
- Your VPN provider can see connection metadata, so you move trust rather than remove it.
- Pair the VPN with browser hygiene and fewer shared details for the biggest privacy gains.
On this page
- What a VPN Hides
- What a VPN Does Not Hide
- Who Sees What: A Reality Check
- You Move Trust, You Do Not Remove It
- Does Server Location Matter for Privacy?
- Browser Tracking Does Not Care About Your IP
- Practical Steps That Improve Real Privacy
- Threat modeling: decide who you are actually hiding from
- Summary
- Frequently asked questions
Privacy is the main reason people buy a VPN, and it is also where the most exaggerated claims live. Some of what you have read about VPN privacy is true. Some of it is marketing. This guide separates the two.
The honest framing is simple: a VPN hides specific things from specific parties. It hides your browsing destinations from your internet provider, and it hides your IP address from the sites you visit. It does not hide who you are from services you log in to, and it does not stop most web tracking.
If terms like IP address or DNS feel fuzzy, keep our VPN glossary open in another tab while you read. And if you want the absolute basics first, our introduction to what a VPN is covers them.
What a VPN Hides
With the tunnel up, your internet provider can no longer see which sites and apps you use. It sees one encrypted stream flowing to a single server, plus the total amount of data. Your DNS lookups, the requests that translate site names to addresses, travel inside the tunnel too, as long as your app is set up correctly.
On the other side, websites and apps stop seeing your real IP address. They see the VPN server's address, which is shared with many other customers at the same time. That removes one signal used to estimate your location and to link your sessions together. It also keeps your home IP address out of the logs of every site you visit.
The same protection applies to the owner of whatever network you are on: a hotel, an employer's guest Wi-Fi, a cafe. They see encrypted traffic to one server and nothing else.
What a VPN Does Not Hide
A VPN does nothing about identity you give away yourself. When you sign in to Google, the service knows it is you because of your account, not your IP address. The same goes for social networks, shops, and email. Your activity inside those services is tied to you regardless of the tunnel.
It also does not hide your browser from tracking scripts. Cookies persist. Fingerprinting, which recognizes your browser by its settings and behavior, works exactly the same through a VPN. And anything you post publicly is public, no matter how it traveled to the server.
Finally, a VPN cannot erase data that companies already hold about you, and it cannot stop a website from asking for your email and selling it. Those are policy problems, not network problems.
Who Sees What: A Reality Check
The clearest way to think about VPN privacy is party by party:
| Party | Without a VPN | With a VPN |
|---|---|---|
| Internet provider | Every domain you visit, when, and how much | One encrypted stream to one server |
| Websites you visit | Your real IP address and rough location | The VPN server's shared address |
| Network owner (hotel, cafe, office) | Domains and traffic metadata | One encrypted stream |
| Services you log in to | Your full activity, tied to your account | The same, tied to your account |
| Ad networks and trackers | IP address plus cookies and fingerprint | Cookies and fingerprint still work |
| VPN provider | Nothing | Connection metadata and routed traffic |
Read the last row twice. It is the one most ads skip. Connection metadata means things like the time you connected, the server you used, and the volume of data moved. How long any of that is kept, and in what form, is decided by the provider's policies, not by the technology. Two services running identical software can treat that information in completely different ways.
You Move Trust, You Do Not Remove It
Using a VPN reroutes your traffic through a company's servers. That company is now in a position your internet provider used to hold. The honest question is not "does this VPN log anything?" but "what does this company do, and how can I check?"
Useful signals: a clear policy written in plain language, independent audits, a history of how the company responded to legal requests, and openness about who owns it and where it operates. We publish our own practices and request history on our transparency page, because we think you should be able to verify rather than just believe.
Be most careful with free services. Servers and bandwidth cost money. If you are not paying, the business is funded some other way, and historically that way has often involved user data.
Does Server Location Matter for Privacy?
Less than the marketing suggests, but it is not nothing. The country a server sits in decides which laws apply to that server, including what authorities there can demand. The country where the VPN company is registered matters more, because that is where legal pressure lands first.
For day-to-day privacy, pick servers based on speed and pick your provider based on its policies and track record. Switching from a server in one country to a server in another does not change what your own websites and accounts know about you. It changes which jurisdiction the middle of your connection passes through, which only matters in narrow situations most people never face.
Browser Tracking Does Not Care About Your IP
Most modern tracking happens inside your browser, not at the network layer. Cookies follow you between sites. Fingerprinting scripts read your screen size, fonts, time zone, and dozens of other details to recognize you without any cookie at all. Your IP address is just one signal among many, and a VPN only changes that one.
This is why the claim "a VPN stops tracking" earns a spot in our roundup of VPN myths and the truth behind them. A VPN narrows tracking. Browser hygiene narrows it much further. The two work best together: the VPN handles what the network can see, and your browser settings handle what the sites themselves can collect.
Practical Steps That Improve Real Privacy
If privacy is your goal, the VPN is one layer in a short stack. Do these together:
- Keep the VPN on for everyday browsing so your provider sees as little as possible.
- Verify your tunnel actually carries your DNS lookups with the test in our DNS leak walkthrough.
- Use a browser with tracking protection turned on, and clear cookies on a schedule.
- Sign out of accounts you are not using. Logged-in sessions identify you everywhere.
- Use a separate browser or profile for the accounts that must stay logged in.
- Give out fewer real details. The data nobody holds is the only data that cannot leak.
Tip: decide what you want to hide and from whom before you tune anything. "My ISP should not see my browsing" is a goal a VPN fully meets. "No company should know who I am" is a different project with different tools.
Threat modeling: decide who you are actually hiding from
Privacy is not one single thing. It is a set of choices that depend on who you are trying to keep your activity away from. Before you pick any tool, name your real concern. The honest term for this is threat modeling. It just means asking one question first: who am I hiding from, and what can that person or group actually do? Once you answer that, you can see where a tool like vpn.now fits and where it does not.
Here is where a VPN lands against the common concerns:
- The person on the same Wi-Fi at a cafe or airport: a VPN helps a lot. It scrambles your traffic so someone nearby cannot read what you are doing on the shared network.
- Your internet provider or mobile carrier: a VPN helps. It hides which sites you visit from them, though they can still see that you are connected to a VPN.
- The websites and advertisers you visit: a VPN helps only partly. It hides your IP address, but if you log into accounts, accept cookies, or get fingerprinted by your browser, those still point back to you.
- A government or law enforcement with legal power: a VPN is not designed for this. The VPN is one company, and a company can be asked through legal channels to hand over what it has. Trust that can be compelled is not protection against that kind of pressure.
The takeaway is simple. Name your real concern first, then choose tools that match it. A VPN is strong for some of these worries and weak for others. Treating it as a fix for everything is how people end up feeling safe while leaving the gap that actually matters to them wide open.
Summary
The honest picture of VPN privacy:
- A VPN hides your browsing destinations from your internet provider and your IP address from websites.
- It does not hide you from services you log in to, and it does not stop cookies or fingerprinting.
- Your VPN provider can see connection metadata, so choose one whose practices you can verify.
- Free VPNs deserve extra suspicion, because the servers are paid for somehow.
- The biggest privacy wins come from combining a VPN with browser hygiene and giving out less data.
