Anonymous VPN Providers? 2016 Edition (Page 3)

You can read the introduction (page 1) here.

1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, what information and for how long?

2. What is the registered name of the company and under what jurisdiction(s) does it operate?

3. Do you use any external visitor tracking, email providers or support tools that hold information of your users / visitors?

4. In the event you receive a takedown notice (DMCA or other), how are these handled?

5. What steps are taken when a valid court order or subpoena requires your company to identify an active user of your service? Has this ever happened?

6. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why?

7. Which payment systems do you use and how are these linked to individual user accounts?

8. What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as “kill switches” if a connection drops and DNS leak protection?

9. Do you offer a custom VPN application to your users? If so, for which platforms?

10. Do you use your own DNS servers?

11. Do you have physical control over your VPN servers and network or are they hosted by/accessible to a third party?

12. What countries are your servers located in?

Steganos

steg

steganos1. We do not store any user data, neither regarding IP-addresses nor time stamps.

2. Steganos Software GmbH, Germany

3. We use Google Analytics, Visual Website Optimizer (occasionally) and Google Apps within our company. Our support service additionally uses Zendesk, which logs some user information. As these are stored on different servers, they cannot be used for user identification though.

4. After receiving such a notification, Steganos takes seizure according to its own measures that we consider appropriate. In general, this would be the restriction of access to the copyright protected work, but not the blocking of a user.

5. Steganos has taken a strong stance for data security and protection for years and defended customer information against any disclosure. This means that we try to prevent the identification of our users and even go to court, if necessary, like in 2009. Back then the data retention law imposed by EU was in force in Germany. Nevertheless, Steganos refused to release the IP-address of a user to the lower regional court of Bamberg and successfully proceeded against this court order (see: http://www.heise.de/netze/meldung/LG-Bamberg-Anonymisierungsdienst-muss-IP-bei-Missbrauch-nicht-herausgeben-749001.html) .

6. BitTorrent or other file-sharing traffic is not actively blocked as of now.

7. Our customers can pay easily and securely via Paypal, Credit Card (Mastercard, Visa), bank transfer, check or Giropay. All billing information is stored on different servers than the VPN servers and cannot be linked to users by any means.

8. We recommend OpenVPN with 256-bit AES encryption and therefore work with it in our product “Steganos Online Shield VPN“. As we believe it to be the most secure option, we are also currently planning on implementing it in our VPN tool “OkayFreedom” (which uses 128-bit blowfish as encryption algorithm so far). We neither offer tools regarding kill switches nor DNS leak protection as of now.

9. Yes, we offer a custom VPN application for Windows (Steganos Online Shield and OkayFreedom), iOS and Android (Steganos Online Shield only). We do not store connection logs, neither locally nor remotely. For debugging reasons, both OpenVPN and the Steganos Online Shield client keep logs on the client computer which include the IP addresses of the VPN servers used. The Steganos Online Shield log is being deleted when restarting the program, the OpenVPN client is being deleted once it gets bigger than 50kb.

10. We use Google Public DNS server, which we consider unproblematic. It is not only the biggest public server with over 130 billion requests per day and works fast, but also does not store personally identifiable information nor IP-addresses permanently and all temporary logs are deleted after 48 hours at the latest.

11. We collaborate with several third party providers that reside in these countries, for example 1&1 Internet AG in Germany and hosttech GmbH in Switzerland. Despite that we do not have physical control over the VPN servers there, we always take security measures like installing our operating system directly on these servers. It is to mention, that all login servers are placed in Germany where we have full control over them.

12. We offer servers located in 10 different countries, which are: France, Germany, Great Britain, Japan, Romania, Singapore, Spain, Switzerland, the Netherlands and the USA.

Steganos website

FrootVPN

frootvpn1. NO. We don’t keep any logs of any kind such as User Info, Timestamps, Bandwidth, IP Address, DNS Queries and Log sessions on any activities to greatly avoid third party surveillance.

2. The name of our company is Frootynet AB and we operates under the jurisdiction of Sweden.

3. We use Kayako as our ticketing system for our customer service support and Google Analytics for basic website traffic monitoring and troubleshooting but we don’t store any user activities within our site. Also we provide strong encryption with PGP Key available and we support TLS1.1 and upwards using PFS (Perfect Forward Secrecy) which gives us an A+ SSL Rating (Secure Socket Layer) in December 2015 to assure that any information will never get intercepted.

4. We can’t and we won’t. We are not going to do anything unless they hand us a valid Swedish court over, but even in that case, sending DMCA notices or such requests to us is pointless as we have nothing to provide of identification as we don’t keep any logs. If we do receive such a request we will just send back our privacy policy.

5. We never encountered this yet, but we will inform the other party that we can’t hand out any information simply because we do not store logs or activities of any kind. We cannot identify a user anyways.

6. YES.

7. We offer multiple payment methods such as Paypal, PaymentWall and BitPay. None of these are directly linked to individual user accounts.

8. For the most secure VPN and encryption, we highly recommend TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384. Not many clients support this ciphersuite though. DNS-Leak by pushing own NS entries and No kill switches at present.

9. Not at the moment.

10. YES.

11. YES. We have physical control on FrootVPN servers and network, but these are ONLY accessible by our Staff.

12. Currently, we have servers in Sweden, US and Canada.

FrootVPN website

CyberGhost

cyberghost

1. NO. CyberGhost keeps no logs which enable interference with the IP address of our users, the moment or content of the data traffic. We make express reference to the fact that we do not record in logs communication contents or data regarding the accessed websites or the IP addresses.

2. CyberGhost SRL is a registered company in Romania and operates under Romanian jurisdiction. 

3. CyberGhost uses Google Analytics for the statistical assessment of user access on cyberghostvpn.com. The communication with the CyberGhost Customer Service (by e-mail or Live-Chat) is generally stored for 6 months, unless users inform us that they would like us to delete the conversations immediately.

4. All requests receive the same answer: We don’t keep logs and are therefore unable to identify users in our network.

5. All requests receive the same answer: We don’t keep logs and are therefore unable to identify users in our network. We received various requests, for more information about the type of requests, please consult our transparency report for 2015.

Although we can’t provide any data to various law enforcement agencies, we have implemented some measures in order to stop malware activities and abuses on the network. These steps are also highlighted in the transparency report.

6. Ports in locations such as the United States, Australia, Hong Kong, Tokyo, Singapore and Mexico as well as the free servers no longer allow peer to peer connections. CyberGhost has taken these measures to avoid abuses committed on the service. Among the actions taken so far, analyzing the ports used for torrent streaming and blocking them in the countries where specific laws are in place were the most efficient. These measures are also linked to the pressure put on datacenter owners by various authorities to stop enabling connections to these ports.

7. The following systems are available for online purchases: Paypal, credit card, and wire transfer. For anonymous purchases we accept Bitcoin payments (processed by PayBilla). CyberGhost products are also available in German retail stores and can be purchased anonymous with cash.

CyberGhost collects and uses no personal data, such as e-mail addresses, name, domicile address and payment information. If users register for the Premium-Service of CyberGhost VPN, we store a fully anonymous User ID, an encoded password and the pay scale information (next billing date).

In order to be able to separate the payment data from the data of the user account, CyberGhost itself does not process any orders or payments. We work exclusively with resellers. CyberGhost cooperates for the payment operations of Premium-Rates on www.cyberghostvpn.com and within its own Client with Cleverbridge (cleverbridge AG, on www.cyberghostvpn.com and within its own Client with cleverbridge (cleverbridge AG, 2-4 Brabanter Str., 50674 Cologne, Germany). Further information on cleverbridge data safety can be found on the Security-Page of cleverbridge AG.

8. We recommend Open VPN protocol. All our servers have AES –256 bit encryption. We provide DNS leak protection since a while now and have a built in “kill switch” tool.

9. Yes, we provide a VPN App for Windows, iOS, Mac and Android. For Linux operating systems, routers and other devices, we offer the possibility for configuring the following protocols PPTP, L2TP/IPSec and OpenVPN.

10. We currently rent the DNS servers. We have a strict policy with data centers and since March 2012, CyberGhost has successfully passed the audit and verification conducted by QSCert for the implemented Information Safety Management System (ISMS) in accordance with the international industrial standards ISO27001 and ISO9001. The certification confirms the high quality of the internal safety processes and is renewed yearly ever since.

11. Yes, we have physical control on some of our servers, the No Spy Proxy servers which are located in our headquarters in Bucharest, Romania. They are monitored 24 hours and offer maximum protection. The rest of our servers are leased from trusted datacenters around the world. All servers run on custom compiled kernels and CyberGhost is the only one controlling the software. We intend to extend our own hardware infrastructure in the next future.

12. In February 2016, CyberGhost has 650 servers in 29 countries: Austria, Australia, Belgium, Canada, Switzerland, Czech Republic, Germany, Denmark, Spain, Finland, France, United Kingdom, Hong Kong, Hungary, Ireland, Israel, Italy, Japan, Lithuania, Luxembourg, Mexico, Netherlands, Norway, Poland, Romania, Sweden, Singapore, Ukraine, and United States.
Since the demand is growing and we have almost doubled our user base in 2015, we constantly add new servers to our server park.

CyberGhost website

oVPN.to

ovpnto1. oVPN.to has strict non-logging policy. All services and servers are running without any client identifying logfiles. You need a valid email for account registration, in order to restore your password. We encrypt your email with itself, so we can not restore it without knowing it. You could change your email to anything invalid and “forget” your account.

2. oVPN.to is not a company, more like a community which exists since 2010.

3. oVPN.to does not use any visitor tracking and our website and other services (Jabber, AnoMail, Usenet) can’t see any IP addresses. We host emails ourselves.

4. oVPN.to responds to all DMCA as soon as possible to keep servers healthy. We will see if any Remote-Portforward is added, close the port and send notify to clients account. We do not provide any information to third party.

5. oVPN.to will shutdown server or location once we receive a valid court order or similar that requires us to identify or spy on any user. Luckily this has not happened yet!

6. oVPN.to generally allows BitTorrent and other file-sharing, but you should keep in mind, sharing of copyrighted materials is illegal in many
countries and we could lose servers due to illegal sharing. You may prefer our free Usenet Binary Access for downloading without need to share anything.

7. oVPN.to prefers payments with CryptoCoins (BTC, LTC, DASH, XMG), PerfectMoney, WebMoney or Pre-Paid Creditcards. Your id is removed from coins address after your transaction is confirmed. Payments with perfectmoney.is and webmoney.ru are possible, but we don’t use their api for automatic processing. We accept bank-transfers and cards with an external provider. External payment provider may keep all information you enter. For automatic bank/card processing, email from account and order should match. But do not worry, if paying a VPN is not a crime in your country, nobody knows who’s behind your account. For payment with pre-paid cards/voucher, send us your voucher and user-ID and we load it within 24h without any more needed information. Anyhow, we advice to use *Coins! Some say, bitcoin is not anonymous. For us, it is.

8. oVPN.to provides openVPN based AES-256-CBC encryption with HMAC SHA-512. CAs have 4096 bit Public-Keys signed with SHA-512 instead of basic SHA-1, while our Clients have 2048 bit SHA-512 signed Certs for authentication.

Our Stunnel Server use maximum encryption ECDHE-RSA-AES256-GCM-SHA384 with 5120 bit RSA keys. SSH Server supports AES-256-GCM/CTR, BF-CBC, chacha20-poly1305 + HMACs RIPEMD-160, SHA-256, SHA-512 with 8192 bit RSA SSH Host Keys and 2048 bit RSA keys for our Clients. Client-Keys are only needed to authenticate you as an active client and never used to setup encryption. Your smaller keys may speed-up your authentication process and hourly re-keying without lags on low-cpu devices like routers. DNS leak protection and “kill switch” are available for Windows and Linux, see 9.

9. oVPN.to provides an Open-Source Client for Windows written in python which takes care of DNS leak protection, integrated “kill switch”/firewall protection, automated updates, simple server switching and IPv6 options. We support Linux users with an iptables Anti-Leak and API script for easier updates.

10. oVPN.to has own internal and public DNScrypt servers.

11. oVPN.to uses rented root-servers from several companies. All data is kept securely (binaries and the configuration files for services are on ramdisk).

12. oVPN.to runs 36 dedicated servers located in Bulgaria, Switzerland, Germany, France, Hungary, Iceland, Moldova, Netherlands, Romania, Ukraine, United Kingdom, USA (Missouri).

oVPN.to website

CactusVPN

cactus1. Recently we have adopted ZERO log policy so we do not store any kind of logs that can be somehow tracked to a single person.

2. CactusVPN. We operate under Moldova jurisdiction, which is a pretty good option considering we are neither in US or EU.

3. We use Adsense that helds agregated data about our site visitors.

4. We use static shared IPs for our customers so in case of DMCA (or other) notices it’s quite improbable to link any activity to a particular user.

5. This never happened, but in improbable case this actually happens we’ll have to follow all legal procedures. Fortunately because we don’t use any dedicates IPs or channels for our clients and because we don’t keep any activity logs there is virtually impossible to link any activity to a final user. Also, I think this kind of orders are issued with a great delay so our 3 days connection log policy is very safe for our users.

6. We only offer file sharing traffic on our Romanian and Netherlands servers as these countries has more liberal legislation. Because we do this we are basically under the radar of big copyright owners and this again provides more security for our users.

7. We accept PayPal, Credit/Debit cards, AliPay, WebMoney, Yandex.Money, Boleto Bancario, QIWI. We use transaction ID to link them to invoices, otherwise it’s not quite possible to activate client’s service after he pays the invoice. But this is kept on a separate secure server.

8. For OpenVPN, SSTP and SoftEther VPN protocols we use SSL with AES 2048 bit key certificate and 256-bit AES encryption. We have a great kill app feature with our softwares. It not only kills any app when VPN is down but it also start the chosen apps when VPN is reconnected. And of course we offer DNS leak protection.

9. We have apps for Windows, MacOS, iOS and Android.

10. We use Google DNS servers for VPN.

11. Our servers are outsourced, but we have complete remote control of our servers in US, UK, Netherlands and Romania. These are hosted at data centers as needed to provide the geo-located services our clients want.

12. US, UK, Netherlands and Romania

CactusVPN website

VPNArea

vpnarea1. We do not keep or record any logs. We’re therefor not able to match an IP-address and a time stamp to a user of our service. We also do not keep or record any usage logs.

2. The registered name of our company is “Offshore Security EOOD” (spelled “ОФШОР СЕКЮРИТИ ЕООД” in Bulgarian). We’re a VAT registered business. We operate under the jurisdiction of Bulgaria.

3. The only external tool we use is Zopim LiveChat. Our email system is hosted on our own servers in Switzerland. We use Email and OsTickets for support which is hosted on our own server in Switzerland. We also offer Skype as support option.

4. DMCA notices are not forwarded to our members as we’re unable to identify a responsible user due to not having any logs. We would reply to the DMCA notices explaining that we do not host or hold any copyrighted content ourselves and we’re not able to identify or penalise an user of our service.

5. This has not happened yet. Shall it happen our attorney will examine the validity of the court order in accordance with our jurisdiction, we will then delegate our no logs policy to the appropriate party pointing out that we’re not able to match an user to an IP or timestamp due to not keeping or recording any logs. We will also point out the fact that our servers use Shared IPs only, meaning that most of the time there is more than 1 user on a server at any given time.

6. BitTorrent/P2P is allowed on most of our servers but not all of them. Why not? Some servers that we use are not tolerant to DMCA notices but some of our members utilise them for other activities not related to P2P that is why we keep them in our network despite the inability to use P2P/torrents on them. Most of our VPN servers and locations do allow torrents and P2P.

7. We accept PayPal, Credit/Debit cards and Webmoney via 3rd party payment processor, Bitcoin, Payza. We do not store information associating a transaction with a user. We do not have recurring payments system.

8. We use AES-256-CBC + RSA2048 + SHA256 cipher on all our VPN servers without an exception.
We have a Killswitch feature, Anti DNS Leak feature and Anti IPv6 Leak feature in our own Windows and Mac software. We also have WebRTC Leak protection and extra Anti DNS Leak protection for Windows 10 Home users in our Windows software.

9. We do have custom VPN applications for Windows, Mac, Android. We’ve helper tool for iPhone. We’re in the process of building a new standalone OpenVPN iOS app.

10. We have our own SmartDNS servers, but we don’t have our own DNS servers. We do supply our members with large list of public DNS servers from multiple countries in Members Area.

11. We work with reliable and established data centers. Nobody but us has virtual access to our servers. The entire logs directories are wiped out and disabled, rendering possible physical brute force access to the servers useless in terms of identifying users.

12. We currently have servers in 56 countries: https://vpnarea.com/front/home/servers

VPNArea website

VPN providers With Some Logs (max 7 days)

NolimitVPN

nolimit1. We only keep during 24 hours P2P “activity logs” and SMTP “activity logs”. All our servers are configured to ensure an absolute anonymity and an optimal security to our users.

2. NolimitVPN is currently operating from Singapore.

3. Google Analytics. We also use Zopim as a live chat for our website.

4. No specific action is taken against our users, we do everything we can to ensure the anonymity and the security of our users.

5. This never happened to us and due to the fact that we do not keep any logs, we would be unable to clearly identify one of our users.

6. Yes, P2P (BitTorrent) is allowed on all our servers as long as we do not receive DMCA complaints.

7. We use Stripe and Paypal as payment systems but we do not keep any information on our servers, all the details regarding the payment are transferred to Stripe or Paypal. We do everything we can to store the minimum on our servers to offer the best possible anonymity.

8. We would recommend to use L2TP over IPSec encryption (AES 256 bits). We plan to integrate OpenVPN which is based on the OpenSSL library but the reliability of this protocol is currently a problem for us because of all the recent bugs found in the OpenSSL library.

9. Yes, we have an application for Windows and Linux but we offer the choice to manually configure the VPN access (thanks to our guides) without downloading anything.

10. Yes, all our servers are configured to use our anonymous DNS service.

11.We use external providers for the hosting of our servers to offer several locations around the world.

12. We currently have 8 countries available, Netherlands, France, United Kingdom, Germany, Singapore, Japan, United States and Australia. We plan to add servers in 2 new countries.

NolimitVPN website

VPN.ac

vpnac
1. We keep connection logs for 1 day for security and troubleshooting purposes. Since we use shared public IPs, it isn’t possible to match a user at any given time – virtually the same as keeping no logs at all. Information contains IP address, connection start/end time, protocol used and amount of data transferred.

2. Netsec Interactive Solutions is the company, registered in Romania in 2009.

3. No.

4. We reply making it clear that there’s no content stored, hence nothing to remove. Since we do not not users’ activity and use shared IPs, we don’t know who might be responsible in the first place. Moreover, we believe that automated DMCA complains are questionable and even abusive in nature from both a legal and technical perspective. Participating in a torrent swarm is no proof that any file was actually transferred while connected to our service.

5. It never happened and since we don’t log activity information, there’s nothing relevant to give out.

6. We don’t block it in any location.

7. Bitcoin, PayPal, credit/debit cards, Perfectmoney, pre-paid and voucher cards, Alipay, UnionPay, CashU, Bank transfers and many more.

8. OpenVPN using Elliptic Curve Cryptography for Key Exchange (ECDHE) is used by default in most cases. We also provide support for ECC keys (secp256k1) and RSA-4096, SHA256 and SHA512 for digest/HMAC. For data encryption we use mostly AES-256 and AES-128. “Kill switch” features are available with our software, as well as DNS leak protection enabled and enforced by default. We also provide guides on how to implement them without our software.

9. Yes. Windows, Mac, Android, Linux (beta), iOS in the coming weeks. Also for browsers (Chrome, Firefox, Opera) with our SecureProxy addon.
Software saves logs per-session only.

10. Yes, our own. Moreover, all DNS queries are encrypted between VPN gateways and resolvers. We also generate millions of DNS queries and mix them with those of our customers.

11. In Romania we have physical control. Nobody else has access to the servers, regardless of country where we host them. We also have measures in place to prevent physical access.

12. US, Canada, Australia, Japan, Singapore, Hong Kong, Mexico, UK, France, Luxembourg, Netherlands, France, Sweden, Finland, Germany, Italy, Spain, Romania, Switzerland and more with our SecureProxy browser addon.

VPN.ac website

VPN Unlimited

vpnunlim1. We identify our users’ IP-addresses when they connect to our servers. We use this timestamp to determine whether the account is valid or expired. We do not keep passwords, correspondence, websites they visit, etc.

To make our service more customer-oriented, we identify a country user is connecting from to offer the optimal server. We identify the language they use – to set the correct app interface. This information is available to be viewed on users’ accounts only. Also, we keep the statistics about the traffic each of users’ device processed. Users’ can find this information in the statistics from within the app. The data is retained for 7 days.

2. KeepSolid Inc. We operate under the USA jurisdiction.

3. We use Zendesk for technical support purpose, Crashlitics to get statistics on crashes and fix bugs asap. On our site we use Google Analytics to collect anonymous statistics on page views, clicks, etc. Our users’ personal information is not being stored or disclosed to third parties.

4. Our servers are located in datacenters, operated under jurisdictions of countries they are located in. We use Bittorrent and SMTP traffic filters to minimize such threats. But in any case, we do not provide information about our customers to copyright holders or other third parties.

Also, users can check our transparency report on the site to see whether we received any inquiries from the government or not. The report is available at: https://www.keepsolid.com/transparency

5. To this date, we have not received any court notices, therefore, no actions were taken. As we do not log any of the customers’ information or session data, VPN Unlimited users are protected by legal definition. Also, there is a consumer protection US law that can be used to protect our customers.

6. VPN Unlimited is an app that protects our users’ sensitive information online and helps them to bypass internet censorship. We allow legal peer-to-peer file sharing in France, Luxembourg, Romania, and San Francisco. VPN Unlimited is not to be widely used for torrenting as its primary task is to let users surf the web safely and privately.

7. We accept over 100 payment methods: from credit cards and PayPal, to Bitcoin and payments through mobile operators. And, of course, users can use their Apple or Amazon ID account, from the purchasing tab inside the app to prolong their subscription to our service. All the above payment mentioned systems ensure 99.99% security.

8. VPN Unlimited offers AES 128-bit and 256-bit encryption. The most secure VPN connection and encryption algorithm lies in transmitted data through iOS or Mac OS X built-in IPSec client uses strong AES-CBC-128 encryption. The Windows users are protected with the AES-256 and SHA1 with OpenVPN protocols. We are working on such tools as “kill switches” and plan to implement them into VPN Unlimited in one of the upcoming updates.

9. We offer store versions along with standalone apps for iOS, Android, Mac, Windows (desktop), Windows Phone and Linux users. Also, users can get dedicated servers with dedicated IP addresses for their personal use. The public release is planned for this summer, but early birds can purchase servers now at a 50% discount and use them starting this spring. The VPN Unlimited app does not store personal information of its users. Users can check this in the settings in the app.

10. We use our own DNS servers that forward domain data from Google DNS. Forwarding makes any kind of user tracking impossible, but Google DNS are uncensored, fast and stable.

11. We rent our servers from numerous well-known companies like LeaseWeb, OVH, RedStation, ServerCentral, IBM SoftLayer, etc.

12. Servers are located in 38 countries which are: Australia, Brazil, Bulgaria, Canada-East, Canada-Ontario, Canada-West, Chile, Czech Republic, Denmark, France, Finland, Germany, Hong Kong, Iceland, India, Italy, Isle of Man, Israel, Japan, Kazakhstan, Lithuania, Luxembourg, Malaysia, Mexico, Netherlands, Norway,Panama, Romania, Russia, Singapore, South Africa, South Korea, Spain, Switzerland, Sweden, Thailand, Turkey, Ukraine, United Kingdom, USA.

VPN Unlimited website

Faceless

faceless1. For each user we keep only number of sessions, and bandwidth use (uploaded and downloads). Those logs are kept for one week. It is possible to match an IP and time stamp during one day.

2. Our company name: Bergarius Limited Jurisdiction: Cyprus

3. No, we use only our own tracking system.

4. We close the port which has received a complaint for BitTorrent traffic

5. This has never happened. But we can only provide a user email, because we don’t store other data.

6. BitTorrent traffic is allowed.

7. We use BlueSnap billing system. Only order numbers are linked with user accounts.

8. We recommend OpenVPN. We don’t provide “kill switches” at the moment.

9. We provide an iOS application which uses VPN On Demand.

10. No, we use Google public DNS.

11. All servers are provided by 3rd party companies.

12. Our servers are located in: Netherlands, Russian Federation and USA.

Faceless website

IronSocket

ironsocket1. We keep limited session logs for all of our services which include VPN, HTTP, SOCKS5 and Smart DNS Proxy. Session logs record the time and date of the user’s session connection and disconnection, the IP address used for the session, and a numerical representation of how many bytes were transferred. These logs are typically kept for 72 hours, usually less, after which they are purged. The main reason we retain this data is to prevent fraud and abuse. Since we use shared IPs on our servers, and do not log activity, it is very hard, if not impossible, to know what a user is doing.

2. We are registered as Pusa & Daga and operate under the jurisdiction of the SAR of Hong Kong, which has no data retention law whatsoever.

3. We use Google analytics, the Google webmaster tool, and sometime Google Adsense. There are no other external tools used that may track a user’s online activity on our website. These tools are not used on any of our services.

4. IronSocket operates under the laws of the SAR of Hong Kong and is not subject to the DMCA or its European equivalent. We only provide VPN and Proxy connectivity services, and do NOT host any user uploaded content on any of our servers.

While IronSocket is not subject to the DMCA, some of our hosting partners are. If they receive and escalate a DMCA notice to us, we reply to the provider that we do not log our user’s activity, we utilize shared IP addresses, and it is next to impossible to determine any activity of our users. We then confirm P2P is not being used on servers where P2P is not allowed.

5. We cooperate with proper legal processes valid under Hong Kong jurisdiction. The first step is to determine the validity of the court order, and if valid, determine if we have any data available to identify the active user of our service. To be blunt, we offer a service with many privacy enhancing features including; no activity logs,very limited personal information collected upon registration (email and password only), and we accept several payment options that enhance anonymity (cash, Bitcoin, PayGarden). On top of that we employ shared IP addresses so that activity is aggregated and specific user activities are obscured.

That being said, because of our privacy policy, terms of service, and anonymous payment methods, it would be almost impossible to identify any user engaging in any specific activity while using any one of our services. As of now, this has never happened.

6. The list of servers that allow P2P file sharing can be found here. We do not allow BitTorrent/P2P on all of our servers due to the legal pressures on the data centers we use in the US, UK, Canada, and other countries. It is not worth the risk to our users and the company to allow file-sharing across our entire network.

7. We accept payments in cash, credit cards via SafeCharge, Bitcoin via BitPay, gift cards via PayGarden and PayPal. We do not retain specific payment information, such as credit card information, linked to individual user accounts. That is maintained by the payment processor, not us. If you wish to pay in an anonymous fashion we recommend paying by cash, Bitcoin, or gift card. These methods provide the highest levels of anonymity for users.

8. We repeatedly recommend the IronSocket VPN network; based on OpenVPN, a full-featured SSL VPN. Our users are given the encryption options of Strong, Light and None. We recommend using the default Strong encryption setting, which utilizes AES 256-bit Data Encryption with SHA256 Message Authentication, using a 4096-bit key for secure authentication. While we do not have a “kill switch” yet, that is coming soon. DNS leak protection will work when you are connected to our VPN network.

9. We are releasing our first custom VPN client in March for the Windows platform, with Mac OSX, iOS and Android clients to follow. By default, our client logs basic application events and only the most recent VPN connection attempt to help debugging. Logging options are configurable and users may clear all generated logs at any time using the “Clear Logs” button in the settings section of the client.

10. Yes, we use our own DNS servers. We currently provide DNS servers in 8 different regions for increased redundancy and improved query speeds. We push our own DNS server IP addresses to our VPN clients.

11. We do not have personal physical control of our VPN servers. Our global network of VPN and Proxy servers are all self-managed and are hosted in a number of third party datacenters. We vet all datacenter relationships prior to engaging in business, and regularly re-evaluate them to assure security practices, personnel, and policies are established, trained, and enforced.

12. We have servers located in the following countries: Argentina, Australia, Brazil, Canada, Cyprus, Denmark, Egypt, France, Germany, Hong Kong, Iceland, India, Indonesia, Ireland, Italy, Japan, Luxembourg, Mexico, Netherlands, New Zealand, Norway, Philippines, Poland, Romania, Russia, Saudi Arabia, Singapore, South Korea, Spain, Sweden, Switzerland, Taiwan, Thailand, Ukraine, United Kingdom, and the United States.

IronSocket website

Seed4.me

seed4me1. Our VPN nodes only forward traffic. We do not analyze or DPI traffic. We also do not keep logs on VPN nodes. General connection logs are stored on a secure server for 7 days to solve network issues if there are any. These logs are deleted after seven days if there are no network problems.

2. Seed4.Me Inc. Taiwan. We are not aware of any legislation requiring us to share client information and we are not aware of any precedents in Taiwan where client information was disclosed. We do not hold much information anyway. On the other hand, we do not welcome illegal activities which potentially harm other people.

3. Currently we utilize Google Apps to receive support requests. We do not store any sensitive information there, only support issues. Google Analytics is used to count website and app visitors.

4. In case of abuse we null route the IP to keep ourselves in compliance with the DMCA. Currently we use simple firewall rules to block torrents in countries where the DMCA applies.

5. We will act in accordance with the laws of the jurisdiction, only if a court order comes from a jurisdiction where the affected server is located. Fortunately, as I said before, we do not keep any logs on VPN nodes, on the other hand – we do not encourage illegal activity. This has never happened.

6. Torrents are allowed in Ukraine and Russia locations.

7. We accept Bitcoin, PayPal, Visa, MasterCard, Webmoney, Yandex.Money, Bank transfer and In-App purchases in our iOS and Android apps. We do not store sensitive payment information on our servers, in most cases the payment system simply sends us a notification about a successful payment with the amount. We validate this data and top up the VPN account.

8. L2TP (1048 bit) for Desktop, IPSec (2048 bit) for iOS, OpenVPN (2048 bit) for Android/Amazon Kindle will be a good choose. Our iOS App (https://bitly.com/seed4me) has Automatic protection option that guarantees for example that all outgoing connections on open Wi-Fi will be encrypted and passed through secure VPN channel. We don’t provide a kill switch for Desktop. We are still compatible with free software that prevents unsecured connections after a VPN connection is lost. This year (2016) we will release our own Desktop VPN client with a killswitch.

9. We offer VPN apps for iPhone/iPad, Android and Amazon.

10. We deployed our own caching DNS servers due to privacy reasons and to deliver faster responses.

11. Servers are rented in multiple locations from multiple datacenters. All servers are remotely administered by our team only, no outsourcing. No data is stored on VPN nodes (if the node is confiscated, there will be no any data).

12. Currently we have 12 countries to Choose from: USA, UK, Hong Kong, Singapore, Russia, Netherlands, Ukraine, Spain, Germany, Italy, Canada and France. We prefer to deal with trustworthy Tier-3 (PCI-DSS) data centers and providers to ensure reliable service with high security.

Seed4.me website

ibVPN

ibvpn1. We do not spy on our users and we don’t monitor their Internet usage. We do not keep logs with our users’ activity. However, in order to avoid abuses that may occur during the 6-hour trial we record and keep for 7 days the time, date and location VPN connection was made, connection duration and bandwidth used during the connection.

2. Company’s registered name is Amplusnet SRL. We are located in Romania, which means we are under EU jurisdiction.

3. For the presentation part of our web site (the front end) we are using Google Analytics & Google Translate and CDN. For the secure part of our web site (the back end) we do not use external e-mail providers (we host our own mail server) and we host a dedicated WHMCS installation for billing and support tickets. To provide quick support and a user friendly service experience, our users can contact us via live chat (Zopim) but activity logs are deleted on a daily basis. There is no way to associate any information provided via live chat with the users’ account.

4. So far we did not receive any DMCA notice for any p2p server from our server list. That is normal considering that the servers are located in DMCA free zones.
For the rest of the servers, p2p and file sharing activities is not allowed/supported.

5. So far, however, we have not received any valid court order. As stated in our TOS, we do not support criminal activities, and in case of a valid court order we must comply with the EU law under which we operate and provide the limited information we may have. It would be illegal not to.

6. We allow BitTorrent and other file-sharing traffic on specific servers located in Netherlands, Luxembourg, Canada, Sweden, Russia, Hong Kong and Lithuania. Based on our legal research, we consider that it is NOT safe for our users to allow such activities on servers located, for example, in United States or United Kingdom.

7. We accept various payment methods like Credit cards, PayPal, prepaid credit cards, Payza, SMS, iDeal, OOOPay and many more. Payments are performed exclusively by third party processors, thus no credit card info, PayPal ids or other identification info are stored in our database. For those who would like to keep a low profile we accept BitCoin, LiteCoin, WebMoney, Perfect Money.

8. The most secure VPN connection is Open VPN, which provides 256 bit Blowfish algorithm encryption.

Yes, Kill Switch has been implemented with our VPN Clients. When enabled, the Kill Switch closes all applications (that are running and have been added to the Kill Switch app list) in case of an unwanted VPN disconnection. We will release (during Q2, 2016) a new Windows application that implements DNS leak protection along with an updated Kill Switch.

9. We currently provide custom VPN apps for Windows, Android, iOS and Mac OS X. The connection logs can be enabled when support is requested. They help us identify and solve issues related to the VPN connection. The logs do not store any client data or any information regarding the activity and users can see the content of a log at any time. The logs are deleted once the app is closed.

10. Yes, we use our own DNS servers.

11. We do not have physical control over our VPN servers, but we have full control to them and all servers are entirely managed personally by our technical staff. Admin access to servers is not provided for any third party.

12. Our servers are located in the following countries: United States, Canada, United Kingdom, Germany, Netherlands, France, Switzerland, Sweden, Ireland, Finland, Norway, Romania, Spain, Italy, Czech Republic, Turkey, Poland, Luxembourg, Belgium, Hungary, Austria, Bulgaria, Iceland, Lithuania, Russia, Hong Kong, Panama, Egypt, Singapore, Japan, Australia, New Zealand, Brazil, India, Saudi Arabia, Chile, Israel, Portugal, Argentina, Mexico, Korea, South Africa.

ibVPN website

Below is a list of all VPN service providers in this review:

VPN providers Without Logs

PrivateInternetAccess

TorGuard

NordVPN

ExpressVPN

SlickVPN

IPVanish

Ipredator

Mullvad

BlackVPN

IVPN

LiquidVPN

SmartVPN

PrivateVPN

BolehVPN

AzireVPN

Anonymizer

StrongVPN

VPNBaron

VPN Land

AceVPN

OctaneVPN

VPNAUS

ZorroVPN

Hide.me

AirVPN

HideIPVPN

OVPN

Perfect Privacy

Proxy.sh

VPNsecure

SecureVPN.to

Trust.Zone

Doublehop

VikingVPN

ShadeyouVPN

Ghostpath

Steganos

ExpressVPN

FrootVPN

CyberGhost

oVPN.to

CactusVPN

VPNArea

VPN providers With Some Logs (max 7 days)

NolimitVPN

VPN.ac

VPN Unlimited

Faceless

Ironsocket

ibVPN

Seed4.me

VPN providers who think they deserve a listing in this overview are welcome to get in touch.

Note: several of the providers listed in this article are TorrentFreak sponsors.