vpn.now exists to protect ordinary internet use: browsing, working, streaming, gaming, and communicating more privately. This policy describes the small set of things you may not use the service for. It exists to protect other users, the people on the wider internet, and the service itself.
The principle is simple: do not use vpn.now to break the law or to harm other people or networks. Almost everyone can stop reading there. The details below are for clarity.
Purpose and who this applies to
This policy is part of our terms of service. By creating an account or connecting to our servers, you agree to it. It applies to every person and every device that uses your account, including family members or coworkers you share devices with. You are responsible for what happens through your account, so keep your config files and password safe.
This policy covers use of the VPN service, the website, the API, and our support channels. It applies on every plan, paid or trial.
Lawful use only
You may only use vpn.now for lawful purposes. Two sets of laws matter: the laws where you are, and the laws where the server you connect to is located. A VPN changes the route your traffic takes. It does not change what is legal. If an activity is illegal without a VPN, it is still illegal with one.
We do not give legal advice, and we cannot tell you whether a specific activity is legal in your country. If you are unsure, check local law before you act.
Prohibited abuse
You may not use vpn.now to do any of the following:
- Send spam. No bulk unsolicited email, comment spam, SMS spam, messaging spam, or operating open relays or mail proxies through the service.
- Scan or break into systems. No port scanning, vulnerability scanning, brute force attacks, or access attempts against systems you do not own or have written permission to test. Authorized security testing of your own systems is fine. Testing our own service is covered by our vulnerability disclosure policy.
- Spread or control malware. No distributing viruses, ransomware, spyware, or other malicious code. No hosting or operating command and control infrastructure for botnets or compromised machines.
- Run denial of service attacks. No flooding, amplification, or any attack meant to take a network, server, or person offline. No participating in such attacks, paid or unpaid.
- Distribute infringing material. No operating or feeding services dedicated to large scale distribution of copyrighted or trademarked material you have no rights to.
- Commit fraud or phishing. No fake login pages, payment fraud, identity theft, account takeover schemes, or scams of any kind.
- Harass or threaten people. No stalking, doxxing, coordinated harassment, or credible threats of violence against others.
- Harm children. No accessing, storing, or sharing child sexual abuse material. This is the one category where we apply zero tolerance with no warning step. We terminate the account immediately and report to the relevant authorities where the law requires or permits it.
- Resell or abuse the service. No reselling vpn.now access, sharing one account across a large group, or deliberately working around device limits.
This list covers the common cases, not every possible one. Any other activity that is illegal where you are or where our servers are is also prohibited.
Email policy
We block outbound traffic on TCP port 25, the port mail servers use to deliver email to each other. This is standard practice for VPN providers, and here is why: port 25 is the main channel spammers use to send bulk mail directly from hijacked or rented connections. Leaving it open would get our server IP addresses blacklisted within days, which would break email for every honest user on those servers.
Normal email is not affected. Apps like Gmail, Outlook, and Apple Mail send through ports 465 or 587 with authentication, and those work fine through vpn.now. The block only stops direct server to server delivery, which almost no individual user needs. If you run your own mail server and this affects you, contact support and we will talk through your options honestly.
Peer to peer traffic
We do not block peer to peer protocols such as BitTorrent. P2P is a transfer method, not a crime. It moves Linux images, game updates, and public datasets every day, and we see no reason to ban a protocol because some people misuse it.
The rule is the same as everywhere else in this policy: the content must be lawful. Sharing material you have no rights to distribute is prohibited, whether it travels over P2P or anything else. Rights holders monitor public torrent swarms and send complaints that identify the IP address and timestamp involved. Those complaints reach us, and the enforcement process below applies.
How we handle abuse reports
We never store browsing activity, DNS queries, or traffic contents. The only connection data we keep is aggregate metadata, such as per server session counts, and it is purged after 30 days. Our privacy policy lists every piece of data we hold, and our transparency page explains what we can and cannot produce when asked.
That shapes how enforcement works. We cannot look backward through your traffic, because no such record exists. What we can do:
- When a complaint identifies one of our server IP addresses and a timestamp, we can check whether the report is credible and whether the described abuse pattern is ongoing.
- For active, ongoing abuse, such as a live attack from one of our servers, we can apply network level measures or restrict the session causing the problem.
- Where the available evidence ties abuse to a specific account, for example through a fraud report on the account itself or repeated complaints matching one account's activity, we act on that account.
- What we cannot do, and will not pretend to do, is retroactively identify what any user browsed or downloaded. That information was never recorded.
This policy is not a back door into your privacy. Enforcement runs on external reports and the minimal account data we already hold, nothing more.
Enforcement ladder
We aim to be proportionate. Most problems are mistakes or misunderstandings, and we treat them that way. The usual steps are:
- Warning. For a first or minor issue, we email the account holder, explain the complaint, and ask that the behavior stop. Most cases end here.
- Suspension. For serious abuse, ongoing harm, or a warning that was ignored, we suspend access while we investigate. Active attacks may be suspended immediately and without notice, because waiting would harm others.
- Termination. Repeated or severe violations end the account. CSAM ends the account immediately, with no prior step.
Refunds for terminated accounts follow our refund policy. Accounts closed for abuse are not eligible for refunds. If your account is suspended and you believe we got it wrong, reply to the notice or contact support and a human will review the decision.
Reporting abuse to us
If you believe a vpn.now user is abusing the service, tell us. Email [email protected] with the affected IP address, the exact timestamp including time zone, and a description of what happened. Logs or message headers help a lot. The IP and timestamp matter most, because our servers share IP addresses among many users and we need precise details to act.
We read every report. We will tell you what action we took where we can, though privacy law limits what we can share about another account.
Why this policy matters for everyone
VPN servers share IP addresses among many users. When someone abuses a server, that server's IP address can get blocked by websites and networks, which hurts every honest user connected through it. Keeping abuse off the network is not just a legal duty, it is how we keep the service working well for you.
Changes to this policy
If we change this policy, we will update the date at the top and notify account holders by email for any meaningful change. We will not expand this list quietly.
Contact
Unsure whether something you want to do is allowed? Ask first. Open a support ticket and describe your use case, and we will give you a straight answer.